{"id":26172143,"url":"https://github.com/swellaby/gulp-azp-bump","last_synced_at":"2026-04-19T16:01:40.565Z","repository":{"id":24655913,"uuid":"102153202","full_name":"swellaby/gulp-azp-bump","owner":"swellaby","description":"Gulp plugin to bump the version of Azure Pipelines tasks","archived":false,"fork":false,"pushed_at":"2023-01-06T02:24:41.000Z","size":715,"stargazers_count":0,"open_issues_count":9,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-12-26T05:56:28.301Z","etag":null,"topics":["azure-devops","azure-pipelines","gulp-plugin","gulp-plugins"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/swellaby.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-09-01T21:08:58.000Z","updated_at":"2021-10-11T22:17:05.000Z","dependencies_parsed_at":"2023-01-14T01:22:43.090Z","dependency_job_id":null,"html_url":"https://github.com/swellaby/gulp-azp-bump","commit_stats":null,"previous_names":["swellaby/gulp-vsts-bump"],"tags_count":22,"template":false,"template_full_name":null,"purl":"pkg:github/swellaby/gulp-azp-bump","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swellaby%2Fgulp-azp-bump","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swellaby%2Fgulp-azp-bump/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swellaby%2Fgulp-azp-bump/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swellaby%2Fgulp-azp-bump/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/swellaby","download_url":"https://codeload.github.com/swellaby/gulp-azp-bump/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swellaby%2Fgulp-azp-bump/sbom","scorecard":{"id":861829,"data":{"date":"2025-08-11","repo":{"name":"github.com/swellaby/gulp-azp-bump","commit":"1a7fddbb12c4886038f78d04ca95442135293215"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.7,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":0,"reason":"Found 0/2 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v1.1.17 not signed: https://api.github.com/repos/swellaby/gulp-azp-bump/releases/21275244","Warn: release artifact v1.1.13 not signed: https://api.github.com/repos/swellaby/gulp-azp-bump/releases/19421100","Warn: release artifact v1.1.9 not signed: https://api.github.com/repos/swellaby/gulp-azp-bump/releases/17786532","Warn: release artifact v1.1.8 not signed: https://api.github.com/repos/swellaby/gulp-azp-bump/releases/17570894","Warn: release artifact v1.1.7 not signed: https://api.github.com/repos/swellaby/gulp-azp-bump/releases/16964462","Warn: release artifact v1.1.17 does not have provenance: https://api.github.com/repos/swellaby/gulp-azp-bump/releases/21275244","Warn: release artifact v1.1.13 does not have provenance: https://api.github.com/repos/swellaby/gulp-azp-bump/releases/19421100","Warn: release artifact v1.1.9 does not have provenance: https://api.github.com/repos/swellaby/gulp-azp-bump/releases/17786532","Warn: release artifact v1.1.8 does not have provenance: https://api.github.com/repos/swellaby/gulp-azp-bump/releases/17570894","Warn: release artifact v1.1.7 does not have provenance: https://api.github.com/repos/swellaby/gulp-azp-bump/releases/16964462"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"16 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c","Warn: Project is vulnerable to: GHSA-mhxj-85r3-2x55","Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5","Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-24T01:31:22.132Z","repository_id":24655913,"created_at":"2025-08-24T01:31:22.132Z","updated_at":"2025-08-24T01:31:22.132Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32012787,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-18T20:23:30.271Z","status":"online","status_checked_at":"2026-04-19T02:00:07.110Z","response_time":55,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["azure-devops","azure-pipelines","gulp-plugin","gulp-plugins"],"created_at":"2025-03-11T19:53:24.646Z","updated_at":"2026-04-19T16:01:40.541Z","avatar_url":"https://github.com/swellaby.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# gulp-azp-bump\n\nGulp plugin to bump the version of [Azure Pipelines][vsts-url] tasks. Note this is also available as a [standalone CLI/Lib][vsts-bump-url].\n\n[![npmjs version Badge][npmjs-version-badge]][npmjs-pkg-url]\n[![npmjs downloads Badge][npmjs-downloads-badge]][npmjs-pkg-url] [![License Badge][license-badge]][license-url]\n\n[![Circle CI Badge][circle-ci-badge]][circle-ci-url]\n[![AppVeyor Status][appveyor-badge]][appveyor-url]\n[![Test Results Badge][tests-badge]][appveyor-url]\n[![Coverage Status][codecov-badge]][codecov-url]\n[![Sonar Quality Gate][sonar-quality-gate-badge]][sonar-url]\n\n**Feature Completion Notice**\n\n_Please note that we consider this package to be feature complete. We will continue to maintain and support this package by fixing any bugs discovered, updating dependency versions, etc. We will also consider PRs/Enhancement requests, but we do not have additional development activities planned at this time._\n\n## About\n\nGulp plugin that supports bumping the versions of [Azure Pipelines][vsts-url] tasks. The [Azure Pipelines][vsts-url] task manifest files maintain the version as an Object which differs from the traditional semver string used to represent the version found in other files like package.json (note that the values of Major, Minor, Patch can be strings OR numbers).\n\n[Azure Pipelines][vsts-url] task manifest example:\n\n```json\n{\n  \"id\": \"923e6d5c-0b14-462b-922e-813cbd2ef4cc\",\n  \"name\": \"2018azp\",\n  \"friendlyName\": \"Sample Task\",\n  \"description\": \"azp\",\n  \"author\": \"me\",\n  \"version\": {\n    \"Major\": 0,\n    \"Minor\": 1,\n    \"Patch\": 1\n  }\n}\n```\n\nThe [Azure Pipelines][vsts-url] task version cannot be bumped using other gulp plugins without writing a lot of extra code, so we wrote this plugin to provide simple support specifically for [Azure Pipelines][vsts-url] tasks.\n\nThis plugin should only be used for bumping [Azure Pipelines][vsts-url] task manifest files. For bumping any other standard version string in any other type file (like in a package.json file) you should _not_ use this plugin, and you should use something like [gulp-bump][gulp-bump-pkg-url] instead.\n\n## Install\n\nInstall the package as a dev dependency:\n\n```sh\nnpm i gulp-azp-bump --save-dev\n```\n\n## Usage\n\n**Simple Usage (bumps patch version by default)**\n\n```js\nconst gulp = require('gulp');\nconst azpBump = require('gulp-azp-bump');\n\ngulp.task('tasks:bump', function () {\n  return gulp\n    .src(['./tasks/**/task.json'], { base: './' })\n    .pipe(azpBump())\n    .pipe(gulp.dest('./'));\n});\n```\n\n**Specific Bump Type**\n\n```js\nconst gulp = require('gulp');\nconst azpBump = require('gulp-azp-bump');\n\ngulp.task('tasks:bump', function () {\n  return gulp\n    .src(['./tasks/**/task.json'], { base: './' })\n    .pipe(azpBump({ type: 'minor' }))\n    .pipe(gulp.dest('./'));\n});\n```\n\n## Options\n\n### **type**: string\n\n- _Default Value_: `'patch'`\n- _Allowed Values_: `'major'`, `'minor'`, `'patch'`\n- _Description_: Specifies the release type you want to bump. Technically any valid semver type (including prerelease, etc.) will be accepted, but you shouldn't use anything other than `major`, `minor`, or `patch` since that is all Azure Pipelines tasks can store.\n\nFor example to bump the minor version value:\n\n```js\n    .pipe(azpBump({ type: 'minor' }))\n```\n\nOr the major version value:\n\n```js\n    .pipe(azpBump({ type: 'major' }))\n```\n\n### **quiet**: boolean\n\n- _Default Value_: `false`\n- _Allowed Values_: `true`, `false`\n- _Description_: Set this to `true` if you want to suppress the log output\n\nExample:\n\n```js\n    .pipe(azpBump({ quiet: true }))\n```\n\n### **versionPropertyType**: string\n\n- _Default Value_: `'number'`\n- _Allowed Values_: `'number'`, `'string'`\n- _Description_: Specifies whether the emitted version property values should be numbers or strings. Some Azure Pipelines tasks specify the values for the version Major, Minor, and Patch properties as a number while others store it as a string (Azure Pipelines supports both apparently). By default the plugin will emit the bumped version values as numbers in the task.json file(s), but if you would prefer those values to be strings instead then set this property to `'string'` in the configuration options\n\nExample:\n\n```js\n    .pipe(azpBump({ versionPropertyType: 'string' }))\n```\n\nIf the initial version object in your task.json file looks like this:\n\n```json\n    \"version\": {\n        \"Major\": 0,\n        \"Minor\": 1,\n        \"Patch\": 1\n    },\n```\n\nIf you run the plugin with the default options (bumps patch), then the emitted bumped version object will have the Patch version bumped and the values will be numbers:\n\n```js\n    .pipe(azpBump())\n```\n\nEmitted task.json version object:\n\n```json\n    \"version\": {\n        \"Major\": 0,\n        \"Minor\": 1,\n        \"Patch\": 2\n    },\n```\n\nIf instead you specified `'string'` for the versionPropertyType, then the emitted bumped version object will have the Patch version bumped and the values will be strings:\n\n```js\n    .pipe(azpBump({ versionPropertyType: 'string' }))\n```\n\nEmitted task.json version object:\n\n```json\n    \"version\": {\n        \"Major\": \"0\",\n        \"Minor\": \"1\",\n        \"Patch\": \"2\"\n    },\n```\n\n### **indent**: number OR string\n\n- _Default Value_: `2`\n- _Allowed Values_: Any positive whole number between `1` and `10` inclusive, or the tab character `'\\t'`\n- _Description_: Controls the spacing indent value to use in the updated task.json file(s). If a number is specified, each level in the json file will be indented by that number of space characters. Alternatively, if the tab `'\\t'` character is specified, then each level will be indented with a tab.\n\nFor example to indent by 4 spaces:\n\n```js\n    .pipe(azpBump({ indent: 4 }))\n```\n\nOr if you prefer a tab:\n\n```js\n    .pipe(azpBump({ indent: '\\t' }))\n```\n\n## License\n\nMIT - see license details [here][license-url]\n\n## Contributing\n\nNeed to open an issue? Click the below links to create one:\n\n- [Report a bug][create-bug-url]\n- [Request an enhancement][create-enhancement-url]\n- [Ask a question][create-question-url]\n\nSee the [Guidelines][contrib-dev-url] for more info about building and developing.\n\n[npmjs-version-badge]: https://img.shields.io/npm/v/gulp-azp-bump.svg\n[npmjs-downloads-badge]: https://img.shields.io/npm/dt/gulp-azp-bump.svg\n[npmjs-pkg-url]: https://www.npmjs.com/package/gulp-azp-bump\n[circle-ci-badge]: https://img.shields.io/circleci/project/github/swellaby/gulp-azp-bump.svg?label=linux%20build\n[circle-ci-url]: https://circleci.com/gh/swellaby/gulp-azp-bump\n[appveyor-badge]: https://img.shields.io/appveyor/ci/swellaby/gulp-vsts-bump.svg?label=windows%20build\n[tests-badge]: https://img.shields.io/appveyor/tests/swellaby/gulp-vsts-bump.svg?label=unit%20tests\n[appveyor-url]: https://ci.appveyor.com/project/swellaby/gulp-vsts-bump\n[sonar-quality-gate-badge]: https://sonarcloud.io/api/project_badges/measure?project=swellaby%3Agulp-vsts-bump\u0026metric=alert_status\n[sonar-url]: https://sonarcloud.io/dashboard?id=swellaby%3Agulp-vsts-bump\n[gulp-bump-pkg-url]: https://www.npmjs.com/package/gulp-bump\n[codecov-badge]: https://img.shields.io/codecov/c/github/swellaby/gulp-vsts-bump.svg\n[codecov-url]: https://codecov.io/gh/swellaby/gulp-vsts-bump\n[coveralls-badge]: https://coveralls.io/repos/github/swellaby/gulp-vsts-bump/badge.svg?branch=master\n[coveralls-url]: https://coveralls.io/github/swellaby/gulp-vsts-bump?branch=master\n[license-badge]: https://img.shields.io/github/license/swellaby/gulp-vsts-bump.svg\n[license-url]: ./LICENSE\n[vsts-task-manifest-url]: https://raw.githubusercontent.com/Microsoft/vsts-task-lib/master/tasks.schema.json\n[create-bug-url]: https://github.com/swellaby/gulp-vsts-bump/issues/new?template=BUG_TEMPLATE.md\u0026labels=bug,unreviewed\u0026title=Bug:%20\n[create-question-url]: https://github.com/swellaby/gulp-vsts-bump/issues/new?template=QUESTION_TEMPLATE.md\u0026labels=question,unreviewed\u0026title=Q:%20\n[create-enhancement-url]: https://github.com/swellaby/gulp-vsts-bump/issues/new?template=ENHANCEMENT_TEMPLATE.md\u0026labels=enhancement,unreviewed\u0026title=E:%20\n[contrib-dev-url]: ./.github/CONTRIBUTING.md#developing\n[vsts-url]: https://www.visualstudio.com/team-services/\n[vsts-bump-url]: https://www.npmjs.com/package/vsts-bump\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fswellaby%2Fgulp-azp-bump","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fswellaby%2Fgulp-azp-bump","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fswellaby%2Fgulp-azp-bump/lists"}