publishing doesn't seem to work anymore

[naugtur]

Publishing task fails

https://github.com/lirantal/lockfile-lint/runs/6845308617?check_suite_focus=true

Seems like yarn no longer supports some of it.

[lirantal]

Yep, I'm on it.

Looks like lockfile issues:

lerna ERR! EUNCOMMIT Working tree has uncommitted changes, please commit or remove the following changes before continuing:
lerna ERR! EUNCOMMIT  M yarn.lock

[naugtur]

lockfile issues in a lockfile linter. classic. :sweat_smile:

[lirantal]

BTW, looks like the changes rolled out as a non-major version. Might be worth looking into why that happened if you have the time.

[naugtur]

Oh, that's not good. Can you remove them manually? I'll try running the steps locally and see what went wrong.

[naugtur]

@lirantal Tested locally and it worked as expected

$ git reset HEAD~1
$ git checkout -- .
$ yarn lerna publish --no-git-tag-version --no-push
yarn run v1.22.5
$ lerna publish --no-git-tag-version --no-push
lerna notice cli v3.14.1
lerna info versioning independent
lerna WARN Yarn's registry proxy is broken, replacing with public npm registry
lerna WARN If you don't have an npm token, you should exit and run `npm login`
lerna info publish rooted leaf detected, skipping synthetic root lifecycles
lerna info Looking for changed packages since lockfile-lint-api@5.2.4
lerna WARN version Skipping working tree validation, proceed at your own risk
lerna info getChangelogConfig Successfully resolved preset "conventional-changelog-angular"

Changes:
 - lockfile-lint-api: 5.2.4 => 6.0.0
 - lockfile-lint: 4.7.4 => 5.0.0

lerna info auto-confirmed 
lerna info execute Skipping git tag/commit
lerna info execute Skipping git push
lerna info execute Skipping GitHub releases
lerna info publish Publishing packages to npm...
lerna info Verifying npm credentials
lerna http fetch GET 401 https://registry.npmjs.org/-/npm/v1/user 585ms

Looks like a glitch. No idea how that's different

[lirantal]

Will be taking a look there

[lirantal]

I think maybe because in the prior publish run, it happened to create a git tag (https://github.com/lirantal/lockfile-lint/commit/b4a81437e7157b3f03ef01f626578ab736ffb099) for the two packages (although it wrongly created them as patch versions too). I think it didn't run through these because it thought them to be "released" already since the tag was created.

[naugtur]

I'm not convinced. I think the versions are established before it gets to checking any tags.

Hypothesis: Somehow it didn't see the long commit messages in CI and locally it did. If logic was broken, someone would have noticed it before.

[lirantal]

Maybe. There were prior cases of major version changes, we can try and track back the commits/PRs.

[naugtur]

I looked at the generated changelog because something didn't add up - it doesn't seem to have taken into account any of my changes when creating the changelog. Maybe if it fails to include them after it has failed on them before? Maybe a rebase (squash your fix on top of my merge and remove publish) would help re-run?

You;d still need to manually deprecate the current release for semver sake.

Or I could add a bit of readme about lockfile-lint-api input options and duplicate the entry about breaking changes...