Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
lerna-update-wizard
Advanced tools
Command line interface for simplifying the process of bulk updating dependencies across multiple Lerna or Yarn Workspace packages.
Command line interface for simplifying the process of bulk updating dependencies across multiple Lerna or Yarn Workspace packages.
$ yarn add --dev lerna-update-wizard
Or via NPM:
$ npm install --save-dev lerna-update-wizard
If installed globally, it can be used independently on any project:
$ yarn global add lerna-update-wizard
Simply run the lernaupdate
command in the root of a Lerna-based project:
$ lernaupdate
Or from the outside by specifying the path to the project:
$ lernaupdate ~/projects/my-lerna-project
Or run it using npx
$ npx lerna-update-wizard
--dedupe
optionYou can batch updates for multiple dependencies into one session. Choose + Add another
after you've specified the details for the first update task.
Note: Currently not supported in --noninteractive
mode.
After installation, choose whether or not you'd like to generate a Git branch for your changes
Then choose whether or not you'd like to make a separate Git commit for your changes.
A nice commit message with details about the update version range for each affected package will be generated for you.
The script can run without prompting you for input. Simply specify the --non-interactive
flag:
$ lernaupdate --non-interactive --dependency lodash@4.2.1 ./my-project
The script will tell you if you need to specify any additional input flags based on the state of your mono repo.
For instance, you might need/wish to include information about which packages to affect and which type of installation to perform if the dependency is a first-time install:
$ lernaupdate --non-interactive \
--dependency lodash@4.2.1 \
--packages packages/utils,packages/tools \
--new-installs-mode dev \
./my-project
Note: Git features are not available for --non-interactive
mode.
Lerna Update Wizard will automatically detect the package manager used for each package and use the appropriate one for installing the dependency.
Note: If the project root directory contains a yarn.lock
file, Yarn will be used to install all packages, in order to support Yarn Workspaces.
When using Yarn Workspaces for your mono-repo, only a single installation is required in the top-level directory after changing a dependency in the package.json file for one or more sub-packages.
To achieve this single "lazy" install, which can significantly speed up the install duration, you can specify the --lazy
flag.
If not specified, you will be prompted with the option to enable it at runtime, whenever use of Yarn Workspaces is detected (unless in non-interactive mode).
Lerna Update Wizard takes Lerna's packages
config parameter into account if specified in lerna.json. This means that if you have your packages located in a directory other than packages/
, this tool will still work, as long as their parent directory is specified.
v1.1.2 (2022-03-10)
FAQs
Command line interface for simplifying the process of bulk updating dependencies across multiple Lerna or Yarn Workspace packages.
The npm package lerna-update-wizard receives a total of 12,790 weekly downloads. As such, lerna-update-wizard popularity was classified as popular.
We found that lerna-update-wizard demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.