Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
7.29.3
->8.0.0
Release Notes
pnpm/pnpm
v8.0.0
Compare Source
We are excited to announce the latest release of pnpm! To install it, check the installation page.
Major Changes
Node.js 14 Support Discontinued
If you still require Node.js 14, don't worry. We ship pnpm bundled with Node.js. This means that regardless of which Node.js version you've installed, pnpm will operate using the necessary Node.js runtime. For this to work you need to install pnpm either using the standalone script or install the
@pnpm/exe
package.Configuration Updates
auto-install-peers
: enabled by default.dedupe-peer-dependents
: enabled by default.resolve-peers-from-workspace-root
: enabled by default.save-workspace-protocol
: set torolling
by default.resolution-mode
: set tolowest-direct
by default.publishConfig.linkDirectory
: enabled by default.Most of the configuration changes are related to peer dependencies. Most of these settings were implemented long ago, and we recommended them to users encountering peer dependency issues. The recently added
dedupe-peer-dependents
resolved many such problems. With these new defaults, pnpm will face significantly fewer issues during migration from other package managers.Lockfile Modifications
importers
section. The newpnpm-lock.yaml
file is more resistant to git merge conflicts!resolution
object inpnpm-lock.yaml
.Other Changes
files
field in thepackage.json
, only the files that are listed in it will be deployed. The same logic is applied when injecting packages. This behaviour can be changed by setting thedeploy-all-files
setting totrue
(Related issue #5911).Migration Instructions
Before updating pnpm to v8 in your CI, regenerate your
pnpm-lock.yaml
. To upgrade your lockfile, runpnpm install
and commit the changes. Existing dependencies will not be updated; however, due to configuration changes in pnpm v8, some missing peer dependencies may be added to the lockfile and some packages may get deduplicated.You can commit the new lockfile even before upgrading Node.js in the CI, as pnpm v7 already supports the new lockfile format.
pnpm v7 Support
pnpm v7 will likely not receive any new features, but it will continue to get bug fixes for a few months and vulnerability fixes for at least a year.
Our Gold Sponsors
Our Silver Sponsors
v7.30.5
Compare Source
Patch Changes
pnpm audit
should work even if there are nopackage.json
file, just apnpm-lock.yaml
file.dedupe-peer-dependents
istrue
#6154.Our Gold Sponsors
Our Silver Sponsors
v7.30.4
Compare Source
v7.30.3
Compare Source
Patch Changes
Our Gold Sponsors
Our Silver Sponsors
v7.30.2
Compare Source
v7.30.1
Compare Source
Patch Changes
pnpm-lock.yaml
file if it has no changes andpnpm install --frozen-lockfile
was executed #6158.git+ssh
that use semver selectors #6239.pnpm audit
output #6203Our Gold Sponsors
Our Silver Sponsors
v7.30.0
Compare Source
Minor Changes
patches-dir
setting #6215Patch Changes
Our Gold Sponsors
Our Silver Sponsors
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.