This repository has been archived by the owner on Jan 28, 2024. It is now read-only.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
8.7.0
->8.11.0
Release Notes
pnpm/pnpm (pnpm)
v8.11.0
Compare Source
Minor Changes
(IMPORTANT) When the package tarballs aren't hosted on the same domain on which the registry (the server with the package metadata) is, the dependency keys in the lockfile should only contain
/<pkg_name>@​<pkg_version
, not<domain>/<pkg_name>@​<pkg_version>
.This change is a fix to avoid the same package from being added to
node_modules/.pnpm
multiple times. The change to the lockfile is backward compatible, so previous versions of pnpm will work with the fixed lockfile.We recommend that all team members update pnpm in order to avoid repeated changes in the lockfile.
Related PR: #7318.
Patch Changes
pnpm add a-module-already-in-dev-deps
will show a message to notice the user that the package was not moved to "dependencies" #926.Our Gold Sponsors
Our Silver Sponsors
v8.10.5
Compare Source
Patch Changes
pnpm-workspace.yaml
file #7307.Our Gold Sponsors
Our Silver Sponsors
v8.10.4
Compare Source
Patch Changes
node-linker
was set tohoisted
#6227.Our Gold Sponsors
Our Silver Sponsors
v8.10.3
Compare Source
Patch Changes
(Important) Increased the default amount of allowed concurrent network request on systems that have more than 16 CPUs #7285.
pnpm patch
should reuse existing patch whenshared-workspace-file=false
#7252.Don't retry fetching missing packages, since the retries will never work #7276.
When using
pnpm store prune --force
alien directories are removed from the store #7272.Downgraded
npm-packlist
because the newer version significantly slows down the installation of local directory dependencies, making it unbearably slow.npm-packlist
was upgraded in this PR to fix #6997. We added our own file deduplication to fix the issue of duplicate file entries.Fixed a performance regression on running installation on a project with an up to date lockfile #7297.
Throw an error on invalid
pnpm-workspace.yaml
file #7273.Our Gold Sponsors
Our Silver Sponsors
v8.10.2
Compare Source
Patch Changes
Our Gold Sponsors
Our Silver Sponsors
v8.10.1
Compare Source
Patch Changes
pnpm-lock.yaml
will no longer contain aregistry
field. This field has been unused for a long time. This change should not cause any issues besides backward compatible modifications to the lockfile #7262.pnpm dlx
in the root of a Windows Drive #7263.@npmcli/arborist
to patch it with a fix #7269.Our Gold Sponsors
Our Silver Sponsors
v8.10.0
Compare Source
Minor Changes
Support for multiple architectures when installing dependencies #5965.
You can now specify architectures for which you'd like to install optional dependencies, even if they don't match the architecture of the system running the install. Use the
supportedArchitectures
field inpackage.json
to define your preferences.For example, the following configuration tells pnpm to install optional dependencies for Windows x64:
Whereas this configuration will have pnpm install optional dependencies for Windows, macOS, and the architecture of the system currently running the install. It includes artifacts for both x64 and arm64 CPUs:
Additionally,
supportedArchitectures
also supports specifying thelibc
of the system.The
pnpm licenses list
command now accepts the--filter
option to check the licenses of the dependencies of a subset of workspace projects #5806.Patch Changes
Allow scoped name as bin name #7112.
When running scripts recursively inside a workspace, the logs of the scripts are grouped together in some CI tools. (Only works with
--workspace-concurrency 1
)Print a warning when installing a dependency from a non-existent directory #7159
Should fetch dependency from tarball url when patching dependency installed from git #7196
pnpm setup
should add a newline at the end of the updated shell config file #7227.Improved the performance of linking bins of hoisted dependencies to
node_modules/.pnpm/node_modules/.bin
#7212.Wrongful ELIFECYCLE error on program termination #7164.
pnpm publish
should not pack the same file twice sometimes #6997.The fix was to update
npm-packlist
to the latest version.Our Gold Sponsors
Our Silver Sponsors
v8.9.2
Compare Source
Patch Changes
preinstall
lifecycle script is present #7206.Our Gold Sponsors
Our Silver Sponsors
v8.9.1
Compare Source
Patch Changes
pnpm update --interactive
7109shared-workspace-lockfile
is set tofalse
, read the pnpm settings frompackage.json
files that are nested. This was broken in pnpm v8.9.0 #7184.node_modules
on Windows Dev Drives #7186. This is a fix to a regression that was shipped with v8.9.0.pnpm dlx
should ignore any settings that are in apackage.json
file found in the current working directory #7198.Our Gold Sponsors
Our Silver Sponsors
v8.9.0
Compare Source
Minor Changes
🚀Performance improvement: Use reflinks instead of hard links by default on macOS and Windows Dev Drives #5001.
The list of packages that are allowed to run installation scripts now may be provided in a separate configuration file. The path to the file should be specified via the
pnpm.onlyBuiltDependenciesFile
field inpackage.json
. For instance:In the example above, the list is loaded from a dependency. The JSON file with the list should contain an array of package names. For instance:
With the above list, only
esbuild
and@reflink/reflink
will be allowed to run scripts during installation.Related issue: #7137.
Add
disallow-workspace-cycles
option to error instead of warn about cyclic dependenciesAllow
env rm
to remove multiple node versions at once, and introduceenv add
for installing node versions without setting as default #7155.Patch Changes
pnpm why
when the dependencies tree is too big, the command will now prune the tree to just 10 end leafs and now supports--depth
argument #7122.neverBuiltDependencies
andonlyBuiltDependencies
from the rootpackage.json
of the workspace, whenshared-workspace-lockfile
is set tofalse
#7141.pnpm.overrides
replacingresolutions
, the two are now merged. This is intended to make it easier to migrate from Yarn by allowing one to keep usingresolutions
for Yarn, but adding additional changes just for pnpm usingpnpm.overrides
.Our Gold Sponsors
Our Silver Sponsors