Socket
Socket
Sign inDemoInstall

lerna

Package Overview
Dependencies
451
Maintainers
4
Versions
269
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install
2345
27Next

8.1.2

Diff

Changelog

Source

8.1.2 (2024-02-05)

Bug Fixes

  • improve git binary error (#3945) (7637972)
jameshenry
published 8.1.1 •

Changelog

Source

8.1.1 (2024-02-05)

Bug Fixes

  • list: explicitly exit upon completion (bafe090)
jameshenry
published 8.1.0 •

Changelog

Source

8.1.0 (2024-02-05)

Features

jameshenry
published 8.0.2 •

Changelog

Source

8.0.2 (2024-01-05)

Bug Fixes

  • add-caching: explicitly set targetDefaults for all scripts (#3929) (dae18c9)
jameshenry
published 8.0.1 •

Changelog

Source

8.0.1 (2023-12-15)

Bug Fixes

  • update node-gyp usage to v10 to resolve npm warning (#3919) (f5fdcba)
  • version: create correct independent tags when using --sign-git-tag (#3917) (8f7a32b)

BREAKING CHANGES

After updating we strongly recommend running lerna repair in your project. This will migrate your lerna.json to the latest and greatest and remove any outdated options.

As this is a major release there are a few breaking changes to be aware of, which may or may not affect your lerna repos, depending on how you are using the tool.

  • node v16 support is dropped because it is end of life

When a node version becomes end of life (EOL) it means that it does not receive any updates or maintenance whatsoever, even if critical security vulnerabilities have been uncovered.

We strongly encourage all folks here to keep up with the maintenance LTS version of Node at an absolute minimum:

https://github.com/nodejs/release#release-schedule

  • lerna's task runner for lerna run now depends on nx v17 instead of v16

lerna run gets to benefit from all of the further performance improvements in the nx v17 task runner behind scenes.

  • @lerna/child-process is no longer a separately published package

Lerna is a monorepo management tool with versioning and publishing capabilities, it is not a child process manager. There are lots of good options out there in the ecosystem to help you with managing child processes in nodejs, and it does not really make sense to treat some of lerna's implementation details around child processes as if they were a public API. The package will be officially deprecated on npm in the future. You can of course take the code and fork it and adapt it for your own purposes if you wish!

  • Older packages under @lerna/ on npm have been officially marked as deprecated

Under prior stewardship the lerna repo used to publish a very large (>65) number of packages. The vast majority of these should not form part of the public API of lerna and so they have no longer been published as packages since v6. We have now officially marked them as deprecated packages on the npm registry so that users get clear feedback that they are using packages which are no longer maintained (which they can of course fork and do whatever they want with). NOTE: We have not yet marked @lerna/child-process as deprecated so as not to create noise for lerna v7 users until they have had chance to migrate to v8.

Features

  • version: add --premajor-version-bump option to force patch bumps for non-breaking changes in premajor packages (#3876) (3b05947)
  • version: use corepack for install when enabled (#3877) (a3cb7ca)
jameshenry
published 8.0.0 •

Changelog

Source

8.0.1 (2023-12-15)

Bug Fixes

  • update node-gyp usage to v10 to resolve npm warning (#3919) (f5fdcba)
  • version: create correct independent tags when using --sign-git-tag (#3917) (8f7a32b)

BREAKING CHANGES

After updating we strongly recommend running lerna repair in your project. This will migrate your lerna.json to the latest and greatest and remove any outdated options.

As this is a major release there are a few breaking changes to be aware of, which may or may not affect your lerna repos, depending on how you are using the tool.

  • node v16 support is dropped because it is end of life

When a node version becomes end of life (EOL) it means that it does not receive any updates or maintenance whatsoever, even if critical security vulnerabilities have been uncovered.

We strongly encourage all folks here to keep up with the maintenance LTS version of Node at an absolute minimum:

https://github.com/nodejs/release#release-schedule

  • lerna's task runner for lerna run now depends on nx v17 instead of v16

lerna run gets to benefit from all of the further performance improvements in the nx v17 task runner behind scenes.

  • @lerna/child-process is no longer a separately published package

Lerna is a monorepo management tool with versioning and publishing capabilities, it is not a child process manager. There are lots of good options out there in the ecosystem to help you with managing child processes in nodejs, and it does not really make sense to treat some of lerna's implementation details around child processes as if they were a public API. The package will be officially deprecated on npm in the future. You can of course take the code and fork it and adapt it for your own purposes if you wish!

  • Older packages under @lerna/ on npm have been officially marked as deprecated

Under prior stewardship the lerna repo used to publish a very large (>65) number of packages. The vast majority of these should not form part of the public API of lerna and so they have no longer been published as packages since v6. We have now officially marked them as deprecated packages on the npm registry so that users get clear feedback that they are using packages which are no longer maintained (which they can of course fork and do whatever they want with). NOTE: We have not yet marked @lerna/child-process as deprecated so as not to create noise for lerna v7 users until they have had chance to migrate to v8.

Features

  • version: add --premajor-version-bump option to force patch bumps for non-breaking changes in premajor packages (#3876) (3b05947)
  • version: use corepack for install when enabled (#3877) (a3cb7ca)
jameshenry
published 8.0.0-alpha.0 •

Changelog

Source

8.0.0-alpha.0 (2023-11-22)

Features

  • version: add --premajor-version-bump option to force patch bumps for non-breaking changes in premajor packages (#3876) (3b05947)
  • version: use corepack for install when enabled (#3877) (a3cb7ca)
jameshenry
published 7.4.2 •

Changelog

Source

7.4.2 (2023-10-27)

Bug Fixes

  • version: support changelog-presets using async factory funcs (#3873) (bb5e7d7)
jameshenry
published 7.4.1 •

Changelog

Source

7.4.1 (2023-10-18)

7.4.0 contained a malformed dist directory, please bump to 7.4.1 for the correct artifacts

jameshenry
published 7.4.0 •

Changelog

Source

7.4.0 (2023-10-17)

Bug Fixes

  • version: update lock files after the version hook (#3849) (7e30a31)

Features

2345
27Next
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc