Frequently Asked Questions
Last updated
Last updated
package.json
’s version not updated in my repository? takes care of updating the package.json
’s version before publishing to based on the previous version that was tracked as a git tag. By default, only the published package will contain the version, which is the only place where it is really required, but the updated package.json
will not be pushed to the Git repository. A git tag is added to track the new version, so committing the version is not necessary for semantic-release to pick up from there for the next release.
Some teams find value in being able to reference the repository to determine the current latest version available for the published package. Unfortunately, there are some failure scenarios where semantic-release might leave the committed version in the repository out of sync with the version that exists in the registry. The best way to determine available versions is to consult the registry that your package is published to, since it is the actual source of truth. The can be used to consult the registry with the following command:
When not committing updates to the version, a value that follows the semver guidelines is still required for the version
property within the package.json
. To make it clear to contributors that the version is not kept up to date, we recommend using a value like 0.0.0-development
or 0.0.0-semantically-released
.
While the enables committing such changes and pushing them back to the repository as part of a release, we strongly recommend against this practice.
Making commits and pushing them back to the repository adds significant additional complexity to your release process that can be avoided:
Branch protection configuration must account for allowing the release user account to bypass restrictions enforced for human contributors, which might require elevating the access level of the release user beyond what would otherwise be desired/considered secure.
Pre-commit hooks configured for a project, which is a popular practice when enabling through , for example, must be accounted for in the release process. (We recommend disabling tools like this for automated commits, but you need to decide what is appropriate for your project)
If you make your npm package available directly via a GitHub repository rather than publishing to a registry, for example, making a commit and pushing to the repository is a necessary step. In such a case you will want to use to coordinate the commit and push. You can set the project to "private": true,
within your package.json
to .
CHANGELOG.md
in my repository during a release?Before deciding that a changelog file is necessary for your project, please consider whether the added complexity is worth it when GitHub releases (or similar for your host, if not GitHub) might accomplish the same goal. It could also be worth considering whether having a CHANGELOG.md
in your repository that only contains a link to the project's GitHub releases could be an acceptable middle ground.
package.json
’s version ?You can run your build script in:
the prepublishOnly
or prepack
hook so it will be executed during the publish
step of @semantic-release/npm
Yes, semantic-release is a Node CLI application, but it can be used to publish any type of packages.
To publish a non-Node package (without a package.json
) you would need to:
Note: This is a theoretical example where the command set-version
update the project version with the value passed as its first argument and publish-package
publishes the package to a registry.
Yes, semantic-release can be used with any CI service, as long as it provides:
However this is not the recommended approach, as running unit and integration tests on an independent machine before publishing software is a crucial part of the release workflow.
If you have introduced a breaking bug in a release you have 2 options:
If you have a fix immediately ready, commit and push it (or merge it via a pull request) to the release branch
In both cases semantic-release will publish a new release, so your package users will get the fixed/reverted version.
In any case do not remove the Git tag associated with the buggy version, otherwise semantic-release will later try to republish that version. Publishing a version after un-publishing is not supported by most package managers.
.npmrc
options?Or with the publishConfig.access
key in your project's package.json
:
You can trigger a release by pushing to your Git repository. You deliberately cannot trigger a specific version release, because this is the whole point of semantic-release.
Yes, every commits that contains [skip release]
or [release skip]
in their message will be excluded from the commit analysis and won't participate in the release type determination.
Commit with breaking change
Major Breaking release
Commit with type feat
Minor Feature release
Commit with type fix
Patch release
Commit with type perf
Patch release
It is indeed a great idea because it forces you to follow best practices. If you don’t feel comfortable releasing every feature or fix on your master
/main
you might not treat your master
/main
branch as intended.
Branching is a core concept in Git, and the entire GitHub Flow is based upon it. There's only one rule: anything in the master/main branch is always deployable.
0.0.1
?However, if you are choosing to follow this path because you can't use the official npm registry and don't want to manage your own registry, consider instead.
can be used to add release notes to a CHANGELOG.md
file within your repository as part of each release. Committing changes to a CHANGELOG.md
or similar file introduces the same as committing an updated version within a package.json
file. In addition, the release notes that would be added to a changelog file are likely redundant with the release notes added as GitHub releases, if that is also configured for your project (enabled by default).
The package.json
’s version will be updated by the semantic-release
command just before publishing to , therefore it won't be available for scripts ran before the semantic-release
command.
As the plugin uses the to update the package.json
version and publish the package, all will be executed.
the postversion
hook so it will be executed during the prepare
step of @semantic-release/npm
, which allow for example to update files before committing them with the plugin
If using npm hook scripts is not possible, and alternative solution is to plugin to run your script in the prepare
step:
Yes with the which prints to the console the next version to be published and the release notes.
Use a semantic-release installation
Set semantic-release via
Make sure your CI job executing the semantic-release
command has access to a version of Node that to execute the semantic-release
command
See the for more details on specific CI environments.
In addition, you will need to configure the semantic-release to disable the plugin which is used by default and use a plugin for your project type.
If there is no specific plugin for your project type you can use the plugin to publish the release with a shell command.
Here is a basic example to create and use a shell command to publish:
See the for more details on specific project types and the to see if there are community-supported plugins already available for the stack you are interested in.
A way to set via environment variables
A way to guarantee that the semantic-release
command is
See the for more details on specific CI environments.
Yes, you can by explicitly setting the option. You will also have to set the required via environment variables on your local machine, for example:
Yes, with the shareable configuration.
See the for the CI configuration.
By default semantic-release uses the plugin to publish a . For other Git hosted environment the and plugins can be used via .
See the plugins documentation for more details.
Yes, the publishing to the npm registry can be disabled with the option of the plugin. In addition the option allow to generate the package tarball in order to publish it to your repository with the or to a with the plugin.
See the plugin documentation for more details.
Otherwise, that introduced the bug and push the revert commit (or merge it via a pull request) to the release branch
Depending on the package manager you are using, you might be able to un-publish or deprecate a release, in order to prevent users from downloading it by accident. For example, npm allows you to after release. You may also a release if you would rather avoid un-publishing.
Note: If you are using the default be aware that it uses a different revert commit format than the standard one created by , contrary to what is . Therefore, if you revert a commit with , use the to format the message according to the . See for more details.
Yes, all the are supported via the file at the root of your repository.
See the plugin documentation for more details.
The can be set in the file at the root of your repository:
By default semantic-release uses the and triggers releases based on the following rules:
See the plugin documentation for more details.
This is fully customizable with the plugin's .
From :
If you need more control over the timing of releases, see for different options.
Note: Only the codebase changes altering the published package will trigger a release (for example new features, bug fixes or performance improvements would trigger a release while refactoring or changing code style would not). See for more details.
This is not supported by semantic-release. rules apply differently to major version zero and supporting those differences is out of scope and not one of the goals of the semantic-release project.
If your project is under heavy development, with frequent breaking changes, and is not production ready yet we recommend .
See for more details on and the recommendation to start at version 1.0.0
.
semantic-release has a full unit and integration test suite that tests npm
publishes against the .
In addition, the verifies that all necessary conditions for proceeding with a release are met, and a new release will be performed .
– short for "npm exec" – is a CLI to find and execute npm binaries within the local node_modules
folder or in the $PATH. If a binary can't be located npx will download the required package and execute it from its cache location. The tool is bundled with >= 5.2, or can be installed via npm install -g npx
. For more details and motivation read the by .