@semantic-release/npm
takes care of updating the package.json
’s version before publishing to npm.
By default, only the published package will contain the version, which is the only place where it is really required, but the updated package.json
will not be pushed to the Git repository
However, the @semantic-release/git
plugin can be used to push the updated package.json
as well as other files to the Git repository.
If you wish to only update the package.json
and push via Git you can set the project to "private": true,
within your package.json
to prevent publishing to npm. This can be useful for using semantic-release with a non-node project.
The package.json
’s version will be updated by the semantic-release
command just before publishing to npm, therefore it won't be available for scripts ran before the semantic-release
command.
As the @semantic-release/npm
plugin uses the npm CLI to update the package.json
version and publish the package, all npm hook scripts will be executed.
You can run your build script in:
- the
prepublishOnly
orprepack
hook so it will be executed during thepublish
step of@semantic-release/npm
- the
postversion
hook so it will be executed during theprepare
step of@semantic-release/npm
, which allow for example to update files before committing them with the@semantic-release/git
plugin
If using npm hook scripts is not possible, and alternative solution is to @semantic-release/exec
plugin to run your script in the prepare
step:
{
"plugins": [
"@semantic-release/commit-analyzer",
"@semantic-release/release-notes-generator",
"@semantic-release/npm",
["@semantic-release/exec", {
"prepareCmd": "./my-build-script.sh ${nextRelease.version}",
}],
]
}
Yes with the dry-run options which prints to the console the next version to be published and the release notes.
If you are using a local semantic-release installation and run multiple CI jobs with different versions, the yarn install
command will fail on jobs running with Node < 8 as semantic-release requires Node >= 10.18 and specifies it in its package.json
s engines
key.
The recommended solution is to use the Yarn --ignore-engines option to install the project dependencies on the CI environment, so Yarn will ignore the semantic-release's engines
key:
$ yarn install --ignore-engines
Note: Several CI services use Yarn by default if your repository contains a yarn.lock
file. So you should override the install step to specify yarn install --ignore-engines
.
Alternatively you can use a global semantic-release installation and make sure to install and run the semantic-release
command only in a CI jobs running with Node >= 10.18.
If your CI environment provides nvm you can switch to Node 8 before installing and running the semantic-release
command:
$ nvm install 8 && yarn global add semantic-release && semantic-release
See the CI configuration recipes for more details on specific CI environments.
As semantic-release
is recommended to be executed with npx
an alternative is required for usage with Yarn. Even though it is possible to install npx with Yarn, it's not recommended. Yarn and npx would be using different cache locations.
For local installation replace
npx semantic-release
with yarn run semantic-release
.
For global installation replace
npx semantic-release
with yarn global add semantic-release && semantic-release
.
Yes, semantic-release is a Node CLI application but it can be used to publish any type of packages.
To publish a non-Node package (without a package.json
) you would need to:
- Use a global semantic-release installation
- Set semantic-release options via CLI arguments or rc file
- Make sure your CI job executing the
semantic-release
command has access to Node >= 10.18 to execute thesemantic-release
command
See the CI configuration recipes for more details on specific CI environments.
In addition you will need to configure the semantic-release plugins to disable the @semantic-release/npm
plugin which is used by default and use a plugin for your project type.
If there is no specific plugin for your project type you can use the @semantic-release/exec
plugin to publish the release with a shell command.
Here is a basic example to create GitHub releases and use a shell command to publish:
{
"plugins": [
"@semantic-release/commit-analyzer",
"@semantic-release/release-notes-generator",
"@semantic-release/github",
["@semantic-release/exec", {
"prepareCmd" : "set-version ${nextRelease.version}",
"publishCmd" : "publish-package"
}]
]
}
Note: This is a theoretical example where the command set-version
update the project version with the value passed as its first argument and publish-package
publishes the package to a registry.
See the package managers and languages recipes for more details on specific project types.
Yes, semantic-release can be used with any CI service, as long as it provides:
- A way to set authentication via environment variables
- A way to guarantee that the
semantic-release
command is executed only after all the tests of all the jobs in the CI build pass
See the CI configuration recipes for more details on specific CI environments.
Yes, you can by explicitly setting the --no-ci
CLI option option. You will also have to set the required authentication via environment variables on your local machine, for example:
$ NPM_TOKEN=<your_npm_token> GH_TOKEN=<your_github_token> npx semantic-release --no-ci
However this is not the recommended approach, as running unit and integration tests on an independent machine before publishing software is a crucial part of the release workflow.
Yes, with the @semantic-release/gitlab-config
shareable configuration.
See the GitLab CI recipes for the CI configuration.
By default semantic-release uses the @semantic-release/github
plugin to publish a GitHub release. For other Git hosted environment the @semantic-release/git
and @semantic-release/changelog
plugins can be used via plugins configuration.
See the @semantic-release/git
@semantic-release/changelog
plugins documentation for more details.
Yes, the publishing to the npm registry can be disabled with the npmPublish
option of the @semantic-release/npm
plugin. In addition the tarballDir
option allow to generate the package tarball in order to publish it to your repository with the @semantic-release/git
or to a GitHub release with the @semantic-release/github
plugin.
See the @semantic-release/npm
plugin documentation for more details.
If you have introduced a breaking bug in a release you have 2 options:
- If you have a fix immediately ready, commit and push it (or merge it via a pull request) to the release branch
- Otherwise, revert the commit that introduced the bug and push the revert commit (or merge it via a pull request) to the release branch
In both cases semantic-release will publish a new release, so your package users will get the fixed/reverted version.
Depending on the package manager you are using, you might be able to un-publish or deprecate a release, in order to prevent users from downloading it by accident. For example, npm allows you to un-publish within 72 hours after release. You may also deprecate a release if you would rather avoid un-publishing.
In any case do not remove the Git tag associated with the buggy version, otherwise semantic-release will later try to republish that version. Publishing a version after un-publishing is not supported by most package managers.
Note: If you are using the default Angular Commit Message Conventions be aware that it uses a different revert commit format than the standard one created by git revert, contrary to what is claimed in the convention. Therefore, if you revert a commit with git revert
, use the --edit
option to format the message according to the Angular revert commit message format. See conventional-changelog/conventional-changelog#348 for more details.
Yes, all the npm configuration options are supported via the .npmrc
file at the root of your repository.
See the @semantic-release/npm
plugin documentation for more details.
The npm access
option can be set in the .npmrc
file at the root of your repository:
access=public
Or with the publishConfig.access
key in your project's package.json
:
{
"publishConfig": {
"access": "public"
}
}
Any npm compatible registry is supported with the @semantic-release/npm
plugin. For Artifactory versions prior to 5.4, the legacy authentication has to be used (with NPM_USERNAME
, NPM_PASSWORD
and NPM_EMAIL
environment variables).
See npm registry authentication for more details.
See Artifactory - npm Registry documentation for Artifactiry configuration.
You can trigger a release by pushing to your Git repository. You deliberately cannot trigger a specific version release, because this is the whole point of semantic-release.
Yes, every commits that contains [skip release]
or [release skip]
in their message will be excluded from the commit analysis and won't participate in the release type determination.
By default semantic-release uses the Angular Commit Message Conventions and triggers releases based on the following rules:
Commit | Release type |
---|---|
Commit with breaking change | |
Commit with type feat |
|
Commit with type fix |
Patch release |
Commit with type perf |
Patch release |
See the @semantic-release/npm
plugin documentation for more details.
This is fully customizable with the @semantic-release/commit-analyzer
plugin's release-rules
option.
It is indeed a great idea because it forces you to follow best practices. If you don’t feel comfortable releasing every feature or fix on your master
you might not treat your master
branch as intended.
From Understanding the GitHub Flow:
Branching is a core concept in Git, and the entire GitHub Flow is based upon it. There's only one rule: anything in the master branch is always deployable.
If you need more control over the timing of releases, see Triggering a release for different options.
Note: Only the codebase changes altering the published package will trigger a release (for example new features, bug fixes or performance improvements would trigger a release while refactoring or changing code style would not). See How can I change the type of commits that trigger a release? for more details.
This is not supported by semantic-release as it's not considered a good practice, mostly because Semantic Versioning rules applies differently to major version zero.
If your project is under heavy development, with frequent breaking changes, and is not production ready yet we recommend publishing pre-releases.
See “Introduction to SemVer” - Irina Gebauer for more details on Semantic Versioning and the recommendation to start at version 1.0.0
.
semantic-release has a full unit and integration test suite that tests npm
publishes against the npm-registry-couchapp.
In addition the verify conditions step verifies that all necessary conditions for proceeding with a release are met, and a new release will be performed only if all your tests pass.
semantic-release is written using the latest ECMAScript 2017 features, without transpilation which requires Node version 10.18 or higher.
See Node version requirement for more details and solutions.
semantic-release uses Git CLI commands to read information about the repository such as branches, commit history and tags. Certain commands and options (such as the --merged
option of the git tag
command or bug fixes related to git ls-files
) used by semantic-release are only available in Git version 2.7.1 and higher.
npx
– short for "npm exec" – is a CLI to find and execute npm binaries within the local node_modules
folder or in the $PATH. If a binary can't be located npx will download the required package and execute it from its cache location.
The tool is bundled with npm >= 5.2, or can be installed via npm install -g npx
.
For more details and motivation read the introductory blog post by @zkat.