-
-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): update pnpm to v9 #216
Open
renovate
wants to merge
1
commit into
main
Choose a base branch
from
renovate/pnpm-9.x
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
2 times, most recently
from
April 30, 2024 09:21
352e1cf
to
0485d43
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
2 times, most recently
from
May 6, 2024 13:07
10b0017
to
88dd8c2
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
from
May 12, 2024 22:24
88dd8c2
to
5328fce
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
2 times, most recently
from
May 27, 2024 11:14
bff1f7d
to
b544860
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
3 times, most recently
from
June 5, 2024 14:31
4d777ad
to
decbd03
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
from
June 10, 2024 16:31
decbd03
to
a901876
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
from
June 17, 2024 19:00
a901876
to
656e116
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
3 times, most recently
from
July 7, 2024 19:06
d111043
to
9280d60
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
from
July 11, 2024 12:58
9280d60
to
36cd3e2
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
2 times, most recently
from
July 29, 2024 00:17
6881e39
to
29c7414
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
from
August 7, 2024 00:59
29c7414
to
1831c81
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
from
August 14, 2024 15:15
1831c81
to
0bf9bde
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
2 times, most recently
from
August 26, 2024 16:37
dc7da4e
to
72e1a03
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
2 times, most recently
from
September 16, 2024 03:07
130c0e6
to
a73255c
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
from
September 20, 2024 11:02
a73255c
to
a1b8dd9
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
2 times, most recently
from
October 7, 2024 15:53
c4abb1d
to
d7664f8
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
3 times, most recently
from
October 21, 2024 00:20
0cb2619
to
2dd84e0
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
from
October 28, 2024 05:10
2dd84e0
to
a363878
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
2 times, most recently
from
November 14, 2024 20:01
820a7da
to
3e2d7d1
Compare
renovate
bot
force-pushed
the
renovate/pnpm-9.x
branch
from
November 15, 2024 03:20
3e2d7d1
to
31261b7
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
None yet
0 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
8.15.9
->9.13.2
Release Notes
pnpm/pnpm (pnpm)
v9.13.2
Compare Source
v9.13.1
Compare Source
v9.13.0
Compare Source
v9.12.3
Compare Source
Patch Changes
node_modules
, when typing "n" in the prompt that asks whether to removenode_modules
before installation #8655.manage-package-manager-versions=true
is set and the.tools
directory is corrupt.crypto.hash
, when available, for improved performance #8629.package.json
at the root of the workspace #8667.manage-package-manager-versions
is set totrue
, errors spawning a self-managed version ofpnpm
will now be shown (instead of being silent).v9.12.2
Compare Source
Patch Changes
v9.12.1
Compare Source
Patch Changes
pnpm update --latest
should not update the automatically installed peer dependencies #6657.pnpm publish
should be able to publish from a local tarball #7950.EBUSY
errors caused by creating symlinks in paralleldlx
processes #8604.v9.12.0
Compare Source
Minor Changes
Fix peer dependency resolution dead lock #8570. This change might change some of the keys in the
snapshots
field insidepnpm-lock.yaml
but it should happen very rarely.pnpm outdated
command supports now a--sort-by=name
option for sorting outdated dependencies by package name #8523.Added the ability for
overrides
to remove dependencies by specifying"-"
as the field value #8572. For example, to removelodash
from the dependencies, use this configuration inpackage.json
:Patch Changes
pnpm list --json pkg
showed"private": false
for a private package #8519.libc
that differ frompnpm.supportedArchitectures.libc
are not downloaded #7362.ENOENT
errors caused by runningstore prune
in parallel #8586.pnpm bugs
#8596.v9.11.0
Compare Source
Minor Changes
pnpm cache
commands for inspecting the metadata cache #8512.Patch Changes
pnpm deploy
withnode-linker=hoisted
produces an emptynode_modules
directory #6682.pnpm deploy
should work in workspace withshared-workspace-lockfile=false
#8475.v9.10.0
Compare Source
Minor Changes
Support for a new CLI flag,
--exclude-peers
, added to thelist
andwhy
commands. When--exclude-peers
is used, peer dependencies are not printed in the results, but dependencies of peer dependencies are still scanned #8506.Added a new setting to
package.json
atpnpm.auditConfig.ignoreGhsas
for ignoring vulnerabilities by their GHSA code #6838.For instance:
Patch Changes
v9.9.0
Compare Source
Minor Changes
Minor breaking change. This change might result in resolving your peer dependencies slightly differently but we don't expect it to introduce issues.
We had to optimize how we resolve peer dependencies in order to fix some infinite loops and out-of-memory errors during peer dependencies resolution.
When a peer dependency is a prod dependency somewhere in the dependency graph (with the same version), pnpm will resolve the peers of that peer dependency in the same way across the subgraph.
For example, we have
react-dom
in the peer deps of theform
andbutton
packages.card
hasreact-dom
andreact
as regular dependencies andcard
is a dependency ofform
.These are the direct dependencies of our example project:
These are the dependencies of card:
When resolving peers, pnpm will not re-resolve
react-dom
forcard
, even thoughcard
shadowsreact@16
from the root withreact@17
. So, all 3 packages (form
,card
, andbutton
) will usereact-dom@16
, which in turn usesreact@16
.form
will usereact@16
, whilecard
andbutton
will usereact@17
.Before this optimization
react-dom@16
was duplicated for thecard
, so thatcard
andbutton
would use areact-dom@16
instance that usesreact@17
.Before the change:
After the change
Patch Changes
pnpm deploy
should write thenode_modules/.modules.yaml
to thenode_modules
directory within the deploy directory #7731.node_modules
if it already points to the right location pnpm/symlink-dir#54.v9.8.0
Compare Source
Minor Changes
Added a new command for upgrading pnpm itself when it isn't managed by Corepack:
pnpm self-update
. This command will work, when pnpm was installed via the standalone script from the pnpm installation page #8424.When executed in a project that has a
packageManager
field in itspackage.json
file, pnpm will update its version in thepackageManager
field.Patch Changes
CLI tools installed in the root of the workspace should be added to the PATH, when running scripts and
use-node-version
is set.pnpm setup
should never switch to another version of pnpm.This fixes installation with the standalone script from a directory that has a
package.json
with thepackageManager
field. pnpm was installing the version of pnpm specified in thepackageManager
field due to this issue.Ignore non-string value in the os, cpu, libc fields, which checking optional dependencies #8431.
Remember the state of edit dir, allow running
pnpm patch-commit
the second time without having to re-runpnpm patch
.v9.7.1
Compare Source
Patch Changes
public-hoist-pattern
andhoist-pattern
via env variables #8339.pnpm setup
no longer creates Batch/Powershell scripts on Linux and macOS #8418.pnpm exec
now supports executionEnv #8356.pnpm
field, add warnings for non-rootpnpm
subfields that aren'texecutionEnv
#8143.patch-commit
in which relative path is rejected #8405.@pnpm/exe
to v20.v9.7.0
Compare Source
Minor Changes
Added pnpm version management to pnpm. If the
manage-package-manager-versions
setting is set totrue
, pnpm will switch to the version specified in thepackageManager
field ofpackage.json
#8363. This is the same field used by Corepack. Example:Added the ability to apply patch to all versions:
If the key of
pnpm.patchedDependencies
is a package name without a version (e.g.pkg
), pnpm will attempt to apply the patch to all versions ofthe package. Failures will be skipped.
If it is a package name and an exact version (e.g.
[email protected]
), pnpm will attempt to apply the patch to that exact version only. Failures willcause pnpm to fail.
If there's only one version of
pkg
installed,pnpm patch pkg
and subsequentpnpm patch-commit $edit_dir
will create an entry namedpkg
inpnpm.patchedDependencies
. And pnpm will attempt to apply this patch to other versions ofpkg
in the future.If there are multiple versions of
pkg
installed,pnpm patch pkg
will ask which version to edit and whether to attempt to apply the patch to all.If the user chooses to apply the patch to all,
pnpm patch-commit $edit_dir
would create apkg
entry inpnpm.patchedDependencies
.If the user chooses not to apply the patch to all,
pnpm patch-commit $edit_dir
would create a[email protected]
entry inpnpm.patchedDependencies
withx.y.z
being the version the user chose to edit.If the user runs
pnpm patch [email protected]
withx.y.z
being the exact version ofpkg
that has been installed,pnpm patch-commit $edit_dir
will alwayscreate a
[email protected]
entry inpnpm.patchedDependencies
.Change the default edit dir location when running
pnpm patch
from a temporary directory tonode_modules/.pnpm_patches/pkg[@​version]
to allow the code editor to open the edit dir in the same file tree as the main project.Substitute environment variables in config keys #6679.
Patch Changes
pnpm install
should runnode-gyp rebuild
if the project has abinding.gyp
file even if the project doesn't have an install script #8293.v9.6.0
Compare Source
Minor Changes
pnpm.executionEnv.nodeVersion
inpackage.json
) for running lifecycle scripts per each package in a workspace #6720.catalogs:
protocol #8303.Patch Changes
pnpm deploy
command now supports thecatalog:
protocol #8298.pnpm outdated
command now supports thecatalog:
protocol #8304.pnpm patch
withoutnode_modules/.modules.yaml
#8257.pnpm exec
command #7608.v9.5.0
Compare Source
Minor Changes
Added support for catalogs 8122.
Catalogs may be declared in the
pnpm-workspace.yaml
file. For example:v9.4.0
Compare Source
Minor Changes
strict-store-pkg-content-check
setting tofalse
#4724.Patch Changes
package-manager-strict-version
missing in config #8195.v9.3.0
Compare Source
Minor Changes
peers-suffix-max-length
setting #8177.Patch Changes
reporter-hide-prefix
totrue
by default forpnpm exec
. In order to show prefix, the user now has to explicitly setreporter-hide-prefix=false
#8174.v9.2.0
Compare Source
Minor Changes
package-manager-strict-version
is set totrue
, pnpm will fail if its version doesn't exactly match the version in the "packageManager" field ofpackage.json
.Patch Changes
@yarnpkg/pnp
to the latest version, fixing issue withnode:
imports #8161.package.json
#8087.exec
now also streams prefixed output when--recursive
or--parallel
is specified just asrun
does #8065.v9.1.4
Compare Source
Patch Changes
v9.1.3
Compare Source
Patch Changes
optional=false
#8066.v9.1.2
Compare Source
Patch Changes
pnpm licenses
output are not misplaced anymore #8071.v9.1.1
Compare Source
Patch Changes
link:
now preserve absolute path #8053.file:
overrides for workspace package #8053.resolution-mode
is set totime-based
and the registry fails to return the"time"
field in the package's metadata.v9.1.0
Compare Source
Minor Changes
virtual-store-dir-max-length
added to modify the maximum allowed length of the directories insidenode_modules/.pnpm
. The default length is set to 120 characters. This setting is particularly useful on Windows, where there is a limit to the maximum length of a file path #7355.Patch Changes
pnpm outdated
output are wrapped correctly #8037.Cannot read properties of undefined (reading 'missingPeersOfChildren')
exception that happens on install #8041.publish
orpack
whenbundledDependencies
is set butnode-linker
isn'thoisted
.pnpm update
should not fail when there's an aliased local workspace dependency #7975.v9.0.6
Compare Source
Patch Changes
pnpm install --frozen-lockfile
#7991.v9.0.5
Compare Source
Patch Changes
v9.0.4
Compare Source
Patch Changes
engines.pnpm
field in thepackage.json
files of dependencies should be ignored #7965.v9.0.3
Compare Source
Patch Changes
script-shell
option is configured to a.bat
/.cmd
file on Windows, pnpm will now error withERR_PNPM_INVALID_SCRIPT_SHELL_WINDOWS
. Newer versions of Node.js released in April 2024 do not support executing these files directly without behavior differences. If thescript-shell
option is necessary for your use-case, please set a.exe
file instead.package-manager-strict
setting, when pnpm doesn't match the version specified in thepackageManager
field inpackage.json
.pnpm completion
command should work in the standalone version of pnpm #7948.v9.0.2
Compare Source
Patch Changes
node_modules
#7943.v9.0.1
Compare Source
Patch Changes
pnpm install --frozen-lockfile
should work with lockfiles generated by pnpm v8, if they don't need updates #7934.v9.0.0
Compare Source
Major Changes
Node.js v16 support discontinued
If you still require Node.js 16, don't worry. We ship pnpm bundled with Node.js. This means that regardless of which Node.js version you've installed, pnpm will operate using the necessary Node.js runtime. For this to work you need to install pnpm either using the standalone script or install the
@pnpm/exe
package.Configuration updates:
dedupe-injected-deps
: enabled by default.link-workspace-packages
: disabled by default. This means that by default, dependencies will be linked from workspace packages only when they are specified using the workspace protocol.hoist-workspace-packages
: enabled by default.enable-pre-post-scripts
: enabled by default.~/.local/state/pnpm
).package.json
file for apackageManager
field. If this field is present and specifies a different package manager or a different version of pnpm than the one you're currently using, pnpm will not proceed. This ensures that you're always using the correct package manager and version that the project requires.Lockfile changes:
Dependency resolution changes:
Related issue: #7444.
Related PR: #7606.
pnpm licenses list
prints license information of all versions of the same package in case different versions use different licenses. The format of thepnpm licenses list --json
output has been changed #7528.A new command added for printing completion code to the console:
pnpm completion [shell]
. The old command that modified the user's shell dotfiles has been removed #3083.When installing git-hosted dependencies, only pick the files that would be packed with the package #7638.
Minor Changes
It is now possible to install only a subdirectory from a Git repository.
For example,
pnpm add github:user/repo#path:packages/foo
will add a dependency from thepackages/foo
subdirectory.This new parameter may be combined with other supported parameters separated by
&
. For instance, the next command will install the same package from thedev
branch:pnpm add github:user/repo#dev&path:packages/bar
.Related issue: #4765.
Related PR: #7487.
node-gyp
updated to version 10.PowerShell completion support added #7597.
Support
node-options
option inside.npmrc
file when running scripts #7596.Added support for registry-scoped SSL configurations (cert, key, and ca). Three new settings supported:
<registryURL>:certfile
,<registryURL>:keyfile
, and<registryURL>:ca
. For instance:Related issue: #7427.
Related PR: #7626.
Add a field named
ignoredOptionalDependencies
. This is an array of strings. If an optional dependency has its name included in this array, it will be skipped #7714.The checksum of the
.pnpmfile.cjs
is saved into the lockfile. If the pnpmfile gets modified, the lockfile is reanalyzed to apply the changes #7662.Added cache for
pnpm dlx
#5277.Patch Changes
--lockfile-only
installation #1328.pnpm dlx
should not read settings from the current working directory #7916.Configuration
📅 Schedule: Branch creation - "before 5am on Monday" in timezone Europe/Warsaw, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.