semantic-release-yarn
Advanced tools
⚠️
Do not use in production!
This plugin is work in progress.
semantic-release plugin to publish a npm package with yarn.
| Step | Description |
|---|---|
verifyConditions | Verify Yarn 2 or higher is installed, verify the presence of an NPM auth token (either in an environment variable or an .yarnrc.yml file) and verify the authentication method is valid. |
prepare | Update the package.json version and create the package tarball. |
addChannel | Add a tag for the release. |
publish | Publish to the npm registry. |
Use this plugin if you want to use Yarn instead of the NPM CLI to publish your packages to the NPM registry.
As an added bonus, this plugin will also publish some simple monorepo patterns (WIP).
💡
You could also use this plugin to publish packages which are using NPM for dependency management.
yarn add --dev semantic-release-yarn
⚠️
Please note this plugin only works with Yarn 2 and higher.
The plugin must be added in the semantic-release configuration, for example:
{
"plugins": [
"@semantic-release/commit-analyzer",
"@semantic-release/release-notes-generator",
"semantic-release-yarn",
"@semantic-release/github"
]
}
The NPM authentication configuration is required and can be set either via
environment variables or the
.yarnrc.yml file.
The configuration set by environment variables will take precedence over
configuration set in an existing .yarnrc.yml file as detailed in
Yarnrc files
⚠️
When two-factor authentication is enabled on your NPM account and enabled for writes (default setting), the token needs to be of type Automation.
⚠️
Only thenpmAuthTokenis supported. The legacynpmAuthIdent(username:password) authentication is strongly discouraged and not supported by this plugin.
| Variable | Description |
|---|---|
YARN_NPM_AUTH_TOKEN | NPM token. Translates to the npmAuthToken .yarnrc.yml option. |
YARN_NPM_PUBLISH_REGISTRY | NPM registry to use. Translates to the npmPublishRegistry .yarnrc.yml option. |
Other valid .yarnrc.yml options could be specified as environment variables as
mentioned in the Yarnrc files
documentation:
Finally, note that most settings can also be defined through environment variables (at least for the simpler ones; arrays and objects aren't supported yet). To do this, just prefix the names and write them in snake case: YARN_CACHE_FOLDER will set the cache folder (such values will overwrite any that might have been defined in the RC files - use them sparingly).
The plugin uses the yarn CLI which will read the
configuration from a .yarnrc.yml file if present. See
Yarnrc files for the option list.
The NPM registry to publish to can be configured via the
environment variable YARN_NPM_PUBLISH_REGISTRY and
will take precedence over the configuration in .yarnrc.yml.
The
registry
can be configured in the package.json and will take precedence over the
configuration in .yarnrc.yml and YARN_NPM_PUBLISH_REGISTRY:
{
"publishConfig": {
"registry": "https://registry.npmjs.org/"
}
}
⚠️
The@semantic-release/npmplugin supports setting thepublishConfig.tagoption. However, Yarn 2 doesn't seem to > support this.
These options can be added to the semantic-release configuration, for example:
{
"plugins": [
"@semantic-release/commit-analyzer",
"@semantic-release/release-notes-generator",
[
"semantic-release-yarn",
{
"npmPublish": false
}
],
"@semantic-release/github"
]
}
| Options | Description | Default |
|---|---|---|
npmPublish | Whether to publish the NPM package to the registry. If false the package.json version will still be updated. | false if the package.json private property is true, true otherwise. |
pkgRoot | Directory path to publish. | . |
tarballDir | Directory path in which to write the package tarball. If false the tarball is not kept on the file system. | false |
Note: The pkgRoot directory must contain a package.json. The version
will be updated only in the package.json within the pkgRoot directory.
Note: If you use a
shareable configuration
that defines one of these options you can set it to false in your
semantic-release configuration
in order to use the default value.
The npmPublish and tarballDir option can be used to skip the publishing to
the NPM registry and instead release the package tarball with another plugin.
For example with the
@semantic-release/github plugin:
{
"plugins": [
"@semantic-release/commit-analyzer",
"@semantic-release/release-notes-generator",
[
"semantic-release-yarn",
{
"npmPublish": false,
"tarballDir": "dist"
}
],
[
"@semantic-release/github",
{
"assets": "dist/*.tgz"
}
]
]
}
©️ Copyright 2022 Joram van den Boezem
♻️ Licensed under the MIT license
⚡ Powered by Node.js and TypeScript (and a lot of
amazing open source packages)
🚀 This plugin is forked from the core
@semantic-release/npm plugin.
FAQs
semantic-release plugin to publish a npm package with yarn
The npm package semantic-release-yarn receives a total of 5,177 weekly downloads. As such, semantic-release-yarn popularity was classified as popular.
We found that semantic-release-yarn demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.