Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update pnpm to v7.18.2 #16

Merged
merged 1 commit into from
Dec 20, 2022
Merged

chore(deps): update pnpm to v7.18.2 #16

merged 1 commit into from
Dec 20, 2022

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jul 22, 2022
edited

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
pnpm (source) 7.5.2 -> 7.18.2 age adoption passing confidence

Release Notes

pnpm/pnpm

v7.18.2

Compare Source

Patch Changes

  • Added --json to the pnpm publish --help output #​5773.
  • pnpm update should not replace workspace:*, workspace:~, and workspace:^ with workspace:<version> #​5764.
  • The fatal error should be printed in JSON format, when running a pnpm command with the --json option #​5710.
  • Throw an error while missing script start or file server.js #​5782.
  • pnpm license list should not fail if a license file is an executable #​5740.

Our Gold Sponsors

Our Silver Sponsors

v7.18.1

Compare Source

Patch Changes

  • The update notifier should suggest using the standalone script, when pnpm was installed using a standalone script #​5750.
  • Vulnerabilities that don't have CVEs codes should not be skipped by pnpm audit if an ignoreCves list is declared in package.json #​5756.
  • It should be possible to use overrides with absolute file paths #​5754.
  • pnpm audit --json should ignore vulnerabilities listed in auditConfig.ignoreCves #​5734.
  • pnpm licenses should print help, not just an error message #​5745.

Our Gold Sponsors

Our Silver Sponsors

v7.18.0

Compare Source

Minor Changes

  • Overrides may be defined as a reference to a spec for a direct dependency by prefixing the name of the package you wish the version to match with a `# pnpm.

    {
  "dependencies": {
    "foo": "^1.0.0"
  },
  "overrides": {
    // the override is defined as a reference to the dependency
    "foo": "$foo",
    // the referenced package does not need to match the overridden one
    "bar": "$foo"
  }
}

    Issue: #​5703

Patch Changes

  • pnpm audit should work when the project's package.json has no version field #​5728
  • Dependencies specified via * should be updated to semver ranges by pnpm update #​5681.
  • It should be possible to override a dependency with a local package using relative path from the workspace root directory #​5493.
  • Exit with non-zero exit code when child process exits with a non-zero exit clode #​5525.
  • pnpm add should prefer local projects from the workspace, even if they use prerelease versions #​5316

Our Gold Sponsors

Our Silver Sponsors

v7.17.1

Compare Source

Patch Changes

  • pnpm set-script and pnpm pkg are passed through to npm #​5683.
  • pnpm publish <tarball path> should exit with non-0 exit code when publish fails #​5396.
  • readPackage hooks should not modify the package.json files in a workspace #​5670.
  • Comments in package.json5 are preserver #​2008.
  • pnpm setup should create PNPM_HOME as a non-expandable env variable on Windows #​4658.
  • Fix the CLI help of the pnpm licenses command.

Our Gold Sponsors

Our Silver Sponsors

v7.17.0

Compare Source

Minor Changes

  • Added a new command pnpm licenses list, which displays the licenses of the packages #​2825

Patch Changes

  • pnpm update --latest !foo should not update anything if the only dependency in the project is the ignored one #​5643.
  • pnpm audit should send the versions of workspace projects for audit.
  • Hoisting with symlinks should not override external symlinks and directories in the root of node_modules.
  • The pnpm.updateConfig.ignoreDependencies setting should work with multiple dependencies in the array #​5639.

Our Gold Sponsors

Our Silver Sponsors

v7.16.1

Compare Source

Patch Changes

  • Sync all injected dependencies when hoisted node linker is used #​5630

Our Gold Sponsors

Our Silver Sponsors

v7.16.0

Compare Source

Minor Changes

  • Support pnpm env list to list global or remote Node.js versions #​5546.

Patch Changes

  • Replace environment variable placeholders with their values, when reading .npmrc files in subdirectories inside a workspace #​2570.
  • Fix an error that sometimes happen on projects with linked local dependencies #​5327.

Our Gold Sponsors

Our Silver Sponsors

v7.15.0

Compare Source

Minor Changes

  • Support --format=json option to output outdated packages in JSON format with outdated command #​2705.

    pnpm outdated --format=json
#or
pnpm outdated --json

  • A new setting supported for ignoring vulnerabilities by their CVEs. The ignored CVEs may be listed in the pnpm.auditConfig.ignoreCves field of package.json. For instance:

    {
  "pnpm": {
    "auditConfig": {
      "ignoreCves": [
        "CVE-2019-10742",
        "CVE-2020-28168",
        "CVE-2021-3749",
        "CVE-2020-7598"
      ]
    }
  }
}

Patch Changes

  • The reporter should not crash when the CLI process is kill during lifecycle scripts execution #​5588.
  • Installation shouldn't fail when the injected dependency has broken symlinks. The broken symlinks should be just skipped #​5598.

Our Gold Sponsors

Our Silver Sponsors

v7.14.2

Compare Source

Patch Changes

  • Don't fail if cannot override the name field of the error object #​5572.
  • Don't fail on rename across devices.

Our Gold Sponsors

Our Silver Sponsors

v7.14.1

Compare Source

Patch Changes
  • pnpm list --long --json should print licenses and authors of packages #​5533.
  • Don't crash on lockfile with no packages field #​5553.
  • Version overrider should have higher priority then custom read package hook from .pnpmfile.cjs.
  • Don't print context information when running install for the pnpm dlx command.
  • Print a warning if a package.json has a workspaces field but there is no pnpm-workspace.yaml file #​5363.
  • It should be possible to set a custom home directory for pnpm by changing the PNPM_HOME environment variable.
Our Gold Sponsors
Our Silver Sponsors

v7.14.0

Compare Source

Minor Changes

  • Add pnpm doctor command to do checks for known common issues

Patch Changes

  • Ignore the always-auth setting.

    pnpm will never reuse the registry auth token for requesting the package tarball, if the package tarball is hosted on a different domain.

    So, for example, if your registry is at https://company.registry.com/ but the tarballs are hosted at https://tarballs.com/, then you will have to configure the auth token for both domains in your .npmrc:

    @&#8203;my-company:registry=https://company.registry.com/
//company.registry.com/=SOME_AUTH_TOKEN
//tarballs.com/=SOME_AUTH_TOKEN

Our Gold Sponsors

Our Silver Sponsors

v7.13.6

Compare Source

Patch Changes

  • Downgrade @pnpm/npm-conf to remove annoying builtin warning #​5518.
  • pnpm link --global <pkg> should not change the type of the dependency #​5478.
  • When the pnpm outdated command fails, print in which directory it failed.

Our Gold Sponsors

Our Silver Sponsors

v7.13.5

Compare Source

Patch Changes
  • Print a warning when cannot read the built-in npm configuration.
  • Also include missing deeply linked workspace packages at headless installation #​5034.
  • pnpm outdated should work when the package tarballs are hosted on a domain that differs from the registry's domain #​5492.
  • strict-peer-dependencies is set to false by default.
Our Gold Sponsors
Our Silver Sponsors

v7.13.4

Compare Source

Patch Changes

  • pnpm link <pkg> --global should work when a custom target directory is specified with the --dir CLI option #​5473.
  • It should be possible to override dependencies with local packages using overrides #​5443.

Our Gold Sponsors

Our Silver Sponsors

v7.13.3

Compare Source

Patch Changes

  • Don't crash when auto-install-peers is set to true and installation is done on a workspace with that has the same dependencies in multiple projects #​5454.
  • Add global option in pnpm link --help #​5461.
  • Show execution time on install, update, add, and remove #​1021.
  • Fix the return path of pnpm pack, when a custom destination directory is used #​5471.

Our Gold Sponsors

Our Silver Sponsors

v7.13.2

Compare Source

Patch Changes

  • When linking commands to a directory, remove any .exe files that are already present in that target directory by the same name.

    This fixes an issue with pnpm global update on Windows. If pnpm was installed with the standalone script and then updated with pnpm using pnpm add --global pnpm, the exe file initially created by the standalone script should be removed.

  • When a direct dependency fails to resolve, print the path to the project directory in the error message.

  • pnpm patch-commit should work when the patch directory is specified with a trailing slash #​5449.

Our Gold Sponsors

Our Silver Sponsors

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/pnpm-7.x branch 10 times, most recently from e12eb6c to c1d76ae Compare July 29, 2022 14:05
@renovate renovate bot changed the title chore(deps): update pnpm to v7.6.0 chore(deps): update pnpm to v7.7.0 Jul 29, 2022
@renovate renovate bot changed the title chore(deps): update pnpm to v7.7.0 chore(deps): update pnpm to v7.7.1 Jul 30, 2022
@renovate renovate bot changed the title chore(deps): update pnpm to v7.7.1 chore(deps): update pnpm to v7.8.0 Jul 31, 2022
@renovate renovate bot force-pushed the renovate/pnpm-7.x branch 4 times, most recently from bf485c6 to 0dfa1d3 Compare August 6, 2022 18:49
@renovate renovate bot changed the title chore(deps): update pnpm to v7.8.0 chore(deps): update pnpm to v7.9.0 Aug 6, 2022
@renovate renovate bot force-pushed the renovate/pnpm-7.x branch 9 times, most recently from 79a1d85 to 87d267d Compare August 16, 2022 12:43
@renovate renovate bot changed the title chore(deps): update pnpm to v7.17.1 chore(deps): update pnpm to v7.18.0 Dec 3, 2022
@renovate renovate bot force-pushed the renovate/pnpm-7.x branch 4 times, most recently from 078e06a to 4ffc381 Compare December 6, 2022 16:14
@renovate renovate bot changed the title chore(deps): update pnpm to v7.18.0 chore(deps): update pnpm to v7.18.1 Dec 6, 2022
@renovate renovate bot force-pushed the renovate/pnpm-7.x branch 8 times, most recently from 0f603bd to a5e695e Compare December 12, 2022 15:53
@renovate renovate bot changed the title chore(deps): update pnpm to v7.18.1 chore(deps): update pnpm to v7.18.2 Dec 12, 2022
@renovate renovate bot force-pushed the renovate/pnpm-7.x branch 4 times, most recently from 1612679 to 02dae8c Compare December 17, 2022 02:16
@renovate renovate bot changed the title chore(deps): update pnpm to v7.18.2 Update pnpm to v7.18.2 Dec 17, 2022
@renovate renovate bot changed the title Update pnpm to v7.18.2 chore(deps): update pnpm to v7.18.2 Dec 17, 2022
@renovate renovate bot force-pushed the renovate/pnpm-7.x branch 5 times, most recently from 3355151 to fd86638 Compare December 20, 2022 13:40
@renovate renovate bot merged commit c8a21eb into main Dec 20, 2022
@renovate renovate bot deleted the renovate/pnpm-7.x branch December 20, 2022 16:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants