npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

actions-package-update

v0.11.0

Published

GitHub Action for package.json update.

Downloads

520

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

taichitaichi

Keywords

github-actionsnpmprpull-requestupdateyarnyarnpkg

Readme

actions-package-update

This tool keeps npm dependencies up-to-date by making pull requests from GitHub Actions or CI.

actions-package-update

This tool successor of taichi/ci-yarn-upgrade.

Basic Usage

GitHub Action for package.json update.

GitHub Actions

below is the complete workflow example.

on:
  schedule:
  - cron: 0 0 * * 3
name: Update
jobs:
  package-update:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
    - name: set remote url
      run: git remote set-url --push origin https://$GITHUB_ACTOR:${{ secrets.GITHUB_TOKEN }}@github.com/$GITHUB_REPOSITORY
    - name: package-update
      uses: taichi/actions-package-update@master
      env:
        AUTHOR_EMAIL: [email protected]
        AUTHOR_NAME: john
        EXECUTE: "true"
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        LOG_LEVEL: debug
      with:
        args: -u --packageFile package.json --loglevel verbose
  • this workflow works every wednesday at 0:00
  • all args are pass to npm-check-updates
  • AUTHOR_NAME and AUTHOR_EMAIL is use for commit.
  • if you define EXECUTE is true, then actions-package-update makes a Pull Request.
  • you must grant acess to GITHUB_TOKEN, because actions-package-update access to your repository and make Pull Request.
    • see. https://developer.github.com/actions/managing-workflows/storing-secrets/

Examples

  • Update devDependencies only

    - name: package-update
  uses: taichi/actions-package-update@master
  env:
    AUTHOR_EMAIL: [email protected]
    AUTHOR_NAME: John
    EXECUTE: "true"
    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  with:
    args: -u --packageFile package.json  --dep dev

  • Use yarn upgrade

    - name: package-update
  uses: taichi/actions-package-update@master
  env:
    AUTHOR_EMAIL: [email protected]
    AUTHOR_NAME: John
    EXECUTE: "true"
    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    UPDATE_COMMAND: yarn
  with:
    args: upgrade --latest

  • Use npm update

    - name: package-update
  uses: taichi/actions-package-update@master
  env:
    AUTHOR_EMAIL: [email protected]
    AUTHOR_NAME: John
    EXECUTE: "true"
    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    UPDATE_COMMAND: npm
  with:
    args: update

  • Use ncu with yarn workspaces

    In your workspace root run:

    yarn add -DW wsrun npm-check-updates

    Add this script to your root package.json:

    {
  "ncu-all": "ncu -u --packageFile package.json && wsrun --serial ncu -u --packageFile package.json"
}

    Add this config:

    - name: package-update
  uses: taichi/actions-package-update@master
  env:
    AUTHOR_EMAIL: [email protected]
    AUTHOR_NAME: John
    EXECUTE: "true"
    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    UPDATE_COMMAND: yarn
  with:
    args: ncu-all

Local or CI Server|Service

Install

yarn global add actions-package-update

or

npm install actions-package-update -g

Setting Environment Variables

  • Required Variables
    • GITHUB_TOKEN
    • AUTHOR_NAME and AUTHOR_EMAIL
      • this command use there variables for commit
    • EXECUTE
      • By default, actions-package-update runs in dry-run mode.
      • if you set to EXECUTE=true, then this command push branch to remote, and make a pull request.

Command Behavior

this command works locally and output result to standard output.

CLI Output

Optional Configurations

  • BRANCH_PREFIX
    • specify working branch prefix. default prefix is package-update/.
  • COMMIT_MESSAGE
    • specify the commit message. default message is update dependencies.
  • COMMIT_FILES
    • a space separated list of files that will be added to the commit. Leave empty to use git add --all.",
      • for example, you can use "package.json package-lock.json" to ensure only these two files gets added to the commit
  • UPDATE_COMMAND
    • specify the command for update. default command is ncu.
      • for example, you may set to yarn or npm.
  • WITH_SHADOWS
    • if you specify this option, shows shadow dependencies changes.
    • default value is false.
  • KEEP
    • if you specify this option, keep working branch after all.
    • default value is false.
    • this is usefull for debug.
  • LOG_LEVEL
    • One of fatal, error, warn, info, debug, trace or silent.
    • default value is info.
    • if you want to know this tool's internal states, set to debug.
  • WORKING_DIR
    • specify the working dir.
    • default value is ./.

for developers

setup

execute below commands on project root dir.

yarn install
code .

release

  • release package to npmjs

    yarn publish

  • edit Dockerfile