CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/npm-lerna

Lerna is a fast, modern build system for managing and publishing multiple JavaScript/TypeScript packages from the same repository

Pending
Quality

Pending

Does it follow best practices?

Impact

Pending

No eval scenarios have been run

SecuritybySnyk

Pending

The risk profile of this skill

Overview
Eval results
Files

publishing.mddocs/

Publishing

Publishing packages to npm registry with coordinated releases and access verification.

Capabilities

Publish Command

Publishes packages to npm registry with automatic version management and access verification.

# Publish changed packages (runs version first)
lerna publish

# Publish from current git tag (skip versioning)
lerna publish from-git

# Publish packages marked as needing publication
lerna publish from-package

# Publish specific version
lerna publish 1.2.3
lerna publish patch
lerna publish minor
lerna publish major
lerna publish prerelease

# Publish with specific npm tag
lerna publish --dist-tag next
lerna publish --dist-tag beta

# Publish with custom registry
lerna publish --registry https://custom-registry.com

# Skip npm publish (git operations only)
lerna publish --skip-npm

# Skip git operations
lerna publish --skip-git

# Force publish all packages
lerna publish --force-publish

# Confirm all prompts automatically
lerna publish --yes

# Custom OTP (One-Time Password) for 2FA
lerna publish --otp 123456

# Publish pre-built packages
lerna publish from-package --contents dist

Publishing Workflow

The lerna publish command performs:

  1. Version Management: Runs lerna version if not using from-git or from-package
  2. Build Verification: Ensures packages are built and ready for publishing
  3. Access Verification: Checks npm registry access and 2FA requirements
  4. License Verification: Validates package licenses exist
  5. Package Publishing: Publishes to npm registry in topological order
  6. Tag Management: Updates npm dist-tags appropriately

Publishing Modes

Standard Publishing

# Version and publish changed packages
lerna publish

# Equivalent to:
# lerna version + lerna publish from-git

From Git Tag

# Publish packages based on current git tag
lerna publish from-git

# Useful in CI after lerna version has been run

From Package

# Publish packages where version > registry version
lerna publish from-package

# Useful for recovering from failed publishes

Publishing Configuration

interface PublishConfig {
  /** npm registry URL */
  registry?: string;
  /** Package access level */
  access?: 'public' | 'restricted';
  /** Commit message for publish */
  message?: string;
  /** Use conventional commits */
  conventionalCommits?: boolean;
  /** Skip confirmation prompts */
  yes?: boolean;
  /** npm dist-tag for published packages */
  distTag?: string;
  /** Skip npm publish (git only) */
  skipNpm?: boolean;
  /** Skip git operations */
  skipGit?: boolean;
  /** Directory to publish (relative to package root) */
  contents?: string;
  /** Force publish all packages */
  forcePublish?: boolean | string | string[];
  /** One-time password for 2FA */
  otp?: string;
  /** Verify package access before publishing */
  verifyAccess?: boolean;
  /** Create temporary license files */
  createRelease?: 'github' | 'gitlab';
  /** Pre/post publish lifecycle scripts */
  prePublishOnly?: string;
  postPublishOnly?: string;
}

Usage in lerna.json:

{
  "command": {
    "publish": {
      "registry": "https://registry.npmjs.org",
      "access": "public",
      "conventionalCommits": true,
      "message": "chore: publish",
      "distTag": "latest",
      "verifyAccess": true
    }
  }
}

Package-specific configuration in package.json:

{
  "publishConfig": {
    "registry": "https://custom-registry.com",
    "access": "public",
    "tag": "next"
  }
}

Access Management

npm Access Verification

Lerna verifies npm registry access before publishing:

# Verify access for all packages
lerna publish --verify-access

# Skip access verification  
lerna publish --no-verify-access

Access verification checks:

  • User authentication with registry
  • Package publication permissions
  • Organization membership (for scoped packages)
  • Two-factor authentication requirements

Two-Factor Authentication

# Provide OTP for 2FA-enabled accounts
lerna publish --otp 123456

# Lerna will prompt for OTP if required and not provided
lerna publish
# ? Please enter a one-time password: [input]

Registry Configuration

Custom Registry

# Publish to custom registry
lerna publish --registry https://custom-registry.com

# Use registry from .npmrc
lerna publish

Multiple Registries

Configure different registries per package scope in .npmrc:

@myorg:registry=https://custom-registry.com
@public:registry=https://registry.npmjs.org

Package Contents

Custom Contents Directory

# Publish from dist directory
lerna publish --contents dist

# Publish from build directory
lerna publish from-package --contents build

This publishes the contents of the specified directory as the package root, useful for:

  • Compiled TypeScript packages
  • Bundled packages
  • Packages with build steps

File Inclusion

Control published files via package.json:

{
  "files": [
    "dist",
    "lib",
    "!**/*.test.js"
  ]
}

Error Handling

Failed Publishes

# Recover from failed publish
lerna publish from-package

# Force republish specific packages
lerna publish from-package --force-publish package-name

# Skip packages that failed to publish
lerna publish from-git --no-verify-access

Lifecycle Scripts

Lerna respects npm lifecycle scripts:

  • prepublishOnly - Run before publishing (npm 5+)
  • prepack - Run before tarball creation
  • postpack - Run after tarball creation
  • postpublish - Run after successful publish
{
  "scripts": {
    "prepublishOnly": "npm run build",
    "postpublish": "echo 'Published successfully!'"
  }
}

docs

change-detection.md

configuration.md

index.md

package-management.md

package-operations.md

publishing.md

script-execution.md

version-management.md

tile.json