Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@lerna/npm-install

Package Overview
Dependencies
Maintainers
2
Versions
70
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@lerna/npm-install - npm Package Versions

1
57

3.16.0

Diff

Changelog

Source

3.16.0 (2019-07-18)

Bug Fixes

  • command: Bump minimum range of lodash, silence dumb 'security' warning (c405871)
  • conventional-commits: Hard-pin lodash.template dependency to silence 'helpful' security warning (c54ad68)
  • deps: Bump @evocateur/pacote (03e4797)
  • deps: Update forked npm libs (4d67426)
  • npm-conf: OTP should default to undefined, figgy pudding is very strict (2fa02a8)
  • pack-directory: Bump npm-packlist + tar dependencies (59ebd19)
  • package-graph: Flatten cycles to avoid skipping packages (#2185) (b335763)
  • project: Ensure deprecated githubRelease config is also remapped from command.publish namespace (a3d264e), closes #2177
  • publish: Add --graph-type option to control packages included in topological sort (#2152) (ae87669), closes #1437
  • publish: Allow --no-verify-access to prevent checking for account-level 2FA (ce58d8f)
  • publish: OTP cache should be seeded from conf value, not CLI directly (cf56622)
  • publish: Propagate root license into custom publish directories (d410a58), closes #2157

Features

  • bootstrap: Add --strict option to enable throwing when --hoist warns (#2140) (91437b5)
  • deps: @octokit/plugin-enterprise-rest@^3.6.1 (74a3890)
  • deps: @octokit/rest@^16.28.4 (5f09f50)
  • deps: byte-size@^5.0.1 (ed51ddd)
  • deps: conventional-recommended-bump@^5.0.0 (2a0ed60)
  • deps: fs-extra@^8.1.0 (313287f)
  • deps: get-port@^4.2.0 (778ae6a)
  • deps: glob-parent@^5.0.0 (c6bc218)
  • deps: globby@^9.2.0 (d9aa249)
  • deps: import-local@^2.0.0 (14d2c66)
  • deps: is-ci@^2.0.0 (ab2ad83)
  • deps: load-json-file@^5.3.0 (3718cc9)
  • deps: multimatch@^3.0.0 (968b0d7)
  • deps: p-map@^2.1.0 (9e58394)
  • deps: pify@^4.0.1 (f8ee7e6)
  • deps: semver@^6.2.0 (d8016d9)
  • deps: slash@^2.0.0 (bedd6af)
  • deps: write-json-file@^3.2.0 (4fa7dea)
  • listable: Output JSON adjacency list with --graph (9457a21), closes #1970
  • otplease: Expose getOneTimePassword() helper (44b9f70)
  • publish: Eager prompt for OTP when account-level 2FA is enabled (4f893d1)
  • run-lifecycle: Upgrade npm-lifecycle@^3.1.0 (e015a74)
evocateur
published 3.14.2 •

Changelog

Source

3.14.2 (2019-06-09)

Bug Fixes

  • bootstrap: Respect --force-local option (#2104) (c2fb639)
  • child-process: Ensure adjacent prefixes are always a different color (5a10146)
  • npm-publish: Use generated manifest when publishing subdirectory (b922766), closes #2113
  • publish: Allow per-leaf subdirectory publishing (ea861d9), closes #2109
  • version: Remove unused dependency (285bd7e)
evocateur
published 3.13.3 •

Changelog

Source

3.13.3 (2019-04-17)

Bug Fixes

  • child-process: Centralize exitCode translation from string codes into numbers (09c0103), closes #2031
  • docs: Add missing docs for --tag-version-prefix (#2035) (ff9c476), closes #1924
  • exec: Handle node string error codes before setting process.exitCode (#2031) (c599c64)
evocateur
published 3.13.0 •

Changelog

Source

3.13.0 (2019-02-15)

Features

  • conventional-commits: Bump conventional-changelog dependencies to pick up security fixes (d632d1b)
  • listable: Output newline-delimited JSON with --ndjson (742781b)
  • meta: Add repository.directory field to package.json (aec5023)
  • meta: Normalize package.json homepage field (abeb4dc)
evocateur
published 3.11.0 •

Changelog

Source

3.11.0 (2019-02-08)

Bug Fixes

  • collect-updates: Improve logging, making ignored globs explicit (42e4a5c)
  • collect-updates: Match dotfiles when ignoring changes (99eadc6)
  • create: Bump camelcase (e58a1d0)
  • deps: Explicit libnpmaccess ^3.0.1 (6ba3d1d)
  • deps: Explicit libnpmpublish ^1.1.1 (a506d96)
  • deps: Explicit npm-lifecycle ^2.1.0 (506ad6d)
  • deps: Explicit npm-package-arg ^6.1.0 (4b20791)
  • deps: Explicit npm-registry-fetch ^3.9.0 (a83c487)
  • deps: Explicit npmlog ^4.1.2 (571c2e2)
  • deps: Explicit pacote ^9.4.1 (44d05bf)
  • deps: Explicit read-package-json ^2.0.13 (2695a90)
  • deps: Remove unused libnpm (replaced by direct sub-packages) (1caeb28)
  • filter-options: Require arguments to --scope and --ignore (4b81dad)
  • publish: Correct silly log heading (f1dc3fc)

Features

  • version: Create Github releases with --github-release (#1864) (f84a631), closes #1513
evocateur
published 3.10.0 •

Changelog

Source

3.10.0 (2019-01-08)

Bug Fixes

  • publish: Correctly determine canary version when --include-merged-tags present (fb2a1b2), closes #1820

Features

  • lerna: Use --exact version ranges between sibling dependencies (02a067f)
  • version: Add --no-changelog option (#1854) (d73d823), closes #1852
evocateur
published 3.8.2 •

Changelog

Source

3.8.2 (2019-01-03)

Bug Fixes

  • bootstrap: Bail out of hoisted recursive lifecycles (169c943), closes #1125
  • publish: Avoid recursive root lifecycle execution (e133134)
  • publish: Run root prepublish lifecycle if it exists (c5676bb)
  • run-lifecycle: Short-circuit ignore options (ae29097)
  • version: Avoid recursive root lifecycle execution (089392d), closes #1844
evocateur
published 3.6.0 •

Changelog

Source

3.6.0 (2018-12-07)

Bug Fixes

Features

  • add: Add --no-bootstrap option (89bb928)
  • bootstrap: Support --force-local option (#1807) (25572af), closes #1763
  • Migrate existing usage to libnpm (0d3a786), closes #1767
  • create: Migrate npm info subprocess to libnpm.manifest (65a1d1b)
  • listable: Add --toposort option (b387881), closes #1652
  • npm-dist-tag: Use fetch API instead of CLI to make changes (54008c6)
  • publish: Add a "from-package" positional argument (#1708) (16611be), closes #1648
  • publish: Attempt profile retrieval before whoami endpoint during user validation (38097d8)
evocateur
published 3.3.0 •

Changelog

Source

3.3.0 (2018-09-06)

Bug Fixes

  • describe-ref: Fallback refCount is the number of commits since beginning of repository (6dfea52)
  • Propagate exit codes from failed executions (af9c70b), closes #1374 #1653
  • run-lifecycle: Propagate exit code when execution fails (4763f95), closes #1495

Features

  • deps: Upgrade execa to ^1.0.0 (748ae4e)
  • deps: Upgrade fs-extra to ^7.0.0 (042b1a3)
  • deps: Upgrade get-stream to ^4.0.0 (e280d1d)
  • deps: Upgrade strong-log-transformer to ^2.0.0 (42b18a1)

<a name="3.2.1"></a>

evocateur
published 3.0.0 •

Changelog

Source

3.0.0 (2018-08-10)

Bug Fixes

  • add: Always use POSIX paths when computing relative file: specifiers (ffe354f)
  • add: Support explicit & implicit relative file: specifiers (41f231f)
  • create: Use filename without scope when generating imports from test file (acfd48b)
  • publish: Improve npm pack experience (627cfc2)

Features

BREAKING CHANGES

  • changed: The package names emitted to stdout are no longer prefixed by a "- ", and private packages are no longer displayed by default.

  • list: The default output of lerna ls no longer shows version strings or private packages.

  • The new alias lerna la resembles the old output, with the addition of relative path to the package

  • The new alias lerna ll is a shortcut for the new --long option

  • A new --parseable option has been added to aid magical piping incantations

    • --preid now defaults to "alpha" during prereleases:

    The previous default for this option was undefined, which led to an awkward "1.0.1-0" result when passed to semver.inc().

    The new default "alpha" yields a much more useful "1.0.1-alpha.0" result. Any previous prerelease ID will be preserved, just as it was before.

  • --no-verify is no longer passed to git commit by default, but controlled by the new --commit-hooks option:

    The previous behavior was too overzealous, and the new option operates exactly like the corresponding npm version option of the same name.

    As long as your pre-commit hooks are properly scoped to ignore changes in package.json files, this change should not affect you. If that is not the case, you may pass --no-commit-hooks to restore the previous behavior.

<a name="3.0.0-rc.0"></a>

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc