👷 replace lerna publish with yarn npm publish#4276
Conversation
BenoitZugmeyer
force-pushed
the
benoit/prepare-lerna-removal
branch
2 times, most recently
from
2bc8233 to
ce5cfa2
Compare
Bundles Sizes Evolution
🚀 CPU Performance
🧠 Memory Performance
|
|
✅ Tests 🎉 All green!❄️ No new flaky tests detected 🎯 Code Coverage (details) 🔗 Commit SHA: f90939f | Docs | Datadog PR Page | Was this helpful? React with 👍/👎 or give us feedback! |
BenoitZugmeyer
force-pushed
the
benoit/prepare-lerna-removal
branch
2 times, most recently
from
aca9fd3 to
abc9601
Compare
BenoitZugmeyer
force-pushed
the
benoit/prepare-lerna-removal
branch
from
abc9601 to
c9b94d1
Compare
BenoitZugmeyer
force-pushed
the
benoit/prepare-lerna-removal
branch
from
c9b94d1 to
8851870
Compare
BenoitZugmeyer
force-pushed
the
benoit/prepare-lerna-removal
branch
3 times, most recently
from
a61de5b to
5981783
Compare
Uses YARN_NPM_AUTH_TOKEN instead of writing to .npmrc, and adds a --dry-run option. The legacy lerna-based script is kept as publish-npm-legacy.ts with a corresponding manual CI job as a fallback. Also, no need to build packages ahead of time, as npm runs the "prepack" script which builds all packages.
Contrary to lerna, yarn does not include LICENSE files in packages out of the box.
BenoitZugmeyer
force-pushed
the
benoit/prepare-lerna-removal
branch
from
5981783 to
ca4fc89
Compare
.npmignore re-exclusion after negation didn't work with yarn pack, causing spec files to be included in published packages.
BenoitZugmeyer
force-pushed
the
benoit/prepare-lerna-removal
branch
from
ca4fc89 to
7f9e72d
Compare
BenoitZugmeyer
force-pushed
the
benoit/prepare-lerna-removal
branch
from
7f9e72d to
15baa60
Compare
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: ca4fc899cb
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| fs.writeFileSync('.npmrc', '//registry.npmjs.org/:_authToken=${NPM_TOKEN}') | ||
| command`yarn lerna publish from-package --yes`.withEnvironment({ NPM_TOKEN: getNpmToken() }).withLogs().run() | ||
| printLog(dryRun ? 'Publishing (dry run)' : 'Publishing') | ||
| command`yarn workspaces foreach --verbose --all --topological --no-private npm publish --access public ${dryRun ? ['--dry-run'] : []}` |
There was a problem hiding this comment.
This command publishes every non-private workspace without --tolerate-republish, so a retry after a partial release will fail as soon as it hits a version that was already published, and workspaces foreach will stop before publishing the remaining packages. I verified the CLI semantics from yarn npm publish --help (it documents --tolerate-republish for already-existing versions) and yarn workspaces foreach --help (its publish example includes that flag). This is a regression from resilient release retries and can leave releases half-published.
Useful? React with 👍 / 👎.
| fs.writeFileSync('.npmrc', '//registry.npmjs.org/:_authToken=${NPM_TOKEN}') | ||
| command`yarn lerna publish from-package --yes`.withEnvironment({ NPM_TOKEN: getNpmToken() }).withLogs().run() | ||
| printLog(dryRun ? 'Publishing (dry run)' : 'Publishing') | ||
| command`yarn workspaces foreach --verbose --all --topological --no-private npm publish --access public ${dryRun ? ['--dry-run'] : []}` |
There was a problem hiding this comment.
🥜 nitpick:
| command`yarn workspaces foreach --verbose --all --topological --no-private npm publish --access public ${dryRun ? ['--dry-run'] : []}` | |
| command`yarn workspaces foreach --verbose --all --topological --no-private npm publish --access public ${dryRun ? '--dry-run' : ''}` |
There was a problem hiding this comment.
It's not quite the same.
command`ls ${''}` // passes an empty argument, similar to `ls ''`
command`ls ${[]}` // passes no argumentThere was a problem hiding this comment.
commandls ${''}-> passes an empty argument, similar tols ''``
really? shouldn't it be
command`ls ${"''"}`to output ls '' ?
There was a problem hiding this comment.
Maybe I wasn't quite clear.
command`ls ${''}` // passes an empty argument, similar to running `ls ''` in a shell
command`ls ${'foo'}` // passes `foo` as argument, similar to running `ls 'foo'` in a shell
command`ls ''` // passes `''` as an argument, similar to running `ls "''"` in a shell
command`ls ${"''"}` // same as above
command`ls ${[]}` // passes no argumentThis is a feature, not a bug 😄 I had security concerns about shell injections when spawning commands in our scripts. So command does not spawn shells and instead passes values directly to the executed binary. It might seem confusing at first but it removes a whole source of problems.
I added a few tests to illustrate the behavior: f90939f#diff-7933dd4283324d4158a016dd9934b38c391f7c61b99fdebf8d00be9134900746R34-R39
There was a problem hiding this comment.
thank you! I did not realized
command`ls ${''}`
// is different from
command`ls `
unlike
`ls ${''}` === `ls ` // true
Thanks for adding the tests
| if (packageJson?.private) { | ||
| printWarning(`Skipping private package ${packageJson.name}`) | ||
| return true | ||
| } |
There was a problem hiding this comment.
❓ question: We don't need this anymore?
There was a problem hiding this comment.
This was for the 'flagging' package that we removed recently.
I removed this check because it ignored the new integration packages that we are about to release. Better catch malformed packages early than late.
BenoitZugmeyer
force-pushed
the
benoit/prepare-lerna-removal
branch
from
b18c9f9 to
f90939f
Compare
4 participants
Motivation
This is a follow-up of #4275
Second step toward removing lerna from the project. This PR replaces
lerna publishwithyarn npm publishto publish NPM packages.Changes
The publish script now uses
yarn workspaces foreach npm publishand gains a--dry-runoption. The old lerna-based script is preserved aspublish-npm-legacy.tsjust in case things don't work we can still publish using lerna.Replaced
.npmignorewithfilespackage.json field, becauseyarn packdoes not support how we use.npmignore(we exclude, include, then re-exclude files)The
check-packages.tsscript is updated:yarn packfor dry-run validationfilesfield. I'm not totally sure this is useful, but 🤷Add a
LICENSEfile to all packages, becauseyarn npm publishdoes not pull it from the repository root like lerna did.Test instructions
node scripts/deploy/publish-npm.ts --dry-run— should list files that would be published without actually publishingnode scripts/check-packages.ts— should pass without errorsI used a small script to compare files listed by
node scripts/deploy/publish-npm.ts --dry-runand the current packages published on NPM to ensure everything looks good.Checklist