@semantic-release/npm takes care of updating the package.json’s version before publishing to npm.
By default, only the published package will contain the version, which is the only place where it is really required, but the updated package.json will not be pushed to the Git repository
However, the @semantic-release/git plugin can be used to push the updated package.json as well as other files to the Git repository.
If you wish to only update the package.json and push via Git you can set the project to "private": true, within your package.json to prevent publishing to the npm registry.
The package.json’s version will be updated by the semantic-release command just before publishing to npm, therefore it won't be available for scripts ran before the semantic-release command.
As the @semantic-release/npm plugin uses the npm CLI to update the package.json version and publish the package, all npm hook scripts will be executed.
You can run your build script in:
- the
prepublishOnlyorprepackhook so it will be executed during thepublishstep of@semantic-release/npm - the
postversionhook so it will be executed during thepreparestep of@semantic-release/npm, which allow for example to update files before committing them with the@semantic-release/gitplugin
If using npm hook scripts is not possible, and alternative solution is to @semantic-release/exec plugin to run your script in the prepare step:
{
"plugins": [
"@semantic-release/commit-analyzer",
"@semantic-release/release-notes-generator",
"@semantic-release/npm",
["@semantic-release/exec", {
"prepareCmd": "./my-build-script.sh ${nextRelease.version}",
}],
]
}Yes with the dry-run options which prints to the console the next version to be published and the release notes.
Yes, semantic-release is a Node CLI application, but it can be used to publish any type of packages.
To publish a non-Node package (without a package.json) you would need to:
- Use a global semantic-release installation
- Set semantic-release options via CLI arguments or rc file
- Make sure your CI job executing the
semantic-releasecommand has access to Node >= 10.19 to execute thesemantic-releasecommand
See the CI configuration recipes for more details on specific CI environments.
In addition you will need to configure the semantic-release plugins to disable the @semantic-release/npm plugin which is used by default and use a plugin for your project type.
If there is no specific plugin for your project type you can use the @semantic-release/exec plugin to publish the release with a shell command.
Here is a basic example to create GitHub releases and use a shell command to publish:
{
"plugins": [
"@semantic-release/commit-analyzer",
"@semantic-release/release-notes-generator",
"@semantic-release/github",
["@semantic-release/exec", {
"prepareCmd" : "set-version ${nextRelease.version}",
"publishCmd" : "publish-package"
}]
]
}Note: This is a theoretical example where the command set-version update the project version with the value passed as its first argument and publish-package publishes the package to a registry.
See the package managers and languages recipes for more details on specific project types.
Yes, semantic-release can be used with any CI service, as long as it provides:
- A way to set authentication via environment variables
- A way to guarantee that the
semantic-releasecommand is executed only after all the tests of all the jobs in the CI build pass
See the CI configuration recipes for more details on specific CI environments.
Yes, you can by explicitly setting the --no-ci CLI option option. You will also have to set the required authentication via environment variables on your local machine, for example:
$ NPM_TOKEN=<your_npm_token> GH_TOKEN=<your_github_token> npx semantic-release --no-ciHowever this is not the recommended approach, as running unit and integration tests on an independent machine before publishing software is a crucial part of the release workflow.
Yes, with the @semantic-release/gitlab-config shareable configuration.
See the GitLab CI recipes for the CI configuration.
By default semantic-release uses the @semantic-release/github plugin to publish a GitHub release. For other Git hosted environment the @semantic-release/git and @semantic-release/changelog plugins can be used via plugins configuration.
See the @semantic-release/git @semantic-release/changelog plugins documentation for more details.
Yes, the publishing to the npm registry can be disabled with the npmPublish option of the @semantic-release/npm plugin. In addition the tarballDir option allow to generate the package tarball in order to publish it to your repository with the @semantic-release/git or to a GitHub release with the @semantic-release/github plugin.
See the @semantic-release/npm plugin documentation for more details.
If you have introduced a breaking bug in a release you have 2 options:
- If you have a fix immediately ready, commit and push it (or merge it via a pull request) to the release branch
- Otherwise, revert the commit that introduced the bug and push the revert commit (or merge it via a pull request) to the release branch
In both cases semantic-release will publish a new release, so your package users will get the fixed/reverted version.
Depending on the package manager you are using, you might be able to un-publish or deprecate a release, in order to prevent users from downloading it by accident. For example, npm allows you to un-publish within 72 hours after release. You may also deprecate a release if you would rather avoid un-publishing.
In any case do not remove the Git tag associated with the buggy version, otherwise semantic-release will later try to republish that version. Publishing a version after un-publishing is not supported by most package managers.
Note: If you are using the default Angular Commit Message Conventions be aware that it uses a different revert commit format than the standard one created by git revert, contrary to what is claimed in the convention. Therefore, if you revert a commit with git revert, use the --edit option to format the message according to the Angular revert commit message format. See conventional-changelog/conventional-changelog#348 for more details.
Yes, all the npm configuration options are supported via the .npmrc file at the root of your repository.
See the @semantic-release/npm plugin documentation for more details.
The npm access option can be set in the .npmrc file at the root of your repository:
access=public
Or with the publishConfig.access key in your project's package.json:
{
"publishConfig": {
"access": "public"
}
}Any npm compatible registry is supported with the @semantic-release/npm plugin. For Artifactory versions prior to 5.4, the legacy authentication has to be used (with NPM_USERNAME, NPM_PASSWORD and NPM_EMAIL environment variables).
See npm registry authentication for more details.
See Artifactory - npm Registry documentation for Artifactiry configuration.
You can trigger a release by pushing to your Git repository. You deliberately cannot trigger a specific version release, because this is the whole point of semantic-release.
Yes, every commits that contains [skip release] or [release skip] in their message will be excluded from the commit analysis and won't participate in the release type determination.
By default semantic-release uses the Angular Commit Message Conventions and triggers releases based on the following rules:
| Commit | Release type |
|---|---|
| Commit with breaking change | |
Commit with type feat |
|
Commit with type fix |
Patch release |
Commit with type perf |
Patch release |
See the @semantic-release/npm plugin documentation for more details.
This is fully customizable with the @semantic-release/commit-analyzer plugin's release-rules option.
It is indeed a great idea because it forces you to follow best practices. If you don’t feel comfortable releasing every feature or fix on your master you might not treat your master branch as intended.
From Understanding the GitHub Flow:
Branching is a core concept in Git, and the entire GitHub Flow is based upon it. There's only one rule: anything in the master branch is always deployable.
If you need more control over the timing of releases, see Triggering a release for different options.
Note: Only the codebase changes altering the published package will trigger a release (for example new features, bug fixes or performance improvements would trigger a release while refactoring or changing code style would not). See How can I change the type of commits that trigger a release? for more details.
This is not supported by semantic-release as it's not considered a good practice, mostly because Semantic Versioning rules applies differently to major version zero.
If your project is under heavy development, with frequent breaking changes, and is not production ready yet we recommend publishing pre-releases.
See “Introduction to SemVer” - Irina Gebauer for more details on Semantic Versioning and the recommendation to start at version 1.0.0.
semantic-release has a full unit and integration test suite that tests npm publishes against the npm-registry-couchapp.
In addition the verify conditions step verifies that all necessary conditions for proceeding with a release are met, and a new release will be performed only if all your tests pass.
semantic-release is written using the latest ECMAScript 2017 features, without transpilation which requires Node version 10.19 or higher.
See Node version requirement for more details and solutions.
semantic-release uses Git CLI commands to read information about the repository such as branches, commit history and tags. Certain commands and options (such as the --merged option of the git tag command or bug fixes related to git ls-files) used by semantic-release are only available in Git version 2.7.1 and higher.
npx – short for "npm exec" – is a CLI to find and execute npm binaries within the local node_modules folder or in the $PATH. If a binary can't be located npx will download the required package and execute it from its cache location.
The tool is bundled with npm >= 5.2, or can be installed via npm install -g npx.
For more details and motivation read the introductory blog post by @zkat.