update-versions^4.1.0

Like npm-check-updates but supports Lerna monorepos and enforces strict semver values

Install globally, via npm

This is a CLI app so you install it globally, with -g:

npm i -g update-versions

Then, call it from the command line using keyword:

upd

Alternatively, CLI's can also be installed as local dependencies, but you then have to call them through package.json, through npm script.

Trivia

This program has 30 assertions in its unit tests. That's less than all unit test assertions' median (49) and less than geometric mean (73).

Quick Take

Update all dependencies of all packages in a monorepo — or single repo — to be the latest as per npm:

What `update-versions` does

This CLI will iterate all package.json in a given path and its sub-paths and process each dev- and normal dependency:

If it's a monorepo setup and if another package in monorepo exists with such name, that version is set in ^x.x.x format
In all other cases, a value from npm is fetched using pacote, and that value is set in ^x.x.x format

This CLI is a good idea in Lerna monorepos full of owned npm packages (where you bump versions often and effortlessly) but a bad idea in React SPA's (where single minor update might break many things and updating dependencies is a big, complex deal).

↑ back to top

Opinionated part 1

Lerna bootstrap will not work properly if each dependency is not prefixed with ^, as in ^x.y.z. It's hard to manually enforce that all monorepo packages should have all dependencies in this format. update-versions will force this format.

One exception - if its dependency's value starts with file:.

↑ back to top

Opinionated part 2

If any dependency is listed on both dependencies and devDependencies, it will be removed from the latter list. It's common sense, but we mention this "extra".

↑ back to top

Opinionated part 3

If Lerna build goes wrong, a key called gitHead is created in package.json. Lerna normally cleans it up, but if things go wrong, the key might be left there. This CLI removes a key called gitHead if such exists, in every processed package.json.

↑ back to top

Blacklist to avoid major semver bumps

Since v4.1.0, it's possible to stop bumping major semver ranges (like 2.x.x -> 3.x.x). Create a upd.config.json in the root of the package or monorepo and put all package names you don't want major-bumped, for example:

{
  "noMajorBumping": [
    "ansi-regex",
    "colorette",
    "define-lazy-prop",
    "log-symbols",
    "meow",
    "p-map",
    "p-reduce",
    "rollup-plugin-dts",
    "sort-keys",
    "tap"
  ]
}

All packages above won't get major semver bumps, only patch and minor.

Changelog

See it in the monorepo , on GitHub.

↑ back to top

Contributing

To report bugs or request features or assistance, raise an issue on GitHub .

Any code contributions welcome! All Pull Requests will be dealt promptly.

↑ back to top

Licence

MIT

↑ back to top

Related packages:

📦 npm-check-updates

Find newer versions of dependencies than what your package.json allows

📦 lerna-clean-changelogs-cli ^1.5.0

CLI application to cleanse the lerna/commitizen-generated changelogs

📦 lerna-link-dep ^1.4.0

Like lerna add but does just the symlinking, works on CLI bins too

↑ back to top

update-versions4.1.0

Related packages:

update-versions^4.1.0