Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@lerna/list
Advanced tools
@lerna/list is a part of the Lerna monorepo management toolset. It is used to list all the packages in a Lerna-managed monorepo. This can be useful for various tasks such as auditing, documentation, and automation scripts.
List all packages
This feature allows you to list all the packages in your Lerna-managed monorepo. The code sample demonstrates how to use the `list` function to retrieve and print the list of packages.
const { list } = require('@lerna/list');
list().then(packages => console.log(packages));
List packages with specific attributes
This feature allows you to filter the list of packages based on specific attributes such as scope. The code sample demonstrates how to list packages that match a specific scope.
const { list } = require('@lerna/list');
list({ scope: '@my-scope/*' }).then(packages => console.log(packages));
List private packages
This feature allows you to list only the private packages in your monorepo. The code sample demonstrates how to list packages that are marked as private.
const { list } = require('@lerna/list');
list({ private: true }).then(packages => console.log(packages));
Lerna is a tool for managing JavaScript projects with multiple packages. It offers a broader range of functionalities compared to @lerna/list, including versioning, publishing, and dependency management.
pnpm is a fast, disk space-efficient package manager. It also supports monorepos and offers functionalities similar to Lerna, such as linking local packages and managing dependencies.
lerna list
List local packages
Install lerna for access to the lerna
CLI.
The list
subcommand is aliased to several convenient shorthands (similar to npm ls
):
lerna ls
: Identical to lerna list
, which is itself analogous to the ls
commandlerna ll
: Equivalent to lerna ls -l
, showing long outputlerna la
: Equivalent to lerna ls -la
, showing all packages (including private ones)$ lerna ls
package-1
package-2
You might notice extra logging from lerna
when running these commands in your shell.
Rest assured they will not infect your piped incantations,
as all logs are emitted to stderr
, not stdout
.
In any case, you can always pass --loglevel silent
to create pristine chains of magical shell wizardry.
lerna ls
also respects all available Filter Flags.
--json
Show information as a JSON array.
$ lerna ls --json
[
{
"name": "package-1",
"version": "1.0.0",
"private": false,
"location": "/path/to/packages/pkg-1"
},
{
"name": "package-2",
"version": "1.0.0",
"private": false,
"location": "/path/to/packages/pkg-2"
}
]
Tip: Pipe to the json
utility to pick out individual properties:
$ lerna ls --json --all | json -a -c 'this.private === true' name
package-3
--ndjson
Show information as newline-delimited JSON.
$ lerna ls --ndjson
{"name":"package-1","version":"1.0.0","private":false,"location":"/path/to/packages/pkg-1"}
{"name":"package-2","version":"1.0.0","private":false,"location":"/path/to/packages/pkg-2"}
--all
Alias: -a
Show private packages that are hidden by default.
$ lerna ls --all
package-1
package-2
package-3 (private)
--long
Alias: -l
Show extended information.
$ lerna ls --long
package-1 v1.0.1 packages/pkg-1
package-2 v1.0.2 packages/pkg-2
$ lerna ls -la
package-1 v1.0.1 packages/pkg-1
package-2 v1.0.2 packages/pkg-2
package-3 v1.0.3 packages/pkg-3 (private)
--parseable
Alias: -p
Show parseable output instead of columnified view.
By default, each line of the output is an absolute path to a package.
In --long
output, each line is a :
-separated list: <fullpath>:<name>:<version>[:flags..]
$ lerna ls --parseable
/path/to/packages/pkg-1
/path/to/packages/pkg-2
$ lerna ls -pl
/path/to/packages/pkg-1:package-1:1.0.1
/path/to/packages/pkg-2:package-2:1.0.2
$ lerna ls -pla
/path/to/packages/pkg-1:package-1:1.0.1
/path/to/packages/pkg-2:package-2:1.0.2
/path/to/packages/pkg-3:package-3:1.0.3:PRIVATE
--toposort
Sort packages in topological order (dependencies before dependents) instead of lexical by directory.
$ json dependencies <packages/pkg-1/package.json
{
"pkg-2": "file:../pkg-2"
}
$ lerna ls --toposort
package-2
package-1
--graph
Show dependency graph as a JSON-formatted adjacency list.
$ lerna ls --graph
{
"pkg-1": [
"pkg-2"
],
"pkg-2": []
}
$ lerna ls --graph --all
{
"pkg-1": [
"pkg-2"
],
"pkg-2": [
"pkg-3"
],
"pkg-3": [
"pkg-2"
]
}
6.6.0 (2023-03-23)
troubleshooting.md
typo (#3581) (a174cd7)FAQs
List local packages
The npm package @lerna/list receives a total of 196,433 weekly downloads. As such, @lerna/list popularity was classified as popular.
We found that @lerna/list demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.