Skip to content

pnpm 10.9

Compare
Choose a tag to compare
@github-actions github-actions released this 21 Apr 08:37
· 54 commits to main since this release
v10.9.0
a4ba06d

Minor Changes

  • Added support for installing JSR packages. You can now install JSR packages using the following syntax:

    pnpm add jsr:<pkg_name>
    

    or with a version range:

    pnpm add jsr:<pkg_name>@<range>
    

    For example, running:

    pnpm add jsr:@foo/bar
    

    will add the following entry to your package.json:

    {
      "dependencies": {
        "@foo/bar": "jsr:^0.1.2"
      }
    }

    When publishing, this entry will be transformed into a format compatible with npm, older versions of Yarn, and previous pnpm versions:

    {
      "dependencies": {
        "@foo/bar": "npm:@jsr/foo__bar@^0.1.2"
      }
    }

    Related issue: #8941.

    Note: The @jsr scope defaults to https://npm.jsr.io/ if the @jsr:registry setting is not defined.

  • Added a new setting, dangerouslyAllowAllBuilds, for automatically running any scripts of dependencies without the need to approve any builds. It was already possible to allow all builds by adding this to pnpm-workspace.yaml:

    neverBuiltDependencies: []

    dangerouslyAllowAllBuilds has the same effect but also allows to be set globally via:

    pnpm config set dangerouslyAllowAllBuilds true
    

    It can also be set when running a command:

    pnpm install --dangerously-allow-all-builds
    

Patch Changes

  • Fix a false negative in verifyDepsBeforeRun when nodeLinker is hoisted and there is a workspace package without dependencies and node_modules directory #9424.
  • Explicitly drop verifyDepsBeforeRun support for nodeLinker: pnp. Combining verifyDepsBeforeRun and nodeLinker: pnp will now print a warning.

Platinum Sponsors

Bit Bit Syntax

Gold Sponsors

Discord u|screen
JetBrains Nx
CodeRabbit Route4Me
Workleap Stackblitz