Please add one entry in this file for each change in Yarn's behavior. Use the same format for all entries, including the third-person verb. Make sure you don't add more than one line of text to keep it clean. Thanks!
This version fixes a problem where Yarn wasn't forwarding SIGTERM to the binary spawned via yarnPath. It also makes yarn init -2 compatible with Corepack. The behaviour of yarn init (without -2) doesn't change.
Remember that Yarn 1.x won't receive further functional improvements. We recommend you to switch to the recently-released 3.0, and to ping us on Discord if you find issues when migrating (also check our Migration Guide).
- Tweak the preinstall check to not cause errors when Node is installed as root (as a downside, it won't run at all on Windows, which should be an acceptable tradeoff): #8358
This release doesn't change anything and was caused by a publish issue.
-
Running
yarn initwith the-2flag won't print theset versionoutput anymore. -
A new preinstall check will ensure that
npm install -g yarnworks even under Corepack. It doesn't have any effect on other setups.
-
Headers won't be printed when calling
yarn initwith the-2flag -
Files with the
.cjsextension will be spawned byyarnPathusing `execPath -
Generates local yarn verions as
.cjsfiles when callingyarn set version -
Sorts files when running
yarn packto produce identical layout on Windows and Unix systems
Those versions didn't contain any changes and were just triggered by our infra while working on the tests.
-
Prevents
yarn-pathfrom exiting before its child exited -
Generates relative paths when calling
yarn set version -
Throws an exception when the
.yarnrc.ymlfile is invalid yaml
-
Allows some dots in binary names again
-
Better error handling on
yarn set version -
Passes arguments following
--when running a workspace script (yarn workspace pkg run command -- arg) -
Fixes an issue where the archive paths were incorrectly sanitized
-
Implements
yarn init -2 -
Implements
yarn set version <version>as an alias forpolicies set-version
-
Prints workspace names with
yarn workspaces(silence with-s) -
Implements
yarn init --install <version>
-
Folders like
.cachewon't be pruned from thenode_modulesafter each install. -
Correctly installs workspace child dependencies when workspace child not symlinked to root.
-
Makes running scripts with Plug'n Play possible on node 13.
-
Change run command to check cwd/node_modules/.bin for commands. Fixes run in workspaces.
Important: This release contains a cache bump. It will cause the very first install following the upgrade to take slightly more time, especially if you don't use the Offline Mirror feature. After that everything will be back to normal.
-
Computes the
--modules-folder& friends paths based on the cwd. -
Stores the sha512 in the cache even when not provided by the server.
#7591 - Maël Nison / #7595 - Michael
-
Uses the right Node binary when using
yarn-path.
Important: This release contains a cache bump. It will cause the very first install following the upgrade to take slightly more time, especially if you don't use the Offline Mirror feature. After that everything will be back to normal.
-
Fixes a potential vulnerability regarding how the build artifacts are stored
Reported by ChALkeR, fixed by Maël Nison
-
Suggests using the Yarn 2 development trunk on PnP-enabled projects
-
Preserves linked packages when calling
yarn create -
Fixes the offline mirror filenames when using Verdaccio
-
Fixes using
link:.to refer to the package folder -
Runs the
preparelifecycle of git dependencies even ifNODE_ENVis set toproduction. -
Fixes the
postversionlifecycle method not being called when using--no-git-tag-version. -
Ignores potentially large vscode keys in package.json to avoid E2BIG errors.
-
Enforces https for the Yarn and npm registries.
-
Adds support for reading
yarnPathfrom v2-produced.yarnrc.ymlfiles.
-
Adds prereleases flags and prerelease identifier to
yarn version. -
Fixes audits when used with
yarn add&yarn upgrade -
Adds support for the
--offlineflag toyarn global add -
Yarn will tolerate Yaml at parse time. Full support isn't ready yet and will only come at the next major.
-
Fixes a bug when using the
link:protocol with a folder that doesn't contain apackage.json
-
Retries downloading a package on
yarn installwhen we get a ETIMEDOUT error. -
Implements
yarn audit --level [severity]flag to filter the audit command's output. -
Implements
yarn audit --groups group_name [group_name ...]. -
Exposes the script environment variables to
yarn createspawned processes. -
Prevents EPIPE errors from being printed.
-
Adds support for the npm enterprise URLs when computing the offline mirror filenames.
-
Tweaks the lockfile parser logic to parse a few extra cases
The 1.15.1 doesn't exist due to a release hiccup.
-
Reverts a behavior causing boggus interactions between PowerShell and
yarn global -
Fixes a bug where non-zero exit codes were converted to a generic 1 when running
yarn run -
Fixes production / development reporting when running
yarn audit
-
Removes
--scripts-prepend-node-pathas Yarn's default behavior makes this obsolete -
Fixes the advisory link printed by
yarn audit -
Fixes
npm_config_environment variable parsing to support those prefixed with underscore (ex:_auth) -
Fixes yarn
upgrade --latestfor dependencies using>or>=range specifier -
Fixes
--modules-folderhandling in several places (ex:yarn checknow respects--modules-folder) -
Removes
rootModuleFolders(internal variable which wasn't used anywhere) -
Adds support for setting
global-folderfrom.yarnrcfiles -
Makes
yarn versioncancellable via ctrl-c or empty string -
Adds support for
yarn policies set-version berry -
Fixes yarn
upgrade --scopewhen using exotic (github) dependencies -
Fixes occasionally mismatching upper/lowecases of drive letters in win32 pnp check
-
Fixes the error reporting for non-HTTP network errors (such as invalid certificates)
-
Changes the location where the
--require ./.pnp.jsflag gets added intoNODE_OPTIONS: now at the front (bis) -
Packages won't be auto-unplugged anymore if
ignore-scriptsis set in the yarnrc file -
Enables displaying Emojis on Terminus by default
-
Run the engines check before executing
runscripts.
-
Improves PnP compatibility with Node 6
-
Fixes PnP detection with workspaces (
installConfigis now read at the top-level) -
Fixes an interaction between
yarn packand bundled dependencies -
Adds support for
GITHUB_TOKENinyarn policies set-version -
Fixes an issue where
resolvewould forward an incomplete basedir to the PnP hook -
Fixes the command that
yarn unlinkrecommends to run as a followup (nowyarn install --force) -
Changes the location where the
--require ./.pnp.jsflag gets added intoNODE_OPTIONS: now at the front -
Fixes a bug where
osandplatformrequirements weren't properly checked whenengineswas missing
-
Implements a new
package.jsonfield:peerDependenciesMeta -
Adds an
optionalsettings topeerDependenciesMetato silence missing peer dependency warnings -
Implements
yarn policies set-version [range]. Check the documentation for usage & tips. -
Fixes a resolution issue when a package had an invalid
mainentry -
Decreases the size of the generated
$PATHenvironment variable for a better Windows support -
Fixes postinstall scripts for third-party packages when they were referencing a binary from their own dependencies
-
Fixes yarn audit exit code overflow
-
Stops automatically unplugging packages with postinstall script when running under
--ignore-scripts -
Adds transparent support for the
resolvepackage when using Plug'n'Play -
Properly reports the error codes when the npm registry throws 500's
Important: This release contains a cache bump. It will cause the very first install following the upgrade to take slightly more time, especially if you don't use the Offline Mirror feature. After that everything will be back to normal.
-
Fixes an issue with
yarn auditwhen using workspaces -
Uses
NODE_OPTIONSto instruct Node to load the PnP hook, instead of raw CLI argumentsCaveat: This change might cause issues for PnP users having a space inside their cwd (cf nodejs/node#24065)
-
Fixes Gulp when used with Plug'n'Play
-
Fixes an issue with
yarn auditwhen the root package was missing a name -
Fixes an issue with
yarn auditwhen a package was depending on an empty range -
Fixes an issue with how symlinks are setup into the cache on Windows
-
Upgrades
inquirer, fixingupgrade-interactivefor users using both Node 10 and Windows -
Exposes the path to the PnP file using
require.resolve('pnpapi')
This release doesn't actually exists and was caused by a quirk in our systems.
-
Ensures the engine check is ran before showing the UI for
upgrade-interactive -
Restores Node v4 support by downgrading
cli-table3 -
Prevents infinite loop when parsing corrupted lockfiles with unterminated strings
-
Environment variables now have to start with
YARN_(instead of just contain it) to be considered -
Fixes the
extensionsoption when used byresolveRequest -
Fixes handling of empty string entries for
binin package.json -
Adds support for basic auth for registries with paths, such as artifactory
-
Adds 2FA (Two Factor Authentication) support to publish & alike
-
Fixes how the
filesproperty is interpreted to bring it in line with npm -
Fixes Yarn invocations on Darwin when the
yarnbinary was symlinked -
Fixes
require.resolvewhen used together with thepathsoption
-
Adds initial support for PnP on Windows
-
Adds
yarn audit(and the--auditflag for all installs) -
Adds a special logic to PnP for ESLint compatibility (temporary, until eslint/eslint#10125 is fixed)
-
Makes the PnP hook inject a
process.versions.pnpvariable when setup (equals toVERSIONS.std) -
Disables by default (configurable) the automatic migration of the
integrityfield. It will be re-enabled in 2.0. -
Fixes the display name of the faulty package when the NPM registry returns corrupted data
-
Prevents crashes when running
yarn outdatedand the NPM registry forgets to return thelatesttag -
Fixes
yarn runwhen used together with workspaces and PnP -
Fixes an edge case when peer dependencies were resolved multiple levels deep (
webpack-dev-server)