Does lerna support npm 8? (esp. the overrides feature)
See original GitHub issueI need to use npm 8 for its “overrides” feature (reference: https://docs.npmjs.com/cli/v8/configuring-npm/package-json#overrides) so that I can override a transitive dependency for one of the packages in the monorepo.
In the meanwhile, the monorepo is bootstrapped with:
- hoist
- force-local
I thought Lerna must have been delegating the install to npm so the overrides should just work, but that’s not the case.
In the package.json
of the package, I am trying to override the following:
{
...,
"overrides": {
"eslint-plugin-json-files": {
"sort-package-json": {
"globby": "11.0.0"
}
}
}
}
Expected Behavior
The package-lock.json
in the root of the monorepo should have:
{
"packages": {
...,
"node_modules/sort-package-json": {
"version": "1.55.0",
"integrity": "sha512-xhKvRD8WGbALjXQkVuk4/93Z/2NIO+5IzKamdMjN5kn3L+N+M9YWQssmM6GXlQr9v1F7PGWsOJEo1gvXOhM7Mg==",
"license": "MIT",
"dependencies": {
"detect-indent": "^6.0.0",
"detect-newline": "3.1.0",
"git-hooks-list": "1.0.3",
"globby": "10.0.0",
"is-plain-obj": "2.1.0",
"sort-object-keys": "^1.1.3"
},
"bin": {
"sort-package-json": "cli.js"
}
},
"node_modules/sort-package-json/node_modules/globby": {
"version": "11.0.0",
"integrity": "sha512-iuehFnR3xu5wBBtm4xi0dMe92Ob87ufyu/dHwpDYfbcpYpIbrO5OnS8M1vWvrBhSGEJ3/Ecj7gnX76P8YxpPEg==",
"license": "MIT",
"dependencies": {
"array-union": "^2.1.0",
"dir-glob": "^3.0.1",
"fast-glob": "^3.1.1",
"ignore": "^5.1.4",
"merge2": "^1.3.0",
"slash": "^3.0.0"
},
"engines": {
"node": ">=10"
},
"funding": {
"url": "https://github.com/sponsors/sindresorhus"
}
},
...
}
}
Note the “declared” version of "globby": "10.0.0"
vs the overridden version "version": "11.0.0"
above in two json objects.
Current Behavior
The package-lock.json
in the root of monorepo now has:
{
"packages": {
...,
"node_modules/sort-package-json": {
"version": "1.55.0",
"integrity": "sha512-xhKvRD8WGbALjXQkVuk4/93Z/2NIO+5IzKamdMjN5kn3L+N+M9YWQssmM6GXlQr9v1F7PGWsOJEo1gvXOhM7Mg==",
"license": "MIT",
"dependencies": {
"detect-indent": "^6.0.0",
"detect-newline": "3.1.0",
"git-hooks-list": "1.0.3",
"globby": "10.0.0",
"is-plain-obj": "2.1.0",
"sort-object-keys": "^1.1.3"
},
"bin": {
"sort-package-json": "cli.js"
}
},
"node_modules/sort-package-json/node_modules/globby": {
"version": "10.0.0",
"integrity": "sha512-3LifW9M4joGZasyYPz2A1U74zbC/45fvpXUvO/9KbSa+VV0aGZarWkfdgKyR9sExNP0t0x0ss/UMJpNpcaTspw==",
"license": "MIT",
"dependencies": {
"@types/glob": "^7.1.1",
"array-union": "^2.1.0",
"dir-glob": "^3.0.1",
"fast-glob": "^3.0.3",
"glob": "^7.1.3",
"ignore": "^5.1.1",
"merge2": "^1.2.3",
"slash": "^3.0.0"
},
"engines": {
"node": ">=8"
}
},
...
}
}
Note that the declared version and the actual installed version are the same, meaning overrides
not taking effect.
Possible Solution
N/A
Steps to Reproduce (for bugs)
- override in
package.json
in a package - npm install
- lerna bootstrap --hoist --force-local
lerna.json
<!-- Please paste your `lerna.json` here -->
lerna-debug.log
<!-- If you have a `lerna-debug.log` available, please paste it here -->
<!-- Otherwise, feel free to delete this <details> block -->
Context
Your Environment
Executable | Version |
---|---|
lerna --version |
4.0.0 |
npm --version |
8.5.0 |
yarn --version |
VERSION |
node --version |
16.14.2 |
| OS | Version | | macOS Catalina | 10.15.7 | | NAME | VERSION |
Issue Analytics
- State:
- Created a year ago
- Reactions:1
- Comments:5
Top GitHub Comments
@garrychnca hey so I am recently in the process of migrating a monorepo from yarn workspaces to pnpm workspaces and had to use the override that is nearly identical to npm and it wasn’t working when I tried to set into the
package.json
of that package but it started to work after I tried the same override in the rootpackage.json
of the monorepo. If you’re using npm 8 then you don’t really need to uselerna bootstrap
anymore, just use npm 8 workspaces and the override will work as expected (at least in the root it worked for me). I’m using Lerna-Lite and there’s nolerna bootstrap
command (no longer necessary with newer package managers) and override is working fine from what I can see, I also assume that Lerna would work just the same if you use the package manager workspaces instead of lerna bootstrap.Hi Folks 👋
Please take a look at our published roadmap for Lerna v7 here: https://github.com/lerna/lerna/discussions/3410
One of the key items covered at length on there (please do read it for full context) is that now that we find ourselves in late 2022, it no longer makes sense for lerna to supplement package management concerns (such as installation, boostrapping, linking etc) which are covered reliably for monorepo workspaces by the three main package managers: npm, yarn and pnpm.
lerna bootstrap
et al were developed in a completely different era of the JavaScript ecosystem.If you have any specific concerns please do join in on that discussion, and provide as much context as possible.
Many thanks 🙏