How to publish a new version of your software without breaking EVERYTHING
#VTCC10
C / C++ / C# / Java / CoffeeScript / JavaScript / Node / Angular / Vue / Cycle.js / functional
EveryScape
virtual tours
MathWorks
MatLab on the web
Kensho
finance dashboards
11 people. Atlanta, Philly, Boston, LA
Fast, easy and reliable testing for anything that runs in a browser
I do not distribute code directly from GitHub
Missing built artifacts: transpiled code
Mutable
Extra files
https://github.com/cypress-io/schema-tools
schema-tools@1.0.0.tgz
Artifact Repository
schema-tools
1.0.0
1.0.1
1.0.2
1.1.0
2.0.0
GitHub
https://github.com/cypress-io/schema-tools
schema-tools@1.0.0.tgz
Artifact Repository
schema-tools
1.0.0
1.0.1
1.0.2
1.1.0
2.0.0
GitHub
npm i schema-tools@1.0.1
https://github.com/cypress-io/schema-tools
schema-tools@1.0.0.tgz
Artifact Repository
schema-tools
1.0.0
1.0.1
1.0.2
1.1.0
2.0.0
GitHub
npm i schema-tools@1.0.1
Workshop
Store
tip: reload page to get new funny definition of "NPM"
source: http://www.modulecounts.com
NPM
built separately
tested separately
has SKU number
shipped to the auto plant
placed into the car
Creating your own module
$ mkdir my-app
$ cd my-app
$ git init
$ npm init -y
$ npm init -y
Wrote to my-app/package.json
{
"name": "my-app",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"test": "exit 1"
},
"keywords": [],
"author": "",
"license": "ISC"
}
{
"name": "stop-build",
"version": "0.0.0-development",
"description": "Exits with non-zero code if there are modified Git files",
"author": "Gleb Bahmutov <gleb.bahmutov@gmail.com>",
"bugs": "https://github.com/bahmutov/stop-build/issues",
"config": {
"next-update": {
"commands": {
"pre-git": "./.git/hooks/pre-commit"
}
},
"pre-git": {
"commit-msg": "simple",
"pre-commit": [
"npm run pretest",
"npm run deps",
"npm run ban",
"git add ."
],
"pre-push": [
"npm test",
"npm run secure",
"npm run license",
"npm run ban -- --all",
"npm run size"
],
"post-commit": [],
"post-merge": []
}
},
"engines": {
"node": ">=6"
},
"files": [
"src/*.js",
"!src/*-spec.js"
],
"bin": {
"stop-build": "src/index.js"
},
"homepage": "https://github.com/bahmutov/stop-build#readme",
"keywords": [
"build",
"ci",
"exit",
"git",
"utility"
],
"license": "MIT",
"main": "src/",
"publishConfig": {
"registry": "http://registry.npmjs.org/"
},
"repository": {
"type": "git",
"url": "https://github.com/bahmutov/stop-build.git"
},
"scripts": {
"ban": "ban",
"deps": "deps-ok",
"issues": "git-issues",
"license": "license-checker --production --onlyunknown --csv",
"pretty": "prettier-standard 'src/*.js'",
"prelint": "npm run pretty",
"lint": "standard --verbose --fix src/*.js",
"pretest": "npm run lint",
"secure": "nsp check",
"size": "t=\"$(npm pack .)\"; wc -c \"${t}\"; tar tvf \"${t}\"; rm \"${t}\";",
"test": "npm run unit",
"unit": "mocha src/*-spec.js",
"semantic-release": "semantic-release pre && npm publish && semantic-release post"
},
"devDependencies": {
"ban-sensitive-files": "1.9.0",
"deps-ok": "1.2.0",
"git-issues": "1.3.1",
"license-checker": "11.0.0",
"mocha": "3.4.2",
"nsp": "2.6.3",
"pre-git": "3.15.0",
"prettier-standard": "5.1.0",
"semantic-release": "^6.3.6",
"standard": "10.0.2"
},
"dependencies": {
"ggit": "1.15.1",
"pluralize": "5.0.0"
}
}
Publishing your module
Publishing your module
NPM info
npm publish --tag alpha
Time to publish a new version
Time to publish a new version
Use a helper like `np`
npm i -g np
Use a helper like `np`
npm i -g np
1.4.2
$ git commit -m "minor(app): add new feature"
$ git push
$ git commit -m "patch(log): fix log rotation"
$ git commit -m "major(api): change output format"
$ git push
new minor version published
new major version published
Use a helper like `next-ver`
npm i -g next-ver
$ npm install -g semantic-release-cli
$ semantic-release-cli setup
$ git commit -m "minor(app): add new feature"
$ git push
New minor version is published by your CI if tests pass
ALL my NPM modules use semantic-release
It sets tokens and writes CI file
ALL my NPM modules use semantic-release
It tags and formats release notes on GitHub
It even comments on issues when the fix or feature has been published!
ALL my NPM modules use semantic-release
1e0d8811 ....
8315cc0d ....
7fdc9acc ....
645ad6d6 ....
major
minor
patch
everything else
CI
WHAT is this commit?
publish
tag
deploy
`npm publish` very infrequently or never
`npm publish` A LOT
2016
NPM auth token, GitHub tokens, passwords, SSH keys, etc
2018
https://www.npmjs.com/settings/<username>/tfa
https://www.npmjs.com/package/<name>/access
$ npm publish --otp
OTP = One Time Password
"S" in "NPM" stands for Security
$ cat renovate.json
{
"extends": ["config:base"],
"automerge": true,
"major": {
"automerge": false
}
}
1. Enable RenovateApp GitHub application
2. Add "renovate.json" file to repo
Thank you
for listening 👏
#VTCC10