Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

lerna

Package Overview
Dependencies
Maintainers
4
Versions
276
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

lerna - npm Package Versions

13
28

8.0.2

Diff

Changelog

Source

8.0.2 (2024-01-05)

Bug Fixes

  • add-caching: explicitly set targetDefaults for all scripts (#3929) (dae18c9)
jameshenry
published 8.0.1 •

Changelog

Source

8.0.1 (2023-12-15)

Bug Fixes

  • update node-gyp usage to v10 to resolve npm warning (#3919) (f5fdcba)
  • version: create correct independent tags when using --sign-git-tag (#3917) (8f7a32b)

BREAKING CHANGES

After updating we strongly recommend running lerna repair in your project. This will migrate your lerna.json to the latest and greatest and remove any outdated options.

As this is a major release there are a few breaking changes to be aware of, which may or may not affect your lerna repos, depending on how you are using the tool.

  • node v16 support is dropped because it is end of life

When a node version becomes end of life (EOL) it means that it does not receive any updates or maintenance whatsoever, even if critical security vulnerabilities have been uncovered.

We strongly encourage all folks here to keep up with the maintenance LTS version of Node at an absolute minimum:

https://github.com/nodejs/release#release-schedule

  • lerna's task runner for lerna run now depends on nx v17 instead of v16

lerna run gets to benefit from all of the further performance improvements in the nx v17 task runner behind scenes.

  • @lerna/child-process is no longer a separately published package

Lerna is a monorepo management tool with versioning and publishing capabilities, it is not a child process manager. There are lots of good options out there in the ecosystem to help you with managing child processes in nodejs, and it does not really make sense to treat some of lerna's implementation details around child processes as if they were a public API. The package will be officially deprecated on npm in the future. You can of course take the code and fork it and adapt it for your own purposes if you wish!

  • Older packages under @lerna/ on npm have been officially marked as deprecated

Under prior stewardship the lerna repo used to publish a very large (>65) number of packages. The vast majority of these should not form part of the public API of lerna and so they have no longer been published as packages since v6. We have now officially marked them as deprecated packages on the npm registry so that users get clear feedback that they are using packages which are no longer maintained (which they can of course fork and do whatever they want with). NOTE: We have not yet marked @lerna/child-process as deprecated so as not to create noise for lerna v7 users until they have had chance to migrate to v8.

Features

  • version: add --premajor-version-bump option to force patch bumps for non-breaking changes in premajor packages (#3876) (3b05947)
  • version: use corepack for install when enabled (#3877) (a3cb7ca)
jameshenry
published 8.0.0 •

Changelog

Source

8.0.1 (2023-12-15)

Bug Fixes

  • update node-gyp usage to v10 to resolve npm warning (#3919) (f5fdcba)
  • version: create correct independent tags when using --sign-git-tag (#3917) (8f7a32b)

BREAKING CHANGES

After updating we strongly recommend running lerna repair in your project. This will migrate your lerna.json to the latest and greatest and remove any outdated options.

As this is a major release there are a few breaking changes to be aware of, which may or may not affect your lerna repos, depending on how you are using the tool.

  • node v16 support is dropped because it is end of life

When a node version becomes end of life (EOL) it means that it does not receive any updates or maintenance whatsoever, even if critical security vulnerabilities have been uncovered.

We strongly encourage all folks here to keep up with the maintenance LTS version of Node at an absolute minimum:

https://github.com/nodejs/release#release-schedule

  • lerna's task runner for lerna run now depends on nx v17 instead of v16

lerna run gets to benefit from all of the further performance improvements in the nx v17 task runner behind scenes.

  • @lerna/child-process is no longer a separately published package

Lerna is a monorepo management tool with versioning and publishing capabilities, it is not a child process manager. There are lots of good options out there in the ecosystem to help you with managing child processes in nodejs, and it does not really make sense to treat some of lerna's implementation details around child processes as if they were a public API. The package will be officially deprecated on npm in the future. You can of course take the code and fork it and adapt it for your own purposes if you wish!

  • Older packages under @lerna/ on npm have been officially marked as deprecated

Under prior stewardship the lerna repo used to publish a very large (>65) number of packages. The vast majority of these should not form part of the public API of lerna and so they have no longer been published as packages since v6. We have now officially marked them as deprecated packages on the npm registry so that users get clear feedback that they are using packages which are no longer maintained (which they can of course fork and do whatever they want with). NOTE: We have not yet marked @lerna/child-process as deprecated so as not to create noise for lerna v7 users until they have had chance to migrate to v8.

Features

  • version: add --premajor-version-bump option to force patch bumps for non-breaking changes in premajor packages (#3876) (3b05947)
  • version: use corepack for install when enabled (#3877) (a3cb7ca)
jameshenry
published 8.0.0-alpha.0 •

Changelog

Source

8.0.0-alpha.0 (2023-11-22)

Features

  • version: add --premajor-version-bump option to force patch bumps for non-breaking changes in premajor packages (#3876) (3b05947)
  • version: use corepack for install when enabled (#3877) (a3cb7ca)
jameshenry
published 7.4.2 •

Changelog

Source

7.4.2 (2023-10-27)

Bug Fixes

  • version: support changelog-presets using async factory funcs (#3873) (bb5e7d7)
jameshenry
published 7.4.1 •

Changelog

Source

7.4.1 (2023-10-18)

7.4.0 contained a malformed dist directory, please bump to 7.4.1 for the correct artifacts

jameshenry
published 7.4.0 •

Changelog

Source

7.4.0 (2023-10-17)

Bug Fixes

  • version: update lock files after the version hook (#3849) (7e30a31)

Features

jameshenry
published 7.3.1 •

Changelog

Source

7.3.1 (2023-10-10)

Bug Fixes

  • core: update package engines.node to correctly include only >=16 (#3861) (0674555)
jameshenry
published 7.3.0 •

Changelog

Source

7.3.0 (2023-09-13)

Bug Fixes

  • core: skip unnecessary cycles when running tasks (#3834) (d477529)
  • init: generate pnpm workspace yaml (#3822) (489aa92)
  • update make-dir to 4.0.0 and npm audit fix (#3828) (373b8bc)
  • version: Fix crash when using gitSignTag with independent versioning mode (#3832) (4940f2d)

Features

  • version: add --sync-dist-version option (#3787) (ba8b946)
  • version: option to not ignore scripts on lock update (#3823) (4843c3c)
jameshenry
published 7.2.0 •

Changelog

Source

7.2.0 (2023-08-29)

Bug Fixes

  • core: gracefully ignore cycles outside scope to run (#3819) (480943b)
  • version: remove explicit node_modules require (#3804) (1a113f7)

Features

  • init: detect existing package manager and auto-install packages (#3805) (2204c34)
  • init: infer invoked pkg mgr (#3810) (a29a48c)
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc