fix(semver): making --track-deps only read one dependency deep

README.md

@@ -90,7 +90,7 @@ nx run workspace:version [...options]
 | **`--preid`**                | `string`   | `null`     | prerelease identifier                                |
 | **`--versionTagPrefix`**     | `string`   | `null`     | specify the tag prefix                               |
 | **`--postTargets`**          | `string[]` | `[]`       | specify a list of target to execute post-release     |
-| **`--trackDeps`**              | `boolean`| `false`    | use dependencies when calculating a version bump       |
+| **`--trackDeps`**              | `boolean`| `false`    | use dependencies when calculating a version bump     |
 
 #### Configuration using the file
 
@@ -171,6 +171,22 @@ The `postTargets` option declare `my-project:github` target which run `@jscutler
 
 - [`@jscutlery/semver:github`](https://github.com/jscutlery/semver/blob/main/packages/semver/src/executors/github/README.md) GiHub Release Support
 
+#### Tracking dependencies:
+
+The **`--trackDeps`** option indicates that direct dependencies in the project's dependency graph should be taken into account when incrementing the
+version. If no version-incrementing changes are present in the project, but are present in one or more dependencies, then the project will receive a `patch`
+version increment.
+
+If you wish to track changes at any depth of your dependency graph, then you should do the following:
+
+1. Enable versioning for each project in the dependency graph
+2. Set the `trackDeps` option to `true` on each of the projects
+3. Call the `version` executor with `--withDeps`
+
+This setup will cause a cascade of version increments starting at the deepest changed dependency, then continuing up the graph until the indicated
+project is reached. Additionally, if used in conjunction with `nx run-many --all`, or _affected_, then it will avoid attempting to version dependencies
+multiple times.
+
 ### CI/CD usage
 
 #### GitHub Actions

packages/semver/src/executors/version/utils/get-project-dependencies.spec.ts

@@ -46,7 +46,13 @@ const projectGraph: ProjectGraph = {
         source: 'lib2',
         target: 'lib1',
       },
+      {
+        type: 'static',
+        source: 'lib2',
+        target: 'lib3',
+      },
     ],
+    lib3: [],
     'demo-e2e': [
       {
         type: 'implicit',

packages/semver/src/executors/version/utils/get-project-dependencies.ts

@@ -12,31 +12,7 @@ export async function getProjectDependencies(
   // The shape of the project graph can still change. So we're pinning the
   // version of the graph to 3.0.
   const dependencyGraph = await createProjectGraphAsync('3.0');
-  return Array.from(
-    assembleDependenciesFromGraph(dependencyGraph.dependencies, projectName)
-  );
-}
-
-function assembleDependenciesFromGraph(
-  dependencyGraph: { [key: string]: ProjectGraphDependency[] },
-  projectName: string,
-  traversedNodes: string[] = []
-): Set<string> {
-  return getProjectsFromDependencies(dependencyGraph[projectName]).reduce(
-    (acc, dependency) => {
-      // This if statement keeps us from getting caught in a circular dependency.
-      if (traversedNodes.indexOf(dependency) === -1) {
-        const subDependencies = assembleDependenciesFromGraph(
-          dependencyGraph,
-          dependency,
-          [projectName, ...traversedNodes]
-        );
-        acc = new Set([...acc, dependency, ...subDependencies]);
-      }
-      return acc;
-    },
-    new Set<string>()
-  );
+  return getProjectsFromDependencies(dependencyGraph.dependencies[projectName]);
 }
 
 /**