
Security News
npm ‘is’ Package Hijacked in Expanding Supply Chain Attack
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.
@codedependant/multi-release
Advanced tools
Cli wrapper for Semantic Release which allows forwarding additional global options. The primary target case is for managing the release process of multi / mono repos
If you have not already authenticated with the GitHub packages registry for npm packages, please see the internal blog post for details on how to do so. Once that is done, you can install the dependencies by running:
$ npm install @codedependant/multi-release --save-dev
Expose as an npm script called release
for consistency.
// package.json
{
"name": "my-mono-repo"
, "version": "0.0.0"
, "scripts": {
"release": "multi-release"
}
}
// package.json
{
"name": "my-mono-repo"
, "version": "0.0.0"
, "workspaces": ["packages/*", "services/my-service"]
, "scripts": {
"release": "multi-release"
}
, "release": {
"branches": ["master", "next"]
, "extends": "@internal/my-release-config"
, ...
}
}
The following flags are passed specifically to the multi-release handler prior to execution.
Flag | Type | Description | Default |
---|---|---|---|
--sequential | Boolean | Avoid concurrent initialization collisions by running serially | false |
--debug | Boolean | Output debugging information | false |
--current | Boolean | Apply commit filtering to current branch only | false |
--branches | Boolean | The branches on which releases should happen | |
--sequential | Boolean | Run releases sequentially rather than concurrently | false |
--dry-run | Boolean | Runs all releases in dry run mode | false |
--ci | Boolean | Force semantic-release to run as if it were in a CI environment |
Any and all command line options will be injected as global options to plugins through the plugin context key
options
. Additionally, the directory the command was executed from will be injected as root. This is done to compensate for the fact that semantic release sets cwd
to the directory of the package being released during execution.
FAQs
CLI wrapper enabling semantic release for monorepos
The npm package @codedependant/multi-release receives a total of 2 weekly downloads. As such, @codedependant/multi-release popularity was classified as not popular.
We found that @codedependant/multi-release demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.
Security News
A critical flaw in the popular npm form-data package could allow HTTP parameter pollution, affecting millions of projects until patched versions are adopted.
Security News
Bun 1.2.19 introduces isolated installs for smoother monorepo workflows, along with performance boosts, new tooling, and key compatibility fixes.