Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update pnpm to v7.5.0 - autoclosed #42

Closed
wants to merge 1 commit into from
Closed

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jun 4, 2022

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
pnpm (source) 7.1.7 -> 7.5.0 age adoption passing confidence

Release Notes

pnpm/pnpm

v7.5.0

Compare Source

Minor Changes

  • A new value rolling for option save-workspace-protocol. When selected, pnpm will save workspace versions using a rolling alias (e.g. "foo": "workspace:^") instead of pinning the current version number (e.g. "foo": "workspace:^1.0.0"). Usage example, in the root of your workspace, create a .npmrc with the following content:

    save-workspace-protocol=rolling
    

Patch Changes

  • pnpm remove <pkg> should not fail in a workspace that has patches #​4954
  • The hash of the patch file should be the same on both Windows and POSIX #​4961.
  • pnpm env use should throw an error on a system that use the MUSL libc.

Our Gold Sponsors

#### Our Silver Sponsors
#### What's Changed * fix(env): throw an error on a system that uses MUSL libc by @​zkochan in https://github.com/pnpm/pnpm/pull/4958 * feat: use workspace spec alias by default in pnpm add by @​javier-garcia-meteologica in https://github.com/pnpm/pnpm/pull/4947 * fix(patch): the hash of the patch file should be the same on both Windows and POSIX by @​zkochan in https://github.com/pnpm/pnpm/pull/4969

Full Changelog: pnpm/pnpm@v7.4.1...v7.5.0

v7.4.1

Compare Source

Patch Changes

  • pnpm install in a workspace with patches should not fail when doing partial installation #​4954.
  • Never skip lockfile resolution when the lockfile is not up-to-date and --lockfile-only is used. Even if frozen-lockfile is true #​4951.
  • Never add an empty patchedDependencies field to pnpm-lock.yaml.

Our Gold Sponsors

#### Our Silver Sponsors
#### What's Changed * fix(lockfile): never add an empty `patchedDependencies` field to `pnpm-lock.yaml` by @​zkochan in https://github.com/pnpm/pnpm/pull/4948 * Add "refs/"+refname to resolution options by @​rotu in https://github.com/pnpm/pnpm/pull/4953 * fix: --lockfile-only in CI and with frozen-lockfile=true by @​zkochan in https://github.com/pnpm/pnpm/pull/4955 * fix: partial install in workspace with patches should not fail by @​zkochan in https://github.com/pnpm/pnpm/pull/4956 #### New Contributors * @​rotu made their first contribution in https://github.com/pnpm/pnpm/pull/4953

Full Changelog: pnpm/pnpm@v7.4.0...v7.4.1

v7.4.0

Compare Source

Minor Changes

  • Dependencies patching is possible via the pnpm.patchedDependencies field of the package.json.
    To patch a package, the package name, exact version, and the relative path to the patch file should be specified. For instance:

    {
      "pnpm": {
        "patchedDependencies": {
          "eslint@1.0.0": "./patches/eslint@1.0.0.patch"
        }
      }
    }
  • Two new commands added: pnpm patch and pnpm patch-commit.

    pnpm patch <pkg> prepares a package for patching. For instance, if you want to patch express v1, run:

    pnpm patch express@1.0.0
    

    pnpm will create a temporary directory with express@1.0.0 that you can modify with your changes.
    Once you are read with your changes, run:

    pnpm patch-commit <path to temp folder>
    

    This will create a patch file and write it to <project>/patches/express@1.0.0.patch.
    Also, it will reference this new patch file from the patchedDependencies field in package.json:

    {
      "pnpm": {
        "patchedDependencies": {
          "express@1.0.0": "patches/express@1.0.0.patch"
        }
      }
    }
  • A new experimental command added: pnpm deploy. The deploy command takes copies a project from a workspace and installs all of its production dependencies (even if some of those dependencies are other projects from the workspace).

    For example, the new command will deploy the project named foo to the dist directory in the root of the workspace:

    pnpm --filter=foo deploy dist
    
  • package-import-method supports a new option: clone-or-copy.

  • New setting added: include-workspace-root. When it is set to true, the run, exec, add, and test commands will include the root package, when executed recursively #​4906

Patch Changes

  • Don't crash when pnpm update --interactive is cancelled with Ctrl+c.

  • The use-node-version setting should work with prerelease Node.js versions. For instance:

    use-node-version=18.0.0-rc.3
    
  • Return early when the lockfile is up-to-date.

  • Resolve native workspace path for case-insensitive file systems #​4904.

  • Don't link local dev dependencies, when prod dependencies should only be installed.

  • pnpm audit --fix should not add an override for a vulnerable package that has no fixes released.

  • Update the compatibility database.

Our Gold Sponsors

#### Our Silver Sponsors
#### What's Changed * feat: patch package by @​zkochan in https://github.com/pnpm/pnpm/pull/4885 * feat: add `patch` and `patch-commit` commands by @​zkochan in https://github.com/pnpm/pnpm/pull/4900 * fix(env): `use-node-version` should work with prerelease versions by @​zkochan in https://github.com/pnpm/pnpm/pull/4903 * refactor: create @​pnpm/node.fetcher by @​zkochan in https://github.com/pnpm/pnpm/pull/4908 * feat(patch): update patched dependencies on install by @​zkochan in https://github.com/pnpm/pnpm/pull/4905 * fix: throw an error if not all patches were applied by @​zkochan in https://github.com/pnpm/pnpm/pull/4911 * fix: a modified patch should update the deps on install by @​zkochan in https://github.com/pnpm/pnpm/pull/4918 * fix: packages should be patched even when scripts are ignored by @​zkochan in https://github.com/pnpm/pnpm/pull/4922 * fix: patch package even if it is not in the onlyBuiltDependencies list by @​zkochan in https://github.com/pnpm/pnpm/pull/4925 * fix: respect include-workspace-root npmrc option by @​shirotech in https://github.com/pnpm/pnpm/pull/4928 * fix: install --lockfile-only should exit early by @​zkochan in https://github.com/pnpm/pnpm/pull/4932 * fix: resolve real path for case insensitive systems by @​mdogadailo in https://github.com/pnpm/pnpm/pull/4935 * feat: deploy command by @​zkochan in https://github.com/pnpm/pnpm/pull/4933 * fix: use recursive for deploy command directory creation by @​ragrag in https://github.com/pnpm/pnpm/pull/4943 * fix: don't fail when the patched pkg appears multiple times by @​zkochan in https://github.com/pnpm/pnpm/pull/4945 #### New Contributors * @​shirotech made their first contribution in https://github.com/pnpm/pnpm/pull/4928 * @​mdogadailo made their first contribution in https://github.com/pnpm/pnpm/pull/4935 * @​ragrag made their first contribution in https://github.com/pnpm/pnpm/pull/4943

Full Changelog: pnpm/pnpm@v7.3.0...v7.4.0

v7.3.0

Compare Source

Minor Changes
  • A new setting added: pnpm.peerDependencyRules.allowAny. allowAny is an array of package name patterns, any peer dependency matching the pattern will be resolved from any version, regardless of the range specified in peerDependencies. For instance:

    {
       "pnpm": {
         "peerDependencyRules": {
           "allowAny": ["@&#8203;babel/*", "eslint"]
         }
       }
    }

    The above setting will mute any warnings about peer dependency version mismatches related to @babel/ packages or eslint.

  • The pnpm.peerDependencyRules.ignoreMissing setting may accept package name patterns. So you may ignore any missing @babel/* peer dependencies, for instance:

    {
      "pnpm": {
        "peerDependencyRules": {
          "ignoreMissing": ["@&#8203;babel/*"]
        }
      }
    }
  • Experimental. New settings added: use-git-branch-lockfile, merge-git-branch-lockfiles, merge-git-branch-lockfiles-branch-pattern #​4475.

Patch Changes
  • Packages that should be built are always cloned or copied from the store. This is required to prevent the postinstall scripts from modifying the original source files of the package.
Our Sponsors
##### What's Changed * feat: enhance peer dependency rules by @​TravisJRyan in https://github.com/pnpm/pnpm/pull/4876 * feat: add git-branch-lockfile config to generate lockfile in each branch by @​chengcyber in https://github.com/pnpm/pnpm/pull/4475 * fix: built packages should not modify the original files in the store by @​zkochan in https://github.com/pnpm/pnpm/pull/4898 ##### New Contributors * @​TravisJRyan made their first contribution in https://github.com/pnpm/pnpm/pull/4876

Full Changelog: pnpm/pnpm@v7.2.1...v7.3.0

v7.2.1

Compare Source

Patch Changes

  • Support Node.js from v14.6.
  • Don't fail when the cafile setting is specified #​4877. This fixes a regression introduced in pnpm v7.2.0.

Our Sponsors

#### What's Changed * fix: support Node.js v14.6 by @​zkochan in https://github.com/pnpm/pnpm/pull/4878

Full Changelog: pnpm/pnpm@v7.2.0...v7.2.1

v7.2.0

Compare Source

Minor Changes

  • A new setting is supported for ignoring specific deprecation messages: pnpm.allowedDeprecatedVersions. The setting should be provided in the pnpm section of the root package.json file. The below example will mute any deprecation warnings about the request package and warnings about express v1:

    {
      "pnpm": {
        "allowedDeprecatedVersions": {
          "request": "*",
          "express": "1"
        }
      }
    }

    Related issue: #​4306
    Related PR: #​4864

Patch Changes

  • Update the compatibility database.
  • Report only the first occurrence of a deprecated package.
  • Add better hints to the peer dependency issue errors.

Our Sponsors

#### What's Changed * fix(setup): use @​pnpm/os.env.path-extender by @​zkochan in https://github.com/pnpm/pnpm/pull/4862 * fix: don't report the same deprecated package multiple times by @​zkochan in https://github.com/pnpm/pnpm/pull/4863 * feat: allowed deprecated versions by @​zkochan in https://github.com/pnpm/pnpm/pull/4864 * fix: add better peer dep error hints by @​zkochan in https://github.com/pnpm/pnpm/pull/4875

Full Changelog: pnpm/pnpm@v7.1.9...v7.2.0

v7.1.9

Compare Source

Patch Changes
  • When the same package is found several times in the dependency graph, correctly autoinstall its missing peer dependencies at all times #​4820.
Our Sponsors
##### What's Changed * fix: auto-install-peers by @​zkochan in https://github.com/pnpm/pnpm/pull/4855

Full Changelog: pnpm/pnpm@v7.1.8...v7.1.9

v7.1.8

Compare Source

Patch Changes

  • Suggest updating using Corepack, when pnpm was installed via Corepack.
  • It should be possible to install a git-hosted package that has no package.json file #​4822.
  • Fix pre-compiled pnpm binaries crashing when NODE_MODULES is set.

Our Sponsors

#### What's Changed * fix: pnpm pre-compiled binaries crash when NODE_MODULES is set by @​gluxon in https://github.com/pnpm/pnpm/pull/4823 * refactor(lockfile-file): Abstract LockfileFile to Lockfile conversion by @​gluxon in https://github.com/pnpm/pnpm/pull/4824 * test: update Jest by @​zkochan in https://github.com/pnpm/pnpm/pull/4644 * fix(cli): suggest to update with Corepack by @​zkochan in https://github.com/pnpm/pnpm/pull/4854 * fix: resolve manifest promise when manifest is not found by @​zkochan in https://github.com/pnpm/pnpm/pull/4826

Full Changelog: pnpm/pnpm@v7.1.7...v7.1.8


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.

@changeset-bot
Copy link

changeset-bot bot commented Jun 4, 2022

⚠️ No Changeset found

Latest commit: 529cbf8

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@github-actions
Copy link
Contributor

github-actions bot commented Jun 4, 2022

🤖 PR Release Bot

Packages in this PR have been release with tag pr-42

Last published change => 529cbf8

@renovate renovate bot changed the title Update pnpm to v7.1.8 Update pnpm to v7.1.9 Jun 6, 2022
@renovate renovate bot changed the title Update pnpm to v7.1.9 Update pnpm to v7.2.0 Jun 10, 2022
@renovate renovate bot changed the title Update pnpm to v7.2.0 Update pnpm to v7.2.1 Jun 11, 2022
@renovate renovate bot changed the title Update pnpm to v7.2.1 Update pnpm to v7.3.0 Jun 18, 2022
@renovate renovate bot force-pushed the renovate/pnpm-7.x branch 2 times, most recently from b8a7440 to 47cf07b Compare June 28, 2022 17:09
@renovate renovate bot changed the title Update pnpm to v7.3.0 Update pnpm to v7.4.0 Jun 28, 2022
@renovate renovate bot changed the title Update pnpm to v7.4.0 Update pnpm to v7.4.1 Jun 30, 2022
@renovate renovate bot changed the title Update pnpm to v7.4.1 Update pnpm to v7.5.0 Jul 2, 2022
@renovate renovate bot changed the title Update pnpm to v7.5.0 Update pnpm to v7.5.0 - autoclosed Jul 4, 2022
@renovate renovate bot closed this Jul 4, 2022
@renovate renovate bot deleted the renovate/pnpm-7.x branch July 4, 2022 22:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants