Should not overwrite `workspace:*` when release ( pnpm workspace )

[zigang93]

Pre-Checks

• [X] Follow our Code of Conduct.
• [X] Read the Contributing Guidelines.
• [X] Check that there isn't already an issue that reports the same bug to avoid creating a duplicate.
• [X] Make sure this is a semantic-release issue and not related to a combination with another package.
• [X] Check that this is a concrete bug. For Q&A open a GitHub Discussion.
• [X] The provided reproduction is a minimal reproducible example of the bug.
• [ ] I am willing to provide a PR.

Describe the bug

I wonder how to prevent overwrite workspace:*?

example: package-a ( v1.0.0 )

app's package.json after release "package-a": "workspace:*" to "package-a": "1.0.0"

Minimal reproduction code

No response

Additional Context

No response

Environment Info

System:
    OS: macOS 14.5
    CPU: (8) arm64 Apple M1
    Memory: 41.81 MB / 16.00 GB
    Shell: 5.9 - /bin/zsh
  Binaries:
    Node: 20.9.0 - ~/.nvm/versions/node/v20.9.0/bin/node
    npm: 10.1.0 - ~/.nvm/versions/node/v20.9.0/bin/npm
    pnpm: 9.1.1 - ~/.nvm/versions/node/v20.9.0/bin/pnpm
    bun: 1.0.25 - /opt/homebrew/bin/bun
  Browsers:
    Chrome: 126.0.6478.61
    Safari: 17.5
  npmPackages:
    @anolilab/multi-semantic-release: ^1.1.3 => 1.1.3 
    @anolilab/semantic-release-pnpm: ^1.1.3 => 1.1.3

Which module system do you use?

• [ ] CJS
• [X] ESM

Used Package Manager

pnpm

Upvote & Fund

• We're using Polar.sh so you can upvote and help fund this issue.
• We receive the funding once the issue is completed & confirmed by you.
• Thank you in advance for helping prioritize & fund our backlog.

[github-actions[bot]]

It looks like this is your first issue. Welcome! 👋 One of the project maintainers will be with you as soon as possible. We appreciate your patience. To safeguard the health of the project, please take a moment to read our code of conduct.

[prisis]

Hey @zigang93, this not really possible, the npm registry needs this version information to know how to handle npm packages dependencies.

One "maybe" working way would be that you could add a new step after semantic-release that rewrites the version that was add before the "semantic-release-git" do a push to your repo back.

Or you can use the pnpm overwrite in you root package.json to make this overwrite so this will work like the "workspace:*" in you packages

Example:

    "pnpm": {
        "overrides": {
            "@visulima/pail": "workspace:*",
        },
    },

ref https://github.com/qiwi/multi-semantic-release/pull/95

[zigang93]

@prisis I don't care about npm register to publish, all my app/package is private. how can I just do some patch? can u help me which line of code to stop this behavior? I can use pnpm patch to do so

[prisis]

Hey :), it should be around this function https://github.com/anolilab/semantic-release/blob/173e5c619bbb00f99c12bb13ab51b986488fdd31/packages/multi-semantic-release/lib/update-deps.js#L70-L89

[github-actions[bot]]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. Please note this issue tracker is not a help forum. We recommend using our GitHub Discussions tab for questions.