lerna: npm 5 not supported

Expected Behavior

Would be awesome if lerna worked with npm 5.

Current Behavior

It kind of works today. The problem is that each time I run bootstrap something is modifying the package-lock.json files in inconsistent ways. Sometimes it removes the root level name and version from the package lock file. Sometimes it breaks and leaves the package.json in a state where it only has a list of the dependencies and a package.json.lerna_backup file exists.

Possible Solution

Something is clearly going on where potentially npm is watching modifications to the package.json and messing stuff up as lerna is modifying them. Not totally sure.

Steps to Reproduce (for bugs)

Honestly, each time I ran bootstrap I would get a different result.

lerna.json

{
  "lerna": "2.0.0",
  "packages": [
    "packages/*"
  ],
  "version": "independent"
}

Context

Executable Version
lerna --version 2.0.0
npm --version 5.3.0
yarn --version 0.25.7
node --version 8.1.4
OS Version
macOS Sierra 10.1.2

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Reactions: 15
  • Comments: 16 (7 by maintainers)

Most upvoted comments

Thanks for the suggestions on making the package-lock files less of an issue. However, I want to have and use the package-lock files.

+5
bryzaguy on Aug 9, 2017

When I install a new package with npm 5 it removes my symblinks created by lerna bootstrap, super annoying

+3
nealoke on Nov 1, 2017

@evocateur This should definitely put on the website or somewhere as a best practice or common management approach. A subcommand to help keep versions consistent is something we had to hack together as well. Both would be much appreciated if lerna provided out of the box.

+3
redonkulus on Aug 25, 2017

I use --hoist when bootstrapping and ensure all dependencies under packages/* are expressed identically in the root package.json. This effectively turns lerna bootstrap --hoist into a symlink-only operation, completely avoiding npm install under packages/*.

It’s a bit more painful to update dependency versions (npm up <pkg> in the root and then manually copy the version specifier to any consumers), but at least it’s easy to know when things are drifting out of date (npm outdated in the root) and completely avoids the nested lockfile issues.

I’ve been meaning to write some scripts to streamline this, possibly as a lerna subcommand (or plugin command), although I might just switch to yarn workspaces once they’re more mature.

+2
evocateur on Aug 25, 2017

3.0-alpha.0 works perfectly in npm5

On Feb 21, 2018, at 18:18, Elliott Sprehn notifications@github.com wrote:

@evocateur This is a problem for us too, lerna doesn’t seem to work with npm5. Not everyone can use --hoist, and currently lerna both changes the package-lock.json each time you bootstrap (adding or removing the dev flags or the package name) and the symlinks also don’t seem to always work. Everything worked fine with npm3 though, It’d be really excellent if lerna could support the same workflow in npm5. 😃

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.

+1
evocateur on Feb 22, 2018
Read more comments on GitHub
← lerna: `NODE_ENV=production` is not honored when installing packages
lerna: npm uninstall throws 404 for unpublished siblings →