{"id":13403728,"url":"https://github.com/stovmascript/react-native-version","last_synced_at":"2025-10-04T21:53:41.887Z","repository":{"id":41142622,"uuid":"67349397","full_name":"stovmascript/react-native-version","owner":"stovmascript","description":":1234: Version your React Native or Expo app in a `npm version` fashion.","archived":false,"fork":false,"pushed_at":"2024-06-25T22:34:58.000Z","size":895,"stargazers_count":584,"open_issues_count":56,"forks_count":73,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-09-04T17:18:25.822Z","etag":null,"topics":["cli","create-react-native-app","expo","hooks","npm-version","react-native","release","semantic-versioning","semver","versioning"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stovmascript.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-09-04T14:26:53.000Z","updated_at":"2025-07-09T20:23:10.000Z","dependencies_parsed_at":"2024-10-08T08:45:18.935Z","dependency_job_id":"b2ffca4a-5872-4a10-89eb-44d3d83438a5","html_url":"https://github.com/stovmascript/react-native-version","commit_stats":{"total_commits":291,"total_committers":17,"mean_commits":17.11764705882353,"dds":0.6219931271477663,"last_synced_commit":"aec0a225a61e2926323a245cc08e657af8ecd3c4"},"previous_names":[],"tags_count":30,"template":false,"template_full_name":null,"purl":"pkg:github/stovmascript/react-native-version","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stovmascript%2Freact-native-version","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stovmascript%2Freact-native-version/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stovmascript%2Freact-native-version/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stovmascript%2Freact-native-version/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stovmascript","download_url":"https://codeload.github.com/stovmascript/react-native-version/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stovmascript%2Freact-native-version/sbom","scorecard":{"id":854491,"data":{"date":"2025-08-11","repo":{"name":"github.com/stovmascript/react-native-version","commit":"aec0a225a61e2926323a245cc08e657af8ecd3c4"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.5,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/main.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/stovmascript/react-native-version/main.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/stovmascript/react-native-version/main.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/stovmascript/react-native-version/main.yml/master?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"43 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw","Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq","Warn: Project is vulnerable to: GHSA-hr2v-3952-633q","Warn: Project is vulnerable to: GHSA-4gxf-g5gf-22h4","Warn: Project is vulnerable to: GHSA-8r6j-v8pm-fqw3","Warn: Project is vulnerable to: MAL-2023-462","Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97","Warn: Project is vulnerable to: GHSA-p9w8-2mpq-49h9","Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h","Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp","Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9","Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm","Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw","Warn: Project is vulnerable to: GHSA-6vfc-qv3f-vr6c","Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj","Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h","Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9","Warn: Project is vulnerable to: GHSA-4cpg-3vgw-4877","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-4g88-fppr-53pp","Warn: Project is vulnerable to: GHSA-4jqc-8m5r-9rpr","Warn: Project is vulnerable to: GHSA-mxhp-79qh-mcx6","Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc","Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh","Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p","Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v","Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7","Warn: Project is vulnerable to: GHSA-cf4h-3jhx-xvhq","Warn: Project is vulnerable to: GHSA-5fg8-2547-mr8q","Warn: Project is vulnerable to: GHSA-crh6-fp67-6883","Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh","Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-23T23:29:48.984Z","repository_id":41142622,"created_at":"2025-08-23T23:29:48.984Z","updated_at":"2025-08-23T23:29:48.984Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278380462,"owners_count":25977216,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-04T02:00:05.491Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","create-react-native-app","expo","hooks","npm-version","react-native","release","semantic-versioning","semver","versioning"],"created_at":"2024-07-30T19:01:33.806Z","updated_at":"2025-10-04T21:53:41.855Z","avatar_url":"https://github.com/stovmascript.png","language":"JavaScript","readme":"# react-native-version\n\n[![license](https://badgen.net/github/license/stovmascript/react-native-version)](https://github.com/stovmascript/react-native-version/blob/master/LICENSE)\n[![npm](https://badgen.net/npm/v/react-native-version)](https://www.npmjs.com/package/react-native-version)\n[![test](https://github.com/stovmascript/react-native-version/workflows/Test/badge.svg)](https://github.com/stovmascript/react-native-version/actions)\n[![david](https://badgen.net/david/dep/stovmascript/react-native-version)](https://github.com/stovmascript/react-native-version/network/dependencies)\n\nSeamlessly shadows the behaviour of [`npm version`](https://docs.npmjs.com/cli/version).\n\n## npm-scripts hook (automatic method)\n\n### Setup\n\n```bash\n$ npm install react-native-version --save-dev\n# or\n$ yarn add react-native-version --dev\n```\n\nHook into the \"version\" or \"postversion\" npm script in your app's package.json:\n\n```diff\n{\n  \"name\": \"AwesomeProject\",\n  \"version\": \"0.0.1\",\n  \"scripts\": {\n    \"start\": \"node node_modules/react-native/local-cli/cli.js start\",\n+   \"postversion\": \"react-native-version\"\n  }\n}\n```\n\n### Usage\n\nBefore you publish a new build of your app, run `npm version \u003cnewversion\u003e`.\n\nreact-native-version will then update your `android/` and `ios/` code. Depending on the script and options you choose, it can also automatically amend the version bump commit and update the Git tag created by `npm version`. This method should be useful in most cases. If you need more control, take a look at the CLI and options below.\n\n## CLI\n\n### Setup\n\n```bash\n$ npm install -g react-native-version\n# or\n$ yarn global add react-native-version\n```\n\n### Example usage\n\n```bash\n$ cd AwesomeProject/\n$ npm version patch\n$ react-native-version\n```\n\n## Options\n\n\u003c!-- START cli --\u003e\n\n    -V, --version                output the version number\n    -a, --amend                  Amend the previous commit. This is done automatically when react-native-version is run from the \"version\" or \"postversion\" npm script. Use \"--never-amend\" if you never want to amend. Also, if the previous commit is a valid npm-version commit, react-native-version will update the Git tag pointing to this commit.\n    --skip-tag                   For use with \"--amend\", if you don't want to update Git tags. Use this option if you have git-tag-version set to false in your npm config or you use \"--no-git-tag-version\" during npm-version.\n    -A, --never-amend            Never amend the previous commit.\n    -b, --increment-build        Only increment build number.\n    -B, --never-increment-build  Never increment build number.\n    -d, --android [path]         Path to your \"android/app/build.gradle\" file. (default: \"android/app/build.gradle\")\n    -i, --ios [path]             Path to your \"ios/\" folder. (default: \"ios\")\n    -L, --legacy                 Version iOS using agvtool (macOS only). Requires Xcode Command Line Tools.\n    -q, --quiet                  Be quiet, only report errors.\n    -r, --reset-build            Reset build number back to \"1\" (iOS only). Unlike Android's \"versionCode\", iOS doesn't require you to bump the \"CFBundleVersion\", as long as \"CFBundleShortVersionString\" changes. To make it consistent across platforms, react-native-version bumps both by default. You can use this option if you prefer to keep the build number value at \"1\" after every version change. If you then need to push another build under the same version, you can use \"-bt ios\" to increment.\n    -s, --set-build \u003cnumber\u003e     Set a build number. WARNING: Watch out when setting high values. This option follows Android's app versioning specifics - the value has to be an integer and cannot be greater than 2100000000. You cannot decrement this value after publishing to Google Play! More info at: https://developer.android.com/studio/publish/versioning.html#appversioning\n    --generate-build             Generate build number from the package version number. (e.g. build number for version 1.22.3 will be 1022003)\n    -t, --target \u003cplatforms\u003e     Only version specified platforms, e.g. \"--target android,ios\".\n    -h, --help                   output usage information\n\n\u003c!-- END cli --\u003e\n\nYou can apply these options to the \"version\" or \"postversion\" script too. If for example you want to commit the changes made by RNV yourself, add the \"--never-amend\" option:\n\n```diff\n{\n  \"scripts\": {\n-   \"postversion\": \"react-native-version\"\n+   \"postversion\": \"react-native-version --never-amend\"\n  }\n}\n```\n\n## Targeting platforms\n\nThe default behaviour is to version all React Native platforms. You can target specific platforms by passing a comma-separated list to the \"--target\" option, or by using the `RNV` environment variable:\n\n```bash\n$ RNV=android,ios npm version patch\n# or\n$ RNV=android,ios react-native-version\n```\n\nWhen using the CLI, you can even combine both methods and make your teammates rage :smiling_imp: :suspect:\n\n```bash\n$ RNV=android react-native-version --target ios\n```\n\n:rage1: :speak_no_evil:\n\n## Custom version commit message\n\nWhen updating Git tags, RNV uses the version commit message to find the correct Git tag. If you're running `npm version` with the `-m` or `--message` option, make sure your message includes `%s`, which will be replaced with the resulting version number. For example:\n\n```bash\n$ npm version patch -m \"Upgrade to %s for reasons\"\n```\n\nIf you're using yarn, you can configure the commit message generated by `yarn version` though `yarn config set version-git-message` - see the [docs](https://yarnpkg.com/lang/en/docs/cli/version/#toc-git-tags).\n\nThe behavior can be also adjusted by `.npmrc` and `.yarnrc` config files.\n\n## API\n\n```javascript\nimport { version } from \"react-native-version\";\n\nasync function doSomething() {\n  const versionResult = await version({\n    amend: true,\n    // ...\n  });\n}\n\n// or\n\nversion({\n  amend: true,\n  // ...\n})\n  .then((commitHash) =\u003e {\n    console.log(commitHash);\n  })\n  .catch((err) =\u003e {\n    console.error(err);\n  });\n```\n\n\u003c!-- START api --\u003e\n\n### Functions\n\n\u003cdl\u003e\n\u003cdt\u003e\u003ca href=\"#version\"\u003eversion(program, projectPath)\u003c/a\u003e ⇒ \u003ccode\u003ePromise.\u0026lt;(string|Error)\u0026gt;\u003c/code\u003e\u003c/dt\u003e\n\u003cdd\u003e\u003cp\u003eVersions your app\u003c/p\u003e\n\u003c/dd\u003e\n\u003c/dl\u003e\n\n### Typedefs\n\n\u003cdl\u003e\n\u003cdt\u003e\u003ca href=\"#Promise\"\u003ePromise\u003c/a\u003e\u003c/dt\u003e\n\u003cdd\u003e\u003cp\u003eCustom type definition for Promises\u003c/p\u003e\n\u003c/dd\u003e\n\u003c/dl\u003e\n\n\u003ca name=\"version\"\u003e\u003c/a\u003e\n\n### version(program, projectPath) ⇒ \u003ccode\u003ePromise.\u0026lt;(string\\|Error)\u0026gt;\u003c/code\u003e\n\nVersions your app\n\n**Kind**: global function  \n**Returns**: \u003ccode\u003ePromise.\u0026lt;(string\\|Error)\u0026gt;\u003c/code\u003e - A promise which resolves with the last commit hash\n\n| Param       | Type                | Description                             |\n| ----------- | ------------------- | --------------------------------------- |\n| program     | \u003ccode\u003eObject\u003c/code\u003e | commander/CLI-style options, camelCased |\n| projectPath | \u003ccode\u003estring\u003c/code\u003e | Path to your React Native project       |\n\n\u003ca name=\"Promise\"\u003e\u003c/a\u003e\n\n### Promise\n\nCustom type definition for Promises\n\n**Kind**: global typedef  \n**Properties**\n\n| Name   | Type               | Description                                                        |\n| ------ | ------------------ | ------------------------------------------------------------------ |\n| result | \u003ccode\u003e\\*\u003c/code\u003e    | See the implementing function for the resolve type and description |\n| result | \u003ccode\u003eError\u003c/code\u003e | Rejection error object                                             |\n\n\u003c!-- END api --\u003e\n\n## Known issues\n\n### `SyntaxError: Expected \"\"\", \"\\'\", \"\\\"\", \"\\n\", or [^\\\"] but \"\\\" found.`\n\nWhen running `react-native link` on Windows, native modules will be linked in your Xcode project with paths that include backslashes (`\\`) instead of forward slashes (`/`). This will break `pbxproj-dom`, which we rely on to parse Xcode projects. To fix this issue, convert any `LIBRARY_SEARCH_PATHS` and `HEADER_SEARCH_PATHS` as shown in [this comment](https://github.com/stovmascript/react-native-version/issues/52#issuecomment-393343784). This step could be automated with a library like [normalize-path](https://www.npmjs.com/package/normalize-path) or [unixify](https://www.npmjs.com/package/unixify).\n\n## See also\n\n- [agvtool](https://developer.apple.com/library/content/qa/qa1827/_index.html)\n- [npm-version](https://docs.npmjs.com/cli/version)\n- [Semantic Versioning (semver)](http://semver.org/)\n- [ionic-version](https://github.com/stovmascript/ionic-version)\n","funding_links":[],"categories":["JavaScript"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstovmascript%2Freact-native-version","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstovmascript%2Freact-native-version","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstovmascript%2Freact-native-version/lists"}