anifacted / lerna-update-wizard Goto Github PK

Curently lerna-update-wizard expects the default configuration for package location, where each subdirectory of ./packages/ is a package.

However with the packages option in lerna.json you can use other directory structures as needed.

Lerna itself uses globby for it, as far as I can tell: https://github.com/lerna/lerna/blob/64916d650233f939d49d34ec52c691037f89106c/utils/collect-packages/collect-packages.js

I have several hooks which runs before git commit. So wanted an option to not ask for git features.

Hi
Nice cli. I've tried updating a private npm package (by that I don't mean "private": true but rather that it is published to npm as a private library) but I get the following error:

An error occurred:
Error: Could not look up "my-private-package" in NPM registry

npm token is correctly set up, as I can publish using lerna.

When runnings lernaupdate --dedupe, dependencies from peerDependencies act as a duplicate. For example, in one package we have "react": "^16.12.0" as a dependency and in another we have "react": "16.x" as a peer dependency. This will be seen as a duplicate

Hi,
npm audit reports that meow:^4.0.0 uses a trim-newlines version which has a high security vulnerability.

High            Regular Expression Denial of Service                          

  Package         trim-newlines                                                 

  Patched in      >=3.0.1 <4.0.0 || >=4.0.1                                     

  Dependency of   lerna-update-wizard [dev]                                     

  Path            lerna-update-wizard > meow > trim-newlines                    

  More info       https://npmjs.com/advisories/1753

Like you show labels for highest installed and latest release, it would be nice to know which version is the most used. Often you just want to align a package with all of the packages.

I'm getting an error only as error Command failed with exit code 1. in the installation phase of lernaupdate on a single dependency. Some of the lerna-packages' package.json changes stick and are now marked "Already installed ✗" on subsequent runs. The ones that don't stick are logged in green as "✓ (457 ms)" but preceded by "[1/4] Resolving packages... info If you think this is a bug....". There are no yarn-error.log or any other diagnostic messages explaining the problem. Discarding changes and reattempting gives consistent results. Any tips for diagnosing the errors?

 [email protected] in devDependencies
  Already installed ✗

[1/4] Resolving packages...
info If you think this is a bug, please open a bug report with the information provided in "C:\\code\\Repos\\...\\packages\\shared-state\\yarn-error.log".
info Visit https://yarnpkg.com/en/docs/cli/add for documentation about this command.
.../shared-state ✓ (470 ms)

[1/4] Resolving packages...
info If you think this is a bug, please open a bug report with the information provided in "C:\\code\\Repos\\...\\packages\\shared-ui\\yarn-error.log".
info Visit https://yarnpkg.com/en/docs/cli/add for documentation about this command.
.../shared-ui ✓ (537 ms)

Installed 5 packages in 538 ms


? Do you want to create a new git branch for the change? No
? Do you want to create a new git commit for the change? Yes
? Enter a git commit message: Update dependency: [email protected]
Commit created ✓

error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.

Google Cloud Builder does not like the @namespace for some reason

This package is a life saver!

It would be nice to utilize interactive mode without having to answer questions the same way each time. For example, Do you want to create a new git branch for the change? No could be a setting that prevents the question from appearing by defaulting to the set answer.

What is the problem you're trying to solve?

Unable to go back to pick previous options

What solution would you like to see?

Be able to use "backspace" key to go back to pick previous options

runCommand.js returns a promise with all the event handlers for coroutines that only check for stdout event handlers. As a result, when npm or yarn or any command writes to stderr two things happen:

1. We don't get any logging
2. In the cases I've seen, lernaupdate reports a success without actually doing anything.

Here's one such example where npm install fails and lernaupdate ignores it:

# npm writes to stderr only
# npm install --save @scope/[email protected]
npm ERR! code ETARGET
npm ERR! notarget No matching version found for @scope/nested-dependency-package@^1.0.0
npm ERR! notarget In most cases you or one of your dependencies are requesting
npm ERR! notarget a package version that doesn't exist.
npm ERR! notarget
npm ERR! notarget It was specified as a dependency of '@scope/dependency-package'
npm ERR! notarget

npm ERR! A complete log of this run can be found in:
npm ERR!     /root/.npm/_logs/2019-08-22T16_12_02_888Z-debug.log

After choosing which dependency to upgrade, I get the error SyntaxError: Unexpected end of JSON input.
I already tried the following to try and solve this issue:

• Uninstalling and reinstalling multiple times with both npm and yarn, locally as well as globally
• Updating lerna-update-wizard and node
• Downgrading to a version that works for someone else

Do you have any idea as to what could be causing this?

In this wizard, it will allow you to select either the exact version (e.g. 1.0.1) or a semver variant like ^1.0.1 or ~1.0.1. However, because this script runs --save-dev but does NOT add --save-exact, then no matter if an exact version is specified, it will default to ^1.0.1 because of the way NPM works.

So, currently, there's no way to run lernaupdate and actually output what is selected.

I just need to keep track of one dependency across multiple packages in my monorepo. Would be great if I could run lernaupdate for a specific dependency, which version to set it to, and which packages to target, all without any interactivity.
Something like
lernaupdate --dep="lodash" --version="latest" --packages="packages/a,packages/b/one,packages/b/two"

If a package.json has both a peerDependency and a devDependency field, and the same dependency is in both lists, only one of them will be updated, e.g. if updating "foo" to version "2.0.0":

{
  "peerDependencies": {
    "foo": "1.0.0" ==> "2.0.0"
  },
  "devDependencies": {
    "foo": "1.0.0" ==> "1.0.0"
  }
}

Hi,

Thank you a lot for this nice tool.

Do you think it would be possible to add the support of hoisted dependencies ?

Thank you.

Hello, thanks for developing this tool.

When I upgrade a dependency, I'd like the option for 'latest installed' and to bump the caret version in each respective package.json as well.

For example:

My packages

Component1
  package.json
    - prop-types@^15.6.1
Component2
  package.json
  - prop-types@^15.6.2

Run lernaupdate

Lerna Update Wizard
v0.9.4

Starting update wizard for project

? Select a dependency to upgrade: prop-types (1 version)

? Select packages to affect: Component1, Component2
? Select version to install: (Use arrow keys)
❯ ^15.6.2 #latest with caret version
  15.6.2 #latest
  15.5.0-alpha.0 #dev
  15.5.7-alpha.1 #next
  ^15.6.1 Highest installed

By updating the version string in each package's package.json, this helps prevent the appearance of node_modules directories nested inside a package with an outdated dependency, when using Yarn Workspaces with Lerna.

I'm willing to help contribute a solution for this.

• lerna bootstrap after 'npm install' will help to symlink those packages again.

I've installed lerna-update-wizard as recommended (as a devDependency), and once it is installed, running lernaupdate from terminal returns a message of command not found:

$ lernaupdate
bash: lernaupdate: command not found

I tried installing as a regular dependency as well and got the same result.

I'm working with a Lerna monorepo and running all of this from the root, with several packages. I'm also using --hoist with Lerna, but I don't think this should cause the lernaupdate command itself to not even be found.

I would really love is there was an option to list only outdated package when using lernaupdate.

Lerna Update Wizard v0.9.3

Getting this at the beginning of the process
Starting update wizard for root

? Select a dependency to upgrade: (Use arrow keys or type to search)

@nestjs/common (2 versions)

On selecting the first one, the system get stuck on that screen, cannot even exit using Control C

? Select a dependency to upgrade: @nestjs/common(2 versions)

instead of having to check each package individually, i'd love to just be able to execute something like lernaupdate --all

and i'd want that to update all packages to the latest version installable based on the package.json.

Just like npm update does, but for lerna! 😉

i love this tool. but when updating dependency i have to search one by one and install one at a time . it would be really awesome if we select all dependencies to install . and in one go it updates/installs them all

it would be a real time saver.

• Is there an option for selecting fixed version instead of ^ or ~ ?

One yarn package and one npm package. Verify that the script picks the correct package manager for each sub project.

I had peer dependency "lodash": "^4.17.11" in one package
And just dependency "lodash": "^4.17.11" in another two packages

I ran update command and got peer dependency "lodash": "4.17.15" (exact version, not ^)
Another two packages has "lodash": "^4.17.15" (with ^)

Why does it happen?

Because of this when I try to update lodash again, I see I have two lodash versions:

Starting update wizard for @org/front

? Select a dependency to upgrade: lodash (2 versions)

? Select packages to affect: @org/common (4.17.15), @org/proj1 (^4.17.15), @org/proj2 (^4.17.15)
? Select version to install:
...

How can I avoid this behaviour and install peer dependency with ^?

Thanks, lib is awesome

when updating package.jsons, it looks like it uses 2 spaces, and in my code i'm using 4. is there some configuration for that that i missed? or is there not a way to adjust that currently? ifso, could there please be an option added so that when versions are modified the whole file isn't modified? thanks!

Just tried the tool out and the diff shows that the version, engines, typings etc top-level keys in package.json have all been reordered arbitrarily. They don't appear to be alphabetized.

On top of that, the keys within the scripts section were reordered to no longer be alphabetized! Why!? Edit: looks like they are alphabetical except for foo and postfoo being made adjacent. Still, this is undesirable.

This creates a ton of diff noise that either has to be carefully reverted or painfully absorbed by other contributors.

It says commit created:

But when i do git log, then commit doesn't show up in the list.

I am using husky pre commit check for normal git commit process. Can it be the reason? Any solutions?

Is there a way i can see the git commit logs?

Need help!!!!

Hi,
the update of globby to version v11 #112 has broken the compatibility with windows.

The reason for that is a change of globby's transitive dependency fast-glob which requires a convertion of the Windows-style path to a Unix-style path.

Quote:

• sindresorhus/globby#130 (comment)

Recommendation fast-glob:
https://github.com/mrmlnc/fast-glob#how-to-write-patterns-on-windows

I just tried a quick and dirty fix on my machine and everything worked as expected if I replace all backslashes at the resolved path with the following regex.

defaultPackagesGlobs.map(glob => resolve(projectDir, glob, "package.json").replace(/\\/g, '/')),

Line: index.js#L89

I need to pass --ignore-engines to yarn due to a dependency that has an overly-restrictive engines field. Can we add the ability to pass flags to yarn/npm?

It would be cool to update multiple packages at once.

E.g. jest and @types/jest

Hi! I love using the tool.

When I use the tool to select a dependency and upgrade it, I want the default version semver prefix to respect my ~/.npmrc save-prefix settings, which is documented here

Awesome script, I have been running into an issue. Maybe I don't understand quite correctly but I have been trying to update a react as peer denpendency, but when I run the script and I select peer dependecy the script write down the update under dependencies, which is not what I'm expecting.

I have something like this:

{
  "name": "@myOrg/button",
  "version": "0.0.1",
  "description": "",
  "main": "index.js",
  "peerDependencies": {
    "react": "^16.7.0",
    "styled-components": "^4.1.3"
  },
  "repository": {
    "type": "git",
    "url": ""
  },
  "publishConfig": {
    "access": "public"
  },
  "author": "@",
  "license": "MIT"
}

after updating to peer dependecy ends like:

{
  "name": "@myOrg/button",
  "version": "0.0.1",
  "description": "",
  "main": "index.js",
  "peerDependencies": {
    "react": "^16.7.0",
    "styled-components": "^4.1.3"
  },
  "repository": {
    "type": "git",
    "url": ""
  },
  "publishConfig": {
    "access": "public"
  },
  "author": "@",
  "license": "MIT",
  "dependencies": {
    "react": "16.8.6",
    "styled-components": "4.2.0"
  }
}

Do you have any idea what am I possible doing wrong?

I just tried to run lerna-update-wizzard a couple of times in a project with about 60 packages. It always got stuck before showing the 'Select a dependency to upgrade'-prompt. Then I deleted all node_module-directories (recursively) and ran it again. This time the prompt was shown immediately. Is this a known thing?

I have a lerna project with 10 packages. 4 of these packages use node-rdkafka which I want to update. When I run lerna-update-wizard, it lists literally tens of thousands of various packages, and seems to be any package that any sub-package (not one that I author) though-out the entire packages installed.

If I then select the package I want to update, it then lists out thousands of other packages, where I would expect only the 4 packages I control to be shown. I can't 'upgrade' package depdencies in third party packages. It seems to just be a list of all packages, for example, @jest/console is listed, but this package doesn't install or consume node-rdkafka.

Lerna Update Wizard
v1.1.0

Starting update wizard for root

? Select a dependency to upgrade: node-rdkafka (2 versions)

? Select packages to affect: (Press <space> to select, <a> to toggle all, <i> to invert selection)
❯◯ 1to2
 ◯ 1to2
 ◯ 1to2
 ◯ 1to2
 ◯ 1to2
 ◯ 1to2
 ◯ 1to2
 ◯ 1to2
 ◯ 1to2
 ◯ 1to2
 ◯ 1to2
 ◯ 1to2
 ◯ 1to2
 ◯ 1to2
 ◯ 1to2

I was expecting the tool to list and show me mismatched and outdated dependencies consume in packages with my lerna project only.

Steps to reproduce:

1. Run lernaupdate
2. Select a package
3. Version selection screen appears and user is dropped to shell immediately

Same happens for --dedupe.

Screencast:

Hello everyone.

I'm using this package in order to update some dependencies in my project, so I follow all the instructions on the README.

After choose some package to update, I picked an options to commit with new message all changes.

After received a feedback, I checked to file changes and nothing happened.

Setup

• Mac Os Mojave
• I tried with these node versions: 10.14.1, 10.22 and 12.
• I made this setup using NPM

There is anyone with these problems too?

When I ran the wizard, in addition to updating the selected package version in my package.jsons, it removed the newline at the end of every file. Is there an option to leave that newline in place?