Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update pnpm to v8 #35

Merged
merged 2 commits into from
Nov 7, 2023
Merged

chore(deps): update pnpm to v8 #35

merged 2 commits into from
Nov 7, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jun 26, 2023
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
pnpm (source) 7.33.6 -> 8.10.2 age adoption passing confidence

Release Notes

pnpm/pnpm (pnpm)

v8.10.2

Compare Source

Patch Changes

  • Fixed a regression that was shipped with pnpm v8.10.0. Dependencies that were already built should not be rebuilt on repeat install. This issue was introduced via the changes related to supportedArchitectures. Related issue #​7268.

Our Gold Sponsors

Our Silver Sponsors

v8.10.1

Compare Source

Patch Changes

  • (Important) Tarball resolutions in pnpm-lock.yaml will no longer contain a registry field. This field has been unused for a long time. This change should not cause any issues besides backward compatible modifications to the lockfile #​7262.
  • Fix issue when trying to use pnpm dlx in the root of a Windows Drive #​7263.
  • Optional dependencies that do not have to be built will be reflinked (or hardlinked) to the store instead of copied #​7046.
  • If a package's tarball cannot be fetched, print the dependency chain that leads to the failed package #​7265.
  • After upgrading one of our dependencies, we started to sometimes have an error on publish. We have forked @npmcli/arborist to patch it with a fix #​7269.

Our Gold Sponsors

Our Silver Sponsors

v8.10.0

Compare Source

Minor Changes

  • Support for multiple architectures when installing dependencies #​5965.

    You can now specify architectures for which you'd like to install optional dependencies, even if they don't match the architecture of the system running the install. Use the supportedArchitectures field in package.json to define your preferences.

    For example, the following configuration tells pnpm to install optional dependencies for Windows x64:

    {
  "pnpm": {
    "supportedArchitectures": {
      "os": ["win32"],
      "cpu": ["x64"]
    }
  }
}

    Whereas this configuration will have pnpm install optional dependencies for Windows, macOS, and the architecture of the system currently running the install. It includes artifacts for both x64 and arm64 CPUs:

    {
  "pnpm": {
    "supportedArchitectures": {
      "os": ["win32", "darwin", "current"],
      "cpu": ["x64", "arm64"]
    }
  }
}

    Additionally, supportedArchitectures also supports specifying the libc of the system.

  • The pnpm licenses list command now accepts the --filter option to check the licenses of the dependencies of a subset of workspace projects #​5806.

Patch Changes

  • Allow scoped name as bin name #​7112.

  • When running scripts recursively inside a workspace, the logs of the scripts are grouped together in some CI tools. (Only works with --workspace-concurrency 1)

  • Print a warning when installing a dependency from a non-existent directory #​7159

  • Should fetch dependency from tarball url when patching dependency installed from git #​7196

  • pnpm setup should add a newline at the end of the updated shell config file #​7227.

  • Improved the performance of linking bins of hoisted dependencies to node_modules/.pnpm/node_modules/.bin #​7212.

  • Wrongful ELIFECYCLE error on program termination #​7164.

  • pnpm publish should not pack the same file twice sometimes #​6997.

    The fix was to update npm-packlist to the latest version.

Our Gold Sponsors
Our Silver Sponsors

v8.9.2

Compare Source

Patch Changes
  • Don't use reflink on Windows #​7186.
  • Do not run node-gyp rebuild if preinstall lifecycle script is present #​7206.
Our Gold Sponsors
Our Silver Sponsors

v8.9.1

Compare Source

Patch Changes
  • Optimize selection result output of pnpm update --interactive 7109
  • When shared-workspace-lockfile is set to false, read the pnpm settings from package.json files that are nested. This was broken in pnpm v8.9.0 #​7184.
  • Fix file cloning to node_modules on Windows Dev Drives #​7186. This is a fix to a regression that was shipped with v8.9.0.
  • pnpm dlx should ignore any settings that are in a package.json file found in the current working directory #​7198.
Our Gold Sponsors
Our Silver Sponsors

v8.9.0

Compare Source

Minor Changes

  • 🚀Performance improvement: Use reflinks instead of hard links by default on macOS and Windows Dev Drives #​5001.

  • The list of packages that are allowed to run installation scripts now may be provided in a separate configuration file. The path to the file should be specified via the pnpm.onlyBuiltDependenciesFile field in package.json. For instance:

    {
  "dependencies": {
    "@​my-org/policy": "1.0.0"
  }
  "pnpm": {
    "onlyBuiltDependenciesFile": "node_modules/@​my-org/policy/allow-build.json"
  }
}

    In the example above, the list is loaded from a dependency. The JSON file with the list should contain an array of package names. For instance:

    ["esbuild", "@​reflink/reflink"]

    With the above list, only esbuild and @reflink/reflink will be allowed to run scripts during installation.

    Related issue: #​7137.

  • Add disallow-workspace-cycles option to error instead of warn about cyclic dependencies

  • Allow env rm to remove multiple node versions at once, and introduce env add for installing node versions without setting as default #​7155.

Patch Changes

  • Fix memory error in pnpm why when the dependencies tree is too big, the command will now prune the tree to just 10 end leafs and now supports --depth argument #​7122.
  • Use neverBuiltDependencies and onlyBuiltDependencies from the root package.json of the workspace, when shared-workspace-lockfile is set to false #​7141.
  • Optimize peers resolution to avoid out-of-memory exceptions in some rare cases, when there are too many circular dependencies and peer dependencies #​7149.
  • Instead of pnpm.overrides replacing resolutions, the two are now merged. This is intended to make it easier to migrate from Yarn by allowing one to keep using resolutions for Yarn, but adding additional changes just for pnpm using pnpm.overrides.

Our Gold Sponsors

Our Silver Sponsors

v8.8.0

Compare Source

Minor Changes

  • Add --reporter-hide-prefix option for run command to hide project name as prefix for lifecycle log outputs of running scripts #​7061.

Patch Changes

  • Pass through the --ignore-scripts command to install, when running pnpm dedupe --ignore-scripts #​7102.
  • Throw meaningful error for config sub commands#​7106.
  • When the node-linker is set to hoisted, the package.json files of the existing dependencies inside node_modules will be checked to verify their actual versions. The data in the node_modules/.modules.yaml and node_modules/.pnpm/lock.yaml may not be fully reliable, as an installation may fail after changes to dependencies were made but before those state files were updated #​7107.
  • Don't update git-hosted dependencies when adding an unrelated dependency #​7008.

Our Gold Sponsors

Our Silver Sponsors

v8.7.6

Compare Source

Patch Changes

  • Don't run the prepublishOnly scripts of git-hosted dependencies #​7026.
  • Fix a bug in which use-node-version or node-version isn't passed down to checkEngine when using pnpm workspace, resulting in an error #​6981.
  • Don't print out each deprecated subdependency separately with its deprecation message. Just print out a summary of all the deprecated subdependencies #​6707.
  • Fixed an ENOENT error that was sometimes happening during install with "hoisted" node_modules #​6756.

Our Gold Sponsors

Our Silver Sponsors

v8.7.5

Compare Source

Patch Changes

  • Improve performance of installation by using a worker for creating the symlinks inside node_modules/.pnpm #​7069.
  • Tarballs that have hard links are now unpacked successfully. This fixes a regression introduced in v8.7.0, which was shipped with our new in-house tarball parser #​7062.

Our Gold Sponsors

Our Silver Sponsors

v8.7.4

Compare Source

Patch Changes

  • Fix a bug causing the pnpm server to hang if a tarball worker was requested while another worker was exiting #​7041.
  • Fixes a regression published with pnpm v8.7.3. Don't hang while reading package.json from the content-addressable store #​7051.
  • Allow create scoped package with preferred version. #​7053
  • Reverting a change shipped in v8.7 that caused issues with the pnpm deploy command and "injected dependencies" #​6943.

Our Gold Sponsors

Our Silver Sponsors

v8.7.3

Compare Source

Patch Changes

  • Fix a bug causing errors to be printed as "Cannot read properties of undefined (reading 'code')" instead of the underlying reason when using the pnpm store server #​7032

Our Gold Sponsors

Our Silver Sponsors

Mend Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/pnpm-8.x branch 3 times, most recently from edd10e7 to d9b2a06 Compare July 10, 2023 04:44
@renovate renovate bot force-pushed the renovate/pnpm-8.x branch 3 times, most recently from ccd1450 to d259351 Compare July 24, 2023 00:25
@renovate renovate bot force-pushed the renovate/pnpm-8.x branch 3 times, most recently from 09ad84a to dfe67d8 Compare August 6, 2023 12:44
@renovate renovate bot force-pushed the renovate/pnpm-8.x branch 3 times, most recently from 392dbf4 to 4b7a34d Compare August 14, 2023 01:37
@renovate renovate bot force-pushed the renovate/pnpm-8.x branch 5 times, most recently from f1e7cca to 5886617 Compare August 28, 2023 03:59
@renovate renovate bot force-pushed the renovate/pnpm-8.x branch 5 times, most recently from a60e7e1 to e76308f Compare September 4, 2023 18:13
@renovate renovate bot force-pushed the renovate/pnpm-8.x branch 4 times, most recently from 0db5ae6 to de69ae3 Compare September 11, 2023 14:15
@renovate renovate bot force-pushed the renovate/pnpm-8.x branch 2 times, most recently from 0053bee to 33e9654 Compare September 26, 2023 16:29
@renovate renovate bot force-pushed the renovate/pnpm-8.x branch 2 times, most recently from 937745c to 075d6c8 Compare October 9, 2023 03:50
@renovate renovate bot force-pushed the renovate/pnpm-8.x branch 4 times, most recently from 985a821 to d384955 Compare October 16, 2023 04:56
@renovate renovate bot force-pushed the renovate/pnpm-8.x branch 2 times, most recently from a66a9ca to 0d42ae2 Compare October 27, 2023 15:48
@renovate renovate bot force-pushed the renovate/pnpm-8.x branch 3 times, most recently from fc8e48e to 845826c Compare November 1, 2023 18:10
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Nov 7, 2023

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

Warning: custom changes will be lost.

@FRSgit FRSgit merged commit 5c441fb into main Nov 7, 2023
4 checks passed
@FRSgit FRSgit deleted the renovate/pnpm-8.x branch November 7, 2023 00:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@FRSgit