npm - @microsoft/rush - Versions diffs - 5.175.0 → 5.176.0 - Mend

@microsoft/rush 5.175.0 → 5.176.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/CHANGELOG.json CHANGED Viewed

@@ -1,6 +1,52 @@
 {
   "name": "@microsoft/rush",
   "entries": [
+    {
+      "version": "5.176.0",
+      "tag": "@microsoft/rush_v5.176.0",
+      "date": "Tue, 09 Jun 2026 02:02:32 GMT",
+      "comments": {
+        "none": [
+          {
+            "comment": "Bump the `ws` dependency to `~8.20.0`."
+          }
+        ],
+        "minor": [
+          {
+            "comment": "Add support for pnpm 11's `allowBuilds` field in `pnpm-workspace.yaml`. Rush now correctly handles the pnpm 11 security model where build scripts must be explicitly approved. The new `globalAllowBuilds` field in `pnpm-config.json` replaces the deprecated `globalOnlyBuiltDependencies` and `globalNeverBuiltDependencies` fields for pnpm 11+. The `rush-pnpm approve-builds` command is also updated to work correctly with pnpm 11."
+          },
+          {
+            "comment": "Include seconds in the generated change file name so that running `rush change` more than once in the same minute no longer silently overwrites the previously generated change file."
+          },
+          {
+            "comment": "Default `rush-pnpm outdated` and `rush-pnpm why` to recursive workspace queries."
+          }
+        ],
+        "patch": [
+          {
+            "comment": "Fix a regression where Rush change-detection treated any `pnpm-config.json` containing comments as unparseable, causing every project to be flagged as impacted."
+          },
+          {
+            "comment": "Route the \"Lockfile was created or deleted\" warning to stderr so that machine-readable output (e.g. `rush list --json`) remains parseable when the lockfile was added or removed in the diff range."
+          },
+          {
+            "comment": "Fix `rush update` not syncing `pnpm-lock.yaml` when a workspace dependency moves from `dependencies` to `devDependencies`."
+          }
+        ]
+      }
+    },
+    {
+      "version": "5.175.1",
+      "tag": "@microsoft/rush_v5.175.1",
+      "date": "Mon, 20 Apr 2026 23:31:34 GMT",
+      "comments": {
+        "none": [
+          {
+            "comment": "Fix an issue where `rush list --detailed` did not print horizontal table separators."
+          }
+        ]
+      }
+    },
     {
       "version": "5.175.0",
       "tag": "@microsoft/rush_v5.175.0",

package/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,32 @@
 # Change Log - @microsoft/rush
-This log was last generated on Sat, 18 Apr 2026 03:47:29 GMT and should not be manually modified.
+This log was last generated on Tue, 09 Jun 2026 02:02:32 GMT and should not be manually modified.
+## 5.176.0
+Tue, 09 Jun 2026 02:02:32 GMT
+### Minor changes
+- Add support for pnpm 11's `allowBuilds` field in `pnpm-workspace.yaml`. Rush now correctly handles the pnpm 11 security model where build scripts must be explicitly approved. The new `globalAllowBuilds` field in `pnpm-config.json` replaces the deprecated `globalOnlyBuiltDependencies` and `globalNeverBuiltDependencies` fields for pnpm 11+. The `rush-pnpm approve-builds` command is also updated to work correctly with pnpm 11.
+- Include seconds in the generated change file name so that running `rush change` more than once in the same minute no longer silently overwrites the previously generated change file.
+- Default `rush-pnpm outdated` and `rush-pnpm why` to recursive workspace queries.
+### Patches
+- Fix a regression where Rush change-detection treated any `pnpm-config.json` containing comments as unparseable, causing every project to be flagged as impacted.
+- Route the "Lockfile was created or deleted" warning to stderr so that machine-readable output (e.g. `rush list --json`) remains parseable when the lockfile was added or removed in the diff range.
+- Fix `rush update` not syncing `pnpm-lock.yaml` when a workspace dependency moves from `dependencies` to `devDependencies`.
+### Updates
+- Bump the `ws` dependency to `~8.20.0`.
+## 5.175.1
+Mon, 20 Apr 2026 23:31:34 GMT
+### Updates
+- Fix an issue where `rush list --detailed` did not print horizontal table separators.
 ## 5.175.0
 Sat, 18 Apr 2026 03:47:29 GMT

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@microsoft/rush",
-  "version": "5.175.0",
+  "version": "5.176.0",
   "description": "A professional solution for consolidating all your JavaScript projects in one Git repo",
   "keywords": [
     "install",
@@ -31,18 +31,18 @@
   "license": "MIT",
   "dependencies": {
     "semver": "~7.7.4",
-    "@microsoft/rush-lib": "5.175.0",
+    "@microsoft/rush-lib": "5.176.0",
     "@rushstack/node-core-library": "5.23.1",
-    "@rushstack/terminal": "0.23.0"
+    "@rushstack/terminal": "0.24.0"
   },
   "devDependencies": {
     "eslint": "~9.37.0",
     "@types/semver": "7.7.1",
-    "@rushstack/heft": "1.2.15",
-    "@rushstack/rush-azure-storage-build-cache-plugin": "5.175.0",
+    "@rushstack/heft": "1.2.18",
     "local-node-rig": "1.0.0",
-    "@rushstack/rush-amazon-s3-build-cache-plugin": "5.175.0",
-    "@rushstack/rush-http-build-cache-plugin": "5.175.0"
+    "@rushstack/rush-amazon-s3-build-cache-plugin": "5.176.0",
+    "@rushstack/rush-http-build-cache-plugin": "5.176.0",
+    "@rushstack/rush-azure-storage-build-cache-plugin": "5.176.0"
   },
   "exports": {
     "./lib/*": {