@pnpm/deps.graph-builder 1100.0.20 → 1100.0.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/CHANGELOG.md +1257 -0
  2. package/package.json +18 -18
package/CHANGELOG.md ADDED
@@ -0,0 +1,1257 @@
1
+ # @pnpm/deps.graph-builder
2
+
3
+ ## 1100.0.22
4
+
5
+ ### Patch Changes
6
+
7
+ - Updated dependencies:
8
+ - @pnpm/config.package-is-installable@1100.0.13
9
+ - @pnpm/core-loggers@1100.2.2
10
+ - @pnpm/deps.graph-hasher@1100.2.10
11
+ - @pnpm/deps.path@1100.0.9
12
+ - @pnpm/fs.symlink-dependency@1100.0.11
13
+ - @pnpm/hooks.types@1100.2.1
14
+ - @pnpm/installing.modules-yaml@1100.0.10
15
+ - @pnpm/lockfile.fs@1100.1.11
16
+ - @pnpm/lockfile.utils@1100.1.3
17
+ - @pnpm/patching.config@1100.0.10
18
+ - @pnpm/store.controller-types@1100.1.8
19
+ - @pnpm/types@1101.4.0
20
+
21
+ ## 1100.0.21
22
+
23
+ ### Patch Changes
24
+
25
+ - Updated dependencies [a897ef7]
26
+ - @pnpm/hooks.types@1100.2.0
27
+ - @pnpm/lockfile.utils@1100.1.2
28
+ - @pnpm/deps.graph-hasher@1100.2.9
29
+ - @pnpm/lockfile.fs@1100.1.10
30
+
31
+ ## 1100.0.20
32
+
33
+ ### Patch Changes
34
+
35
+ - 51300fd: Prevent a crafted `pnpm-lock.yaml` from writing package content outside the virtual store. A dependency path key whose name reconstructs to a path-traversal sequence (e.g. `../../../tmp/x@1.0.0`) is now rejected by the isolated (virtual-store) linker and the Plug'n'Play resolver map, matching the containment already applied to the hoisted linker. Under the global virtual store, a traversal in the version-derived path segment (e.g. a snapshot `version: "../../x"`) is now rejected at `formatGlobalVirtualStorePath`, the single point every global-virtual-store slot path funnels through — closing the same escape in the isolated linker, the resolver's dependency-graph builder, and the config-dependency installer.
36
+ - 51300fd: Fixed a path traversal vulnerability where a dependency whose manifest `name` was a scoped path traversal (e.g. `@x/../../../<path>`) could be written outside `node_modules` to an attacker-controlled location during `pnpm install`, even with `--ignore-scripts`. The isolated linker now validates the package name before using it as a directory name, matching the existing protection in the hoisted linker.
37
+ - Updated dependencies [51300fd]
38
+ - Updated dependencies [f8058eb]
39
+ - @pnpm/deps.graph-hasher@1100.2.8
40
+ - @pnpm/lockfile.fs@1100.1.9
41
+
42
+ ## 1100.0.19
43
+
44
+ ### Patch Changes
45
+
46
+ - Updated dependencies [dcabb78]
47
+ - @pnpm/store.controller-types@1100.1.7
48
+ - @pnpm/deps.graph-hasher@1100.2.7
49
+ - @pnpm/hooks.types@1100.1.1
50
+ - @pnpm/lockfile.utils@1100.1.1
51
+ - @pnpm/lockfile.fs@1100.1.8
52
+
53
+ ## 1100.0.18
54
+
55
+ ### Patch Changes
56
+
57
+ - bae694f: Some registries generate tarballs on-demand and cannot provide an integrity checksum in their package metadata. In that case pnpm now computes the integrity from the downloaded tarball and stores it in the lockfile, so the entry is verifiable on subsequent installs instead of being written without an integrity (which would fail the next install). This also applies to `--lockfile-only`: the tarball is downloaded so its integrity can be computed. A lockfile entry that is still missing its integrity is rejected as a `ERR_PNPM_MISSING_TARBALL_INTEGRITY` lockfile verification violation (the install fails closed) rather than being silently re-fetched.
58
+ - Updated dependencies [bae694f]
59
+ - Updated dependencies [a84d2a1]
60
+ - @pnpm/hooks.types@1100.1.0
61
+ - @pnpm/store.controller-types@1100.1.6
62
+ - @pnpm/lockfile.utils@1100.1.0
63
+ - @pnpm/deps.graph-hasher@1100.2.6
64
+ - @pnpm/lockfile.fs@1100.1.7
65
+ - @pnpm/config.package-is-installable@1100.0.12
66
+ - @pnpm/patching.config@1100.0.9
67
+
68
+ ## 1100.0.17
69
+
70
+ ### Patch Changes
71
+
72
+ - Updated dependencies [61969fb]
73
+ - @pnpm/lockfile.fs@1100.1.6
74
+
75
+ ## 1100.0.16
76
+
77
+ ### Patch Changes
78
+
79
+ - a31faa7: Updated dependency ranges. Notably:
80
+
81
+ - `@pnpm/logger` peer dependency range moved to `^1100.0.0`.
82
+ - `msgpackr` 1.11.8 → 2.0.4 (store index files remain byte-compatible in both directions).
83
+ - `open` ^7.4.2 → ^11.0.0, `memoize` ^10 → ^11, `cli-truncate` ^5 → ^6, `pidtree` ^0.6 → ^1.
84
+ - `@yarnpkg/core` 4.5.0 → 4.8.0, `@rushstack/worker-pool` 0.7.7 → 0.7.18, `@cyclonedx/cyclonedx-library` 10.0.0 → 10.1.0, `@pnpm/config.nerf-dart` ^1 → ^2, `@pnpm/log.group` 3.0.2 → 4.0.1, `@pnpm/util.lex-comparator` ^3 → ^4.
85
+
86
+ - Updated dependencies [f20ad8f]
87
+ - Updated dependencies [681b593]
88
+ - Updated dependencies [d50d691]
89
+ - Updated dependencies [a31faa7]
90
+ - @pnpm/lockfile.utils@1100.0.13
91
+ - @pnpm/types@1101.3.2
92
+ - @pnpm/lockfile.fs@1100.1.5
93
+ - @pnpm/config.package-is-installable@1100.0.11
94
+ - @pnpm/core-loggers@1100.2.1
95
+ - @pnpm/deps.path@1100.0.8
96
+ - @pnpm/patching.config@1100.0.8
97
+ - @pnpm/deps.graph-hasher@1100.2.5
98
+ - @pnpm/hooks.types@1100.0.12
99
+ - @pnpm/installing.modules-yaml@1100.0.9
100
+ - @pnpm/store.controller-types@1100.1.5
101
+
102
+ ## 1100.0.15
103
+
104
+ ### Patch Changes
105
+
106
+ - Updated dependencies [f11b4fc]
107
+ - Updated dependencies [52be454]
108
+ - @pnpm/core-loggers@1100.2.0
109
+ - @pnpm/config.package-is-installable@1100.0.10
110
+
111
+ ## 1100.0.14
112
+
113
+ ### Patch Changes
114
+
115
+ - bf1b731: Require trusted package identity before package-name `allowBuilds` entries can approve lifecycle scripts for git, git-hosted tarball, direct tarball, and local directory artifacts. To approve one of those artifacts explicitly, use its peer-suffix-free lockfile depPath as the `allowBuilds` key. Lockfile verification now rejects lockfiles where a registry-style dependency path (`name@semver`) is backed by a git, directory, or git-hosted tarball resolution (`ERR_PNPM_RESOLUTION_SHAPE_MISMATCH`), so the dependency path is a reliable artifact identity by the time scripts can run.
116
+ - Updated dependencies [bf1b731]
117
+ - @pnpm/deps.graph-hasher@1100.2.4
118
+ - @pnpm/types@1101.3.1
119
+ - @pnpm/config.package-is-installable@1100.0.9
120
+ - @pnpm/core-loggers@1100.1.4
121
+ - @pnpm/deps.path@1100.0.7
122
+ - @pnpm/hooks.types@1100.0.11
123
+ - @pnpm/installing.modules-yaml@1100.0.8
124
+ - @pnpm/lockfile.fs@1100.1.4
125
+ - @pnpm/lockfile.utils@1100.0.12
126
+ - @pnpm/store.controller-types@1100.1.4
127
+ - @pnpm/patching.config@1100.0.7
128
+
129
+ ## 1100.0.13
130
+
131
+ ### Patch Changes
132
+
133
+ - Updated dependencies [a017bf3]
134
+ - @pnpm/types@1101.3.0
135
+ - @pnpm/config.package-is-installable@1100.0.8
136
+ - @pnpm/core-loggers@1100.1.3
137
+ - @pnpm/deps.graph-hasher@1100.2.3
138
+ - @pnpm/deps.path@1100.0.6
139
+ - @pnpm/hooks.types@1100.0.10
140
+ - @pnpm/installing.modules-yaml@1100.0.7
141
+ - @pnpm/lockfile.fs@1100.1.3
142
+ - @pnpm/lockfile.utils@1100.0.11
143
+ - @pnpm/store.controller-types@1100.1.3
144
+ - @pnpm/patching.config@1100.0.6
145
+
146
+ ## 1100.0.12
147
+
148
+ ### Patch Changes
149
+
150
+ - Updated dependencies [e55f4b5]
151
+ - Updated dependencies [35d2355]
152
+ - @pnpm/lockfile.utils@1100.0.10
153
+ - @pnpm/types@1101.2.0
154
+ - @pnpm/deps.graph-hasher@1100.2.2
155
+ - @pnpm/lockfile.fs@1100.1.2
156
+ - @pnpm/config.package-is-installable@1100.0.7
157
+ - @pnpm/core-loggers@1100.1.2
158
+ - @pnpm/deps.path@1100.0.5
159
+ - @pnpm/hooks.types@1100.0.9
160
+ - @pnpm/installing.modules-yaml@1100.0.6
161
+ - @pnpm/store.controller-types@1100.1.2
162
+ - @pnpm/patching.config@1100.0.5
163
+
164
+ ## 1100.0.11
165
+
166
+ ### Patch Changes
167
+
168
+ - Updated dependencies [9cb48bb]
169
+ - Updated dependencies [64afc92]
170
+ - @pnpm/lockfile.fs@1100.1.1
171
+ - @pnpm/types@1101.1.1
172
+ - @pnpm/deps.graph-hasher@1100.2.1
173
+ - @pnpm/hooks.types@1100.0.8
174
+ - @pnpm/lockfile.utils@1100.0.9
175
+ - @pnpm/store.controller-types@1100.1.1
176
+ - @pnpm/config.package-is-installable@1100.0.6
177
+ - @pnpm/core-loggers@1100.1.1
178
+ - @pnpm/deps.path@1100.0.4
179
+ - @pnpm/installing.modules-yaml@1100.0.5
180
+ - @pnpm/patching.config@1100.0.4
181
+
182
+ ## 1100.0.10
183
+
184
+ ### Patch Changes
185
+
186
+ - 3ddde2b: **fix**: anchor the side-effects-cache key and global-virtual-store hash to the project's script-runner Node — `engines.runtime` pin when present, shell `node` otherwise — instead of pnpm's own runtime.
187
+
188
+ `ENGINE_NAME` (the `<platform>;<arch>;node<major>` prefix used as the side-effects-cache key and the engine portion of the GVS hash) was computed from `process.version` — the Node that runs pnpm itself. That was wrong in two situations:
189
+
190
+ 1. **`@pnpm/exe` SEA bundle.** The bundle has its own embedded Node, not the `node` on the user's `PATH` that actually spawns lifecycle scripts. Two pnpm installations on the same machine (one SEA, one npm-package) therefore disagreed on the cache key, partitioning the side-effects cache and the global virtual store across two Node majors even though both installs would run scripts on the same shell `node`.
191
+ 2. **`engines.runtime` / `devEngines.runtime` pin.** When a project pins a Node version via `devEngines.runtime` (pnpm v11+), pnpm downloads that Node into `node_modules/node/` and uses it to run lifecycle scripts. But the hash still anchored to whichever Node ran pnpm itself, not to the pinned Node — so two installs of the same project with two different runner Nodes would still disagree on the GVS slot path even though scripts run on the same pinned Node.
192
+
193
+ Three changes:
194
+
195
+ - `@pnpm/engine.runtime.system-node-version` now exports `engineName(nodeVersion?)`. Resolves the version in this order: explicit override → `getSystemNodeVersion()` (which already prefers `node --version` over `process.version` in SEA contexts) → `process.version`.
196
+ - `@pnpm/deps.graph-hasher` now exports `findRuntimeNodeVersion(snapshotKeys)` — scans an iterable of lockfile snapshot keys for a `node@runtime:<version>` entry and returns its bare version string. `calcDepState` and `calcGraphNodeHash`/`iterateHashedGraphNodes` accept a `nodeVersion?` (in the options bag for the first, as a trailing parameter / ctx field for the others), forwarded to `engineName()`. The default (no override) preserves the pre-change behaviour. The legacy `ENGINE_NAME` constant in `@pnpm/constants` is unchanged so external consumers and existing tests keep working; in non-SEA, non-pinned contexts every value lines up.
197
+ - Every install-side caller of the graph-hasher (`@pnpm/installing.deps-resolver`, `@pnpm/installing.deps-restorer`, `@pnpm/installing.deps-installer`, `@pnpm/building.during-install`, `@pnpm/building.after-install`, `@pnpm/deps.graph-builder`) now derives the project's pinned runtime via `findRuntimeNodeVersion(Object.keys(graph))` once per invocation and threads it through.
198
+
199
+ On upgrade, two one-time GVS slot churns are possible:
200
+
201
+ - **SEA-pnpm users** without a runtime pin: slots that previously hashed under the embedded-Node major (e.g. `node26`) now hash under the shell-Node major (e.g. `node24`), matching what pacquet, the npm-published `pnpm` package, and any other pnpm-compatible tool already produce.
202
+ - **Projects with a `devEngines.runtime` pin**: slots that previously hashed under the runner's Node major now hash under the pinned Node major, matching what the lifecycle scripts will actually run on.
203
+
204
+ In both cases the old slots become prune-eligible.
205
+
206
+ - Updated dependencies [4195766]
207
+ - Updated dependencies [6e93f35]
208
+ - Updated dependencies [3ddde2b]
209
+ - Updated dependencies [5dc8be8]
210
+ - Updated dependencies [4a79336]
211
+ - Updated dependencies [2a9bd89]
212
+ - @pnpm/store.controller-types@1100.1.0
213
+ - @pnpm/lockfile.fs@1100.1.0
214
+ - @pnpm/deps.graph-hasher@1100.2.0
215
+ - @pnpm/core-loggers@1100.1.0
216
+ - @pnpm/hooks.types@1100.0.7
217
+ - @pnpm/lockfile.utils@1100.0.8
218
+ - @pnpm/config.package-is-installable@1100.0.5
219
+
220
+ ## 1100.0.9
221
+
222
+ ### Patch Changes
223
+
224
+ - Updated dependencies [180aee9]
225
+ - Updated dependencies [c2c2890]
226
+ - @pnpm/lockfile.fs@1100.0.8
227
+ - @pnpm/store.controller-types@1100.0.7
228
+
229
+ ## 1100.0.8
230
+
231
+ ### Patch Changes
232
+
233
+ - Updated dependencies [b61e268]
234
+ - @pnpm/types@1101.1.0
235
+ - @pnpm/config.package-is-installable@1100.0.4
236
+ - @pnpm/core-loggers@1100.0.2
237
+ - @pnpm/deps.graph-hasher@1100.1.5
238
+ - @pnpm/deps.path@1100.0.3
239
+ - @pnpm/hooks.types@1100.0.6
240
+ - @pnpm/installing.modules-yaml@1100.0.4
241
+ - @pnpm/lockfile.fs@1100.0.7
242
+ - @pnpm/lockfile.utils@1100.0.7
243
+ - @pnpm/store.controller-types@1100.0.6
244
+ - @pnpm/patching.config@1100.0.3
245
+
246
+ ## 1100.0.7
247
+
248
+ ### Patch Changes
249
+
250
+ - Updated dependencies [cfa271b]
251
+ - @pnpm/lockfile.utils@1100.0.6
252
+ - @pnpm/deps.graph-hasher@1100.1.4
253
+ - @pnpm/lockfile.fs@1100.0.6
254
+
255
+ ## 1100.0.6
256
+
257
+ ### Patch Changes
258
+
259
+ - Updated dependencies [12313f1]
260
+ - Updated dependencies [27425d7]
261
+ - @pnpm/installing.modules-yaml@1100.0.3
262
+ - @pnpm/lockfile.fs@1100.0.5
263
+ - @pnpm/lockfile.utils@1100.0.5
264
+ - @pnpm/deps.graph-hasher@1100.1.3
265
+ - @pnpm/hooks.types@1100.0.5
266
+ - @pnpm/store.controller-types@1100.0.5
267
+
268
+ ## 1100.0.5
269
+
270
+ ### Patch Changes
271
+
272
+ - 184ce26: Fix the package name in README.md.
273
+ - Updated dependencies [184ce26]
274
+ - Updated dependencies [6b891a5]
275
+ - @pnpm/config.package-is-installable@1100.0.3
276
+ - @pnpm/installing.modules-yaml@1100.0.2
277
+ - @pnpm/store.controller-types@1100.0.4
278
+ - @pnpm/deps.graph-hasher@1100.1.2
279
+ - @pnpm/deps.path@1100.0.2
280
+ - @pnpm/lockfile.utils@1100.0.4
281
+ - @pnpm/hooks.types@1100.0.4
282
+ - @pnpm/lockfile.fs@1100.0.4
283
+ - @pnpm/patching.config@1100.0.2
284
+
285
+ ## 1100.0.4
286
+
287
+ ### Patch Changes
288
+
289
+ - Updated dependencies [d96a1bf]
290
+ - @pnpm/config.package-is-installable@1100.0.2
291
+
292
+ ## 1100.0.3
293
+
294
+ ### Patch Changes
295
+
296
+ - @pnpm/hooks.types@1100.0.3
297
+ - @pnpm/store.controller-types@1100.0.3
298
+ - @pnpm/lockfile.utils@1100.0.3
299
+ - @pnpm/deps.graph-hasher@1100.1.1
300
+ - @pnpm/lockfile.fs@1100.0.3
301
+
302
+ ## 1100.0.2
303
+
304
+ ### Patch Changes
305
+
306
+ - 72c1e05: Fix: different platform variants of the same runtime (e.g. `node@runtime:25.9.0` glibc vs. musl) no longer share a single global-virtual-store entry. The virtual store path now incorporates the selected variant's integrity, so installs with different `--os`/`--cpu`/`--libc` end up in separate directories and `pnpm add --libc=musl node@runtime:<v>` reliably fetches the musl binary even when the glibc variant is already cached.
307
+ - Updated dependencies [72c1e05]
308
+ - @pnpm/deps.graph-hasher@1100.1.0
309
+ - @pnpm/hooks.types@1100.0.2
310
+ - @pnpm/lockfile.utils@1100.0.2
311
+ - @pnpm/store.controller-types@1100.0.2
312
+ - @pnpm/lockfile.fs@1100.0.2
313
+
314
+ ## 1100.0.1
315
+
316
+ ### Patch Changes
317
+
318
+ - Updated dependencies [ff28085]
319
+ - @pnpm/types@1101.0.0
320
+ - @pnpm/config.package-is-installable@1100.0.1
321
+ - @pnpm/core-loggers@1100.0.1
322
+ - @pnpm/deps.graph-hasher@1100.0.1
323
+ - @pnpm/deps.path@1100.0.1
324
+ - @pnpm/hooks.types@1100.0.1
325
+ - @pnpm/installing.modules-yaml@1100.0.1
326
+ - @pnpm/lockfile.fs@1100.0.1
327
+ - @pnpm/lockfile.utils@1100.0.1
328
+ - @pnpm/store.controller-types@1100.0.1
329
+ - @pnpm/patching.config@1100.0.1
330
+
331
+ ## 1003.0.0
332
+
333
+ ### Major Changes
334
+
335
+ - 5f73b0f: Runtime dependencies are always linked from the global virtual store [#10233](https://github.com/pnpm/pnpm/pull/10233).
336
+ - 491a84f: This package is now pure ESM.
337
+ - 7d2fd48: Node.js v18, 19, 20, and 21 support discontinued.
338
+
339
+ ### Minor Changes
340
+
341
+ - cd743ef: Use `allowBuilds` config to compute engine-agnostic GVS hashes for pure-JS packages [#10837](https://github.com/pnpm/pnpm/issues/10837).
342
+
343
+ When the global virtual store is enabled, packages that are not allowed to build (and don't transitively depend on packages that are) now get hashes that don't include the engine name (platform, architecture, Node.js major version). This means ~95% of packages in the GVS survive Node.js upgrades and architecture changes without re-import.
344
+
345
+ ### Patch Changes
346
+
347
+ - 394d88c: Fixed injected local packages to work correctly with the global virtual store [#10366](https://github.com/pnpm/pnpm/pull/10366).
348
+
349
+ When using `nodeLinker: 'isolated'` with `enableGlobalVirtualStore: true`, injected workspace packages now use the correct hash-based paths from the global virtual store instead of project-relative paths.
350
+
351
+ - 312226c: Skip local `file:` protocol dependencies during `pnpm fetch`. This fixes an issue where `pnpm fetch` would fail in Docker builds when local directory dependencies were not available [#10460](https://github.com/pnpm/pnpm/issues/10460).
352
+ - 97f049f: Skip re-importing packages from the global virtual store when `node_modules` is deleted but the store directories are still warm. The global store directory hash already encodes engine, integrity, and full dependency subgraph, so existence is proof of validity.
353
+ - 38b8e35: Support for custom resolvers and fetchers.
354
+ - Updated dependencies [5f73b0f]
355
+ - Updated dependencies [facdd71]
356
+ - Updated dependencies [c55c614]
357
+ - Updated dependencies [76718b3]
358
+ - Updated dependencies [a8f016c]
359
+ - Updated dependencies [cc1b8e3]
360
+ - Updated dependencies [3cfffaa]
361
+ - Updated dependencies [05fb1ae]
362
+ - Updated dependencies [cd743ef]
363
+ - Updated dependencies [491a84f]
364
+ - Updated dependencies [075aa99]
365
+ - Updated dependencies [c4045fc]
366
+ - Updated dependencies [ba065f6]
367
+ - Updated dependencies [d458ab3]
368
+ - Updated dependencies [7d2fd48]
369
+ - Updated dependencies [efb48dc]
370
+ - Updated dependencies [56a59df]
371
+ - Updated dependencies [50fbeca]
372
+ - Updated dependencies [cb367b9]
373
+ - Updated dependencies [7b1c189]
374
+ - Updated dependencies [8ffb1a7]
375
+ - Updated dependencies [05fb1ae]
376
+ - Updated dependencies [71de2b3]
377
+ - Updated dependencies [10bc391]
378
+ - Updated dependencies [38b8e35]
379
+ - Updated dependencies [394d88c]
380
+ - Updated dependencies [1e6de25]
381
+ - Updated dependencies [2df8b71]
382
+ - Updated dependencies [15549a9]
383
+ - Updated dependencies [cc7c0d2]
384
+ - Updated dependencies [3cfffaa]
385
+ - Updated dependencies [9d3f00b]
386
+ - Updated dependencies [98a0410]
387
+ - Updated dependencies [efb48dc]
388
+ - @pnpm/deps.path@1002.0.0
389
+ - @pnpm/deps.graph-hasher@1003.0.0
390
+ - @pnpm/store.controller-types@1005.0.0
391
+ - @pnpm/constants@1002.0.0
392
+ - @pnpm/types@1001.0.0
393
+ - @pnpm/lockfile.fs@1002.0.0
394
+ - @pnpm/lockfile.utils@1004.0.0
395
+ - @pnpm/installing.modules-yaml@1001.0.0
396
+ - @pnpm/config.package-is-installable@1001.0.0
397
+ - @pnpm/core-loggers@1002.0.0
398
+ - @pnpm/patching.config@1002.0.0
399
+ - @pnpm/patching.types@1001.0.0
400
+ - @pnpm/hooks.types@1002.0.0
401
+
402
+ ## 1002.3.0
403
+
404
+ ### Minor Changes
405
+
406
+ - dee39ec: You can now allow specific versions of dependencies to run postinstall scripts. `onlyBuiltDependencies` now accepts package names with lists of trusted versions. For example:
407
+
408
+ ```yaml
409
+ onlyBuiltDependencies:
410
+ - nx@21.6.4 || 21.6.5
411
+ - esbuild@0.25.1
412
+ ```
413
+
414
+ Related PR: [#10104](https://github.com/pnpm/pnpm/pull/10104).
415
+
416
+ ### Patch Changes
417
+
418
+ - Updated dependencies [7c1382f]
419
+ - Updated dependencies [7c1382f]
420
+ - Updated dependencies [dee39ec]
421
+ - @pnpm/types@1000.9.0
422
+ - @pnpm/store-controller-types@1004.1.0
423
+ - @pnpm/package-is-installable@1000.0.15
424
+ - @pnpm/lockfile.fs@1001.1.21
425
+ - @pnpm/lockfile.utils@1003.0.3
426
+ - @pnpm/calc-dep-state@1002.0.8
427
+ - @pnpm/core-loggers@1001.0.4
428
+ - @pnpm/dependency-path@1001.1.3
429
+ - @pnpm/modules-yaml@1000.3.6
430
+ - @pnpm/patching.config@1001.0.11
431
+
432
+ ## 1002.2.6
433
+
434
+ ### Patch Changes
435
+
436
+ - @pnpm/dependency-path@1001.1.2
437
+ - @pnpm/lockfile.fs@1001.1.20
438
+ - @pnpm/lockfile.utils@1003.0.2
439
+ - @pnpm/calc-dep-state@1002.0.7
440
+ - @pnpm/patching.config@1001.0.10
441
+
442
+ ## 1002.2.5
443
+
444
+ ### Patch Changes
445
+
446
+ - Updated dependencies [6365bc4]
447
+ - @pnpm/constants@1001.3.1
448
+ - @pnpm/lockfile.fs@1001.1.19
449
+ - @pnpm/calc-dep-state@1002.0.6
450
+ - @pnpm/package-is-installable@1000.0.14
451
+ - @pnpm/patching.config@1001.0.9
452
+
453
+ ## 1002.2.4
454
+
455
+ ### Patch Changes
456
+
457
+ - Updated dependencies [df8d57f]
458
+ - Updated dependencies [e792927]
459
+ - @pnpm/package-is-installable@1000.0.13
460
+ - @pnpm/types@1000.8.0
461
+ - @pnpm/lockfile.fs@1001.1.18
462
+ - @pnpm/lockfile.utils@1003.0.1
463
+ - @pnpm/calc-dep-state@1002.0.5
464
+ - @pnpm/core-loggers@1001.0.3
465
+ - @pnpm/dependency-path@1001.1.1
466
+ - @pnpm/modules-yaml@1000.3.5
467
+ - @pnpm/store-controller-types@1004.0.2
468
+ - @pnpm/patching.config@1001.0.8
469
+
470
+ ## 1002.2.3
471
+
472
+ ### Patch Changes
473
+
474
+ - 9908269: Fix an edge case bug causing local tarballs to not re-link into the virtual store. This bug would happen when changing the contents of the tarball without renaming the file and running a filtered install.
475
+ - e9b589c: Add a JSDoc for the `lockfileToDepGraph` function.
476
+ - Updated dependencies [d1edf73]
477
+ - Updated dependencies [d1edf73]
478
+ - Updated dependencies [86b33e9]
479
+ - @pnpm/dependency-path@1001.1.0
480
+ - @pnpm/constants@1001.3.0
481
+ - @pnpm/lockfile.utils@1003.0.0
482
+ - @pnpm/lockfile.fs@1001.1.17
483
+ - @pnpm/calc-dep-state@1002.0.4
484
+ - @pnpm/patching.config@1001.0.7
485
+ - @pnpm/store-controller-types@1004.0.1
486
+ - @pnpm/package-is-installable@1000.0.12
487
+
488
+ ## 1002.2.2
489
+
490
+ ### Patch Changes
491
+
492
+ - Updated dependencies [1a07b8f]
493
+ - Updated dependencies [2e85f29]
494
+ - Updated dependencies [1a07b8f]
495
+ - Updated dependencies [1a07b8f]
496
+ - Updated dependencies [1a07b8f]
497
+ - @pnpm/types@1000.7.0
498
+ - @pnpm/lockfile.utils@1002.1.0
499
+ - @pnpm/store-controller-types@1004.0.0
500
+ - @pnpm/constants@1001.2.0
501
+ - @pnpm/package-is-installable@1000.0.11
502
+ - @pnpm/lockfile.fs@1001.1.16
503
+ - @pnpm/calc-dep-state@1002.0.3
504
+ - @pnpm/core-loggers@1001.0.2
505
+ - @pnpm/dependency-path@1001.0.2
506
+ - @pnpm/modules-yaml@1000.3.4
507
+ - @pnpm/patching.config@1001.0.6
508
+
509
+ ## 1002.2.1
510
+
511
+ ### Patch Changes
512
+
513
+ - @pnpm/dependency-path@1001.0.1
514
+ - @pnpm/lockfile.fs@1001.1.15
515
+ - @pnpm/lockfile.utils@1002.0.1
516
+ - @pnpm/calc-dep-state@1002.0.2
517
+ - @pnpm/patching.config@1001.0.5
518
+
519
+ ## 1002.2.0
520
+
521
+ ### Minor Changes
522
+
523
+ - b982a0d: New option added: includeUnchangedDeps.
524
+
525
+ ### Patch Changes
526
+
527
+ - Updated dependencies [540986f]
528
+ - @pnpm/dependency-path@1001.0.0
529
+ - @pnpm/lockfile.utils@1002.0.0
530
+ - @pnpm/lockfile.fs@1001.1.14
531
+ - @pnpm/calc-dep-state@1002.0.1
532
+ - @pnpm/patching.config@1001.0.4
533
+
534
+ ## 1002.1.0
535
+
536
+ ### Minor Changes
537
+
538
+ - b0ead51: **Experimental**. Added support for global virtual stores. When the global virtual store is enabled, `node_modules` doesn’t contain regular files, only symlinks to a central virtual store (by default the central store is located at `<store-path>/links`; run `pnpm store path` to find `<store-path>`).
539
+
540
+ To enable the global virtual store, add `enableGlobalVirtualStore: true` to your root `pnpm-workspace.yaml`.
541
+
542
+ A global virtual store can make installations significantly faster when a warm cache is present. In CI, however, it will probably slow installations because there is usually no cache.
543
+
544
+ Related PR: [#8190](https://github.com/pnpm/pnpm/pull/8190).
545
+
546
+ ### Patch Changes
547
+
548
+ - Updated dependencies [b0ead51]
549
+ - Updated dependencies [b3898db]
550
+ - Updated dependencies [b0ead51]
551
+ - @pnpm/calc-dep-state@1002.0.0
552
+ - @pnpm/lockfile.utils@1001.0.12
553
+ - @pnpm/store-controller-types@1003.0.3
554
+ - @pnpm/lockfile.fs@1001.1.13
555
+
556
+ ## 1002.0.5
557
+
558
+ ### Patch Changes
559
+
560
+ - Updated dependencies [509948d]
561
+ - @pnpm/store-controller-types@1003.0.2
562
+
563
+ ## 1002.0.4
564
+
565
+ ### Patch Changes
566
+
567
+ - 09cf46f: Update `@pnpm/logger` in peer dependencies.
568
+ - Updated dependencies [09cf46f]
569
+ - Updated dependencies [5ec7255]
570
+ - Updated dependencies [c24c66e]
571
+ - @pnpm/package-is-installable@1000.0.10
572
+ - @pnpm/core-loggers@1001.0.1
573
+ - @pnpm/patching.config@1001.0.3
574
+ - @pnpm/lockfile.fs@1001.1.12
575
+ - @pnpm/types@1000.6.0
576
+ - @pnpm/store-controller-types@1003.0.1
577
+ - @pnpm/lockfile.utils@1001.0.11
578
+ - @pnpm/dependency-path@1000.0.9
579
+ - @pnpm/modules-yaml@1000.3.3
580
+
581
+ ## 1002.0.3
582
+
583
+ ### Patch Changes
584
+
585
+ - Updated dependencies [8a9f3a4]
586
+ - Updated dependencies [5b73df1]
587
+ - Updated dependencies [9c3dd03]
588
+ - Updated dependencies [5b73df1]
589
+ - @pnpm/store-controller-types@1003.0.0
590
+ - @pnpm/core-loggers@1001.0.0
591
+ - @pnpm/logger@1001.0.0
592
+ - @pnpm/types@1000.5.0
593
+ - @pnpm/lockfile.utils@1001.0.10
594
+ - @pnpm/package-is-installable@1000.0.9
595
+ - @pnpm/lockfile.fs@1001.1.11
596
+ - @pnpm/dependency-path@1000.0.8
597
+ - @pnpm/modules-yaml@1000.3.2
598
+ - @pnpm/patching.config@1001.0.2
599
+
600
+ ## 1002.0.2
601
+
602
+ ### Patch Changes
603
+
604
+ - @pnpm/lockfile.utils@1001.0.9
605
+ - @pnpm/store-controller-types@1002.0.1
606
+ - @pnpm/lockfile.fs@1001.1.10
607
+
608
+ ## 1002.0.1
609
+
610
+ ### Patch Changes
611
+
612
+ - Updated dependencies [750ae7d]
613
+ - Updated dependencies [72cff38]
614
+ - Updated dependencies [750ae7d]
615
+ - @pnpm/types@1000.4.0
616
+ - @pnpm/store-controller-types@1002.0.0
617
+ - @pnpm/core-loggers@1000.2.0
618
+ - @pnpm/package-is-installable@1000.0.8
619
+ - @pnpm/lockfile.fs@1001.1.9
620
+ - @pnpm/lockfile.utils@1001.0.8
621
+ - @pnpm/dependency-path@1000.0.7
622
+ - @pnpm/modules-yaml@1000.3.1
623
+ - @pnpm/patching.config@1001.0.1
624
+
625
+ ## 1002.0.0
626
+
627
+ ### Major Changes
628
+
629
+ - 5f7be64: Add an ability to patch dependencies by version ranges. Exact versions override version ranges, which in turn override name-only patches. Version range `*` is the same as name-only, except that patch application failure will not be ignored.
630
+
631
+ For example:
632
+
633
+ ```yaml
634
+ patchedDependencies:
635
+ foo: patches/foo-1.patch
636
+ foo@^2.0.0: patches/foo-2.patch
637
+ foo@2.1.0: patches/foo-3.patch
638
+ ```
639
+
640
+ The above configuration would apply `patches/foo-3.patch` to `foo@2.1.0`, `patches/foo-2.patch` to all `foo` versions which satisfy `^2.0.0` except `2.1.0`, and `patches/foo-1.patch` to the remaining `foo` versions.
641
+
642
+ > [!WARNING]
643
+ > The version ranges should not overlap. If you want to specialize a sub range, make sure to exclude it from the other keys. For example:
644
+ >
645
+ > ```yaml
646
+ > # pnpm-workspace.yaml
647
+ > patchedDependencies:
648
+ > # the specialized sub range
649
+ > 'foo@2.2.0-2.8.0': patches/foo.2.2.0-2.8.0.patch
650
+ > # the more general patch, excluding the sub range above
651
+ > 'foo@>=2.0.0 <2.2.0 || >2.8.0': 'patches/foo.gte2.patch
652
+ > ```
653
+ >
654
+ > In most cases, however, it's sufficient to just define an exact version to override the range.
655
+
656
+ ### Patch Changes
657
+
658
+ - Updated dependencies [5f7be64]
659
+ - Updated dependencies [5f7be64]
660
+ - Updated dependencies [64f6b4f]
661
+ - Updated dependencies [5f7be64]
662
+ - @pnpm/patching.config@1001.0.0
663
+ - @pnpm/patching.types@1000.1.0
664
+ - @pnpm/types@1000.3.0
665
+ - @pnpm/modules-yaml@1000.3.0
666
+ - @pnpm/package-is-installable@1000.0.7
667
+ - @pnpm/lockfile.fs@1001.1.8
668
+ - @pnpm/lockfile.utils@1001.0.7
669
+ - @pnpm/core-loggers@1000.1.5
670
+ - @pnpm/dependency-path@1000.0.6
671
+ - @pnpm/store-controller-types@1001.0.5
672
+
673
+ ## 1001.0.10
674
+
675
+ ### Patch Changes
676
+
677
+ - Updated dependencies [d612dcf]
678
+ - Updated dependencies [d612dcf]
679
+ - @pnpm/modules-yaml@1000.2.0
680
+ - @pnpm/lockfile.utils@1001.0.6
681
+ - @pnpm/store-controller-types@1001.0.4
682
+ - @pnpm/lockfile.fs@1001.1.7
683
+
684
+ ## 1001.0.9
685
+
686
+ ### Patch Changes
687
+
688
+ - @pnpm/dependency-path@1000.0.5
689
+ - @pnpm/lockfile.fs@1001.1.6
690
+ - @pnpm/lockfile.utils@1001.0.5
691
+
692
+ ## 1001.0.8
693
+
694
+ ### Patch Changes
695
+
696
+ - Updated dependencies [a5e4965]
697
+ - @pnpm/types@1000.2.1
698
+ - @pnpm/dependency-path@1000.0.4
699
+ - @pnpm/package-is-installable@1000.0.6
700
+ - @pnpm/lockfile.fs@1001.1.5
701
+ - @pnpm/lockfile.utils@1001.0.4
702
+ - @pnpm/core-loggers@1000.1.4
703
+ - @pnpm/modules-yaml@1000.1.4
704
+ - @pnpm/store-controller-types@1001.0.3
705
+
706
+ ## 1001.0.7
707
+
708
+ ### Patch Changes
709
+
710
+ - Updated dependencies [8fcc221]
711
+ - @pnpm/types@1000.2.0
712
+ - @pnpm/package-is-installable@1000.0.5
713
+ - @pnpm/lockfile.fs@1001.1.4
714
+ - @pnpm/lockfile.utils@1001.0.3
715
+ - @pnpm/core-loggers@1000.1.3
716
+ - @pnpm/dependency-path@1000.0.3
717
+ - @pnpm/modules-yaml@1000.1.3
718
+ - @pnpm/store-controller-types@1001.0.2
719
+
720
+ ## 1001.0.6
721
+
722
+ ### Patch Changes
723
+
724
+ - @pnpm/lockfile.fs@1001.1.3
725
+
726
+ ## 1001.0.5
727
+
728
+ ### Patch Changes
729
+
730
+ - Updated dependencies [9a44e6c]
731
+ - Updated dependencies [b562deb]
732
+ - @pnpm/constants@1001.1.0
733
+ - @pnpm/types@1000.1.1
734
+ - @pnpm/lockfile.fs@1001.1.2
735
+ - @pnpm/package-is-installable@1000.0.4
736
+ - @pnpm/lockfile.utils@1001.0.2
737
+ - @pnpm/core-loggers@1000.1.2
738
+ - @pnpm/dependency-path@1000.0.2
739
+ - @pnpm/modules-yaml@1000.1.2
740
+ - @pnpm/store-controller-types@1001.0.1
741
+
742
+ ## 1001.0.4
743
+
744
+ ### Patch Changes
745
+
746
+ - Updated dependencies [dde650b]
747
+ - @pnpm/store-controller-types@1001.0.0
748
+
749
+ ## 1001.0.3
750
+
751
+ ### Patch Changes
752
+
753
+ - Updated dependencies [9591a18]
754
+ - @pnpm/types@1000.1.0
755
+ - @pnpm/package-is-installable@1000.0.3
756
+ - @pnpm/lockfile.fs@1001.1.1
757
+ - @pnpm/lockfile.utils@1001.0.1
758
+ - @pnpm/core-loggers@1000.1.1
759
+ - @pnpm/dependency-path@1000.0.1
760
+ - @pnpm/modules-yaml@1000.1.1
761
+ - @pnpm/store-controller-types@1000.1.1
762
+
763
+ ## 1001.0.2
764
+
765
+ ### Patch Changes
766
+
767
+ - Updated dependencies [516c4b3]
768
+ - Updated dependencies [4771813]
769
+ - @pnpm/core-loggers@1000.1.0
770
+ - @pnpm/modules-yaml@1000.1.0
771
+ - @pnpm/package-is-installable@1000.0.2
772
+
773
+ ## 1001.0.1
774
+
775
+ ### Patch Changes
776
+
777
+ - Updated dependencies [3f0e4f0]
778
+ - @pnpm/lockfile.fs@1001.1.0
779
+
780
+ ## 1001.0.0
781
+
782
+ ### Major Changes
783
+
784
+ - a76da0c: Removed lockfile conversion from v6 to v9. If you need to convert lockfile v6 to v9, use pnpm CLI v9.
785
+
786
+ ### Patch Changes
787
+
788
+ - Updated dependencies [d2e83b0]
789
+ - Updated dependencies [6483b64]
790
+ - Updated dependencies [a76da0c]
791
+ - @pnpm/constants@1001.0.0
792
+ - @pnpm/store-controller-types@1000.1.0
793
+ - @pnpm/lockfile.utils@1001.0.0
794
+ - @pnpm/lockfile.fs@1001.0.0
795
+ - @pnpm/package-is-installable@1000.0.1
796
+
797
+ ## 2.0.6
798
+
799
+ ### Patch Changes
800
+
801
+ - Updated dependencies [19d5b51]
802
+ - Updated dependencies [8108680]
803
+ - Updated dependencies [dcd2917]
804
+ - Updated dependencies [e476b07]
805
+ - Updated dependencies [d55b259]
806
+ - Updated dependencies [c4f5231]
807
+ - @pnpm/constants@10.0.0
808
+ - @pnpm/dependency-path@6.0.0
809
+ - @pnpm/package-is-installable@9.0.12
810
+ - @pnpm/lockfile.fs@1.0.6
811
+ - @pnpm/lockfile.utils@1.0.5
812
+ - @pnpm/store-controller-types@18.1.6
813
+
814
+ ## 2.0.5
815
+
816
+ ### Patch Changes
817
+
818
+ - @pnpm/package-is-installable@9.0.11
819
+ - @pnpm/dependency-path@5.1.7
820
+ - @pnpm/lockfile.fs@1.0.5
821
+ - @pnpm/lockfile.utils@1.0.4
822
+
823
+ ## 2.0.4
824
+
825
+ ### Patch Changes
826
+
827
+ - Updated dependencies [83681da]
828
+ - @pnpm/constants@9.0.0
829
+ - @pnpm/lockfile.fs@1.0.4
830
+ - @pnpm/package-is-installable@9.0.10
831
+
832
+ ## 2.0.3
833
+
834
+ ### Patch Changes
835
+
836
+ - Updated dependencies [d500d9f]
837
+ - @pnpm/types@12.2.0
838
+ - @pnpm/package-is-installable@9.0.9
839
+ - @pnpm/lockfile.fs@1.0.3
840
+ - @pnpm/lockfile.utils@1.0.3
841
+ - @pnpm/core-loggers@10.0.7
842
+ - @pnpm/dependency-path@5.1.6
843
+ - @pnpm/modules-yaml@13.1.7
844
+ - @pnpm/store-controller-types@18.1.6
845
+
846
+ ## 2.0.2
847
+
848
+ ### Patch Changes
849
+
850
+ - Updated dependencies [7ee59a1]
851
+ - @pnpm/types@12.1.0
852
+ - @pnpm/package-is-installable@9.0.8
853
+ - @pnpm/lockfile.fs@1.0.2
854
+ - @pnpm/lockfile.utils@1.0.2
855
+ - @pnpm/core-loggers@10.0.6
856
+ - @pnpm/dependency-path@5.1.5
857
+ - @pnpm/modules-yaml@13.1.6
858
+ - @pnpm/store-controller-types@18.1.5
859
+
860
+ ## 2.0.1
861
+
862
+ ### Patch Changes
863
+
864
+ - Updated dependencies [33ba536]
865
+ - @pnpm/package-is-installable@9.0.7
866
+
867
+ ## 2.0.0
868
+
869
+ ### Major Changes
870
+
871
+ - cb006df: Add ability to apply patch to all versions:
872
+ If the key of `pnpm.patchedDependencies` is a package name without a version (e.g. `pkg`), pnpm will attempt to apply the patch to all versions of
873
+ the package, failure will be skipped.
874
+ If it is a package name and an exact version (e.g. `pkg@x.y.z`), pnpm will attempt to apply the patch to that exact version only, failure will
875
+ cause pnpm to fail.
876
+
877
+ If there's only one version of `pkg` installed, `pnpm patch pkg` and subsequent `pnpm patch-commit $edit_dir` will create an entry named `pkg` in
878
+ `pnpm.patchedDependencies`. And pnpm will attempt to apply this patch to other versions of `pkg` in the future.
879
+
880
+ If there's multiple versions of `pkg` installed, `pnpm patch pkg` will ask which version to edit and whether to attempt to apply the patch to all.
881
+ If the user chooses to apply the patch to all, `pnpm patch-commit $edit_dir` would create a `pkg` entry in `pnpm.patchedDependencies`.
882
+ If the user chooses not to apply the patch to all, `pnpm patch-commit $edit_dir` would create a `pkg@x.y.z` entry in `pnpm.patchedDependencies` with
883
+ `x.y.z` being the version the user chose to edit.
884
+
885
+ If the user runs `pnpm patch pkg@x.y.z` with `x.y.z` being the exact version of `pkg` that has been installed, `pnpm patch-commit $edit_dir` will always
886
+ create a `pkg@x.y.z` entry in `pnpm.patchedDependencies`.
887
+
888
+ ### Patch Changes
889
+
890
+ - Updated dependencies [cb006df]
891
+ - @pnpm/patching.config@1.0.0
892
+ - @pnpm/patching.types@1.0.0
893
+ - @pnpm/types@12.0.0
894
+ - @pnpm/lockfile.fs@1.0.1
895
+ - @pnpm/lockfile.utils@1.0.1
896
+ - @pnpm/package-is-installable@9.0.6
897
+ - @pnpm/core-loggers@10.0.5
898
+ - @pnpm/dependency-path@5.1.4
899
+ - @pnpm/modules-yaml@13.1.5
900
+ - @pnpm/store-controller-types@18.1.4
901
+
902
+ ## 1.1.9
903
+
904
+ ### Patch Changes
905
+
906
+ - Updated dependencies [c5ef9b0]
907
+ - Updated dependencies [8055a30]
908
+ - @pnpm/lockfile.utils@1.0.0
909
+ - @pnpm/lockfile.fs@1.0.0
910
+
911
+ ## 1.1.8
912
+
913
+ ### Patch Changes
914
+
915
+ - Updated dependencies [0ef168b]
916
+ - @pnpm/types@11.1.0
917
+ - @pnpm/package-is-installable@9.0.5
918
+ - @pnpm/lockfile-file@9.1.3
919
+ - @pnpm/lockfile-utils@11.0.4
920
+ - @pnpm/core-loggers@10.0.4
921
+ - @pnpm/dependency-path@5.1.3
922
+ - @pnpm/modules-yaml@13.1.4
923
+ - @pnpm/store-controller-types@18.1.3
924
+
925
+ ## 1.1.7
926
+
927
+ ### Patch Changes
928
+
929
+ - Updated dependencies [dd00eeb]
930
+ - Updated dependencies
931
+ - @pnpm/types@11.0.0
932
+ - @pnpm/lockfile-utils@11.0.3
933
+ - @pnpm/store-controller-types@18.1.2
934
+ - @pnpm/package-is-installable@9.0.4
935
+ - @pnpm/lockfile-file@9.1.2
936
+ - @pnpm/core-loggers@10.0.3
937
+ - @pnpm/dependency-path@5.1.2
938
+ - @pnpm/modules-yaml@13.1.3
939
+
940
+ ## 1.1.6
941
+
942
+ ### Patch Changes
943
+
944
+ - Updated dependencies [13e55b2]
945
+ - @pnpm/types@10.1.1
946
+ - @pnpm/package-is-installable@9.0.3
947
+ - @pnpm/lockfile-file@9.1.1
948
+ - @pnpm/lockfile-utils@11.0.2
949
+ - @pnpm/core-loggers@10.0.2
950
+ - @pnpm/dependency-path@5.1.1
951
+ - @pnpm/modules-yaml@13.1.2
952
+ - @pnpm/store-controller-types@18.1.1
953
+
954
+ ## 1.1.5
955
+
956
+ ### Patch Changes
957
+
958
+ - Updated dependencies [47341e5]
959
+ - @pnpm/dependency-path@5.1.0
960
+ - @pnpm/lockfile-file@9.1.0
961
+ - @pnpm/lockfile-utils@11.0.1
962
+
963
+ ## 1.1.4
964
+
965
+ ### Patch Changes
966
+
967
+ - Updated dependencies [0c08e1c]
968
+ - @pnpm/store-controller-types@18.1.0
969
+
970
+ ## 1.1.3
971
+
972
+ ### Patch Changes
973
+
974
+ - Updated dependencies [45f4262]
975
+ - Updated dependencies
976
+ - @pnpm/types@10.1.0
977
+ - @pnpm/lockfile-utils@11.0.0
978
+ - @pnpm/dependency-path@5.0.0
979
+ - @pnpm/package-is-installable@9.0.2
980
+ - @pnpm/lockfile-file@9.0.6
981
+ - @pnpm/core-loggers@10.0.1
982
+ - @pnpm/modules-yaml@13.1.1
983
+ - @pnpm/store-controller-types@18.0.1
984
+
985
+ ## 1.1.2
986
+
987
+ ### Patch Changes
988
+
989
+ - @pnpm/package-is-installable@9.0.1
990
+ - @pnpm/lockfile-file@9.0.5
991
+
992
+ ## 1.1.1
993
+
994
+ ### Patch Changes
995
+
996
+ - Updated dependencies [7a0536e]
997
+ - @pnpm/lockfile-utils@10.1.1
998
+ - @pnpm/lockfile-file@9.0.4
999
+
1000
+ ## 1.1.0
1001
+
1002
+ ### Minor Changes
1003
+
1004
+ - 9719a42: New setting called `virtual-store-dir-max-length` added to modify the maximum allowed length of the directories inside `node_modules/.pnpm`. The default length is set to 120 characters. This setting is particularly useful on Windows, where there is a limit to the maximum length of a file path [#7355](https://github.com/pnpm/pnpm/issues/7355).
1005
+
1006
+ ### Patch Changes
1007
+
1008
+ - Updated dependencies [9719a42]
1009
+ - @pnpm/dependency-path@4.0.0
1010
+ - @pnpm/modules-yaml@13.1.0
1011
+ - @pnpm/lockfile-utils@10.1.0
1012
+ - @pnpm/lockfile-file@9.0.3
1013
+
1014
+ ## 1.0.3
1015
+
1016
+ ### Patch Changes
1017
+
1018
+ - Updated dependencies [c969f37]
1019
+ - @pnpm/lockfile-file@9.0.2
1020
+
1021
+ ## 1.0.2
1022
+
1023
+ ### Patch Changes
1024
+
1025
+ - Updated dependencies [2cbf7b7]
1026
+ - Updated dependencies [6b6ca69]
1027
+ - @pnpm/lockfile-file@9.0.1
1028
+
1029
+ ## 1.0.1
1030
+
1031
+ ### Patch Changes
1032
+
1033
+ - b7d2ed4: The `engines.pnpm` field in the `package.json` files of dependencies should be ignored [#7965](https://github.com/pnpm/pnpm/issues/7965).
1034
+
1035
+ ## 1.0.0
1036
+
1037
+ ### Major Changes
1038
+
1039
+ - 43cdd87: Node.js v16 support dropped. Use at least Node.js v18.12.
1040
+
1041
+ ### Minor Changes
1042
+
1043
+ - cdd8365: Package ID does not contain the registry domain.
1044
+ - 730929e: Add a field named `ignoredOptionalDependencies`. This is an array of strings. If an optional dependency has its name included in this array, it will be skipped.
1045
+
1046
+ ### Patch Changes
1047
+
1048
+ - Updated dependencies [7733f3a]
1049
+ - Updated dependencies [cdd8365]
1050
+ - Updated dependencies [c692f80]
1051
+ - Updated dependencies [89b396b]
1052
+ - Updated dependencies [43cdd87]
1053
+ - Updated dependencies [086b69c]
1054
+ - Updated dependencies [d381a60]
1055
+ - Updated dependencies [f67ad31]
1056
+ - Updated dependencies [730929e]
1057
+ - Updated dependencies [98a1266]
1058
+ - @pnpm/types@10.0.0
1059
+ - @pnpm/dependency-path@3.0.0
1060
+ - @pnpm/lockfile-utils@10.0.0
1061
+ - @pnpm/constants@8.0.0
1062
+ - @pnpm/package-is-installable@9.0.0
1063
+ - @pnpm/store-controller-types@18.0.0
1064
+ - @pnpm/modules-yaml@13.0.0
1065
+ - @pnpm/lockfile-file@9.0.0
1066
+ - @pnpm/core-loggers@10.0.0
1067
+
1068
+ ## 0.2.8
1069
+
1070
+ ### Patch Changes
1071
+
1072
+ - Updated dependencies [31054a63e]
1073
+ - @pnpm/store-controller-types@17.2.0
1074
+ - @pnpm/lockfile-utils@9.0.5
1075
+
1076
+ ## 0.2.7
1077
+
1078
+ ### Patch Changes
1079
+
1080
+ - Updated dependencies [d349bc3a2]
1081
+ - @pnpm/modules-yaml@12.1.7
1082
+
1083
+ ## 0.2.6
1084
+
1085
+ ### Patch Changes
1086
+
1087
+ - Updated dependencies [4d34684f1]
1088
+ - @pnpm/types@9.4.2
1089
+ - @pnpm/lockfile-file@8.1.6
1090
+ - @pnpm/lockfile-utils@9.0.4
1091
+ - @pnpm/package-is-installable@8.1.2
1092
+ - @pnpm/core-loggers@9.0.6
1093
+ - @pnpm/dependency-path@2.1.7
1094
+ - @pnpm/modules-yaml@12.1.6
1095
+ - @pnpm/store-controller-types@17.1.4
1096
+
1097
+ ## 0.2.5
1098
+
1099
+ ### Patch Changes
1100
+
1101
+ - Updated dependencies
1102
+ - @pnpm/types@9.4.1
1103
+ - @pnpm/lockfile-file@8.1.5
1104
+ - @pnpm/lockfile-utils@9.0.3
1105
+ - @pnpm/package-is-installable@8.1.1
1106
+ - @pnpm/core-loggers@9.0.5
1107
+ - @pnpm/dependency-path@2.1.6
1108
+ - @pnpm/modules-yaml@12.1.5
1109
+ - @pnpm/store-controller-types@17.1.3
1110
+
1111
+ ## 0.2.4
1112
+
1113
+ ### Patch Changes
1114
+
1115
+ - Updated dependencies [d5a176af7]
1116
+ - @pnpm/lockfile-utils@9.0.2
1117
+
1118
+ ## 0.2.3
1119
+
1120
+ ### Patch Changes
1121
+
1122
+ - Updated dependencies [b4194fe52]
1123
+ - @pnpm/lockfile-utils@9.0.1
1124
+
1125
+ ## 0.2.2
1126
+
1127
+ ### Patch Changes
1128
+
1129
+ - fe1f0f734: Fixed a performance regression on running installation on a project with an up to date lockfile [#7297](https://github.com/pnpm/pnpm/issues/7297).
1130
+ - Updated dependencies [291607c5a]
1131
+ - @pnpm/store-controller-types@17.1.2
1132
+
1133
+ ## 0.2.1
1134
+
1135
+ ### Patch Changes
1136
+
1137
+ - Updated dependencies [4c2450208]
1138
+ - Updated dependencies [7ea45afbe]
1139
+ - @pnpm/lockfile-utils@9.0.0
1140
+ - @pnpm/store-controller-types@17.1.1
1141
+
1142
+ ## 0.2.0
1143
+
1144
+ ### Minor Changes
1145
+
1146
+ - 43ce9e4a6: Support for multiple architectures when installing dependencies [#5965](https://github.com/pnpm/pnpm/issues/5965).
1147
+
1148
+ You can now specify architectures for which you'd like to install optional dependencies, even if they don't match the architecture of the system running the install. Use the `supportedArchitectures` field in `package.json` to define your preferences.
1149
+
1150
+ For example, the following configuration tells pnpm to install optional dependencies for Windows x64:
1151
+
1152
+ ```json
1153
+ {
1154
+ "pnpm": {
1155
+ "supportedArchitectures": {
1156
+ "os": ["win32"],
1157
+ "cpu": ["x64"]
1158
+ }
1159
+ }
1160
+ }
1161
+ ```
1162
+
1163
+ Whereas this configuration will have pnpm install optional dependencies for Windows, macOS, and the architecture of the system currently running the install. It includes artifacts for both x64 and arm64 CPUs:
1164
+
1165
+ ```json
1166
+ {
1167
+ "pnpm": {
1168
+ "supportedArchitectures": {
1169
+ "os": ["win32", "darwin", "current"],
1170
+ "cpu": ["x64", "arm64"]
1171
+ }
1172
+ }
1173
+ }
1174
+ ```
1175
+
1176
+ Additionally, `supportedArchitectures` also supports specifying the `libc` of the system.
1177
+
1178
+ ### Patch Changes
1179
+
1180
+ - Updated dependencies [43ce9e4a6]
1181
+ - @pnpm/package-is-installable@8.1.0
1182
+ - @pnpm/store-controller-types@17.1.0
1183
+ - @pnpm/types@9.4.0
1184
+ - @pnpm/lockfile-file@8.1.4
1185
+ - @pnpm/lockfile-utils@8.0.7
1186
+ - @pnpm/core-loggers@9.0.4
1187
+ - @pnpm/dependency-path@2.1.5
1188
+ - @pnpm/modules-yaml@12.1.4
1189
+
1190
+ ## 0.1.5
1191
+
1192
+ ### Patch Changes
1193
+
1194
+ - Updated dependencies [d774a3196]
1195
+ - @pnpm/types@9.3.0
1196
+ - @pnpm/package-is-installable@8.0.5
1197
+ - @pnpm/lockfile-file@8.1.3
1198
+ - @pnpm/lockfile-utils@8.0.6
1199
+ - @pnpm/core-loggers@9.0.3
1200
+ - @pnpm/dependency-path@2.1.4
1201
+ - @pnpm/modules-yaml@12.1.3
1202
+ - @pnpm/store-controller-types@17.0.1
1203
+
1204
+ ## 0.1.4
1205
+
1206
+ ### Patch Changes
1207
+
1208
+ - Updated dependencies [f394cfccd]
1209
+ - @pnpm/lockfile-utils@8.0.5
1210
+
1211
+ ## 0.1.3
1212
+
1213
+ ### Patch Changes
1214
+
1215
+ - Updated dependencies [9caa33d53]
1216
+ - Updated dependencies [9caa33d53]
1217
+ - @pnpm/store-controller-types@17.0.0
1218
+
1219
+ ## 0.1.2
1220
+
1221
+ ### Patch Changes
1222
+
1223
+ - Updated dependencies [03cdccc6e]
1224
+ - @pnpm/store-controller-types@16.1.0
1225
+
1226
+ ## 0.1.1
1227
+
1228
+ ### Patch Changes
1229
+
1230
+ - @pnpm/store-controller-types@16.0.1
1231
+
1232
+ ## 0.1.0
1233
+
1234
+ ### Minor Changes
1235
+
1236
+ - 494f87544: Breaking changes to the API.
1237
+
1238
+ ### Patch Changes
1239
+
1240
+ - Updated dependencies [494f87544]
1241
+ - Updated dependencies [e9aa6f682]
1242
+ - @pnpm/store-controller-types@16.0.0
1243
+ - @pnpm/lockfile-utils@8.0.4
1244
+
1245
+ ## 0.0.1
1246
+
1247
+ ### Patch Changes
1248
+
1249
+ - Updated dependencies [aa2ae8fe2]
1250
+ - @pnpm/types@9.2.0
1251
+ - @pnpm/package-is-installable@8.0.4
1252
+ - @pnpm/lockfile-file@8.1.2
1253
+ - @pnpm/lockfile-utils@8.0.3
1254
+ - @pnpm/core-loggers@9.0.2
1255
+ - @pnpm/dependency-path@2.1.3
1256
+ - @pnpm/modules-yaml@12.1.2
1257
+ - @pnpm/store-controller-types@15.0.2
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@pnpm/deps.graph-builder",
3
- "version": "1100.0.20",
3
+ "version": "1100.0.22",
4
4
  "description": "A package for building a dependency graph from a lockfile",
5
5
  "keywords": [
6
6
  "pnpm",
@@ -27,31 +27,31 @@
27
27
  "!*.map"
28
28
  ],
29
29
  "dependencies": {
30
- "path-exists": "^5.0.0",
31
- "ramda": "npm:@pnpm/ramda@0.28.1",
32
- "@pnpm/config.package-is-installable": "1100.0.12",
30
+ "@pnpm/config.package-is-installable": "1100.0.13",
33
31
  "@pnpm/constants": "1100.0.0",
34
- "@pnpm/core-loggers": "1100.2.1",
35
- "@pnpm/deps.graph-hasher": "1100.2.8",
36
- "@pnpm/deps.path": "1100.0.8",
37
- "@pnpm/fs.symlink-dependency": "1100.0.10",
38
- "@pnpm/lockfile.utils": "1100.1.1",
39
- "@pnpm/lockfile.fs": "1100.1.9",
40
- "@pnpm/installing.modules-yaml": "1100.0.9",
32
+ "@pnpm/core-loggers": "1100.2.2",
33
+ "@pnpm/deps.graph-hasher": "1100.2.10",
34
+ "@pnpm/deps.path": "1100.0.9",
35
+ "@pnpm/fs.symlink-dependency": "1100.0.11",
36
+ "@pnpm/hooks.types": "1100.2.1",
37
+ "@pnpm/installing.modules-yaml": "1100.0.10",
38
+ "@pnpm/lockfile.fs": "1100.1.11",
39
+ "@pnpm/lockfile.utils": "1100.1.3",
40
+ "@pnpm/patching.config": "1100.0.10",
41
41
  "@pnpm/patching.types": "1100.0.0",
42
- "@pnpm/patching.config": "1100.0.9",
43
- "@pnpm/types": "1101.3.2",
44
- "@pnpm/hooks.types": "1100.1.1",
45
- "@pnpm/store.controller-types": "1100.1.7"
42
+ "@pnpm/store.controller-types": "1100.1.8",
43
+ "@pnpm/types": "1101.4.0",
44
+ "path-exists": "^5.0.0",
45
+ "ramda": "npm:@pnpm/ramda@0.28.1"
46
46
  },
47
47
  "peerDependencies": {
48
48
  "@pnpm/logger": "^1100.0.0"
49
49
  },
50
50
  "devDependencies": {
51
51
  "@jest/globals": "30.4.1",
52
- "@types/ramda": "0.31.1",
53
- "@pnpm/deps.graph-builder": "1100.0.20",
54
- "@pnpm/logger": "1100.0.0"
52
+ "@pnpm/deps.graph-builder": "1100.0.22",
53
+ "@pnpm/logger": "1100.0.0",
54
+ "@types/ramda": "0.31.1"
55
55
  },
56
56
  "engines": {
57
57
  "node": ">=22.13"