-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): update pnpm to v9.13.0 #40
base: main
Are you sure you want to change the base?
Conversation
|
86b27d3
to
96f259e
Compare
96f259e
to
c48d158
Compare
c48d158
to
8051954
Compare
8051954
to
8320af7
Compare
8320af7
to
df4c6bb
Compare
df4c6bb
to
5c7b173
Compare
5c7b173
to
d231e70
Compare
d231e70
to
492c216
Compare
492c216
to
c0a3d11
Compare
This PR contains the following updates:
9.7.0
->9.13.0
Release Notes
pnpm/pnpm (pnpm)
v9.13.0
Compare Source
v9.12.3
Compare Source
Patch Changes
node_modules
, when typing "n" in the prompt that asks whether to removenode_modules
before installation #8655.manage-package-manager-versions=true
is set and the.tools
directory is corrupt.crypto.hash
, when available, for improved performance #8629.package.json
at the root of the workspace #8667.manage-package-manager-versions
is set totrue
, errors spawning a self-managed version ofpnpm
will now be shown (instead of being silent).v9.12.2
Compare Source
Patch Changes
v9.12.1
Compare Source
Patch Changes
pnpm update --latest
should not update the automatically installed peer dependencies #6657.pnpm publish
should be able to publish from a local tarball #7950.EBUSY
errors caused by creating symlinks in paralleldlx
processes #8604.v9.12.0
Compare Source
Minor Changes
Fix peer dependency resolution dead lock #8570. This change might change some of the keys in the
snapshots
field insidepnpm-lock.yaml
but it should happen very rarely.pnpm outdated
command supports now a--sort-by=name
option for sorting outdated dependencies by package name #8523.Added the ability for
overrides
to remove dependencies by specifying"-"
as the field value #8572. For example, to removelodash
from the dependencies, use this configuration inpackage.json
:Patch Changes
pnpm list --json pkg
showed"private": false
for a private package #8519.libc
that differ frompnpm.supportedArchitectures.libc
are not downloaded #7362.ENOENT
errors caused by runningstore prune
in parallel #8586.pnpm bugs
#8596.v9.11.0
Compare Source
Minor Changes
pnpm cache
commands for inspecting the metadata cache #8512.Patch Changes
pnpm deploy
withnode-linker=hoisted
produces an emptynode_modules
directory #6682.pnpm deploy
should work in workspace withshared-workspace-lockfile=false
#8475.v9.10.0
Compare Source
Minor Changes
Support for a new CLI flag,
--exclude-peers
, added to thelist
andwhy
commands. When--exclude-peers
is used, peer dependencies are not printed in the results, but dependencies of peer dependencies are still scanned #8506.Added a new setting to
package.json
atpnpm.auditConfig.ignoreGhsas
for ignoring vulnerabilities by their GHSA code #6838.For instance:
Patch Changes
v9.9.0
Compare Source
Minor Changes
Minor breaking change. This change might result in resolving your peer dependencies slightly differently but we don't expect it to introduce issues.
We had to optimize how we resolve peer dependencies in order to fix some infinite loops and out-of-memory errors during peer dependencies resolution.
When a peer dependency is a prod dependency somewhere in the dependency graph (with the same version), pnpm will resolve the peers of that peer dependency in the same way across the subgraph.
For example, we have
react-dom
in the peer deps of theform
andbutton
packages.card
hasreact-dom
andreact
as regular dependencies andcard
is a dependency ofform
.These are the direct dependencies of our example project:
These are the dependencies of card:
When resolving peers, pnpm will not re-resolve
react-dom
forcard
, even thoughcard
shadowsreact@16
from the root withreact@17
. So, all 3 packages (form
,card
, andbutton
) will usereact-dom@16
, which in turn usesreact@16
.form
will usereact@16
, whilecard
andbutton
will usereact@17
.Before this optimization
react-dom@16
was duplicated for thecard
, so thatcard
andbutton
would use areact-dom@16
instance that usesreact@17
.Before the change:
After the change
Patch Changes
pnpm deploy
should write thenode_modules/.modules.yaml
to thenode_modules
directory within the deploy directory #7731.node_modules
if it already points to the right location pnpm/symlink-dir#54.v9.8.0
Compare Source
Minor Changes
Added a new command for upgrading pnpm itself when it isn't managed by Corepack:
pnpm self-update
. This command will work, when pnpm was installed via the standalone script from the pnpm installation page #8424.When executed in a project that has a
packageManager
field in itspackage.json
file, pnpm will update its version in thepackageManager
field.Patch Changes
CLI tools installed in the root of the workspace should be added to the PATH, when running scripts and
use-node-version
is set.pnpm setup
should never switch to another version of pnpm.This fixes installation with the standalone script from a directory that has a
package.json
with thepackageManager
field. pnpm was installing the version of pnpm specified in thepackageManager
field due to this issue.Ignore non-string value in the os, cpu, libc fields, which checking optional dependencies #8431.
Remember the state of edit dir, allow running
pnpm patch-commit
the second time without having to re-runpnpm patch
.v9.7.1
Compare Source
Patch Changes
public-hoist-pattern
andhoist-pattern
via env variables #8339.pnpm setup
no longer creates Batch/Powershell scripts on Linux and macOS #8418.pnpm exec
now supports executionEnv #8356.pnpm
field, add warnings for non-rootpnpm
subfields that aren'texecutionEnv
#8143.patch-commit
in which relative path is rejected #8405.@pnpm/exe
to v20.Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.