New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to update workspace package-lock.json after version
on npm@7
#2891
Comments
Sharing my workaround. This, however, should probably be Lerna's responsibility to play well with npm 7. Beforelerna version After# Ignore Lerna's tag and push
lerna version --no-push --no-git-tag-version
# Get the current tag version
tag=v$(node -e "process.stdout.write(require('./lerna.json').version)");
# Update the lock file here
npm i --package-lock-only
# Auto-tag and auto-commit like usual
git commit --all -m ${tag}
git tag -a ${tag} -m ${tag}
git push --tags
git push |
Same issue, I was able to come up with what felt like a 'cleaner' workaround: Just add a
..turns out this ( (which I initially discovered by reading the Thanks @bigtimebuddy for the original issue and workaround above - which gave me a strong head-start to understand what was up 😃 (Looks like this could be a duplicate of #2879) |
Looking through the post-4.0.0 release commits, I can see this project also hit this issue here c019815 to manually sync workspace versions. |
@andyjy after some testing, I found that some npm versions are temperamental when using that approach. There seems to be a change introduced here npm/cli@v7.20.2...v7.20.3 which breaks when using ✅ Worked
❌ Failed
|
Oh, curious. To be fair I'm probably guilty of cargo-culting
Example:
(I'm using (only) relative |
Thanks, I'm trying to create a minimal reproduction to see if it's actually an npm issue, but no success yet. Will post if I find something. Update: created a reproduction: https://github.com/bigtimebuddy/npm-bug-package-lock-only Seems like an npm regression, will report there. |
@bigtimebuddy so I realised I'm not hitting your error because i'm not (yet) including a private package as a devDependency. Which seemed like a thing I'll wish to do shortly, so I took a look at your repro repo. Notwithstanding it indeed looks like an npm regression you've hit, it looks like everything(?) works if you use a relative I.e. in your example
Does this make sense to you? Anything I'm missing re: utilising relative |
Nice @andyjy. All this makes sense and seems like |
Huzzah! Yes it appears Lerna does leave |
Hi Folks 👋 You may or may not know that lerna is now under the stewardship of Nrwl (announcement here #3121), a company with a long history of not just producing valuable open-source software (OSS), but also backing others (at the time of writing, Nrwl has donated over $50,000 to OSS it hasn't created, see https://opencollective.com/nx for full details). Quite simply, Nrwl ❤️ OSS, and is committed to making lerna the best it can be. We use it ourselves. We hope you will continue to be a part of this community as we look to take things forward from here! Please see #3140 for more details on our plans for 2022. In the case of this specific issue, I'm please to say that a fix for it was just merged in #3091 and will go out in the next release of lerna. Many thanks 🙏 |
I manage two mono-repo projects (PixiJS and PixiJS Filters) which are both experiencing flavors of the same issue after upgrading to npm@7 workspaces. The package-lock file is not updated after calling
lerna version
. This creates an unclean git environment when CI attempts to publish resulting in a blocked publish (see example).Expected Behavior
After doing
lerna version
, the package-lock.json should be updated to reflect the version number bumps in the packages and included in the tag.Current Behavior
package-lock.json is not updated, and version numbers on workspace packages reflect the previous versions. Subsequent
npm install
s create a change in the package-lock.json.Possible Solution
I tried unsuccessfully add a hook to bump the lock:
"postversion": "npm i --package-lock-only"
But this errored
Failed to exec postversion script
Maybe having a
pretag
lifecycle hook would help to add this?Steps to Reproduce (for bugs)
git clone git@github.com:pixijs/filters.git
2.
npm install
npm run release -- --no-push --force-publish
(notice no package-lock.json changes in tag)npm install
(notice package-lock.json is updated)lerna.json
<!-- Please paste your `lerna.json` here -->
lerna-debug.log
Context
Your Environment
lerna --version
npm --version
yarn --version
node --version
The text was updated successfully, but these errors were encountered: