Skip to content

chore(deps): lock file maintenance npm packages #26

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 9, 2025
Merged

chore(deps): lock file maintenance npm packages #26

merged 1 commit into from
Mar 9, 2025

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Mar 9, 2025

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
lockFileMaintenance All locks refreshed
pnpm (source) packageManager minor 10.5.2 -> 10.6.1 age adoption passing confidence

🔧 This Pull Request updates lock files to use the latest dependency versions.

Release Notes

pnpm/pnpm (pnpm)

v10.6.1

Compare Source

Patch Changes
  • The pnpm CLI process should not stay hanging, when --silent reporting is used.
  • When --loglevel is set to error, don't show installation summary, execution time, and big tarball download progress.
  • Don't ignore pnpm.patchedDependencies from package.json #​9226.
  • When executing the approve-builds command, if package.json contains onlyBuiltDependencies or ignoredBuiltDependencies, the selected dependency package will continue to be written into package.json.
  • When a package version cannot be found in the package metadata, print the registry from which the package was fetched.

v10.6.0

Compare Source

Minor Changes

  • pnpm-workspace.yaml can now hold all the settings that .npmrc accepts. The settings should use camelCase #​9211.

    pnpm-workspace.yaml example:

    verifyDepsBeforeRun: install
optimisticRepeatInstall: true
publicHoistPattern:
  - "*types*"
  - "!@​types/react"

  • Projects using a file: dependency on a local tarball file (i.e. .tgz, .tar.gz, .tar) will see a performance improvement during installation. Previously, using a file: dependency on a tarball caused the lockfile resolution step to always run. The lockfile will now be considered up-to-date if the tarball is unchanged.

Patch Changes
  • pnpm self-update should not leave a directory with a broken pnpm installation if the installation fails.
  • fast-glob replace with tinyglobby to reduce the size of the pnpm CLI dependencies #​9169.
  • pnpm deploy should not remove fields from the deployed package's package.json file #​9215.
  • pnpm self-update should not read the pnpm settings from the package.json file in the current working directory.
  • Fix pnpm deploy creating a package.json without the imports and license field #​9193.
  • pnpm update -i should list only packages that have newer versions #​9206.
  • Fix a bug causing entries in the catalogs section of the pnpm-lock.yaml file to be removed when dedupe-peer-dependents=false on a filtered install. #​9112

Configuration

📅 Schedule: Branch creation - "before 4am on monday" in timezone Asia/Shanghai, Automerge - "before 10pm on monday" in timezone Asia/Shanghai.

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot enabled auto-merge (squash) March 9, 2025 17:25
@renovate renovate bot merged commit 0ab5c56 into main Mar 9, 2025
4 checks passed
@renovate renovate bot deleted the renovate/npm-packages branch March 9, 2025 17:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant