Lerna is a fast, modern build system for managing and publishing multiple JavaScript/TypeScript packages from the same repository
Lerna is a fast, modern build system for managing and publishing multiple JavaScript/TypeScript packages from the same repository.
Check out our docs site here.
9.0.0 (2025-09-23)
OIDC trusted publishing is now supported by Lerna with no specification configuration required.
After updating we strongly recommend running
lerna repairin your project. This will migrate yourlerna.jsonto the latest and greatest and remove any outdated options.
As this is a major release there are a few breaking changes to be aware of, which may or may not affect your lerna repos, depending on how you are using the tool.
When a node version becomes end of life (EOL) it means that it does not receive any updates or maintenance whatsoever, even if critical security vulnerabilities have been uncovered.
We strongly encourage all folks here to keep up with the maintenance LTS version of Node at an absolute minimum:
https://github.com/nodejs/release#release-schedule
The versions of node supported by lerna are now ^20.19.0 || ^22.12.0 || >=24.0.0.
If you are still using lerna add, lerna bootstrap or lerna link commands, please migrate to using your package manager's long-supported workspaces feature. The updated guide should help with this https://lerna.js.org/docs/legacy-package-management**
Nx is a suite of powerful, extensible dev tools that help you develop, test, build, and scale Angular and React applications with fully integrated support for monorepo management. It provides a more integrated experience for building applications compared to Lerna, which is more focused on package management.
FAQs
Lerna is a fast, modern build system for managing and publishing multiple JavaScript/TypeScript packages from the same repository
The npm package lerna receives a total of 880,308 weekly downloads. As such, lerna popularity was classified as popular.
We found that lerna demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Socket researchers discovered nine malicious NuGet packages that use time-delayed payloads to crash applications and corrupt industrial control systems.
Security News
Socket CTO Ahmad Nassri discusses why supply chain attacks now target developer machines and what AI means for the future of enterprise security.
Security News
Learn the essential steps every developer should take to stay secure on npm and reduce exposure to supply chain attacks.
