Security News
JSR Working Group Kicks Off with Ambitious Roadmap and Plans for Open Governance
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
@lerna/project
Advanced tools
@lerna/project is a part of the Lerna monorepo management toolset. It provides functionalities to manage and interact with the project structure in a monorepo setup. This includes reading and manipulating package.json files, managing dependencies, and handling versioning.
Reading Project Metadata
This feature allows you to read metadata about the project, such as the list of packages in the monorepo. The code sample demonstrates how to initialize a Project instance and retrieve the packages.
const { Project } = require('@lerna/project');
(async () => {
const project = new Project();
const projectMetadata = await project.getPackages();
console.log(projectMetadata);
})();
Managing Dependencies
This feature helps in managing dependencies across the monorepo. The code sample shows how to get the dependency graph of the project.
const { Project } = require('@lerna/project');
(async () => {
const project = new Project();
const dependencies = await project.getDependencyGraph();
console.log(dependencies);
})();
Handling Versioning
This feature allows you to handle versioning of the project. The code sample demonstrates how to retrieve the current version of the project.
const { Project } = require('@lerna/project');
(async () => {
const project = new Project();
const version = await project.getVersion();
console.log(version);
})();
Nx is a smart, fast, and extensible build system with first-class monorepo support and powerful integrations. It offers more advanced features compared to @lerna/project, such as caching, distributed task execution, and more.
Yarn is a package manager that doubles as a monorepo manager with its workspaces feature. It allows you to manage multiple packages within a single repository, similar to @lerna/project, but also focuses on dependency management and performance.
@lerna/project
Lerna project configuration
Lerna's file-based configuration is located in lerna.json
or the lerna
property of package.json
.
Wherever this configuration is found is considered the "root" of the lerna-managed multi-package repository.
A minimum-viable configuration only needs a version
property; the following examples are equivalent:
{
"version": "1.2.3"
}
{
"name": "my-monorepo",
"version": "0.0.0-root",
"private": true,
"lerna": {
"version": "1.2.3"
}
}
Any other properties on this configuration object will be used as defaults for CLI options of all lerna subcommands. That is to say, CLI options always override values found in configuration files (a standard practice for CLI applications).
To focus configuration on a particular subcommand, use the command
subtree. Each subproperty of command
corresponds to a lerna subcommand (publish
, create
, run
, exec
, etc).
{
"version": "1.2.3",
"command": {
"publish": {
"loglevel": "verbose"
}
},
"loglevel": "success"
}
In the example above, lerna publish
will act as if --loglevel verbose
was passed.
All other subcommands will receive the equivalent of --loglevel success
(much much quieter).
FAQs
Lerna project configuration
We found that @lerna/project demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
Security News
Research
An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.
Security News
Research
Attackers are impersonating Sindre Sorhus on npm with a fake 'chalk-node' package containing a malicious backdoor to compromise developers' projects.