@coveo/semantic-monorepo-tools
Advanced tools
A library of helper functions to do SemVer2 compliant releases from Conventional Commits in monorepos
Supply Chain Security
Vulnerability
Quality
Maintenance
License
A library of helper functions to do SemVer2 compliant releases from Conventional Commits in monorepos.
npm install @coveo/semantic-monorepo-tools
Before, one would use lerna version to make semantic releases in a monorepo, but lerna is dead.
The most predominant tools in the field, standard-version and semantic-release do not offer the level of flexibility that lerna did offer (e.g. it's hard to do semantic releases when packages do not share the same version and Changelog generation are sometimes tangled).
Because there are so many ways to do semantic releases in a monorepo, and that an opinionated way could result in releases that make less sense for the user of the published packages, semantic-monorepo-tools took the approach to leave the implementation process in the hand of the user, and instead focus on providing functions to 'get what you need' and 'do what you need to do' directly with JavaScript.
semantic-monorepo-tools aims to take the functions of a single-package release flow such as standard-version and make them available as standalone building blocks.
The goal is to make abstractions of the inner working of the tools (e.g. git, npm) behind simple pure (ish) functions.
semantic-monorepo-tools use itself for its release process, you can see the 'meat of it' here.
It is also used for the release processes of several monorepos at Coveo, you can find implementations examples on some of our repository:
FAQs
A library of helper functions to do SemVer2 compliant releases from Conventional Commits in monorepos
The npm package @coveo/semantic-monorepo-tools receives a total of 3,856 weekly downloads. As such, @coveo/semantic-monorepo-tools popularity was classified as popular.
We found that @coveo/semantic-monorepo-tools demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Security experts warn that recent classification changes obscure the true scope of the NVD backlog as CVE volume hits all-time highs.
Security Fundamentals
Attackers use obfuscation to hide malware in open source packages. Learn how to spot these techniques across npm, PyPI, Maven, and more.
Security News
Join Socket for exclusive networking events, rooftop gatherings, and one-on-one meetings during BSidesSF and RSA 2025 in San Francisco.
