lerna - npm Package Compare versions
Comparing version 1.1.0 to 1.1.1
@@ -185,4 +185,8 @@ var progressBar = require("../progress-bar"); | ||
| execSync("npm dist-tag rm " + name + " prerelease"); | ||
| execSync("npm dist-tag add " + name + "@" + NEW_VERSION + " stable"); | ||
| execSync("npm dist-tag add " + name + "@" + NEW_VERSION + " latest"); | ||
| if (process.env.NPM_DIST_TAG) { | ||
| execSync("npm dist-tag add " + name + "@" + NEW_VERSION + " " + process.env.NPM_DIST_TAG); | ||
| } else { | ||
| execSync("npm dist-tag add " + name + "@" + NEW_VERSION + " stable"); | ||
| execSync("npm dist-tag add " + name + "@" + NEW_VERSION + " latest"); | ||
| } | ||
| tick(name); | ||
@@ -189,0 +193,0 @@ break; |
@@ -29,5 +29,11 @@ var progressBar = require("../progress-bar"); | ||
| var lastTagCommit = execSync("git rev-list --tags --max-count=1"); | ||
| var lastTag = execSync("git describe " + lastTagCommit); | ||
| var hasTags = !!execSync("git tag"); | ||
| var lastTagCommit; | ||
| var lastTag; | ||
| if (hasTags) { | ||
| lastTagCommit = execSync("git rev-list --tags --max-count=1"); | ||
| lastTag = execSync("git describe --tags " + lastTagCommit); | ||
| } | ||
| packageNames.forEach(function (name) { | ||
@@ -39,2 +45,7 @@ var cfg = getPackageConfig(config, name); | ||
| if (!hasTags) { | ||
| changedPackages.push(name); | ||
| return; | ||
| } | ||
| // check if package has changed since last release | ||
@@ -41,0 +52,0 @@ var diff = FORCE_VERSION.indexOf("*") >= 0 || FORCE_VERSION.indexOf(name) >= 0 || |
| { | ||
| "name": "lerna", | ||
| "version": "1.1.0", | ||
| "version": "1.1.1", | ||
| "description": "Tool for managing JavaScript projects with multiple packages", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -57,2 +57,5 @@ <p align="center"> | ||
| > If you need to publish prerelease versions, set an env variable. `NPM_DIST_TAG=next lerna publish`. | ||
| > This will add the tag you specify instead of `latest` and `stable`. | ||
| ## How it works | ||
@@ -59,0 +62,0 @@ |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.86%
19035
- Lines of code
- increased by3.27%
411
- Number of lines in readme file
- increased by4.76%
66
Worsened metrics
- Number of low supply chain risk alerts
- increased by16.67%
14