Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@lerna/run
Advanced tools
@lerna/run is a part of the Lerna monorepo management toolset. It allows you to run scripts or commands across multiple packages in a monorepo, making it easier to manage and automate tasks in a multi-package repository.
Run npm scripts in all packages
This command runs the 'test' script in all packages that contain it. It's useful for ensuring that all packages pass their tests before a release.
lerna run test
Run npm scripts in specific packages
This command runs the 'build' script only in the package named 'my-package'. This is useful for targeting specific packages for certain tasks.
lerna run build --scope my-package
Run npm scripts with parallel execution
This command runs the 'lint' script in all packages in parallel, which can speed up the process significantly compared to running them sequentially.
lerna run lint --parallel
Run npm scripts with a specific concurrency
This command runs the 'test' script in all packages but limits the number of concurrent executions to 4. This can help manage resource usage on your machine.
lerna run test --concurrency 4
Nx is a set of extensible dev tools for monorepos, which helps you develop like Google, Facebook, and Microsoft. It offers similar functionalities to Lerna, including running scripts across multiple packages, but also provides advanced features like dependency graph visualization and affected command execution.
Rush is a scalable monorepo manager for the web, which helps you manage large repositories with many projects. It offers similar script running capabilities as Lerna but focuses more on build orchestration and dependency management.
@lerna/run
Run an npm script in each package that contains that script
$ lerna run <script> -- [..args] # runs npm run my-script in all packages that have it
$ lerna run test
$ lerna run build
# watch all packages and transpile on change, streaming prefixed output
$ lerna run --parallel watch
Run an npm script in each package that contains that script. A double-dash (--
) is necessary to pass dashed arguments to the script execution.
lerna run
respects the --concurrency
, --scope
, and --ignore
flags (see Filter Flags).
$ lerna run --scope my-component test
--npm-client <client>
Must be an executable that knows how to run npm lifecycle scripts.
The default --npm-client
is npm
.
$ lerna run build --npm-client=yarn
May also be configured in lerna.json
:
{
"command": {
"run": {
"npmClient": "yarn"
}
}
}
--stream
Stream output from child processes immediately, prefixed with the originating package name. This allows output from different packages to be interleaved.
$ lerna run watch --stream
--parallel
Similar to --stream
, but completely disregards concurrency and topological sorting, running a given command or script immediately in all matching packages with prefixed streaming output. This is the preferred flag for long-running processes such as npm run watch
run over many packages.
$ lerna run watch --parallel
Note: It is advised to constrain the scope of this command when using the
--parallel
flag, as spawning dozens of subprocesses may be harmful to your shell's equanimity (or maximum file descriptor limit, for example). YMMV
--no-bail
# Run an npm script in all packages that contain it, ignoring non-zero (error) exit codes
$ lerna run --no-bail test
By default, lerna run
will exit with an error if any script run returns a non-zero exit code.
Pass --no-bail
to disable this behavior, running the script in all packages that contain it regardless of exit code.
FAQs
Run an npm script in each package that contains that script
We found that @lerna/run demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.