lockfile doesn't update the version of dependant packages

[ItamarGronich]

Expected Behavior

package-lock.json file of dependant packages should be updated with the correct version when commiting the lock files to git repo.
For example, when publishing two packages A and B where A depends on B. When B is updated, A's package lock should update it's version and also B's version

Current Behavior

Only A's version is updated.

lerna.json

{
  "packages": [
    "packages/*"
  ],
  "version": "independent",
  "command": {
    "version": {
      "message": "chore(release): [skip ci] publish new versions"
    }
  }
}

Context

Need to run npm i to generate the correct lock files and manually commit them.

Executable	Version
lerna --version	3.15.0
npm --version	6.2.0
node --version	v10.9.0

OS	Version
macOS Mojave	10.14.6

[Clement134]

I have the same issue. Is there any workaround to automate this with lerna?

[liranhershko]

Have a look at #1415 (comment)
There seems to be a workaround.

[cckrause]

is there any plan to fix this issue? As it seems like it's more a concept Problem. As the documentation states:

Publish packages updated since the last release (calling lerna version behind the scenes).
This is the legacy behavior of lerna 2.x
Publish packages tagged in the current commit (from-git).
Publish packages in the latest commit where the version is not present in the registry (from-package).
Publish an unversioned "canary" release of packages (and their dependents) updated in the previous commit.

Given 3 packages:
A: 1.0.0
B: 1.0.0
C: 1.0.0

A(1.0.0) {
    B(1.0.0)
} 
B (1.0.0) {
    C(1.0.0)
} 
C (1.0.0)

If you change all of the packages Lerna bumps the versions accordingly:
Given 3 changes
A: 1.1.0 feature
B: 1.1.0 feature
C: 1.0.1 patch

Results in the following updated dependency tree

A(1.1.0) {
    B(1.1.0)
} 
B (1.1.0) {
    C(1.0.1)
} 
C (1.0.1)

The solution mention in this post #1415 (comment) looked promising and is working as expected:
npx lerna clean --yes && npx lerna exec -- npm install --ignore-scripts --package-lock-only --no-audit && git add packages/*/package-lock.json

But the problem with this approach is that lerna runs all version scripts before publishing ANY package. So running the script is kind of useless as it will not succeed because of the fact npm would not be able to resolve any of the updated not yet published dependencies.

The only solution would be to run the whole publish process as stated above for all the dependencies in reverse dependency order to make this whole thing work. I'm a little shattered as this is one core feature i was expecting to be working with lerna as i started using lerna in the first place. The only other way i could imagine is to not using a package-lock file. Is there any particular reason this is not implemented already? Am i missing out anything here?

[github-actions]

Hi Folks 👋

You may or may not know that lerna is now under the stewardship of Nrwl (announcement here #3121), a company with a long history of not just producing valuable open-source software (OSS), but also backing others (at the time of writing, Nrwl has donated over $50,000 to OSS it hasn't created, see https://opencollective.com/nx for full details).

Quite simply, Nrwl ❤️ OSS, and is committed to making lerna the best it can be. We use it ourselves.

In order to take this awesome project forward from its current state, it is important that we focus our finite resources on what is most important to lerna users in 2022.

With that in mind, we have identified this issue as being potentially stale due to its age and/or lack of recent activity.

---

Next steps:

We want to give you some time to read through this comment and take action per one of the steps outlined below, so for the next 14 days we will not make any further updates to this issue.

@ItamarGronich as the original author of this issue, we are looking to you to update us on the latest state of this as it relates to the latest version of lerna.

Please choose one of the steps below, depending on what type of issue this is:

• A) If this issue relates to a potential BUG in the latest version of lerna:

  • Please head over to https://github.com/lerna/repro, fork the repo and apply the changes necessary to reproduce the bug. Then open a PR to that https://github.com/lerna/repro repo and comment back to this thread with the PR number so that we can take a look into the problem and provide a fix.

• B) If this issue is a FEATURE request to be added to the latest version of lerna:

  • Simply comment back on this thread so that we know you still want us to consider the request for the latest version of lerna.

• C) If this issue is a QUESTION which is applicable to latest version of lerna:

  • Please convert the issue to be a Discussion instead: https://github.com/lerna/lerna/discussions

• D) If this issue is no longer applicable to the latest version of lerna:

  • Please close the issue.

---

If we do not hear from @ItamarGronich on this thread within the next 14 days, we will automatically close this issue.

If you are another user impacted by this issue but it ends up being closed as part of this process, we still want to hear from you! Please simply head over to our new issue templates and fill out all the requested details on the template which applies to your situation:

https://github.com/lerna/lerna/issues/new/choose

Thank you all for being a part of this awesome community, we could not be more excited to help move things forward from here 🙏 🚀

[github-actions]

Hi Folks 👋

You will have seen in our message above that we at Nrwl are working really hard to bring the lerna repo up to date with what matters most to its community in June 2022.

As previously stated in that message, because we have not heard from the original author of this issue within the last 14 days, we are now automatically closing it.

If any users, including the original author, are still impacted by this issue then we still want to hear from you!

All we ask is that you first update to the latest lerna (5.1.4 at the time of writing) to make sure it is still reproducible, and then fill out one of our new issue templates, providing all the requested details which apply to your situation:

https://github.com/lerna/lerna/issues/new/choose

Many thanks again! 🙏

---

P.S. Over and above getting to grips with the repo, we have also been hard at work launching a new website, resolving all vulnerabilities, merging exciting new features and reigniting community PR contributions! 🚀

You can read our recent blog post to learn more about what we've been up to:
https://blog.nrwl.io/lerna-5-1-new-website-new-guides-new-lerna-example-repo-distributed-caching-support-and-speed-64d66410bec7