@hyperfrontend/versioning 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (70) hide show
  1. package/CHANGELOG.md +14 -0
  2. package/README.md +8 -6
  3. package/changelog/index.cjs.js +15 -4
  4. package/changelog/index.cjs.js.map +1 -1
  5. package/changelog/index.esm.js +15 -4
  6. package/changelog/index.esm.js.map +1 -1
  7. package/changelog/parse/index.cjs.js +62 -4
  8. package/changelog/parse/index.cjs.js.map +1 -1
  9. package/changelog/parse/index.esm.js +62 -4
  10. package/changelog/parse/index.esm.js.map +1 -1
  11. package/changelog/parse/parser.d.ts +0 -6
  12. package/changelog/parse/parser.d.ts.map +1 -1
  13. package/commits/classify/index.cjs.js +8 -6
  14. package/commits/classify/index.cjs.js.map +1 -1
  15. package/commits/classify/index.d.ts +1 -1
  16. package/commits/classify/index.d.ts.map +1 -1
  17. package/commits/classify/index.esm.js +8 -7
  18. package/commits/classify/index.esm.js.map +1 -1
  19. package/commits/classify/project-scopes.d.ts +10 -0
  20. package/commits/classify/project-scopes.d.ts.map +1 -1
  21. package/commits/index.cjs.js +8 -6
  22. package/commits/index.cjs.js.map +1 -1
  23. package/commits/index.esm.js +8 -7
  24. package/commits/index.esm.js.map +1 -1
  25. package/flow/executor/index.cjs.js +12 -0
  26. package/flow/executor/index.cjs.js.map +1 -1
  27. package/flow/executor/index.esm.js +12 -0
  28. package/flow/executor/index.esm.js.map +1 -1
  29. package/flow/index.cjs.js +89 -36
  30. package/flow/index.cjs.js.map +1 -1
  31. package/flow/index.esm.js +88 -37
  32. package/flow/index.esm.js.map +1 -1
  33. package/flow/models/index.cjs.js +13 -0
  34. package/flow/models/index.cjs.js.map +1 -1
  35. package/flow/models/index.d.ts +1 -1
  36. package/flow/models/index.d.ts.map +1 -1
  37. package/flow/models/index.esm.js +13 -1
  38. package/flow/models/index.esm.js.map +1 -1
  39. package/flow/models/types.d.ts +33 -1
  40. package/flow/models/types.d.ts.map +1 -1
  41. package/flow/presets/index.cjs.js +84 -36
  42. package/flow/presets/index.cjs.js.map +1 -1
  43. package/flow/presets/index.esm.js +84 -36
  44. package/flow/presets/index.esm.js.map +1 -1
  45. package/flow/steps/analyze-commits.d.ts.map +1 -1
  46. package/flow/steps/generate-changelog.d.ts +5 -0
  47. package/flow/steps/generate-changelog.d.ts.map +1 -1
  48. package/flow/steps/index.cjs.js +85 -36
  49. package/flow/steps/index.cjs.js.map +1 -1
  50. package/flow/steps/index.d.ts +1 -1
  51. package/flow/steps/index.d.ts.map +1 -1
  52. package/flow/steps/index.esm.js +85 -37
  53. package/flow/steps/index.esm.js.map +1 -1
  54. package/index.cjs.js +9223 -9172
  55. package/index.cjs.js.map +1 -1
  56. package/index.d.ts +3 -1
  57. package/index.d.ts.map +1 -1
  58. package/index.esm.js +9220 -9173
  59. package/index.esm.js.map +1 -1
  60. package/package.json +14 -1
  61. package/workspace/discovery/changelog-path.d.ts +3 -7
  62. package/workspace/discovery/changelog-path.d.ts.map +1 -1
  63. package/workspace/discovery/index.cjs.js +84 -5
  64. package/workspace/discovery/index.cjs.js.map +1 -1
  65. package/workspace/discovery/index.esm.js +84 -5
  66. package/workspace/discovery/index.esm.js.map +1 -1
  67. package/workspace/index.cjs.js +84 -5
  68. package/workspace/index.cjs.js.map +1 -1
  69. package/workspace/index.esm.js +84 -5
  70. package/workspace/index.esm.js.map +1 -1
package/CHANGELOG.md CHANGED
@@ -2,6 +2,20 @@
2
2
 
3
3
  All notable changes to this project will be documented in this file.
4
4
 
5
+ ## [0.3.0](https://github.com/AndrewRedican/hyperfrontend/compare/31943a4b39484dba86b358e4f361abe76edc4fe1...2737bb00792930010cd0161b87b4ca80b2c155e0) - 2026-03-21
6
+
7
+ ### Features
8
+
9
+ - add commit type to section config option
10
+ - add changelog file name config option
11
+ - export key configuration constants
12
+ - make project prefixes configurable
13
+ - add max commit fallback config option
14
+
15
+ ### Bug Fixes
16
+
17
+ - **eslint-rules:** validate github urls via url parsing
18
+
5
19
  ## [0.2.0](https://github.com/AndrewRedican/hyperfrontend/compare/a9185d9b783d7d8d51cc4ad91eb3178eba3e3930...bdcdfe00e5c9680e7a1eb925ef69997601d0f393) - 2026-03-20
6
20
 
7
21
  ### Features
package/README.md CHANGED
@@ -34,6 +34,7 @@
34
34
  Versioning library with changelog parsing, conventional commits, and semver flow orchestration.
35
35
 
36
36
  • 👉 See [**documentation**](https://www.hyperfrontend.dev/docs/libraries/versioning/)
37
+ • 👉 See [**roadmap**](https://github.com/AndrewRedican/hyperfrontend/blob/main/roadmap/versioning/)
37
38
 
38
39
  ## What is @hyperfrontend/versioning?
39
40
 
@@ -42,10 +43,10 @@ Versioning library with changelog parsing, conventional commits, and semver flow
42
43
  ### Key Features
43
44
 
44
45
  - **Changelog Parsing** - Parse CHANGELOG.md files into structured objects with lossless round-tripping
45
- - **Conventional Commits** - Parse commit messages following the conventional commits specification
46
- - **Semver Utilities** - Parse, compare, increment, and validate semantic versions
47
- - **Registry Client** - Query npm registry for published versions and package metadata
48
- - **Compare URLs** - Generate platform-specific compare URLs for changelog entries (GitHub, GitLab, Bitbucket, Azure DevOps)
46
+ - **Conventional Commits** - Parse commit messages following the [Conventional Commits](https://www.conventionalcommits.org/) specification
47
+ - **Semver Utilities** - Parse, compare, increment, and validate [semantic versions](https://semver.org/)
48
+ - **Registry Client** - Query [npm](https://www.npmjs.com/) registry for published versions and package metadata
49
+ - **Compare URLs** - Generate platform-specific compare URLs for changelog entries ([GitHub](https://github.com/), [GitLab](https://about.gitlab.com/), [Bitbucket](https://bitbucket.org/), [Azure DevOps](https://azure.microsoft.com/en-us/products/devops))
49
50
  - **Monorepo Scope Filtering** - Intelligent commit classification ensures changelogs only include relevant commits
50
51
  - **Composable Operations** - Build complex versioning workflows from simple, pure functions
51
52
  - **Zero External Dependencies** - Self-contained implementation with no third-party runtime dependencies
@@ -64,7 +65,7 @@ Working with CHANGELOG.md files programmatically typically involves fragile stri
64
65
 
65
66
  ### Unified Versioning Primitives
66
67
 
67
- Version management requires coordinating semver parsing, commit analysis, changelog generation, and registry queries. This library provides all these primitives in one cohesive package with consistent APIs. Query npm for published versions, parse commit history, calculate version bumps, and generate changelog entries — all composable into custom release workflows.
68
+ Version management requires coordinating [semver](https://semver.org/) parsing, commit analysis, changelog generation, and registry queries. This library provides all these primitives in one cohesive package with consistent APIs. Query [npm](https://www.npmjs.com/) for published versions, parse commit history, calculate version bumps, and generate changelog entries — all composable into custom release workflows.
68
69
 
69
70
  ### Zero-Dependency CI Integration
70
71
 
@@ -97,7 +98,8 @@ for (const entry of changelog.entries) {
97
98
  }
98
99
 
99
100
  // Access metadata
100
- console.log(changelog.metadata.format) // 'keep-a-changelog', 'conventional', etc.
101
+ // Formats: 'keep-a-changelog' (https://keepachangelog.com), 'conventional', etc.
102
+ console.log(changelog.metadata.format)
101
103
  ```
102
104
 
103
105
  ### Parsing Conventional Commits
package/changelog/index.cjs.js CHANGED
@@ -2842,11 +2842,22 @@ function isWhitespace$1(char) {
2842
2842
  }
2843
2843
 
2844
2844
  /**
2845
- * Changelog Parser
2845
+ * Validates that a URL is actually a GitHub URL by parsing it properly.
2846
+ * This prevents SSRF attacks where 'github.com' could appear in path/query.
2846
2847
  *
2847
- * Parses a changelog markdown string into a structured Changelog object.
2848
- * Uses a state machine tokenizer for ReDoS-safe parsing.
2848
+ * @param url - The URL string to validate
2849
+ * @returns True if the URL host is github.com or a subdomain
2849
2850
  */
2851
+ function isGitHubUrl(url) {
2852
+ try {
2853
+ const parsed = createURL(url);
2854
+ // Check that the host is exactly github.com or ends with .github.com
2855
+ return parsed.host === 'github.com' || parsed.host.endsWith('.github.com');
2856
+ }
2857
+ catch {
2858
+ return false;
2859
+ }
2860
+ }
2850
2861
  /**
2851
2862
  * Parses a changelog markdown string into a Changelog object.
2852
2863
  *
@@ -2914,7 +2925,7 @@ function parseHeader(state) {
2914
2925
  description.push(`[${token.value}](${nextToken.value})`);
2915
2926
  links.push({ label: token.value, url: nextToken.value });
2916
2927
  // Try to detect repository URL
2917
- if (!state.repositoryUrl && nextToken.value.includes('github.com')) {
2928
+ if (!state.repositoryUrl && isGitHubUrl(nextToken.value)) {
2918
2929
  state.repositoryUrl = extractRepoUrl(nextToken.value);
2919
2930
  }
2920
2931
  advance(state); // skip link-text