semantic-release-lerna 0.2.2 → 0.4.2

package/README.md

@@ -28,6 +28,15 @@ As of now the following features from `@semantic-release/npm` is not supported/i
 | `prepare`       | Update the `package.json` version and [create](https://docs.npmjs.com/cli/pack) the npm package tarball.                                                                                                                                                                                          |
 | `publish`       | [Publish the npm package](https://docs.npmjs.com/cli/publish) to the registry.                                                                                                                                                                                                                    |
 
+## Dependencies
+
+If a package version is bumped all the packages depending (`dependencies`, `devDependencies` and `peerDependencies`) on it will also have the range updated if the range has one of the following formats:
+
+- `1.2.3`
+- `^1.2.3`
+- `^1.2`
+- `^1`
+
 ## Install
 
 ```bash

package/lib/generate-notes.js

@@ -27,7 +27,7 @@ const { Project } = require("@lerna/project");
  *
  * @returns {String} The changelog for all the commits in `context.commits`.
  */
-/* eslint-disable-next-line complexity */
+/* eslint-disable-next-line complexity, sonarjs/cognitive-complexity */
 async function generateNotes(pluginConfig, context) {
 	const { commits, lastRelease, nextRelease, options, cwd, logger } = context;
 	const { generateNotes = false } = pluginConfig;
@@ -58,12 +58,15 @@ async function generateNotes(pluginConfig, context) {
 	}
 
 	const [match, auth, host, path] =
+		/* eslint-disable-next-line security/detect-unsafe-regex */
 		/^(?!.+:\/\/)(?:(?<auth>.*)@)?(?<host>.*?):(?<path>.*)$/.exec(repositoryUrl) || [];
-	const url = new URL(match ? `ssh://${auth ? `${auth}@` : ""}${host}/${path}` : repositoryUrl);
+	const authString = auth ? `${auth}@` : "";
+	const url = new URL(match ? `ssh://${authString}${host}/${path}` : repositoryUrl);
 	const { hostname, pathname } = url;
 	let { port, protocol } = url;
 	port = protocol.includes("ssh") ? "" : port;
 	protocol = protocol && /http[^s]/.test(protocol) ? "http" : "https";
+	/* eslint-disable-next-line security/detect-unsafe-regex */
 	const [, owner, repository] = /^\/(?<owner>[^/]+)?\/?(?<repository>.+)?$/.exec(pathname);
 
 	const { issue, commit, referenceActions, issuePrefixes } =

package/lib/get-changed-packages.js

@@ -37,8 +37,9 @@ function parse(stdout, options = {}) {
 		return { refCount, sha, isDirty: Boolean(isDirty) };
 	}
 
-	const [, lastTagName, lastVersion, refCount, sha, isDirty] =
-		/^((?:.*@)?(.*))-(\d+)-g([\da-f]+)(-dirty)?$/.exec(stdout) || [];
+	/* eslint-disable-next-line security/detect-unsafe-regex */
+	const result = /^((?:.*@)?(.*))-(\d+)-g([\da-f]+)(-dirty)?$/.exec(stdout) || [];
+	const [, lastTagName, lastVersion, refCount, sha, isDirty] = result;
 
 	return { lastTagName, lastVersion, refCount, sha, isDirty: Boolean(isDirty) };
 }
@@ -55,7 +56,7 @@ function collectUpdates(filteredPackages, packageGraph, execOptions, commandOpti
 
 	if (hasTags(execOptions)) {
 		// Describe the last annotated tag in the current branch
-		const { refCount, lastTagName } = describeRefSync(execOptions, false);
+		const { refCount, lastTagName } = describeRefSync(execOptions);
 
 		if (refCount === "0" && !committish) {
 			// No commits since previous release
@@ -109,9 +110,8 @@ async function getChangedPackages(latch, context) {
 		{ cwd },
 		{ logger, version, latch }
 	);
-	const changedProjects = updates.map((node) => packages.find((pkg) => pkg.name === node.name));
 
-	return changedProjects;
+	return updates.map((node) => packages.find((pkg) => pkg.name === node.name));
 }
 
 module.exports = getChangedPackages;

package/lib/prepare.js

@@ -1,10 +1,12 @@
 const path = require("path");
 const fs = require("fs").promises;
+const { existsSync } = require("fs");
 const { format } = require("util");
 const execa = require("execa");
 const { Project } = require("@lerna/project");
 const { Package } = require("@lerna/package");
 const writeJsonFile = require("write-json-file");
+const semverParse = require("semver/functions/parse");
 const getChangedPackages = require("./get-changed-packages");
 
 /**
@@ -12,6 +14,7 @@ const getChangedPackages = require("./get-changed-packages");
  * @returns {any}
  **/
 async function readJson(path) {
+	/* eslint-disable-next-line security/detect-non-literal-fs-filename */
 	return JSON.parse(await fs.readFile(path));
 }
 
@@ -73,6 +76,39 @@ async function updatePackage(npmrc, pkg, context, currentVersions) {
 	}
 }
 
+/**
+ * Bump version in a single package "package-lock.json".
+ *
+ * Noop if "package-lock.json" does not exist.
+ *
+ * @param {string} npmrc
+ * @param {Package} pkg
+ * @param {any} context
+ * @returns {Promise<void>}
+ */
+async function updateLockfile(npmrc, pkg, context) {
+	const { env, stdout, stderr, logger } = context;
+
+	const lockfile = path.join(pkg.location, "package-lock.json");
+	if (!existsSync(lockfile)) {
+		return;
+	}
+
+	logger.log("Update package-lock.json in %s", pkg.location);
+
+	const versionResult = execa(
+		"npm",
+		["install", "--package-lock-only", "--ignore-scripts", "--no-audit", "--userconfig", npmrc],
+		{
+			cwd: pkg.location,
+			env,
+		}
+	);
+	versionResult.stdout.pipe(stdout, { end: false });
+	versionResult.stderr.pipe(stderr, { end: false });
+	await versionResult;
+}
+
 /**
  * @param {Record<string, string>} dependencies
  * @param {string} newVersion
@@ -80,22 +116,40 @@ async function updatePackage(npmrc, pkg, context, currentVersions) {
  * @returns {void}
  */
 function bumpDependency(dependencies, newVersion, currentVersions) {
+	const newParsed = semverParse(newVersion);
+	if (!newParsed) {
+		return;
+	}
 	for (const [dep, range] of Object.entries(dependencies)) {
 		if (!currentVersions[dep]) {
 			continue;
 		}
 
 		const version = currentVersions[dep];
+		const parsed = semverParse(version);
+		if (!parsed) {
+			continue;
+		}
 
 		/* Exact versions */
 		if (range === version) {
 			dependencies[dep] = newVersion;
 		}
 
-		/* Hat ^ */
+		/* Hat ^x.y.z */
 		if (range === `^${version}`) {
 			dependencies[dep] = `^${newVersion}`;
 		}
+
+		/* Hat ^x.y */
+		if (range === `^${parsed.major}.${parsed.minor}`) {
+			dependencies[dep] = `^${newParsed.major}.${newParsed.minor}`;
+		}
+
+		/* Hat ^x */
+		if (range === `^${parsed.major}`) {
+			dependencies[dep] = `^${newParsed.major}`;
+		}
 	}
 }
 
@@ -167,4 +221,7 @@ module.exports = async (npmrc, pluginConfig, context) => {
 	/* Bump version in "lerna.json" */
 	await updateLernaJson(basePath, context);
 	await updatePackage(npmrc, rootPkg, context);
+
+	/* Bump version in "package-lock.json" */
+	await updateLockfile(npmrc, rootPkg, context);
 };

package/lib/prepare.test.js

@@ -0,0 +1,439 @@
+/* eslint-env jest */
+const path = require("path");
+const { outputJson, readJson } = require("fs-extra");
+const tempy = require("tempy");
+const execa = require("execa");
+const { WritableStreamBuffer } = require("stream-buffers");
+const prepare = require("./prepare");
+
+let context;
+let mockChangedPackages;
+
+jest.mock("../lib/get-changed-packages", () => {
+	function getChangedPackagesMock() {
+		return mockChangedPackages;
+	}
+
+	return getChangedPackagesMock;
+});
+
+async function createProject(cwd, version, pkgData) {
+	const lernaPath = path.resolve(cwd, "lerna.json");
+	const manifestLocation = path.resolve(cwd, "package.json");
+	await outputJson(lernaPath, { version, packages: ["packages/*"] });
+	await outputJson(manifestLocation, { name: "root-pkg", version, ...pkgData });
+	return {
+		lernaPath,
+		manifestLocation,
+	};
+}
+
+/* eslint-disable-next-line max-params */
+async function createPackage(cwd, name, version, options, pkgData) {
+	const { changed = false } = options;
+	const pkgRoot = `packages/${name}`;
+	const location = path.resolve(cwd, pkgRoot);
+	const manifestLocation = path.resolve(cwd, pkgRoot, "package.json");
+	const pkg = {
+		name,
+		location,
+		manifestLocation,
+		shrinkwrapPath: path.resolve(cwd, pkgRoot, "npm-shrinkwrap.json"),
+		lockfilePath: path.resolve(cwd, pkgRoot, "package-lock.json"),
+	};
+	await outputJson(manifestLocation, { name, version, ...pkgData });
+	if (changed) {
+		mockChangedPackages.push(pkg);
+	}
+
+	return pkg;
+}
+
+beforeEach(() => {
+	const log = jest.fn();
+	context = {
+		log,
+		logger: { log },
+		stdout: new WritableStreamBuffer(),
+		stderr: new WritableStreamBuffer(),
+	};
+	mockChangedPackages = [];
+});
+
+it("Update lerna.json and root package.json when no package has changed", async () => {
+	expect.assertions(4);
+	const cwd = tempy.directory();
+	const npmrc = tempy.file({ name: ".npmrc" });
+	const project = await createProject(cwd, "0.0.0");
+
+	await prepare(
+		npmrc,
+		{},
+		{
+			cwd,
+			env: {},
+			stdout: context.stdout,
+			stderr: context.stderr,
+			nextRelease: { version: "1.0.0" },
+			logger: context.logger,
+		}
+	);
+
+	// Verify lerna.json has been updated
+	expect(await readJson(project.lernaPath)).toEqual(
+		expect.objectContaining({
+			version: "1.0.0",
+		})
+	);
+
+	// Verify root package.json has been updated
+	expect(await readJson(project.manifestLocation)).toEqual(
+		expect.objectContaining({
+			version: "1.0.0",
+		})
+	);
+
+	// Verify the logger has been called with the version updated
+	expect(context.log).toHaveBeenCalledWith(
+		"No packages changed, applying version bump on root package only"
+	);
+	expect(context.log).toHaveBeenCalledWith("Write version %s to lerna.json in %s", "1.0.0", cwd);
+});
+
+it("Update lerna.json and root package.json when one or more package has changed", async () => {
+	expect.assertions(5);
+	const cwd = tempy.directory();
+	const npmrc = tempy.file({ name: ".npmrc" });
+	const project = await createProject(cwd, "0.0.0");
+	const pkg = await createPackage(cwd, "foo", "0.0.0", {
+		changed: true,
+	});
+
+	await prepare(
+		npmrc,
+		{},
+		{
+			cwd,
+			env: {},
+			stdout: context.stdout,
+			stderr: context.stderr,
+			nextRelease: { version: "1.0.0" },
+			logger: context.logger,
+		}
+	);
+
+	// Verify lerna.json has been updated
+	expect(await readJson(project.lernaPath)).toEqual(
+		expect.objectContaining({
+			version: "1.0.0",
+		})
+	);
+
+	// Verify package.json has been updated
+	expect(await readJson(project.manifestLocation)).toEqual(
+		expect.objectContaining({
+			version: "1.0.0",
+		})
+	);
+
+	// Verify the logger has been called with the version updated
+	expect(context.log).toHaveBeenCalledWith("1 package need version bump: [ 'foo' ]");
+	expect(context.log).toHaveBeenCalledWith(
+		"Write version %s to package.json in %s",
+		"1.0.0",
+		pkg.location
+	);
+	expect(context.log).toHaveBeenCalledWith("Write version %s to lerna.json in %s", "1.0.0", cwd);
+});
+
+it("Update package.json in changed packages", async () => {
+	expect.assertions(2);
+	const cwd = tempy.directory();
+	const npmrc = tempy.file({ name: ".npmrc" });
+	await createProject(cwd, "0.0.0");
+	const foo = await createPackage(cwd, "foo", "0.0.0", {
+		changed: true,
+	});
+	const bar = await createPackage(cwd, "bar", "0.0.0", {
+		changed: false,
+	});
+
+	await prepare(
+		npmrc,
+		{},
+		{
+			cwd,
+			env: {},
+			stdout: context.stdout,
+			stderr: context.stderr,
+			nextRelease: { version: "1.0.0" },
+			logger: context.logger,
+		}
+	);
+
+	// Verify foo/package.json has been updated
+	expect(await readJson(foo.manifestLocation)).toEqual({
+		name: "foo",
+		version: "1.0.0",
+	});
+
+	// Verify bar/package.json has not been updated
+	expect(await readJson(bar.manifestLocation)).toEqual({
+		name: "bar",
+		version: "0.0.0",
+	});
+});
+
+it("Update npm-shrinkwrap.json if present", async () => {
+	expect.assertions(2);
+	const cwd = tempy.directory();
+	const npmrc = tempy.file({ name: ".npmrc" });
+	await createProject(cwd, "0.0.0");
+	const pkg = await createPackage(cwd, "foo", "0.0.0", {
+		changed: true,
+	});
+	// Create a npm-shrinkwrap.json file
+	await execa("npm", ["shrinkwrap"], { cwd: pkg.location });
+
+	await prepare(
+		npmrc,
+		{},
+		{
+			cwd,
+			env: {},
+			stdout: context.stdout,
+			stderr: context.stderr,
+			nextRelease: { version: "1.0.0" },
+			logger: context.logger,
+		}
+	);
+
+	// Verify foo/package.json has been updated
+	expect(await readJson(pkg.manifestLocation)).toEqual({
+		name: "foo",
+		version: "1.0.0",
+	});
+
+	// Verify foo/npm-shrinkwrap.json has been updated
+	expect(await readJson(pkg.shrinkwrapPath)).toEqual(
+		expect.objectContaining({
+			lockfileVersion: expect.anything(),
+			name: "foo",
+			version: "1.0.0",
+		})
+	);
+});
+
+it("Update package-lock.json if present", async () => {
+	expect.assertions(2);
+	const cwd = tempy.directory();
+	const npmrc = tempy.file({ name: ".npmrc" });
+	await createProject(cwd, "0.0.0");
+	const pkg = await createPackage(cwd, "foo", "0.0.0", {
+		changed: true,
+	});
+	// Create a package-lock.json file
+	await execa("npm", ["install"], { cwd: pkg.location });
+
+	await prepare(
+		npmrc,
+		{},
+		{
+			cwd,
+			env: {},
+			stdout: context.stdout,
+			stderr: context.stderr,
+			nextRelease: { version: "1.0.0" },
+			logger: context.logger,
+		}
+	);
+
+	// Verify foo/package.json has been updated
+	expect(await readJson(pkg.manifestLocation)).toEqual({
+		name: "foo",
+		version: "1.0.0",
+	});
+
+	// Verify foo/package-lock.json has been updated
+	expect(await readJson(pkg.lockfilePath)).toEqual(
+		expect.objectContaining({
+			lockfileVersion: expect.anything(),
+			name: "foo",
+			version: "1.0.0",
+		})
+	);
+});
+
+it("Update package.json dependency when using exact version", async () => {
+	expect.assertions(1);
+	const cwd = tempy.directory();
+	const npmrc = tempy.file({ name: ".npmrc" });
+	await createProject(cwd, "0.0.0");
+	const foo = await createPackage(
+		cwd,
+		"foo",
+		"0.0.0",
+		{
+			changed: true,
+		},
+		{
+			dependencies: {
+				a: "0.0.0",
+			},
+			devDependencies: {
+				b: "0.0.0",
+			},
+			peerDependencies: {
+				c: "0.0.0",
+			},
+		}
+	);
+	await createPackage(cwd, "a", "0.0.0", { changed: true });
+	await createPackage(cwd, "b", "0.0.0", { changed: true });
+	await createPackage(cwd, "c", "0.0.0", { changed: true });
+
+	await prepare(
+		npmrc,
+		{},
+		{
+			cwd,
+			env: {},
+			stdout: context.stdout,
+			stderr: context.stderr,
+			nextRelease: { version: "0.0.1" },
+			logger: context.logger,
+		}
+	);
+
+	// Verify dependency has been updated
+	expect(await readJson(foo.manifestLocation)).toEqual({
+		name: "foo",
+		version: "0.0.1",
+		dependencies: {
+			a: "0.0.1",
+		},
+		devDependencies: {
+			b: "0.0.1",
+		},
+		peerDependencies: {
+			c: "0.0.1",
+		},
+	});
+});
+
+it("Update package.json dependency when using hat", async () => {
+	expect.assertions(1);
+	const cwd = tempy.directory();
+	const npmrc = tempy.file({ name: ".npmrc" });
+	await createProject(cwd, "0.1.2");
+	const foo = await createPackage(
+		cwd,
+		"foo",
+		"0.1.2",
+		{
+			changed: true,
+		},
+		{
+			dependencies: {
+				a: "^0.1.2",
+				b: "^0.1",
+				c: "^0",
+			},
+		}
+	);
+
+	await createPackage(cwd, "a", "0.1.2", { changed: true });
+	await createPackage(cwd, "b", "0.1.2", { changed: true });
+	await createPackage(cwd, "c", "0.1.2", { changed: true });
+
+	await prepare(
+		npmrc,
+		{},
+		{
+			cwd,
+			env: {},
+			stdout: context.stdout,
+			stderr: context.stderr,
+			nextRelease: { version: "1.0.0" },
+			logger: context.logger,
+		}
+	);
+
+	// Verify dependency has been updated
+	expect(await readJson(foo.manifestLocation)).toEqual({
+		name: "foo",
+		version: "1.0.0",
+		dependencies: {
+			a: "^1.0.0",
+			b: "^1.0",
+			c: "^1",
+		},
+	});
+});
+
+it("Should not update other dependencies", async () => {
+	expect.assertions(1);
+	const cwd = tempy.directory();
+	const npmrc = tempy.file({ name: ".npmrc" });
+	await createProject(cwd, "0.0.0");
+	const foo = await createPackage(
+		cwd,
+		"foo",
+		"0.0.0",
+		{
+			changed: true,
+		},
+		{
+			dependencies: {
+				a: "0.0.0",
+			},
+		}
+	);
+
+	await prepare(
+		npmrc,
+		{},
+		{
+			cwd,
+			env: {},
+			stdout: context.stdout,
+			stderr: context.stderr,
+			nextRelease: { version: "0.0.1" },
+			logger: context.logger,
+		}
+	);
+
+	// Verify dependency has been updated
+	expect(await readJson(foo.manifestLocation)).toEqual({
+		name: "foo",
+		version: "0.0.1",
+		dependencies: {
+			a: "0.0.0",
+		},
+	});
+});
+
+it("Handle dependencies from root package", async () => {
+	expect.assertions(1);
+	const cwd = tempy.directory();
+	const npmrc = tempy.file({ name: ".npmrc" });
+	await createProject(cwd, "0.0.1", {
+		devDependencies: {
+			"external-dependency": "1.2.3",
+		},
+	});
+	expect(async () => {
+		await prepare(
+			npmrc,
+			{},
+			{
+				cwd,
+				env: {},
+				stdout: context.stdout,
+				stderr: context.stderr,
+				nextRelease: { version: "0.0.2" },
+				logger: context.logger,
+			}
+		);
+	}).not.toThrow();
+});

package/lib/publish.js

@@ -39,12 +39,13 @@ module.exports = async (npmrc, config, pkg, context) => {
 			"node",
 			// prettier-ignore
 			[
-        lerna, 'publish', 'from-package',
-        '--loglevel', 'verbose',
-        '--yes',
-        '--dist-tag', distTag,
-        '--registry', registry,
-        ...legacyAuth,
+				lerna, 'publish', 'from-package',
+				'--loglevel', 'verbose',
+				'--yes',
+				'--no-verify-access', // prepare step has already verify access and lerna doesn't properly pass authentication
+				'--dist-tag', distTag,
+				'--registry', registry,
+				...legacyAuth,
       ],
 			{
 				cwd,

package/lib/should-latch.test.js

@@ -0,0 +1,58 @@
+/* eslint-env jest */
+
+const semver = require("semver");
+const shouldLatch = require("./should-latch");
+
+const version = "1.0.0";
+
+describe("latch none", () => {
+	it.each`
+		bump            | result   | version    | next
+		${"major"}      | ${false} | ${version} | ${semver.inc(version, "major")}
+		${"minor"}      | ${false} | ${version} | ${semver.inc(version, "minor")}
+		${"patch"}      | ${false} | ${version} | ${semver.inc(version, "patch")}
+		${"prerelease"} | ${false} | ${version} | ${semver.inc(version, "prerelease")}
+	`("should return $result when version bump is $bump ($version -> $next)", ({ result, next }) => {
+		expect.assertions(1);
+		expect(shouldLatch(next, "none")).toBe(result);
+	});
+});
+
+describe("latch major", () => {
+	it.each`
+		bump            | result   | version    | next
+		${"major"}      | ${true}  | ${version} | ${semver.inc(version, "major")}
+		${"minor"}      | ${false} | ${version} | ${semver.inc(version, "minor")}
+		${"patch"}      | ${false} | ${version} | ${semver.inc(version, "patch")}
+		${"prerelease"} | ${false} | ${version} | ${semver.inc(version, "prerelease")}
+	`("should return $result when version bump is $bump ($version -> $next)", ({ result, next }) => {
+		expect.assertions(1);
+		expect(shouldLatch(next, "major")).toBe(result);
+	});
+});
+
+describe("latch minor", () => {
+	it.each`
+		bump            | result   | version    | next
+		${"major"}      | ${true}  | ${version} | ${semver.inc(version, "major")}
+		${"minor"}      | ${true}  | ${version} | ${semver.inc(version, "minor")}
+		${"patch"}      | ${false} | ${version} | ${semver.inc(version, "patch")}
+		${"prerelease"} | ${false} | ${version} | ${semver.inc(version, "prerelease")}
+	`("should return $result when version bump is $bump ($version -> $next)", ({ result, next }) => {
+		expect.assertions(1);
+		expect(shouldLatch(next, "minor")).toBe(result);
+	});
+});
+
+describe("latch patch", () => {
+	it.each`
+		bump            | result   | version    | next
+		${"major"}      | ${true}  | ${version} | ${semver.inc(version, "major")}
+		${"minor"}      | ${true}  | ${version} | ${semver.inc(version, "minor")}
+		${"patch"}      | ${true}  | ${version} | ${semver.inc(version, "patch")}
+		${"prerelease"} | ${false} | ${version} | ${semver.inc(version, "prerelease")}
+	`("should return $result when version bump is $bump ($version -> $next)", ({ result, next }) => {
+		expect.assertions(1);
+		expect(shouldLatch(next, "patch")).toBe(result);
+	});
+});

package/lib/verify-git.test.js

@@ -0,0 +1,49 @@
+/* eslint-env jest */
+
+jest.mock("execa");
+
+const execa = require("execa");
+const verifyGit = require("./verify-git");
+
+it("should return error if working copy is dirty", async () => {
+	expect.assertions(2);
+	execa.mockImplementation(() => ({ stdout: " M file.js\n" }));
+	const errors = await verifyGit({});
+	expect(errors).toHaveLength(1);
+	expect(errors[0]).toMatchObject({
+		code: "EDIRTYWC",
+		details: `The git working copy must be clean before releasing:
+
+ M file.js
+`,
+	});
+});
+
+it("should return error when working copy has mixed dirty and untracked", async () => {
+	expect.assertions(2);
+	execa.mockImplementation(() => ({ stdout: " M file.js\n?? file.c" }));
+	const errors = await verifyGit({});
+	expect(errors).toHaveLength(1);
+	expect(errors[0]).toMatchObject({
+		code: "EDIRTYWC",
+		details: `The git working copy must be clean before releasing:
+
+ M file.js
+?? file.c
+`,
+	});
+});
+
+it("should ignore untracked files", async () => {
+	expect.assertions(1);
+	execa.mockImplementation(() => ({ stdout: "?? file.js\n" }));
+	const errors = await verifyGit({});
+	expect(errors).toHaveLength(0);
+});
+
+it("should not return error if working copy is clean", async () => {
+	expect.assertions(1);
+	execa.mockImplementation(() => ({ stdout: "" }));
+	const errors = await verifyGit({});
+	expect(errors).toHaveLength(0);
+});

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "semantic-release-lerna",
-  "version": "0.2.2",
+  "version": "0.4.2",
   "description": "semantic-release plugin to publish lerna monorepo packages to npm",
   "keywords": [
     "npm",
@@ -51,42 +51,41 @@
     "@lerna/package": "^4.0.0",
     "@lerna/package-graph": "^4.0.0",
     "@lerna/project": "^4.0.0",
-    "@semantic-release/error": "^2.2.0",
-    "@semantic-release/release-notes-generator": "^9.0.0",
-    "aggregate-error": "^3.0.0",
-    "conventional-changelog-writer": "^4.1.0",
+    "@semantic-release/error": "^3.0.0",
+    "@semantic-release/release-notes-generator": "^10.0.0",
+    "aggregate-error": "^3.1.0",
+    "conventional-changelog-writer": "^5.0.0",
     "conventional-commits-filter": "^2.0.0",
     "conventional-commits-parser": "^3.2.0",
     "debug": "^4.3.0",
     "execa": "^5.0.0",
     "get-stream": "^6.0.0",
-    "into-stream": "^5.1.0",
+    "into-stream": "^6.0.0",
     "read-pkg-up": "^7.0.0",
+    "semver": "^7.0.0",
     "tempy": "^1.0.0",
     "write-json-file": "^4.0.0"
   },
   "devDependencies": {
-    "@html-validate/eslint-config": "^4.1.0",
-    "@html-validate/eslint-config-jest": "^4.0.0",
-    "@html-validate/prettier-config": "^1.1.0",
-    "@semantic-release/npm": "7.0.10",
-    "@types/jest": "26.0.20",
-    "codecov": "3.8.1",
-    "eslint": "^7.22.0",
-    "fs-extra": "9.1.0",
-    "got": "11.8.2",
-    "jest": "26.6.3",
+    "@html-validate/eslint-config": "5.3.1",
+    "@html-validate/eslint-config-jest": "5.3.1",
+    "@html-validate/prettier-config": "2.0.0",
+    "@semantic-release/npm": "9.0.0",
+    "@types/jest": "27.4.0",
+    "codecov": "3.8.3",
+    "fs-extra": "10.0.0",
+    "got": "11.8.3",
+    "jest": "27.4.7",
     "lerna": "4.0.0",
-    "prettier": "^2.2.1",
-    "semantic-release": "17.4.2",
-    "semver": "7.3.4",
+    "prettier": "2.5.1",
+    "semantic-release": "19.0.2",
     "stream-buffers": "3.0.2",
-    "verdaccio": "4.11.3"
+    "verdaccio": "5.4.0"
   },
   "peerDependencies": {
     "@semantic-release/npm": ">= 7",
     "lerna": "^3.2 || ^4",
-    "semantic-release": ">=15.0.0 <18.0.0"
+    "semantic-release": ">=15.0.0 <20.0.0"
   },
   "engines": {
     "node": ">= 12.10"
@@ -96,7 +95,7 @@
   },
   "renovate": {
     "extends": [
-      "@html-validate"
+      "gitlab>html-validate/renovate-config"
     ]
   }
 }