5.1.1 (2022-06-09)

Bug Fixes

• allow maintenance LTS node 14 engines starting at 14.15.0 (#3161) (72305e4)

5.1.0 (2022-06-07)

Bug Fixes

• utils: orphaned child process on Windows (#3156) (7e69e9e)
• handle the edge cases in the lerna-nx integration (c6808fc)

Features

• add experimental support to run tasks via Nx (1c35828)

5.0.0 (2022-05-24)

Lerna workspaces no longer have dependency deprecation warnings.

Bug Fixes

• replace read-package-tree with @npmcli/arborist (#3133) (f1c10a4)
• resolve most dependency audit issues (#3127) (2b3b191)

BREAKING CHANGES

• Node v10.x and v12.x are no longer supported.

  • Please upgrade to the latest LTS release of Node (we recommend either v14 or v16).

• Internally npm lifecycle scripts are now invoked using @npmcli/run-script instead of npm-lifecycle in order to modernize the package and fix package vulnerabilities and deprecations.

  • We are classing this as a breaking change because the APIs of npm-lifecycle and @npmcli/run-script are significantly different, despite @npmcli/run-script being the official successor to npm-lifecycle.

    We have successfully made the integration test suite we inherited pass with this change, but there may potentially be aspects related to it which are not covered by the tests and are breaking. If you encounter any issues you believe are related to this change please open a new issue with a dedicated reproduction for us to look into!

4.0.0 (2021-02-10)

Bug Fixes

• version: Ensure --create-release environment variables are present during initialization (2d0a97a)
• Improve accuracy of JSDoc type annotations (1ec69f0)
• create: Use main as default Github branch (1a951e9)
• import: Better handling of "Patch is empty" (#2588) (0497bc7)

Code Refactoring

• describe-ref: Add JSDoc types, remove test-only export (e5cf30c)
• package: Move Package.lazy() to static method (e52108e)

Features

• child-process: Add JSDoc types (1840492)
• collect-uncommitted: Remove figgy-pudding (621b382)
• collect-updates: Add JSDoc type annotations to primary export (a4e7c78)
• conventional-commits: Add JSDoc types to named exports (81a591c)
• deps: @evocateur/libnpmaccess -> libnpmaccess@^4.0.1 (7974b35)
• deps: @evocateur/libnpmpublish -> libnpmpublish@^4.0.0 (341146e)
• deps: @evocateur/npm-registry-fetch -> npm-registry-fetch@^9.0.0 (6df42f2)
• deps: @evocateur/pacote -> pacote@^11.1.13 (99b4217)
• deps: @octokit/rest@^18.0.9 (f064a55)
• deps: @zkochan/cmd-shim -> cmd-shim@^4.0.2 (179e2c3)
• deps: Bump dependencies (affed1c)
• deps: byte-size@^7.0.0 (a1b2555)
• deps: camelcase -> yargs-parser/camelCase (d966e8b)
• deps: chalk@^4.1.0 (d2a9ed5)
• deps: conventional-changelog-core@^4.2.1 (54e2b98)
• deps: conventional-recommended-bump@^6.0.11 (4ff481c)
• deps: cosmiconfig@^7.0.0 (2958fe6)
• deps: dot-prop@^6.0.0 (5f31d3b)
• deps: execa@^4.1.0 (9051dca)
• deps: execa@^5.0.0 (d8100fd)
• deps: fs-extra@^9.0.1 (2f6f4e0)
• deps: get-port@^5.1.1 (b1b2275)
• deps: get-stream@^6.0.0 (ddf2ab5)
• deps: globby@^11.0.1 (6cb5bbe)
• deps: import-local@^3.0.2 (e0e74d4)
• deps: init-package-json@^2.0.1 (4042e8e)
• deps: inquirer@^7.3.3 (0b37795)
• deps: load-json-file@^6.2.0 (239f54b)
• deps: multimatch@^5.0.0 (0172526)
• deps: npm-package-arg@^8.1.0 (12c8923)
• deps: npm-packlist@^2.1.4 (c63fabd)
• deps: p-finally -> Promise.prototype.finally() (028db04)
• deps: p-finally@^2.0.1 (165e47e)
• deps: p-map-series@^2.1.0 (7f68076)
• deps: p-map@^4.0.0 (92b1364)
• deps: p-pipe@^3.1.0 (489f59e)
• deps: p-queue@^6.6.2 (ed76cdd)
• deps: p-reduce@^2.1.0 (fd4289a)
• deps: p-waterfall@^2.1.0 (7b7ea50)
• deps: path-exists@^4.0.0 (3fb6304)
• deps: pify@^5.0.0 (6b34452)
• deps: read-cmd-shim@^2.0.0 (9f78eee)
• deps: read-package-json@^3.0.0 (2a02865)
• deps: read-package-tree@^5.3.1 (3311780)
• deps: resolve-from@^5.0.0 (d414462)
• deps: rimraf@^3.0.2 (cda2e18)
• deps: semver@^7.3.2 (003ad66)
• deps: slash@^3.0.0 (5dec383)
• deps: ssri@^8.0.0 (41729b4)
• deps: tar@^6.0.5 (fce3e77)
• deps: temp-write@^4.0.0 (7bbfb70)
• deps: upath@^2.0.1 (28ecc48)
• deps: whatwg-url@^8.4.0 (5dfb7f0)
• deps: write-file-atomic@^3.0.3 (61f341b)
• deps: write-json-file@^4.3.0 (d552c53)
• deps: write-pkg@^4.0.0 (34db21c)
• deps: yargs@^16.1.1 (53d432b)
• filter-options: Remove figgy-pudding (7d90289)
• has-npm-version: Remove unused makePredicate() export (56cba2f)
• npm-dist-tag: Remove figgy-pudding (1158f8e)
• npm-publish: Remove figgy-pudding (bdc162d)
• otplease: Remove figgy-pudding (45ee52e)
• pack-directory: Remove figgy-pudding (640faa5)
• package: Improve JSDoc-inferred types, encapsulation (4d80c38)
• package-graph: Improve JSDoc-inferred types, encapsulation (fae9e8d)
• prerelease-id-from-version: Add JSDoc types (53cdad9)
• profiler: Remove figgy-pudding (69d4704)
• project: Add JSDoc type annotations to primary export (8443ad3)
• prompt: Add JSDoc types (0406568)
• prompt: Add unambiguous exports (46fa111)
• prompt: Remove ambiguous exports (42ab453)
• Consume named exports of sibling modules (63499e3)
• Expose named export (c1303f1)
• Remove default export (e2f1ec3)
• publish: Remove figgy-pudding (caf823e)
• query-graph: Remove figgy-pudding (3b0e2fe)
• run-lifecycle: Remove figgy-pudding (1093f87)
• run-topologically: Remove figgy-pudding (f3a73db)
• Drop support for Node v6.x & v8.x (ff4bb4d)

BREAKING CHANGES

• prompt: The ambiguous 'confirm', 'select', and 'input' exports have been removed. Please use the renamed exports 'promptConfirmation', 'promptSelectOne', and 'promptTextInput' (respectively).
• has-npm-version: The makePredicate() export has been removed, memoization is now the responsibility of the caller.
• The default export has been removed, please use a named export instead.
• describe-ref: The test-only 'parse()' export has been removed.
• package: The lazy named export is now a proper static method of Package.
• Node v6.x & v8.x are no longer supported. Please upgrade to the latest LTS release.

Here's the gnarly one-liner I used to make these changes:

npx lerna exec --concurrency 1 --stream -- 'json -I -f package.json -e '"'"'this.engines=this.engines||{};this.engines.node=">= 10.18.0"'"'"

(requires npm i -g json beforehand)

3.16.0 (2019-07-18)

Bug Fixes

• command: Bump minimum range of lodash, silence dumb 'security' warning (c405871)
• conventional-commits: Hard-pin lodash.template dependency to silence 'helpful' security warning (c54ad68)
• deps: Bump @evocateur/pacote (03e4797)
• deps: Update forked npm libs (4d67426)
• npm-conf: OTP should default to undefined, figgy pudding is very strict (2fa02a8)
• pack-directory: Bump npm-packlist + tar dependencies (59ebd19)
• package-graph: Flatten cycles to avoid skipping packages (#2185) (b335763)
• project: Ensure deprecated githubRelease config is also remapped from command.publish namespace (a3d264e), closes #2177
• publish: Add --graph-type option to control packages included in topological sort (#2152) (ae87669), closes #1437
• publish: Allow --no-verify-access to prevent checking for account-level 2FA (ce58d8f)
• publish: OTP cache should be seeded from conf value, not CLI directly (cf56622)
• publish: Propagate root license into custom publish directories (d410a58), closes #2157

Features

• bootstrap: Add --strict option to enable throwing when --hoist warns (#2140) (91437b5)
• deps: @octokit/plugin-enterprise-rest@^3.6.1 (74a3890)
• deps: @octokit/rest@^16.28.4 (5f09f50)
• deps: byte-size@^5.0.1 (ed51ddd)
• deps: conventional-recommended-bump@^5.0.0 (2a0ed60)
• deps: fs-extra@^8.1.0 (313287f)
• deps: get-port@^4.2.0 (778ae6a)
• deps: glob-parent@^5.0.0 (c6bc218)
• deps: globby@^9.2.0 (d9aa249)
• deps: import-local@^2.0.0 (14d2c66)
• deps: is-ci@^2.0.0 (ab2ad83)
• deps: load-json-file@^5.3.0 (3718cc9)
• deps: multimatch@^3.0.0 (968b0d7)
• deps: p-map@^2.1.0 (9e58394)
• deps: pify@^4.0.1 (f8ee7e6)
• deps: semver@^6.2.0 (d8016d9)
• deps: slash@^2.0.0 (bedd6af)
• deps: write-json-file@^3.2.0 (4fa7dea)
• listable: Output JSON adjacency list with --graph (9457a21), closes #1970
• otplease: Expose getOneTimePassword() helper (44b9f70)
• publish: Eager prompt for OTP when account-level 2FA is enabled (4f893d1)
• run-lifecycle: Upgrade npm-lifecycle@^3.1.0 (e015a74)

3.14.0 (2019-05-14)

Bug Fixes

• add: Never pass filter options to nested bootstrap (9a5a29c), closes #1989
• run-lifecycle: Bump npm-lifecycle dependency to avoid noisy audit warning (ea7c20d)

Features

• conventional-commits: Add conventional prerelease/graduation (#1991) (5d84b61), closes #1433 #1675
• dist-tag: Prompt for OTP when required (af870bb)
• exec: Add just-in-time queue management (23736e5)
• import: Add --preserve-commit option (#2079) (6a7448d)
• link: generate shims for missing 'bin' scripts (#2059) (90acdde), closes #1444
• listable: Use QueryGraph.toposort() helper (84ce674)
• publish: Add --otp option (6fcbc36), closes #2076
• publish: Add just-in-time queue management (ae6471c)
• publish: Add OTP prompt during publish (#2084) (c56bda1), closes #1091
• publish: Display uncommitted changes when validation fails (#2066) (ea41fe9)
• query-graph: Add toposort() helper (90759c2)
• run: Add just-in-time queue management (#2045) (6eca172)
• run: Extract @lerna/run-topologically (3a8b175)
• version: Add just-in-time queue management (290539b)