@lerna-lite/publish 0.3.0

package/dist/publishCommand.js

@@ -0,0 +1,628 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PublishCommand = void 0;
+const os_1 = __importDefault(require("os"));
+const path_1 = __importDefault(require("path"));
+const crypto_1 = __importDefault(require("crypto"));
+const p_map_1 = __importDefault(require("p-map"));
+const p_pipe_1 = __importDefault(require("p-pipe"));
+const semver_1 = __importDefault(require("semver"));
+const version_1 = require("@lerna-lite/version");
+const core_1 = require("@lerna-lite/core");
+const get_current_tags_1 = require("./lib/get-current-tags");
+const get_tagged_packages_1 = require("./lib/get-tagged-packages");
+const get_unpublished_packages_1 = require("./lib/get-unpublished-packages");
+const get_npm_username_1 = require("./lib/get-npm-username");
+const verify_npm_package_access_1 = require("./lib/verify-npm-package-access");
+const get_two_factor_auth_required_1 = require("./lib/get-two-factor-auth-required");
+const get_current_sha_1 = require("./lib/get-current-sha");
+const git_checkout_1 = require("./lib/git-checkout");
+const pack_directory_1 = require("./lib/pack-directory");
+const npm_publish_1 = require("./lib/npm-publish");
+const log_packed_1 = require("./lib/log-packed");
+const npm_dist_tag_1 = require("./lib/npm-dist-tag");
+const remove_temp_licenses_1 = require("./lib/remove-temp-licenses");
+const create_temp_licenses_1 = require("./lib/create-temp-licenses");
+const get_packages_without_license_1 = require("./lib/get-packages-without-license");
+class PublishCommand extends core_1.Command {
+    constructor() {
+        super(...arguments);
+        /** command name */
+        this.name = 'publish';
+        this.gitReset = false;
+        this.savePrefix = '';
+        this.tagPrefix = '';
+        this.hasRootedLeaf = false;
+        this.npmSession = '';
+        this.packagesToPublish = [];
+        this.packagesToBeLicensed = [];
+        this.verifyAccess = false;
+        this.twoFactorAuthRequired = false;
+        this.updates = [];
+    }
+    get otherCommandConfigs() {
+        // back-compat
+        return ['version'];
+    }
+    get requiresGit() {
+        // `ws-roller publish from-package` doesn't _need_ git, per se
+        return this.options.bump !== 'from-package';
+    }
+    configureProperties() {
+        super.configureProperties();
+        // Defaults are necessary here because yargs defaults
+        // override durable options provided by a config file
+        const { 
+        // prettier-ignore
+        exact, gitHead, gitReset, tagVersionPrefix = 'v', verifyAccess, } = this.options;
+        if (this.requiresGit && gitHead) {
+            throw new core_1.ValidationError('EGITHEAD', '--git-head is only allowed with "from - package" positional');
+        }
+        // https://docs.npmjs.com/misc/config#save-prefix
+        this.savePrefix = exact ? '' : '^';
+        // https://docs.npmjs.com/misc/config#tag-version-prefix
+        this.tagPrefix = tagVersionPrefix;
+        // TODO: properly inherit from npm-conf
+        // inverted boolean options are only respected if prefixed with `--no-`, e.g. `--no-verify-access`
+        this.gitReset = gitReset !== false;
+        this.verifyAccess = verifyAccess !== false;
+        // consumed by npm-registry-fetch (via libnpmpublish)
+        this.npmSession = crypto_1.default.randomBytes(8).toString('hex');
+    }
+    get userAgent() {
+        // consumed by npm-registry-fetch (via libnpmpublish)
+        return `lerna/${this.options.libVersion}/node@${process.version}+${process.arch} (${process.platform})`;
+    }
+    async initialize() {
+        var _a, _b, _c;
+        if (this.options.canary) {
+            this.logger.info('canary', 'enabled');
+        }
+        if (this.options.requireScripts) {
+            this.logger.info('require-scripts', 'enabled');
+        }
+        // npmSession and user-agent are consumed by npm-registry-fetch (via libnpmpublish)
+        this.logger.verbose('session', this.npmSession);
+        this.logger.verbose('user-agent', this.userAgent);
+        this.conf = (0, core_1.npmConf)({
+            lernaCommand: 'publish',
+            _auth: this.options.legacyAuth,
+            npmSession: this.npmSession,
+            npmVersion: this.userAgent,
+            otp: this.options.otp,
+            registry: this.options.registry,
+            'ignore-prepublish': this.options.ignorePrepublish,
+            'ignore-scripts': this.options.ignoreScripts,
+        });
+        // cache to hold a one-time-password across publishes
+        this.otpCache = { otp: this.conf.get('otp') };
+        this.conf.set('user-agent', this.userAgent, 'cli');
+        if (this.conf.get('registry') === 'https://registry.yarnpkg.com') {
+            this.logger.warn('', `Yarn's registry proxy is broken, replacing with public npm registry`);
+            this.logger.warn('', `If you don't have an npm token, you should exit and run "npm login"`);
+            this.conf.set('registry', 'https://registry.npmjs.org/', 'cli');
+        }
+        // inject --dist-tag into opts, if present
+        const distTag = this.getDistTag();
+        if (distTag) {
+            this.conf.set('tag', distTag.trim(), 'cli');
+        }
+        // a 'rooted leaf' is the regrettable pattern of adding '.' to the 'packages' config in lerna.json
+        this.hasRootedLeaf = (_c = (_a = this.packageGraph) === null || _a === void 0 ? void 0 : _a.has((_b = this.project) === null || _b === void 0 ? void 0 : _b.manifest.name)) !== null && _c !== void 0 ? _c : false;
+        if (this.hasRootedLeaf) {
+            this.logger.info('publish', 'rooted leaf detected, skipping synthetic root lifecycles');
+        }
+        this.runPackageLifecycle = (0, core_1.createRunner)(this.options);
+        // don't execute recursively if run from a poorly-named script
+        this.runRootLifecycle = /^(pre|post)?publish$/.test(process.env.npm_lifecycle_event || '')
+            ? (stage) => this.logger.warn('lifecycle', 'Skipping root %j because it has already been called', stage)
+            : (stage) => { var _a; return this.runPackageLifecycle((_a = this.project) === null || _a === void 0 ? void 0 : _a.manifest, stage); };
+        let promiseResult;
+        if (this.options.bump === 'from-git') {
+            promiseResult = await this.detectFromGit();
+        }
+        else if (this.options.bump === 'from-package') {
+            promiseResult = await this.detectFromPackage();
+        }
+        else if (this.options.canary) {
+            promiseResult = await this.detectCanaryVersions();
+        }
+        else {
+            promiseResult = new version_1.VersionCommand(this.argv);
+        }
+        if (!promiseResult) {
+            // early return from nested VersionCommand
+            return false;
+        }
+        if (!promiseResult.updates.length) {
+            this.logger.success('No changed packages to publish');
+            // still exits zero, aka 'ok'
+            return false;
+        }
+        // (occasionally) redundant private filtering necessary to handle nested VersionCommand
+        this.updates = promiseResult.updates.filter((node) => !node.pkg.private);
+        this.updatesVersions = new Map(promiseResult.updatesVersions);
+        this.packagesToPublish = this.updates.map((node) => node.pkg);
+        if (this.options.contents) {
+            // globally override directory to publish
+            for (const pkg of this.packagesToPublish) {
+                pkg.contents = this.options.contents;
+            }
+        }
+        if (promiseResult.needsConfirmation) {
+            // only confirm for --canary, bump === 'from-git',
+            // or bump === 'from-package', as VersionCommand
+            // has its own confirmation prompt
+            return this.confirmPublish();
+        }
+        return true;
+    }
+    async execute() {
+        var _a, _b, _c;
+        this.enableProgressBar();
+        this.logger.info('publish', 'Publishing packages to npm...');
+        await this.prepareRegistryActions();
+        await this.prepareLicenseActions();
+        if (this.options.canary) {
+            await this.updateCanaryVersions();
+        }
+        await this.resolveLocalDependencyLinks();
+        await this.annotateGitHead();
+        await this.serializeChanges();
+        await this.packUpdated();
+        await this.publishPacked();
+        if (this.gitReset) {
+            await this.resetChanges();
+        }
+        if (this.options.tempTag) {
+            await this.npmUpdateAsLatest();
+        }
+        const count = (_a = this.packagesToPublish) === null || _a === void 0 ? void 0 : _a.length;
+        const message = (_c = (_b = this.packagesToPublish) === null || _b === void 0 ? void 0 : _b.map((pkg) => ` - ${pkg.name}@${pkg.version}`)) !== null && _c !== void 0 ? _c : [];
+        this.logOutput('Successfully published:');
+        this.logOutput(message.join(os_1.default.EOL));
+        this.logger.success('published', '%d %s', count, count === 1 ? 'package' : 'packages');
+    }
+    verifyWorkingTreeClean() {
+        return (0, core_1.describeRef)(this.execOpts, undefined, this.options.gitDryRun).then(core_1.throwIfUncommitted);
+    }
+    async detectFromGit() {
+        var _a, _b, _c;
+        try {
+            const matchingPattern = ((_a = this.project) === null || _a === void 0 ? void 0 : _a.isIndependent()) ? '*@*' : `${this.tagPrefix}*.*.*`;
+            // attempting to publish a tagged release with local changes is not allowed
+            await this.verifyWorkingTreeClean();
+            const taggedPackageNames = await (0, get_current_tags_1.getCurrentTags)(this.execOpts, matchingPattern, this.options.gitDryRun);
+            if (!taggedPackageNames.length) {
+                this.logger.notice('from-git', 'No tagged release found. You might not have fetched tags.');
+                return [];
+            }
+            if ((_b = this.project) === null || _b === void 0 ? void 0 : _b.isIndependent()) {
+                return taggedPackageNames.map((name) => { var _a; return (_a = this.packageGraph) === null || _a === void 0 ? void 0 : _a.get(name); });
+            }
+            const updates = await (0, get_tagged_packages_1.getTaggedPackages)(this.packageGraph, (_c = this.project) === null || _c === void 0 ? void 0 : _c.rootPath, this.execOpts, this.options.gitDryRun);
+            // private packages are never published, full stop.
+            updates.filter((node) => !node.pkg.private);
+            const updatesVersions = updates.map((node) => [node.name, node.version]);
+            return {
+                updates,
+                updatesVersions,
+                needsConfirmation: true,
+            };
+        }
+        catch (err) {
+            // an execa error is thrown when git suffers a fatal error (such as no git repository present)
+            if (err.failed && /git describe/.test(err.command)) {
+                // (we tried)
+                this.logger.silly('EWORKINGTREE', err.message);
+                this.logger.notice('FYI', 'Unable to verify working tree, proceed at your own risk');
+            }
+            else {
+                // validation errors should be preserved
+                throw err;
+            }
+        }
+    }
+    async detectFromPackage() {
+        try {
+            // attempting to publish a release with local changes is not allowed
+            await this.verifyWorkingTreeClean();
+        }
+        catch (err) {
+            // an execa error is thrown when git suffers a fatal error (such as no git repository present)
+            if (err.failed && /git describe/.test(err.command)) {
+                // (we tried)
+                this.logger.silly('EWORKINGTREE', err.message);
+                this.logger.notice('FYI', 'Unable to verify working tree, proceed at your own risk');
+            }
+            else {
+                // validation errors should be preserved
+                throw err;
+            }
+        }
+        // private packages are already omitted by getUnpublishedPackages()
+        const unpublishedUpdates = await (0, get_unpublished_packages_1.getUnpublishedPackages)(this.packageGraph, this.conf.snapshot);
+        if (!unpublishedUpdates.length) {
+            this.logger.notice('from-package', 'No unpublished release found');
+        }
+        const updatesVersions = unpublishedUpdates.map((node) => [node.name, node.version]);
+        return {
+            updates: unpublishedUpdates,
+            updatesVersions,
+            needsConfirmation: true,
+        };
+    }
+    detectCanaryVersions() {
+        var _a;
+        const { cwd } = this.execOpts;
+        const { bump = 'prepatch', preid = 'alpha', ignoreChanges, forcePublish, includeMergedTags, } = this.options;
+        // 'prerelease' and 'prepatch' are identical, for our purposes
+        const release = bump.startsWith('pre') ? bump.replace('release', 'patch') : `pre${bump}`;
+        let chain = Promise.resolve();
+        // attempting to publish a canary release with local changes is not allowed
+        chain = chain
+            .then(() => this.verifyWorkingTreeClean())
+            .catch((err) => {
+            // an execa error is thrown when git suffers a fatal error (such as no git repository present)
+            if (err.failed && /git describe/.test(err.command)) {
+                // (we tried)
+                this.logger.silly('EWORKINGTREE', err.message);
+                this.logger.notice('FYI', 'Unable to verify working tree, proceed at your own risk');
+            }
+            else {
+                // validation errors should be preserved
+                throw err;
+            }
+        });
+        // find changed packages since last release, if any
+        chain = chain.then(() => {
+            var _a;
+            return (0, core_1.collectUpdates)((_a = this.packageGraph) === null || _a === void 0 ? void 0 : _a.rawPackageList, this.packageGraph, this.execOpts, {
+                bump: 'prerelease',
+                canary: true,
+                ignoreChanges,
+                forcePublish,
+                includeMergedTags,
+                // private packages are never published, don't bother describing their refs.
+            }, this.options.gitDryRun).filter((node) => !node.pkg.private);
+        });
+        const makeVersion = (fallback) => ({ lastVersion = fallback, refCount, sha }) => {
+            // the next version is bumped without concern for preid or current index
+            const nextVersion = semver_1.default.inc(lastVersion.replace(this.tagPrefix, ''), release.replace('pre', ''));
+            // semver.inc() starts a new prerelease at .0, git describe starts at .1
+            // and build metadata is always ignored when comparing dependency ranges
+            return `${nextVersion}-${preid}.${Math.max(0, refCount - 1)}+${sha}`;
+        };
+        if ((_a = this.project) === null || _a === void 0 ? void 0 : _a.isIndependent()) {
+            // each package is described against its tags only
+            chain = chain.then((updates) => (0, p_map_1.default)(updates, (node) => (0, core_1.describeRef)({
+                match: `${node.name}@*`,
+                cwd,
+            }, includeMergedTags, this.options.gitDryRun)
+                // an unpublished package will have no reachable git tag
+                .then(makeVersion(node.version))
+                .then((version) => [node.name, version])).then((updatesVersions) => ({
+                updates,
+                updatesVersions,
+            })));
+        }
+        else {
+            // all packages are described against the last tag
+            chain = chain.then((updates) => {
+                var _a;
+                return (0, core_1.describeRef)({
+                    match: `${this.tagPrefix}*.*.*`,
+                    cwd,
+                }, includeMergedTags, this.options.gitDryRun)
+                    // a repo with no tags should default to whatever lerna.json claims
+                    .then(makeVersion((_a = this.project) === null || _a === void 0 ? void 0 : _a.version))
+                    .then((version) => updates.map((node) => [node.name, version]))
+                    .then((updatesVersions) => ({
+                    updates,
+                    updatesVersions,
+                }));
+            });
+        }
+        return chain.then(({ updates, updatesVersions }) => ({
+            updates,
+            updatesVersions,
+            needsConfirmation: true,
+        }));
+    }
+    confirmPublish() {
+        var _a, _b, _c;
+        const count = (_a = this.packagesToPublish) === null || _a === void 0 ? void 0 : _a.length;
+        const message = (_c = (_b = this.packagesToPublish) === null || _b === void 0 ? void 0 : _b.map((pkg) => { var _a; return ` - ${pkg.name} => ${(_a = this.updatesVersions) === null || _a === void 0 ? void 0 : _a.get(pkg.name)}`; })) !== null && _c !== void 0 ? _c : [];
+        this.logOutput('');
+        this.logOutput(`Found ${count} ${count === 1 ? 'package' : 'packages'} to publish:`);
+        this.logOutput(message.join(os_1.default.EOL));
+        this.logOutput('');
+        if (this.options.yes) {
+            this.logger.info('auto-confirmed', '');
+            return true;
+        }
+        return core_1.PromptUtilities.confirm('Are you sure you want to publish these packages?');
+    }
+    prepareLicenseActions() {
+        return Promise.resolve()
+            .then(() => { var _a; return (0, get_packages_without_license_1.getPackagesWithoutLicense)(this.project, (_a = this.packagesToPublish) !== null && _a !== void 0 ? _a : []); })
+            .then((packagesWithoutLicense) => {
+            var _a;
+            if (packagesWithoutLicense.length && !((_a = this.project) === null || _a === void 0 ? void 0 : _a.licensePath)) {
+                this.packagesToBeLicensed = [];
+                const names = packagesWithoutLicense.map((pkg) => pkg.name);
+                const noun = names.length > 1 ? 'Packages' : 'Package';
+                const verb = names.length > 1 ? 'are' : 'is';
+                const list = names.length > 1
+                    ? `${names.slice(0, -1).join(', ')}${names.length > 2 ? ',' : ''} and ${names[names.length - 1] /* oxford commas _are_ that important */}`
+                    : names[0];
+                this.logger.warn('ENOLICENSE', '%s %s %s missing a license.\n%s\n%s', noun, list, verb, 'One way to fix this is to add a LICENSE.md file to the root of this repository.', 'See https://choosealicense.com for additional guidance.');
+            }
+            else {
+                this.packagesToBeLicensed = packagesWithoutLicense;
+            }
+        });
+    }
+    prepareRegistryActions() {
+        let chain = Promise.resolve();
+        if (this.conf.get('registry') !== 'https://registry.npmjs.org/') {
+            this.logger.notice('', 'Skipping all user and access validation due to third-party registry');
+            this.logger.notice('', `Make sure you're authenticated properly "\\_(ツ)_ /"`);
+            return chain;
+        }
+        /* istanbul ignore if */
+        if (process.env.LERNA_INTEGRATION) {
+            return chain;
+        }
+        if (this.verifyAccess) {
+            // validate user has valid npm credentials first,
+            // by far the most common form of failed execution
+            chain = chain.then(() => (0, get_npm_username_1.getNpmUsername)(this.conf.snapshot));
+            chain = chain.then((username) => {
+                var _a;
+                // if no username was retrieved, don't bother validating
+                if (username) {
+                    return (0, verify_npm_package_access_1.verifyNpmPackageAccess)((_a = this.packagesToPublish) !== null && _a !== void 0 ? _a : [], username, this.conf.snapshot);
+                }
+            });
+            // read profile metadata to determine if account-level 2FA is enabled
+            chain = chain.then(() => (0, get_two_factor_auth_required_1.getTwoFactorAuthRequired)(this.conf.snapshot));
+            chain = chain.then((isRequired) => {
+                // notably, this still doesn't handle package-level 2FA requirements
+                this.twoFactorAuthRequired = isRequired;
+            });
+        }
+        return chain;
+    }
+    updateCanaryVersions() {
+        return (0, p_map_1.default)(this.updates, (node) => {
+            var _a, _b, _c;
+            node.pkg.set('version', (_a = this.updatesVersions) === null || _a === void 0 ? void 0 : _a.get(node.name));
+            for (const [depName, resolved] of node.localDependencies) {
+                // other canary versions need to be updated, non-canary is a no-op
+                const depVersion = ((_b = this.updatesVersions) === null || _b === void 0 ? void 0 : _b.get(depName)) || ((_c = this.packageGraph) === null || _c === void 0 ? void 0 : _c.get(depName).pkg.version);
+                // it no longer matters if we mutate the shared Package instance
+                node.pkg.updateLocalDependency(resolved, depVersion, this.savePrefix);
+            }
+            // writing changes to disk handled in serializeChanges()
+        });
+    }
+    resolveLocalDependencyLinks() {
+        // resolve relative file: links to their actual version range
+        const updatesWithLocalLinks = this.updates.filter((node) => Array.from(node.localDependencies.values()).some((resolved) => resolved.type === 'directory'));
+        return (0, p_map_1.default)(updatesWithLocalLinks, (node) => {
+            var _a, _b;
+            for (const [depName, resolved] of node.localDependencies) {
+                // regardless of where the version comes from, we can't publish 'file:../sibling-pkg' specs
+                const depVersion = ((_a = this.updatesVersions) === null || _a === void 0 ? void 0 : _a.get(depName)) || ((_b = this.packageGraph) === null || _b === void 0 ? void 0 : _b.get(depName).pkg.version);
+                // it no longer matters if we mutate the shared Package instance
+                node.pkg.updateLocalDependency(resolved, depVersion, this.savePrefix);
+            }
+            // writing changes to disk handled in serializeChanges()
+        });
+    }
+    annotateGitHead() {
+        var _a;
+        try {
+            const gitHead = this.options.gitHead || (0, get_current_sha_1.getCurrentSHA)(this.execOpts);
+            for (const pkg of (_a = this.packagesToPublish) !== null && _a !== void 0 ? _a : []) {
+                // provide gitHead property that is normally added during npm publish
+                pkg.set('gitHead', gitHead);
+            }
+        }
+        catch (err) {
+            // from-package should be _able_ to run without git, but at least we tried
+            this.logger.silly('EGITHEAD', err.message);
+            this.logger.notice('FYI', 'Unable to set temporary gitHead property, it will be missing from registry metadata');
+        }
+        // writing changes to disk handled in serializeChanges()
+    }
+    serializeChanges() {
+        var _a;
+        return (0, p_map_1.default)((_a = this.packagesToPublish) !== null && _a !== void 0 ? _a : [], (pkg) => pkg.serialize());
+    }
+    resetChanges() {
+        var _a;
+        // the package.json files are changed (by gitHead if not --canary)
+        // and we should always __attempt_ to leave the working tree clean
+        const { cwd } = this.execOpts;
+        const gitOpts = {
+            granularPathspec: this.options.granularPathspec !== false,
+        };
+        const dirtyManifests = [(_a = this.project) === null || _a === void 0 ? void 0 : _a.manifest]
+            .concat(this.packagesToPublish)
+            .map((pkg) => path_1.default.relative(cwd, pkg.manifestLocation));
+        return (0, git_checkout_1.gitCheckout)(dirtyManifests, gitOpts, this.execOpts, this.options.gitDryRun).catch((err) => {
+            this.logger.silly('EGITCHECKOUT', err.message);
+            this.logger.notice('FYI', `Unable to reset working tree changes, this probably isn't a git repo.`);
+        });
+    }
+    execScript(pkg, script) {
+        const scriptLocation = path_1.default.join(pkg.location, 'scripts', script);
+        try {
+            require(scriptLocation);
+        }
+        catch (ex) {
+            this.logger.silly('execScript', `No ${script} script found at ${scriptLocation}`);
+        }
+        return pkg;
+    }
+    removeTempLicensesOnError(error) {
+        return Promise.resolve()
+            .then(() => {
+            var _a;
+            return (0, remove_temp_licenses_1.removeTempLicenses)((_a = this.packagesToBeLicensed) !== null && _a !== void 0 ? _a : []).catch((removeError) => {
+                this.logger.error('licenses', 'error removing temporary license files', removeError.stack || removeError);
+            });
+        })
+            .then(() => {
+            // restore original error into promise chain
+            throw error;
+        });
+    }
+    requestOneTimePassword() {
+        // if OTP has already been provided, skip prompt
+        if (this.otpCache.otp) {
+            return;
+        }
+        return Promise.resolve()
+            .then(() => (0, core_1.getOneTimePassword)('Enter OTP:'))
+            .then((otp) => this.otpCache.otp = otp);
+    }
+    topoMapPackages(mapper) {
+        // we don't respect --no-sort here, sorry
+        return (0, core_1.runTopologically)(this.packagesToPublish, mapper, {
+            concurrency: this.concurrency,
+            rejectCycles: this.options.rejectCycles,
+            // By default, do not include devDependencies in the graph because it would
+            // increase the chance of dependency cycles, causing less-than-ideal order.
+            // If the user has opted-in to --graph-type=all (or 'graphType': 'all' in lerna.json),
+            // devDependencies _will_ be included in the graph construction.
+            graphType: this.options.graphType === 'all' ? 'allDependencies' : 'dependencies',
+        });
+    }
+    packUpdated() {
+        var _a;
+        const tracker = this.logger.newItem('npm pack');
+        tracker.addWork((_a = this.packagesToPublish) === null || _a === void 0 ? void 0 : _a.length);
+        let chain = Promise.resolve();
+        chain = chain.then(() => { var _a, _b; return (0, create_temp_licenses_1.createTempLicenses)((_a = this.project) === null || _a === void 0 ? void 0 : _a.licensePath, (_b = this.packagesToBeLicensed) !== null && _b !== void 0 ? _b : []); });
+        if (!this.hasRootedLeaf) {
+            // despite being deprecated for years...
+            chain = chain.then(() => this.runRootLifecycle('prepublish'));
+            // these lifecycles _should_ never be employed to run `ws-roller publish`...
+            chain = chain.then(() => { var _a; return this.runPackageLifecycle((_a = this.project) === null || _a === void 0 ? void 0 : _a.manifest, 'prepare'); });
+            chain = chain.then(() => { var _a; return this.runPackageLifecycle((_a = this.project) === null || _a === void 0 ? void 0 : _a.manifest, 'prepublishOnly'); });
+            chain = chain.then(() => { var _a; return this.runPackageLifecycle((_a = this.project) === null || _a === void 0 ? void 0 : _a.manifest, 'prepack'); });
+        }
+        const opts = this.conf.snapshot;
+        const mapper = (0, p_pipe_1.default)(...[
+            this.options.requireScripts && ((pkg) => this.execScript(pkg, 'prepublish')),
+            (pkg) => (0, core_1.pulseTillDone)((0, pack_directory_1.packDirectory)(pkg, pkg.location, opts)).then((packed) => {
+                var _a, _b;
+                tracker.verbose('packed', path_1.default.relative((_b = (_a = this.project) === null || _a === void 0 ? void 0 : _a.rootPath) !== null && _b !== void 0 ? _b : '', pkg.contents));
+                tracker.completeWork(1);
+                // store metadata for use in this.publishPacked()
+                pkg.packed = packed;
+                // manifest may be mutated by any previous lifecycle
+                return pkg.refresh();
+            }),
+        ].filter(Boolean));
+        chain = chain.then(() => this.topoMapPackages(mapper));
+        chain = chain.then(() => { var _a; return (0, remove_temp_licenses_1.removeTempLicenses)((_a = this.packagesToBeLicensed) !== null && _a !== void 0 ? _a : []); });
+        // remove temporary license files if _any_ error occurs _anywhere_ in the promise chain
+        chain = chain.catch((error) => this.removeTempLicensesOnError(error));
+        if (!this.hasRootedLeaf) {
+            chain = chain.then(() => { var _a; return this.runPackageLifecycle((_a = this.project) === null || _a === void 0 ? void 0 : _a.manifest, 'postpack'); });
+        }
+        return chain.finally(() => tracker.finish());
+    }
+    publishPacked() {
+        var _a;
+        const tracker = this.logger.newItem('publish');
+        tracker.addWork((_a = this.packagesToPublish) === null || _a === void 0 ? void 0 : _a.length);
+        let chain = Promise.resolve();
+        // if account-level 2FA is enabled, prime the OTP cache
+        if (this.twoFactorAuthRequired) {
+            chain = chain.then(() => this.requestOneTimePassword());
+        }
+        const opts = Object.assign(this.conf.snapshot, {
+            // distTag defaults to 'latest' OR whatever is in pkg.publishConfig.tag
+            // if we skip temp tags we should tag with the proper value immediately
+            tag: this.options.tempTag ? 'lerna-temp' : this.conf.get('tag'),
+        });
+        const mapper = (0, p_pipe_1.default)(...[
+            (pkg) => {
+                const preDistTag = this.getPreDistTag(pkg);
+                const tag = !this.options.tempTag && preDistTag ? preDistTag : opts.tag;
+                const pkgOpts = Object.assign({}, opts, { tag });
+                return (0, core_1.pulseTillDone)((0, npm_publish_1.npmPublish)(pkg, pkg.packed.tarFilePath, pkgOpts, this.otpCache)).then(() => {
+                    tracker.success('published', pkg.name, pkg.version);
+                    tracker.completeWork(1);
+                    (0, log_packed_1.logPacked)(pkg.packed);
+                    return pkg;
+                });
+            },
+            this.options.requireScripts && ((pkg) => this.execScript(pkg, 'postpublish')),
+        ].filter(Boolean));
+        chain = chain.then(() => this.topoMapPackages(mapper));
+        if (!this.hasRootedLeaf) {
+            // cyclical 'publish' lifecycles are automatically skipped
+            chain = chain.then(() => this.runRootLifecycle('publish'));
+            chain = chain.then(() => this.runRootLifecycle('postpublish'));
+        }
+        return chain.finally(() => tracker.finish());
+    }
+    npmUpdateAsLatest() {
+        var _a;
+        const tracker = this.logger.newItem('npmUpdateAsLatest');
+        tracker.addWork((_a = this.packagesToPublish) === null || _a === void 0 ? void 0 : _a.length);
+        tracker.showProgress();
+        let chain = Promise.resolve();
+        const opts = this.conf.snapshot;
+        const getDistTag = (publishConfig) => {
+            if (opts.tag === 'latest' && publishConfig && publishConfig.tag) {
+                return publishConfig.tag;
+            }
+            return opts.tag;
+        };
+        const mapper = (pkg) => {
+            const spec = `${pkg.name}@${pkg.version}`;
+            const preDistTag = this.getPreDistTag(pkg);
+            const distTag = preDistTag || getDistTag(pkg.get('publishConfig'));
+            return Promise.resolve()
+                .then(() => (0, core_1.pulseTillDone)((0, npm_dist_tag_1.remove)(spec, 'lerna-temp', opts, this.otpCache)))
+                .then(() => (0, core_1.pulseTillDone)((0, npm_dist_tag_1.add)(spec, distTag, opts, this.otpCache)))
+                .then(() => {
+                tracker.success('dist-tag', '%s@%s => %j', pkg.name, pkg.version, distTag);
+                tracker.completeWork(1);
+                return pkg;
+            });
+        };
+        chain = chain.then(() => this.topoMapPackages(mapper));
+        return chain.finally(() => tracker.finish());
+    }
+    getDistTag() {
+        if (this.options.distTag) {
+            return this.options.distTag;
+        }
+        if (this.options.canary) {
+            return 'canary';
+        }
+        // undefined defaults to 'latest' OR whatever is in pkg.publishConfig.tag
+    }
+    getPreDistTag(pkg) {
+        if (!this.options.preDistTag) {
+            return;
+        }
+        const isPrerelease = (0, core_1.prereleaseIdFromVersion)(pkg.version);
+        if (isPrerelease) {
+            return this.options.preDistTag;
+        }
+    }
+}
+exports.PublishCommand = PublishCommand;
+//# sourceMappingURL=publishCommand.js.map