@pnpm/engine.pm.commands 1101.2.1 → 1101.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +931 -0
- package/lib/self-updater/installPnpm.d.ts +6 -0
- package/lib/self-updater/installPnpm.js +20 -14
- package/lib/self-updater/selfUpdate.js +12 -12
- package/package.json +32 -32
package/CHANGELOG.md
ADDED
|
@@ -0,0 +1,931 @@
|
|
|
1
|
+
# @pnpm/engine.pm.commands
|
|
2
|
+
|
|
3
|
+
## 1101.2.3
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- `pnpm add -g`, `pnpm update -g`, `pnpm setup`, and the self-updater no longer fail with `ERR_PNPM_MISSING_TIME` when `trustPolicy: no-downgrade` or `resolutionMode: time-based` is set in the global config [#12883](https://github.com/pnpm/pnpm/issues/12883). The decision to fetch full registry metadata now lives in one place, and the `no-downgrade` trust policy always requests full metadata (matching the self-updater), since the trust evidence it checks is missing from abbreviated metadata even on registries that include the `time` field.
|
|
8
|
+
|
|
9
|
+
- Updated dependencies:
|
|
10
|
+
- @pnpm/bins.linker@1100.0.17
|
|
11
|
+
- @pnpm/building.policy@1100.0.13
|
|
12
|
+
- @pnpm/cli.meta@1100.0.9
|
|
13
|
+
- @pnpm/cli.utils@1101.0.14
|
|
14
|
+
- @pnpm/config.pick-registry-for-package@1100.0.10
|
|
15
|
+
- @pnpm/config.reader@1101.12.0
|
|
16
|
+
- @pnpm/config.version-policy@1100.1.7
|
|
17
|
+
- @pnpm/deps.graph-hasher@1100.2.10
|
|
18
|
+
- @pnpm/deps.security.signatures@1101.2.4
|
|
19
|
+
- @pnpm/global.commands@1100.0.34
|
|
20
|
+
- @pnpm/global.packages@1100.0.11
|
|
21
|
+
- @pnpm/installing.client@1100.2.14
|
|
22
|
+
- @pnpm/installing.deps-restorer@1102.1.5
|
|
23
|
+
- @pnpm/installing.env-installer@1102.0.6
|
|
24
|
+
- @pnpm/lockfile.fs@1100.1.11
|
|
25
|
+
- @pnpm/lockfile.types@1100.0.14
|
|
26
|
+
- @pnpm/network.auth-header@1101.1.4
|
|
27
|
+
- @pnpm/resolving.npm-resolver@1102.1.3
|
|
28
|
+
- @pnpm/store.connection-manager@1100.3.6
|
|
29
|
+
- @pnpm/store.controller@1102.0.5
|
|
30
|
+
- @pnpm/types@1101.4.0
|
|
31
|
+
- @pnpm/workspace.project-manifest-reader@1100.0.15
|
|
32
|
+
|
|
33
|
+
## 1101.2.2
|
|
34
|
+
|
|
35
|
+
### Patch Changes
|
|
36
|
+
|
|
37
|
+
- a38adda: `pnpm self-update <version>` now installs the requested pnpm version when it matches the currently running version but is missing from the global self-update directory.
|
|
38
|
+
- @pnpm/installing.client@1100.2.13
|
|
39
|
+
- @pnpm/store.controller@1102.0.4
|
|
40
|
+
- @pnpm/installing.env-installer@1102.0.5
|
|
41
|
+
- @pnpm/installing.deps-restorer@1102.1.4
|
|
42
|
+
- @pnpm/config.reader@1101.11.2
|
|
43
|
+
- @pnpm/store.connection-manager@1100.3.5
|
|
44
|
+
- @pnpm/global.commands@1100.0.33
|
|
45
|
+
- @pnpm/deps.graph-hasher@1100.2.9
|
|
46
|
+
- @pnpm/lockfile.fs@1100.1.10
|
|
47
|
+
|
|
48
|
+
## 1101.2.1
|
|
49
|
+
|
|
50
|
+
### Patch Changes
|
|
51
|
+
|
|
52
|
+
- dcfc611: `pnpm self-update` now honors `trustPolicy=no-downgrade`. It resolves the target pnpm version against full registry metadata, so it refuses to switch to a version whose supply-chain trust evidence is weaker than an earlier-published one, the same way a regular install does.
|
|
53
|
+
- Updated dependencies [c70e33e]
|
|
54
|
+
- Updated dependencies [3067e4f]
|
|
55
|
+
- Updated dependencies [51300fd]
|
|
56
|
+
- Updated dependencies [f8058eb]
|
|
57
|
+
- Updated dependencies [9318a11]
|
|
58
|
+
- Updated dependencies [51300fd]
|
|
59
|
+
- Updated dependencies [5a4daec]
|
|
60
|
+
- Updated dependencies [25bd5c3]
|
|
61
|
+
- @pnpm/building.policy@1100.0.12
|
|
62
|
+
- @pnpm/resolving.npm-resolver@1102.1.2
|
|
63
|
+
- @pnpm/deps.graph-hasher@1100.2.8
|
|
64
|
+
- @pnpm/lockfile.fs@1100.1.9
|
|
65
|
+
- @pnpm/config.reader@1101.11.1
|
|
66
|
+
- @pnpm/installing.env-installer@1102.0.4
|
|
67
|
+
- @pnpm/global.commands@1100.0.32
|
|
68
|
+
- @pnpm/installing.deps-restorer@1102.1.3
|
|
69
|
+
- @pnpm/installing.client@1100.2.12
|
|
70
|
+
- @pnpm/store.connection-manager@1100.3.4
|
|
71
|
+
- @pnpm/store.controller@1102.0.3
|
|
72
|
+
|
|
73
|
+
## 1101.2.0
|
|
74
|
+
|
|
75
|
+
### Minor Changes
|
|
76
|
+
|
|
77
|
+
- a33eeec: `pnpm self-update` and `packageManager` version-switching can now install and link pnpm v12 (the Rust port), published with equal content under both the `pnpm` and `@pnpm/exe` names on the `next-12` dist-tag. Its native binaries ship as `@pnpm/exe.<platform>-<arch>` packages, which pnpm's built-in installer links directly — no Node.js launcher, so the command pays no Node startup cost. v12 is initialized exactly like `@pnpm/exe`, including per-platform global-virtual-store hashing. From v12 onward the install converges on the unscoped `pnpm` package (the Rust exe) — even when updating from the SEA `@pnpm/exe` build.
|
|
78
|
+
|
|
79
|
+
### Patch Changes
|
|
80
|
+
|
|
81
|
+
- Updated dependencies [be6505a]
|
|
82
|
+
- Updated dependencies [3425e80]
|
|
83
|
+
- Updated dependencies [25c7388]
|
|
84
|
+
- Updated dependencies [99982b9]
|
|
85
|
+
- Updated dependencies [11a7fdd]
|
|
86
|
+
- Updated dependencies [806c3ec]
|
|
87
|
+
- Updated dependencies [c121235]
|
|
88
|
+
- Updated dependencies [dcabb78]
|
|
89
|
+
- Updated dependencies [a6c4d5f]
|
|
90
|
+
- @pnpm/global.packages@1100.0.10
|
|
91
|
+
- @pnpm/global.commands@1100.0.31
|
|
92
|
+
- @pnpm/config.reader@1101.11.0
|
|
93
|
+
- @pnpm/resolving.npm-resolver@1102.1.1
|
|
94
|
+
- @pnpm/store.connection-manager@1100.3.3
|
|
95
|
+
- @pnpm/installing.client@1100.2.11
|
|
96
|
+
- @pnpm/installing.env-installer@1102.0.3
|
|
97
|
+
- @pnpm/deps.graph-hasher@1100.2.7
|
|
98
|
+
- @pnpm/lockfile.types@1100.0.13
|
|
99
|
+
- @pnpm/store.controller@1102.0.3
|
|
100
|
+
- @pnpm/installing.deps-restorer@1102.1.2
|
|
101
|
+
- @pnpm/lockfile.fs@1100.1.8
|
|
102
|
+
|
|
103
|
+
## 1101.1.25
|
|
104
|
+
|
|
105
|
+
### Patch Changes
|
|
106
|
+
|
|
107
|
+
- Updated dependencies [25a829e]
|
|
108
|
+
- Updated dependencies [bae694f]
|
|
109
|
+
- Updated dependencies [fbdc0eb]
|
|
110
|
+
- Updated dependencies [fa7004b]
|
|
111
|
+
- Updated dependencies [0ec878d]
|
|
112
|
+
- Updated dependencies [a84d2a1]
|
|
113
|
+
- Updated dependencies [852d537]
|
|
114
|
+
- @pnpm/config.version-policy@1100.1.6
|
|
115
|
+
- @pnpm/resolving.npm-resolver@1102.1.0
|
|
116
|
+
- @pnpm/installing.deps-restorer@1102.1.1
|
|
117
|
+
- @pnpm/workspace.project-manifest-reader@1100.0.14
|
|
118
|
+
- @pnpm/installing.env-installer@1102.0.2
|
|
119
|
+
- @pnpm/error@1100.0.1
|
|
120
|
+
- @pnpm/building.policy@1100.0.11
|
|
121
|
+
- @pnpm/installing.client@1100.2.10
|
|
122
|
+
- @pnpm/deps.graph-hasher@1100.2.6
|
|
123
|
+
- @pnpm/lockfile.types@1100.0.12
|
|
124
|
+
- @pnpm/store.connection-manager@1100.3.2
|
|
125
|
+
- @pnpm/store.controller@1102.0.2
|
|
126
|
+
- @pnpm/lockfile.fs@1100.1.7
|
|
127
|
+
- @pnpm/deps.security.signatures@1101.2.3
|
|
128
|
+
- @pnpm/bins.linker@1100.0.16
|
|
129
|
+
- @pnpm/cli.utils@1101.0.13
|
|
130
|
+
- @pnpm/config.reader@1101.10.1
|
|
131
|
+
- @pnpm/global.commands@1100.0.30
|
|
132
|
+
- @pnpm/network.auth-header@1101.1.3
|
|
133
|
+
- @pnpm/global.packages@1100.0.9
|
|
134
|
+
|
|
135
|
+
## 1101.1.24
|
|
136
|
+
|
|
137
|
+
### Patch Changes
|
|
138
|
+
|
|
139
|
+
- Updated dependencies [29ab905]
|
|
140
|
+
- Updated dependencies [bee4bf4]
|
|
141
|
+
- Updated dependencies [302a2f7]
|
|
142
|
+
- Updated dependencies [3d1fd20]
|
|
143
|
+
- Updated dependencies [61969fb]
|
|
144
|
+
- Updated dependencies [0474a9c]
|
|
145
|
+
- @pnpm/resolving.npm-resolver@1102.0.1
|
|
146
|
+
- @pnpm/installing.env-installer@1102.0.1
|
|
147
|
+
- @pnpm/config.reader@1101.10.0
|
|
148
|
+
- @pnpm/bins.linker@1100.0.15
|
|
149
|
+
- @pnpm/lockfile.fs@1100.1.6
|
|
150
|
+
- @pnpm/installing.deps-restorer@1102.1.0
|
|
151
|
+
- @pnpm/installing.client@1100.2.9
|
|
152
|
+
- @pnpm/global.commands@1100.0.29
|
|
153
|
+
- @pnpm/store.connection-manager@1100.3.1
|
|
154
|
+
- @pnpm/store.controller@1102.0.1
|
|
155
|
+
|
|
156
|
+
## 1101.1.23
|
|
157
|
+
|
|
158
|
+
### Patch Changes
|
|
159
|
+
|
|
160
|
+
- 0fe6ea9: `pnpm setup` no longer prompts to approve build scripts for `@pnpm/exe` when installing the standalone executable. pnpm links the platform-specific binary itself, so the package's install scripts are skipped during the global self-install [#12377](https://github.com/pnpm/pnpm/issues/12377).
|
|
161
|
+
- a31faa7: Updated dependency ranges. Notably:
|
|
162
|
+
|
|
163
|
+
- `@pnpm/logger` peer dependency range moved to `^1100.0.0`.
|
|
164
|
+
- `msgpackr` 1.11.8 → 2.0.4 (store index files remain byte-compatible in both directions).
|
|
165
|
+
- `open` ^7.4.2 → ^11.0.0, `memoize` ^10 → ^11, `cli-truncate` ^5 → ^6, `pidtree` ^0.6 → ^1.
|
|
166
|
+
- `@yarnpkg/core` 4.5.0 → 4.8.0, `@rushstack/worker-pool` 0.7.7 → 0.7.18, `@cyclonedx/cyclonedx-library` 10.0.0 → 10.1.0, `@pnpm/config.nerf-dart` ^1 → ^2, `@pnpm/log.group` 3.0.2 → 4.0.1, `@pnpm/util.lex-comparator` ^3 → ^4.
|
|
167
|
+
|
|
168
|
+
- Updated dependencies [f648e9b]
|
|
169
|
+
- Updated dependencies [61810aa]
|
|
170
|
+
- Updated dependencies [c16eb0a]
|
|
171
|
+
- Updated dependencies [681b593]
|
|
172
|
+
- Updated dependencies [d50d691]
|
|
173
|
+
- Updated dependencies [1310ab5]
|
|
174
|
+
- Updated dependencies [a31faa7]
|
|
175
|
+
- Updated dependencies [cd8348c]
|
|
176
|
+
- @pnpm/installing.deps-restorer@1102.0.0
|
|
177
|
+
- @pnpm/config.reader@1101.9.0
|
|
178
|
+
- @pnpm/store.controller@1102.0.0
|
|
179
|
+
- @pnpm/store.connection-manager@1100.3.0
|
|
180
|
+
- @pnpm/bins.linker@1100.0.14
|
|
181
|
+
- @pnpm/resolving.npm-resolver@1102.0.0
|
|
182
|
+
- @pnpm/network.auth-header@1101.1.2
|
|
183
|
+
- @pnpm/types@1101.3.2
|
|
184
|
+
- @pnpm/lockfile.fs@1100.1.5
|
|
185
|
+
- @pnpm/cli.utils@1101.0.12
|
|
186
|
+
- @pnpm/config.version-policy@1100.1.5
|
|
187
|
+
- @pnpm/deps.security.signatures@1101.2.2
|
|
188
|
+
- @pnpm/global.commands@1100.0.28
|
|
189
|
+
- @pnpm/global.packages@1100.0.8
|
|
190
|
+
- @pnpm/installing.env-installer@1102.0.0
|
|
191
|
+
- @pnpm/workspace.project-manifest-reader@1100.0.13
|
|
192
|
+
- @pnpm/installing.client@1100.2.8
|
|
193
|
+
- @pnpm/deps.graph-hasher@1100.2.5
|
|
194
|
+
- @pnpm/building.policy@1100.0.10
|
|
195
|
+
- @pnpm/cli.meta@1100.0.8
|
|
196
|
+
- @pnpm/config.pick-registry-for-package@1100.0.9
|
|
197
|
+
- @pnpm/lockfile.types@1100.0.11
|
|
198
|
+
|
|
199
|
+
## 1101.1.22
|
|
200
|
+
|
|
201
|
+
### Patch Changes
|
|
202
|
+
|
|
203
|
+
- Updated dependencies [bc9ed78]
|
|
204
|
+
- Updated dependencies [615c669]
|
|
205
|
+
- @pnpm/config.reader@1101.8.0
|
|
206
|
+
- @pnpm/global.commands@1100.0.27
|
|
207
|
+
- @pnpm/store.connection-manager@1100.2.8
|
|
208
|
+
- @pnpm/installing.deps-restorer@1101.1.11
|
|
209
|
+
- @pnpm/installing.env-installer@1101.1.8
|
|
210
|
+
- @pnpm/resolving.npm-resolver@1101.5.2
|
|
211
|
+
- @pnpm/store.controller@1101.0.13
|
|
212
|
+
- @pnpm/cli.utils@1101.0.11
|
|
213
|
+
- @pnpm/installing.client@1100.2.7
|
|
214
|
+
- @pnpm/deps.security.signatures@1101.2.1
|
|
215
|
+
- @pnpm/bins.linker@1100.0.13
|
|
216
|
+
- @pnpm/workspace.project-manifest-reader@1100.0.12
|
|
217
|
+
|
|
218
|
+
## 1101.1.21
|
|
219
|
+
|
|
220
|
+
### Patch Changes
|
|
221
|
+
|
|
222
|
+
- 3537020: Avoid writing `packageManagerDependencies` to `pnpm-lock.yaml` when package manager policy is set to `onFail: ignore` or `pmOnFail: ignore` [#12228](https://github.com/pnpm/pnpm/issues/12228).
|
|
223
|
+
- 5f2bb9f: Security: pnpm now verifies the npm registry signature of a package-manager binary before spawning it, so a cloned repository cannot make pnpm download and execute an arbitrary native binary.
|
|
224
|
+
|
|
225
|
+
This covers two paths that select an executable from repository-controlled input:
|
|
226
|
+
|
|
227
|
+
- **pacquet install engine** — declaring `pacquet` (or `@pnpm/pacquet`) in `configDependencies` opts in to pnpm's Rust install engine. pnpm now verifies that the installed `pacquet` shim and the host's `@pacquet/<platform>-<arch>` binary carry a valid npm registry signature for their exact `name@version`, and refuses to run pacquet (failing the command) if the signature does not verify or cannot be checked. The only graceful fallback to pnpm's own engine is when pacquet has no binary for the current platform.
|
|
228
|
+
- **automatic version switch / `self-update`** — the `packageManager` / `devEngines.packageManager` field makes pnpm download and run a specific pnpm version. pnpm now verifies the registry signature of `pnpm`, `@pnpm/exe`, and the host platform binary before installing/spawning them, and refuses to run an engine whose signature does not match a published, signed release. The check runs only on an actual download (store cache miss), so it does not add a network round trip to every command.
|
|
229
|
+
|
|
230
|
+
In both cases the signature is verified over the _installed_ integrity, against npm's public signing keys that ship embedded in the pnpm CLI (like corepack), so bytes substituted via a tampered lockfile or a repository-controlled registry fail verification — and a registry the user did not vouch for cannot supply its own signing keys. The signed packument is fetched from the configured registry, so an npm mirror works transparently. Verification fails closed: if it cannot be completed (for example, the registry is unreachable), the command fails rather than running an unverified binary. The embedded keys are kept current by a release-time check against npm's signing-keys endpoint.
|
|
231
|
+
|
|
232
|
+
- Updated dependencies [822beb5]
|
|
233
|
+
- Updated dependencies [3537020]
|
|
234
|
+
- Updated dependencies [894ea6a]
|
|
235
|
+
- Updated dependencies [6b5d91a]
|
|
236
|
+
- Updated dependencies [027196b]
|
|
237
|
+
- Updated dependencies [5f2bb9f]
|
|
238
|
+
- Updated dependencies [1017c36]
|
|
239
|
+
- Updated dependencies [bf1b731]
|
|
240
|
+
- @pnpm/config.reader@1101.7.0
|
|
241
|
+
- @pnpm/deps.security.signatures@1101.2.0
|
|
242
|
+
- @pnpm/building.policy@1100.0.9
|
|
243
|
+
- @pnpm/deps.graph-hasher@1100.2.4
|
|
244
|
+
- @pnpm/installing.deps-restorer@1101.1.10
|
|
245
|
+
- @pnpm/types@1101.3.1
|
|
246
|
+
- @pnpm/global.commands@1100.0.26
|
|
247
|
+
- @pnpm/store.connection-manager@1100.2.7
|
|
248
|
+
- @pnpm/installing.env-installer@1101.1.7
|
|
249
|
+
- @pnpm/bins.linker@1100.0.12
|
|
250
|
+
- @pnpm/global.packages@1100.0.7
|
|
251
|
+
- @pnpm/installing.client@1100.2.6
|
|
252
|
+
- @pnpm/cli.meta@1100.0.7
|
|
253
|
+
- @pnpm/cli.utils@1101.0.10
|
|
254
|
+
- @pnpm/config.pick-registry-for-package@1100.0.8
|
|
255
|
+
- @pnpm/config.version-policy@1100.1.4
|
|
256
|
+
- @pnpm/lockfile.fs@1100.1.4
|
|
257
|
+
- @pnpm/lockfile.types@1100.0.10
|
|
258
|
+
- @pnpm/network.auth-header@1101.1.1
|
|
259
|
+
- @pnpm/resolving.npm-resolver@1101.5.1
|
|
260
|
+
- @pnpm/store.controller@1101.0.12
|
|
261
|
+
- @pnpm/workspace.project-manifest-reader@1100.0.11
|
|
262
|
+
|
|
263
|
+
## 1101.1.20
|
|
264
|
+
|
|
265
|
+
### Patch Changes
|
|
266
|
+
|
|
267
|
+
- Updated dependencies [a017bf3]
|
|
268
|
+
- Updated dependencies [722b9cd]
|
|
269
|
+
- Updated dependencies [6d17b66]
|
|
270
|
+
- @pnpm/config.reader@1101.6.0
|
|
271
|
+
- @pnpm/types@1101.3.0
|
|
272
|
+
- @pnpm/resolving.npm-resolver@1101.5.0
|
|
273
|
+
- @pnpm/global.commands@1100.0.25
|
|
274
|
+
- @pnpm/installing.client@1100.2.5
|
|
275
|
+
- @pnpm/installing.env-installer@1101.1.6
|
|
276
|
+
- @pnpm/store.connection-manager@1100.2.6
|
|
277
|
+
- @pnpm/bins.linker@1100.0.11
|
|
278
|
+
- @pnpm/building.policy@1100.0.8
|
|
279
|
+
- @pnpm/cli.meta@1100.0.6
|
|
280
|
+
- @pnpm/cli.utils@1101.0.9
|
|
281
|
+
- @pnpm/config.version-policy@1100.1.3
|
|
282
|
+
- @pnpm/deps.graph-hasher@1100.2.3
|
|
283
|
+
- @pnpm/global.packages@1100.0.6
|
|
284
|
+
- @pnpm/installing.deps-restorer@1101.1.9
|
|
285
|
+
- @pnpm/lockfile.fs@1100.1.3
|
|
286
|
+
- @pnpm/lockfile.types@1100.0.9
|
|
287
|
+
- @pnpm/store.controller@1101.0.11
|
|
288
|
+
- @pnpm/workspace.project-manifest-reader@1100.0.10
|
|
289
|
+
|
|
290
|
+
## 1101.1.19
|
|
291
|
+
|
|
292
|
+
### Patch Changes
|
|
293
|
+
|
|
294
|
+
- Updated dependencies [118e9be]
|
|
295
|
+
- @pnpm/installing.deps-restorer@1101.1.8
|
|
296
|
+
- @pnpm/installing.env-installer@1101.1.5
|
|
297
|
+
- @pnpm/global.commands@1100.0.24
|
|
298
|
+
|
|
299
|
+
## 1101.1.18
|
|
300
|
+
|
|
301
|
+
### Patch Changes
|
|
302
|
+
|
|
303
|
+
- Updated dependencies [6235428]
|
|
304
|
+
- Updated dependencies [a39a83d]
|
|
305
|
+
- Updated dependencies [1e9ab29]
|
|
306
|
+
- @pnpm/resolving.npm-resolver@1101.4.0
|
|
307
|
+
- @pnpm/config.reader@1101.5.0
|
|
308
|
+
- @pnpm/installing.env-installer@1101.1.4
|
|
309
|
+
- @pnpm/installing.client@1100.2.4
|
|
310
|
+
- @pnpm/installing.deps-restorer@1101.1.7
|
|
311
|
+
- @pnpm/store.controller@1101.0.10
|
|
312
|
+
- @pnpm/global.commands@1100.0.23
|
|
313
|
+
- @pnpm/store.connection-manager@1100.2.5
|
|
314
|
+
|
|
315
|
+
## 1101.1.17
|
|
316
|
+
|
|
317
|
+
### Patch Changes
|
|
318
|
+
|
|
319
|
+
- Updated dependencies [a23956e]
|
|
320
|
+
- Updated dependencies [a456dc7]
|
|
321
|
+
- Updated dependencies [35d2355]
|
|
322
|
+
- Updated dependencies [440e155]
|
|
323
|
+
- Updated dependencies [0721d64]
|
|
324
|
+
- @pnpm/config.reader@1101.4.1
|
|
325
|
+
- @pnpm/workspace.project-manifest-reader@1100.0.9
|
|
326
|
+
- @pnpm/types@1101.2.0
|
|
327
|
+
- @pnpm/global.commands@1100.0.22
|
|
328
|
+
- @pnpm/resolving.npm-resolver@1101.3.3
|
|
329
|
+
- @pnpm/store.connection-manager@1100.2.4
|
|
330
|
+
- @pnpm/installing.client@1100.2.3
|
|
331
|
+
- @pnpm/installing.env-installer@1101.1.3
|
|
332
|
+
- @pnpm/bins.linker@1100.0.10
|
|
333
|
+
- @pnpm/cli.utils@1101.0.8
|
|
334
|
+
- @pnpm/installing.deps-restorer@1101.1.6
|
|
335
|
+
- @pnpm/deps.graph-hasher@1100.2.2
|
|
336
|
+
- @pnpm/lockfile.fs@1100.1.2
|
|
337
|
+
- @pnpm/building.policy@1100.0.7
|
|
338
|
+
- @pnpm/cli.meta@1100.0.5
|
|
339
|
+
- @pnpm/config.version-policy@1100.1.2
|
|
340
|
+
- @pnpm/global.packages@1100.0.5
|
|
341
|
+
- @pnpm/lockfile.types@1100.0.8
|
|
342
|
+
- @pnpm/store.controller@1101.0.9
|
|
343
|
+
|
|
344
|
+
## 1101.1.16
|
|
345
|
+
|
|
346
|
+
### Patch Changes
|
|
347
|
+
|
|
348
|
+
- Updated dependencies [d7da112]
|
|
349
|
+
- Updated dependencies [155af87]
|
|
350
|
+
- Updated dependencies [3b62f9d]
|
|
351
|
+
- Updated dependencies [212315d]
|
|
352
|
+
- @pnpm/workspace.project-manifest-reader@1100.0.8
|
|
353
|
+
- @pnpm/installing.env-installer@1101.1.2
|
|
354
|
+
- @pnpm/config.reader@1101.4.0
|
|
355
|
+
- @pnpm/resolving.npm-resolver@1101.3.2
|
|
356
|
+
- @pnpm/bins.linker@1100.0.9
|
|
357
|
+
- @pnpm/cli.utils@1101.0.7
|
|
358
|
+
- @pnpm/installing.deps-restorer@1101.1.5
|
|
359
|
+
- @pnpm/global.commands@1100.0.21
|
|
360
|
+
- @pnpm/store.connection-manager@1100.2.3
|
|
361
|
+
- @pnpm/installing.client@1100.2.2
|
|
362
|
+
- @pnpm/store.controller@1101.0.8
|
|
363
|
+
|
|
364
|
+
## 1101.1.15
|
|
365
|
+
|
|
366
|
+
### Patch Changes
|
|
367
|
+
|
|
368
|
+
- Updated dependencies [2061c55]
|
|
369
|
+
- Updated dependencies [e5e7b72]
|
|
370
|
+
- @pnpm/installing.env-installer@1101.1.1
|
|
371
|
+
- @pnpm/resolving.npm-resolver@1101.3.1
|
|
372
|
+
- @pnpm/installing.client@1100.2.1
|
|
373
|
+
- @pnpm/store.connection-manager@1100.2.2
|
|
374
|
+
- @pnpm/store.controller@1101.0.8
|
|
375
|
+
- @pnpm/global.commands@1100.0.20
|
|
376
|
+
- @pnpm/installing.deps-restorer@1101.1.4
|
|
377
|
+
|
|
378
|
+
## 1101.1.14
|
|
379
|
+
|
|
380
|
+
### Patch Changes
|
|
381
|
+
|
|
382
|
+
- Updated dependencies [3687b0e]
|
|
383
|
+
- Updated dependencies [c8d8fde]
|
|
384
|
+
- Updated dependencies [ced20cb]
|
|
385
|
+
- Updated dependencies [a620557]
|
|
386
|
+
- Updated dependencies [9cb48bb]
|
|
387
|
+
- Updated dependencies [d1b340f]
|
|
388
|
+
- Updated dependencies [3a54205]
|
|
389
|
+
- Updated dependencies [1627943]
|
|
390
|
+
- Updated dependencies [64afc92]
|
|
391
|
+
- @pnpm/config.reader@1101.3.3
|
|
392
|
+
- @pnpm/installing.env-installer@1101.1.0
|
|
393
|
+
- @pnpm/global.commands@1100.0.19
|
|
394
|
+
- @pnpm/lockfile.fs@1100.1.1
|
|
395
|
+
- @pnpm/resolving.npm-resolver@1101.3.0
|
|
396
|
+
- @pnpm/installing.client@1100.2.0
|
|
397
|
+
- @pnpm/types@1101.1.1
|
|
398
|
+
- @pnpm/store.connection-manager@1100.2.1
|
|
399
|
+
- @pnpm/installing.deps-restorer@1101.1.4
|
|
400
|
+
- @pnpm/store.controller@1101.0.8
|
|
401
|
+
- @pnpm/deps.graph-hasher@1100.2.1
|
|
402
|
+
- @pnpm/lockfile.types@1100.0.7
|
|
403
|
+
- @pnpm/bins.linker@1100.0.8
|
|
404
|
+
- @pnpm/cli.utils@1101.0.6
|
|
405
|
+
- @pnpm/workspace.project-manifest-reader@1100.0.7
|
|
406
|
+
- @pnpm/building.policy@1100.0.6
|
|
407
|
+
- @pnpm/cli.meta@1100.0.4
|
|
408
|
+
- @pnpm/config.version-policy@1100.1.1
|
|
409
|
+
- @pnpm/global.packages@1100.0.4
|
|
410
|
+
|
|
411
|
+
## 1101.1.13
|
|
412
|
+
|
|
413
|
+
### Patch Changes
|
|
414
|
+
|
|
415
|
+
- 4195766: Tightened the `minimumReleaseAge` story so the bypass becomes explicit on disk instead of silent, and removed the discover-by-loop dance for strict-mode users:
|
|
416
|
+
|
|
417
|
+
1. Fresh resolutions in loose mode (`minimumReleaseAgeStrict: false`) that fall back to a version newer than the cutoff auto-collect the picked `name@version` into the workspace manifest's `minimumReleaseAgeExclude`. A single info message lists the additions; entries already on the list are left alone.
|
|
418
|
+
2. The post-resolution lockfile verifier introduced in #11583 now runs in loose mode too — every accepted-immature pin must be on `minimumReleaseAgeExclude`, just like strict mode requires. A lockfile produced under a weaker (or absent) policy that still has immature entries is rejected the same way strict mode would reject it.
|
|
419
|
+
3. **Strict mode (interactive)** no longer aborts on the first immature pick. The resolver gathers every immature direct _and_ transitive in one pass; before peer-dependency resolution runs, pnpm prompts the user with the full list and asks whether to add them all to `minimumReleaseAgeExclude` and proceed. Approve → install continues and the workspace manifest is written at the end. Decline → resolution aborts before the lockfile or package.json is touched (tarballs already in the store stay, since the store is idempotent). This closes the [#10488](https://github.com/pnpm/pnpm/issues/10488) loop where security bumps to packages with platform-specific transitives (e.g. `next` + the `@next/swc-*` shims) made users re-run `pnpm add` once per transitive.
|
|
420
|
+
4. **Strict mode (non-interactive / CI)** now aborts with the full immature set in the error message instead of the first pick. The resolver always collects every immature direct + transitive; the install command then throws `ERR_PNPM_NO_MATURE_MATCHING_VERSION` listing each entry's `name@version` and publish time. Deterministic CI behavior is preserved (same exit code, same error code), but the error pinpoints every offending entry instead of forcing the discover-by-loop dance. The expected workflow is interactive approval locally → the lockfile + workspace manifest get committed → CI runs cleanly against the populated exclude list.
|
|
421
|
+
|
|
422
|
+
5. **The lockfile verifier now also covers `trustPolicy: 'no-downgrade'`.** The same post-resolution gate that re-checks `minimumReleaseAge` on lockfile entries now re-runs `failIfTrustDowngraded` for every npm-registry entry whose name isn't on `trustPolicyExclude`. The two checks share a single full-metadata fetch per package, so the extra coverage doesn't cost an extra round trip when both policies are active. Resolver-time trust checks still run as before — this just closes the gap when an entry bypasses resolution (peek path, `--frozen-lockfile`, restored CI cache).
|
|
423
|
+
|
|
424
|
+
Pacquet parity: not ported — pacquet's `minimumReleaseAge` policy is itself only stubbed today (see `pnpm/crates/package-manager/src/version_policy.rs`). The auto-exclude, loose-mode verifier, prompt, and the new trust-policy verifier check will travel with the broader policy port whenever that happens.
|
|
425
|
+
|
|
426
|
+
- b6e2c8c: Make `pnpm self-update` respect `minimumReleaseAge` (and `minimumReleaseAgeExclude`) when resolving which pnpm version to install.
|
|
427
|
+
|
|
428
|
+
When the `latest` dist-tag points to a version newer than the configured age threshold, `self-update` now selects the newest mature version instead unless excluded by `minimumReleaseAgeExclude`.
|
|
429
|
+
|
|
430
|
+
Also makes `dlx` and `outdated` surface invalid `minimumReleaseAgeExclude` patterns under the same `ERR_PNPM_INVALID_MINIMUM_RELEASE_AGE_EXCLUDE` error code already used by `install`, instead of leaking the internal `ERR_PNPM_INVALID_VERSION_UNION` / `ERR_PNPM_NAME_PATTERN_IN_VERSION_UNION` codes.
|
|
431
|
+
|
|
432
|
+
- Updated dependencies [963861c]
|
|
433
|
+
- Updated dependencies [4195766]
|
|
434
|
+
- Updated dependencies [31538bf]
|
|
435
|
+
- Updated dependencies [020ac45]
|
|
436
|
+
- Updated dependencies [b6e2c8c]
|
|
437
|
+
- Updated dependencies [d3f8408]
|
|
438
|
+
- Updated dependencies [6e93f35]
|
|
439
|
+
- Updated dependencies [3ddde2b]
|
|
440
|
+
- Updated dependencies [5dc8be8]
|
|
441
|
+
- Updated dependencies [a62f959]
|
|
442
|
+
- Updated dependencies [ba2c884]
|
|
443
|
+
- Updated dependencies [2a9bd89]
|
|
444
|
+
- Updated dependencies [8df408c]
|
|
445
|
+
- @pnpm/resolving.npm-resolver@1101.2.0
|
|
446
|
+
- @pnpm/installing.client@1100.1.0
|
|
447
|
+
- @pnpm/store.connection-manager@1100.2.0
|
|
448
|
+
- @pnpm/config.reader@1101.3.2
|
|
449
|
+
- @pnpm/config.version-policy@1100.1.0
|
|
450
|
+
- @pnpm/lockfile.fs@1100.1.0
|
|
451
|
+
- @pnpm/deps.graph-hasher@1100.2.0
|
|
452
|
+
- @pnpm/installing.deps-restorer@1101.1.3
|
|
453
|
+
- @pnpm/installing.env-installer@1101.0.10
|
|
454
|
+
- @pnpm/lockfile.types@1100.0.6
|
|
455
|
+
- @pnpm/store.controller@1101.0.7
|
|
456
|
+
- @pnpm/global.commands@1100.0.18
|
|
457
|
+
- @pnpm/building.policy@1100.0.5
|
|
458
|
+
- @pnpm/cli.utils@1101.0.5
|
|
459
|
+
- @pnpm/bins.linker@1100.0.7
|
|
460
|
+
- @pnpm/workspace.project-manifest-reader@1100.0.6
|
|
461
|
+
|
|
462
|
+
## 1101.1.12
|
|
463
|
+
|
|
464
|
+
### Patch Changes
|
|
465
|
+
|
|
466
|
+
- Updated dependencies [50b33c1]
|
|
467
|
+
- Updated dependencies [e526f89]
|
|
468
|
+
- Updated dependencies [180aee9]
|
|
469
|
+
- Updated dependencies [c2c2890]
|
|
470
|
+
- @pnpm/resolving.npm-resolver@1101.1.1
|
|
471
|
+
- @pnpm/lockfile.fs@1100.0.8
|
|
472
|
+
- @pnpm/bins.linker@1100.0.6
|
|
473
|
+
- @pnpm/cli.utils@1101.0.4
|
|
474
|
+
- @pnpm/config.reader@1101.3.1
|
|
475
|
+
- @pnpm/workspace.project-manifest-reader@1100.0.5
|
|
476
|
+
- @pnpm/global.commands@1100.0.17
|
|
477
|
+
- @pnpm/installing.env-installer@1101.0.9
|
|
478
|
+
- @pnpm/installing.client@1100.0.15
|
|
479
|
+
- @pnpm/installing.deps-restorer@1101.1.2
|
|
480
|
+
- @pnpm/store.controller@1101.0.6
|
|
481
|
+
- @pnpm/store.connection-manager@1100.1.2
|
|
482
|
+
|
|
483
|
+
## 1101.1.11
|
|
484
|
+
|
|
485
|
+
### Patch Changes
|
|
486
|
+
|
|
487
|
+
- Updated dependencies [b4f8f47]
|
|
488
|
+
- @pnpm/bins.linker@1100.0.5
|
|
489
|
+
- @pnpm/installing.client@1100.0.14
|
|
490
|
+
- @pnpm/global.commands@1100.0.16
|
|
491
|
+
- @pnpm/installing.deps-restorer@1101.1.1
|
|
492
|
+
- @pnpm/store.connection-manager@1100.1.1
|
|
493
|
+
- @pnpm/store.controller@1101.0.5
|
|
494
|
+
- @pnpm/installing.env-installer@1101.0.8
|
|
495
|
+
|
|
496
|
+
## 1101.1.10
|
|
497
|
+
|
|
498
|
+
### Patch Changes
|
|
499
|
+
|
|
500
|
+
- Updated dependencies [4b25a3d]
|
|
501
|
+
- Updated dependencies [b61e268]
|
|
502
|
+
- Updated dependencies [e1e29c1]
|
|
503
|
+
- @pnpm/global.commands@1100.0.15
|
|
504
|
+
- @pnpm/config.reader@1101.3.0
|
|
505
|
+
- @pnpm/resolving.npm-resolver@1101.1.0
|
|
506
|
+
- @pnpm/store.connection-manager@1100.1.0
|
|
507
|
+
- @pnpm/types@1101.1.0
|
|
508
|
+
- @pnpm/installing.deps-restorer@1101.1.0
|
|
509
|
+
- @pnpm/installing.client@1100.0.13
|
|
510
|
+
- @pnpm/installing.env-installer@1101.0.8
|
|
511
|
+
- @pnpm/bins.linker@1100.0.4
|
|
512
|
+
- @pnpm/building.policy@1100.0.4
|
|
513
|
+
- @pnpm/cli.meta@1100.0.3
|
|
514
|
+
- @pnpm/cli.utils@1101.0.3
|
|
515
|
+
- @pnpm/deps.graph-hasher@1100.1.5
|
|
516
|
+
- @pnpm/global.packages@1100.0.3
|
|
517
|
+
- @pnpm/lockfile.fs@1100.0.7
|
|
518
|
+
- @pnpm/lockfile.types@1100.0.5
|
|
519
|
+
- @pnpm/store.controller@1101.0.5
|
|
520
|
+
- @pnpm/workspace.project-manifest-reader@1100.0.4
|
|
521
|
+
|
|
522
|
+
## 1101.1.9
|
|
523
|
+
|
|
524
|
+
### Patch Changes
|
|
525
|
+
|
|
526
|
+
- Updated dependencies [e9e876c]
|
|
527
|
+
- Updated dependencies [15e9e35]
|
|
528
|
+
- @pnpm/config.reader@1101.2.2
|
|
529
|
+
- @pnpm/resolving.npm-resolver@1101.0.3
|
|
530
|
+
- @pnpm/installing.client@1100.0.12
|
|
531
|
+
- @pnpm/installing.deps-restorer@1101.0.8
|
|
532
|
+
- @pnpm/store.connection-manager@1100.0.13
|
|
533
|
+
- @pnpm/store.controller@1101.0.4
|
|
534
|
+
- @pnpm/global.commands@1100.0.14
|
|
535
|
+
- @pnpm/installing.env-installer@1101.0.7
|
|
536
|
+
|
|
537
|
+
## 1101.1.8
|
|
538
|
+
|
|
539
|
+
### Patch Changes
|
|
540
|
+
|
|
541
|
+
- @pnpm/deps.graph-hasher@1100.1.4
|
|
542
|
+
- @pnpm/installing.deps-restorer@1101.0.7
|
|
543
|
+
- @pnpm/installing.env-installer@1101.0.6
|
|
544
|
+
- @pnpm/lockfile.fs@1100.0.6
|
|
545
|
+
- @pnpm/installing.client@1100.0.11
|
|
546
|
+
- @pnpm/global.commands@1100.0.13
|
|
547
|
+
- @pnpm/store.connection-manager@1100.0.12
|
|
548
|
+
- @pnpm/store.controller@1101.0.3
|
|
549
|
+
|
|
550
|
+
## 1101.1.7
|
|
551
|
+
|
|
552
|
+
### Patch Changes
|
|
553
|
+
|
|
554
|
+
- d0982fc: Fixed the `pn`, `pnpx`, and `pnx` aliases failing in Git Bash / MSYS2 on Windows when pnpm was installed via `@pnpm/exe` (or after `pnpm self-update`) [#11486](https://github.com/pnpm/pnpm/issues/11486). Running `pnpx` (or `pnx`) printed the cmd.exe banner and dropped the user into an interactive command prompt instead of running `pnpm dlx`. The `bin` field rewrite on Windows was pointing those aliases at `.cmd` files; cmd-shim's Bash shim for a `.cmd` target wraps it in `exec cmd /C ...`, and MSYS2 mangles `/C` into a Windows path before cmd.exe sees it. The aliases are now `.exe` hardlinks of the SEA binary, which detects which name it was launched as via `process.execPath` and prepends `dlx` for `pnpx` / `pnx`.
|
|
555
|
+
- Updated dependencies [12313f1]
|
|
556
|
+
- Updated dependencies [27425d7]
|
|
557
|
+
- Updated dependencies [707a879]
|
|
558
|
+
- @pnpm/installing.deps-restorer@1101.0.6
|
|
559
|
+
- @pnpm/lockfile.fs@1100.0.5
|
|
560
|
+
- @pnpm/lockfile.types@1100.0.4
|
|
561
|
+
- @pnpm/config.reader@1101.2.1
|
|
562
|
+
- @pnpm/global.commands@1100.0.12
|
|
563
|
+
- @pnpm/installing.client@1100.0.10
|
|
564
|
+
- @pnpm/store.controller@1101.0.3
|
|
565
|
+
- @pnpm/installing.env-installer@1101.0.5
|
|
566
|
+
- @pnpm/deps.graph-hasher@1100.1.3
|
|
567
|
+
- @pnpm/resolving.npm-resolver@1101.0.2
|
|
568
|
+
- @pnpm/store.connection-manager@1100.0.11
|
|
569
|
+
|
|
570
|
+
## 1101.1.6
|
|
571
|
+
|
|
572
|
+
### Patch Changes
|
|
573
|
+
|
|
574
|
+
- 0219ab2: Fixed `pnpm self-update` on installations originally set up by pnpm v10. v10 added `PNPM_HOME` directly to PATH and wrote a `pnpm` bootstrap shim there. v11 setup writes shims under `PNPM_HOME/bin` instead, so when a v10 user upgrades to v11 the legacy shim at `PNPM_HOME` keeps pointing into the old `.tools/<version>` install — `pnpm --version` continues to report the pre-update version even though the new version was installed under `global/v11`. Self-update now detects this layout, refreshes the legacy shims so the upgrade actually takes effect, and prints a hint suggesting `pnpm setup` to migrate PATH to the v11 layout. [#11464](https://github.com/pnpm/pnpm/issues/11464).
|
|
575
|
+
- Updated dependencies [8fdd9a9]
|
|
576
|
+
- Updated dependencies [5f34a8d]
|
|
577
|
+
- Updated dependencies [c969392]
|
|
578
|
+
- Updated dependencies [ab6c42d]
|
|
579
|
+
- Updated dependencies [817b1b4]
|
|
580
|
+
- Updated dependencies [c969392]
|
|
581
|
+
- Updated dependencies [2de318b]
|
|
582
|
+
- @pnpm/config.reader@1101.2.0
|
|
583
|
+
- @pnpm/building.policy@1100.0.3
|
|
584
|
+
- @pnpm/installing.deps-restorer@1101.0.5
|
|
585
|
+
- @pnpm/global.commands@1100.0.11
|
|
586
|
+
- @pnpm/store.connection-manager@1100.0.10
|
|
587
|
+
- @pnpm/installing.client@1100.0.9
|
|
588
|
+
- @pnpm/installing.env-installer@1101.0.4
|
|
589
|
+
- @pnpm/store.controller@1101.0.2
|
|
590
|
+
|
|
591
|
+
## 1101.1.5
|
|
592
|
+
|
|
593
|
+
### Patch Changes
|
|
594
|
+
|
|
595
|
+
- Updated dependencies [72629fc]
|
|
596
|
+
- @pnpm/global.commands@1100.0.10
|
|
597
|
+
|
|
598
|
+
## 1101.1.4
|
|
599
|
+
|
|
600
|
+
### Patch Changes
|
|
601
|
+
|
|
602
|
+
- c1d29d2: `pnpm self-update` (with no version argument) no longer downgrades pnpm when the registry's `latest` dist-tag points to an older release than the currently active version. Run `pnpm self-update latest` to force a downgrade [#11418](https://github.com/pnpm/pnpm/issues/11418).
|
|
603
|
+
- Updated dependencies [42a8f29]
|
|
604
|
+
- @pnpm/config.reader@1101.1.4
|
|
605
|
+
- @pnpm/global.commands@1100.0.9
|
|
606
|
+
- @pnpm/store.connection-manager@1100.0.9
|
|
607
|
+
- @pnpm/installing.deps-restorer@1101.0.4
|
|
608
|
+
- @pnpm/installing.client@1100.0.8
|
|
609
|
+
- @pnpm/store.controller@1101.0.2
|
|
610
|
+
- @pnpm/installing.env-installer@1101.0.3
|
|
611
|
+
|
|
612
|
+
## 1101.1.3
|
|
613
|
+
|
|
614
|
+
### Patch Changes
|
|
615
|
+
|
|
616
|
+
- Updated dependencies [184ce26]
|
|
617
|
+
- @pnpm/workspace.project-manifest-reader@1100.0.3
|
|
618
|
+
- @pnpm/installing.deps-restorer@1101.0.3
|
|
619
|
+
- @pnpm/store.connection-manager@1100.0.8
|
|
620
|
+
- @pnpm/resolving.npm-resolver@1101.0.1
|
|
621
|
+
- @pnpm/deps.graph-hasher@1100.1.2
|
|
622
|
+
- @pnpm/installing.client@1100.0.7
|
|
623
|
+
- @pnpm/store.controller@1101.0.2
|
|
624
|
+
- @pnpm/building.policy@1100.0.2
|
|
625
|
+
- @pnpm/config.reader@1101.1.3
|
|
626
|
+
- @pnpm/bins.linker@1100.0.3
|
|
627
|
+
- @pnpm/shell.path@1100.0.1
|
|
628
|
+
- @pnpm/cli.utils@1101.0.2
|
|
629
|
+
- @pnpm/cli.meta@1100.0.2
|
|
630
|
+
- @pnpm/installing.env-installer@1101.0.3
|
|
631
|
+
- @pnpm/global.commands@1100.0.8
|
|
632
|
+
- @pnpm/lockfile.types@1100.0.3
|
|
633
|
+
- @pnpm/global.packages@1100.0.2
|
|
634
|
+
|
|
635
|
+
## 1101.1.2
|
|
636
|
+
|
|
637
|
+
### Patch Changes
|
|
638
|
+
|
|
639
|
+
- Updated dependencies [685a369]
|
|
640
|
+
- @pnpm/installing.deps-restorer@1101.0.2
|
|
641
|
+
- @pnpm/global.commands@1100.0.7
|
|
642
|
+
- @pnpm/cli.utils@1101.0.1
|
|
643
|
+
- @pnpm/store.controller@1101.0.1
|
|
644
|
+
- @pnpm/installing.env-installer@1101.0.2
|
|
645
|
+
- @pnpm/store.connection-manager@1100.0.7
|
|
646
|
+
|
|
647
|
+
## 1101.1.1
|
|
648
|
+
|
|
649
|
+
### Patch Changes
|
|
650
|
+
|
|
651
|
+
- 0fbcf74: `pnpm self-update` now keeps `package.json`'s `packageManager` and `devEngines.packageManager` in sync. When the legacy `packageManager` field pins pnpm, both fields are rewritten to the new exact pnpm version on update — `packageManager` to `pnpm@<version>` (without an integrity hash), and `devEngines.packageManager.version` to the same exact `<version>` (dropping any range operator). When only `devEngines.packageManager` is declared, the existing range-preserving behavior is unchanged [#11388](https://github.com/pnpm/pnpm/issues/11388).
|
|
652
|
+
- Updated dependencies [0fbcf74]
|
|
653
|
+
- @pnpm/config.reader@1101.1.2
|
|
654
|
+
- @pnpm/global.commands@1100.0.6
|
|
655
|
+
- @pnpm/store.connection-manager@1100.0.6
|
|
656
|
+
- @pnpm/installing.deps-restorer@1101.0.1
|
|
657
|
+
- @pnpm/installing.client@1100.0.6
|
|
658
|
+
- @pnpm/installing.env-installer@1101.0.1
|
|
659
|
+
- @pnpm/store.controller@1101.0.0
|
|
660
|
+
|
|
661
|
+
## 1101.1.0
|
|
662
|
+
|
|
663
|
+
### Minor Changes
|
|
664
|
+
|
|
665
|
+
- 390b9d1: `pnpm self-update` now prints progress messages so the command isn't silent: `Checking for updates...` before resolving, `Updating pnpm from vX to vY...` once a newer version is found, and `Successfully updated pnpm to vY` on completion.
|
|
666
|
+
|
|
667
|
+
### Patch Changes
|
|
668
|
+
|
|
669
|
+
- @pnpm/installing.client@1100.0.5
|
|
670
|
+
- @pnpm/global.commands@1100.0.5
|
|
671
|
+
- @pnpm/store.connection-manager@1100.0.5
|
|
672
|
+
- @pnpm/store.controller@1101.0.0
|
|
673
|
+
- @pnpm/installing.deps-restorer@1101.0.0
|
|
674
|
+
- @pnpm/installing.env-installer@1101.0.0
|
|
675
|
+
|
|
676
|
+
## 1101.0.2
|
|
677
|
+
|
|
678
|
+
### Patch Changes
|
|
679
|
+
|
|
680
|
+
- ef4ef7b: Restored the legacy `@pnpm/{macos,win,linux,linuxstatic}-{x64,arm64}` npm names for the platform-specific optional dependencies of `@pnpm/exe`, reverting the scope-nested `@pnpm/exe.<platform>-<arch>[-musl]` rename from [#11316](https://github.com/pnpm/pnpm/pull/11316) on the published package names only — the workspace directory layout (`pnpm/artifacts/<platform>-<arch>[-musl]/`) and the GitHub release asset filenames stay on the new scheme. The rename broke `pnpm self-update` from v10, which looks up the platform child by its legacy name. `linkExePlatformBinary` now checks for both schemes so a later rename can ship without a v10-compatibility hazard.
|
|
681
|
+
- @pnpm/installing.client@1100.0.4
|
|
682
|
+
- @pnpm/store.controller@1101.0.0
|
|
683
|
+
- @pnpm/installing.deps-restorer@1101.0.0
|
|
684
|
+
- @pnpm/resolving.npm-resolver@1101.0.0
|
|
685
|
+
- @pnpm/installing.env-installer@1101.0.0
|
|
686
|
+
- @pnpm/store.connection-manager@1100.0.4
|
|
687
|
+
- @pnpm/global.commands@1100.0.4
|
|
688
|
+
- @pnpm/deps.graph-hasher@1100.1.1
|
|
689
|
+
- @pnpm/config.reader@1101.1.1
|
|
690
|
+
|
|
691
|
+
## 1101.0.1
|
|
692
|
+
|
|
693
|
+
### Patch Changes
|
|
694
|
+
|
|
695
|
+
- Updated dependencies [7d25bc1]
|
|
696
|
+
- Updated dependencies [72c1e05]
|
|
697
|
+
- Updated dependencies [9e0833c]
|
|
698
|
+
- @pnpm/config.reader@1101.1.0
|
|
699
|
+
- @pnpm/deps.graph-hasher@1100.1.0
|
|
700
|
+
- @pnpm/installing.deps-restorer@1100.0.3
|
|
701
|
+
- @pnpm/resolving.npm-resolver@1100.1.0
|
|
702
|
+
- @pnpm/store.connection-manager@1100.0.3
|
|
703
|
+
- @pnpm/global.commands@1100.0.3
|
|
704
|
+
- @pnpm/installing.client@1100.0.3
|
|
705
|
+
- @pnpm/installing.env-installer@1100.1.1
|
|
706
|
+
- @pnpm/lockfile.types@1100.0.2
|
|
707
|
+
- @pnpm/store.controller@1100.0.2
|
|
708
|
+
|
|
709
|
+
## 1101.0.0
|
|
710
|
+
|
|
711
|
+
### Major Changes
|
|
712
|
+
|
|
713
|
+
- cee550a: **Breaking:** removed the `managePackageManagerVersions`, `packageManagerStrict`, and `packageManagerStrictVersion` settings. They existed only to derive the `onFail` behavior for the legacy `packageManager` field, and the `pmOnFail` setting introduced alongside `pnpm with` subsumes all three — it directly sets the `onFail` behavior of both `packageManager` and `devEngines.packageManager`. The `COREPACK_ENABLE_STRICT` environment variable is no longer honored (it only gated `packageManagerStrict`); use `pmOnFail` instead.
|
|
714
|
+
|
|
715
|
+
Migration:
|
|
716
|
+
|
|
717
|
+
| Removed setting | Replace with |
|
|
718
|
+
| ------------------------------------- | ------------------------------ |
|
|
719
|
+
| `managePackageManagerVersions: true` | `pmOnFail: download` (default) |
|
|
720
|
+
| `managePackageManagerVersions: false` | `pmOnFail: ignore` |
|
|
721
|
+
| `packageManagerStrict: false` | `pmOnFail: warn` |
|
|
722
|
+
| `packageManagerStrictVersion: true` | `pmOnFail: error` |
|
|
723
|
+
| `COREPACK_ENABLE_STRICT=0` | `pmOnFail: warn` |
|
|
724
|
+
|
|
725
|
+
### Minor Changes
|
|
726
|
+
|
|
727
|
+
- 9af708a: Add `pnpm with <version|current> <args...>` command. Runs pnpm at a specific version (or the currently active one) for a single invocation, bypassing the project's `packageManager` and `devEngines.packageManager` pins. Uses the same install mechanism as `pnpm self-update`, caching the downloaded pnpm in the global virtual store for reuse.
|
|
728
|
+
|
|
729
|
+
Examples:
|
|
730
|
+
|
|
731
|
+
```
|
|
732
|
+
pnpm with current install # ignore the pinned version, use the running pnpm
|
|
733
|
+
pnpm with 11.0.0-rc.1 install # install using pnpm 11.0.0-rc.1
|
|
734
|
+
pnpm with next install # install using the "next" dist-tag
|
|
735
|
+
```
|
|
736
|
+
|
|
737
|
+
Also adds a new `pmOnFail` setting that overrides the `onFail` behavior of `packageManager` and `devEngines.packageManager`. Accepted values: `download`, `error`, `warn`, `ignore`. Can be set via CLI flag, env var, `pnpm-workspace.yaml`, or `.npmrc` — useful when version management is handled by an external tool (asdf, mise, Volta, etc.) and the project wants pnpm itself to skip the check.
|
|
738
|
+
|
|
739
|
+
```
|
|
740
|
+
pnpm install --pm-on-fail=ignore # direct CLI flag
|
|
741
|
+
pnpm_config_pm_on_fail=ignore pnpm install # env var
|
|
742
|
+
# or in pnpm-workspace.yaml:
|
|
743
|
+
# pmOnFail: ignore
|
|
744
|
+
```
|
|
745
|
+
|
|
746
|
+
### Patch Changes
|
|
747
|
+
|
|
748
|
+
- Updated dependencies [cee550a]
|
|
749
|
+
- Updated dependencies [4ab3d9b]
|
|
750
|
+
- Updated dependencies [9af708a]
|
|
751
|
+
- Updated dependencies [ea2a7fb]
|
|
752
|
+
- Updated dependencies [ff7733c]
|
|
753
|
+
- @pnpm/cli.utils@1101.0.0
|
|
754
|
+
- @pnpm/config.reader@1101.0.0
|
|
755
|
+
- @pnpm/installing.env-installer@1100.1.0
|
|
756
|
+
- @pnpm/global.commands@1100.0.2
|
|
757
|
+
- @pnpm/store.connection-manager@1100.0.2
|
|
758
|
+
- @pnpm/bins.linker@1100.0.2
|
|
759
|
+
- @pnpm/workspace.project-manifest-reader@1100.0.2
|
|
760
|
+
- @pnpm/installing.deps-restorer@1100.0.2
|
|
761
|
+
- @pnpm/installing.client@1100.0.2
|
|
762
|
+
- @pnpm/store.controller@1100.0.1
|
|
763
|
+
|
|
764
|
+
## 1100.0.1
|
|
765
|
+
|
|
766
|
+
### Patch Changes
|
|
767
|
+
|
|
768
|
+
- b989a4a: Fixed `pnpm store prune` removing packages used by the globally installed pnpm, breaking it.
|
|
769
|
+
- Updated dependencies [ff28085]
|
|
770
|
+
- @pnpm/types@1101.0.0
|
|
771
|
+
- @pnpm/bins.linker@1100.0.1
|
|
772
|
+
- @pnpm/building.policy@1100.0.1
|
|
773
|
+
- @pnpm/cli.meta@1100.0.1
|
|
774
|
+
- @pnpm/cli.utils@1100.0.1
|
|
775
|
+
- @pnpm/config.reader@1100.0.1
|
|
776
|
+
- @pnpm/deps.graph-hasher@1100.0.1
|
|
777
|
+
- @pnpm/global.commands@1100.0.1
|
|
778
|
+
- @pnpm/global.packages@1100.0.1
|
|
779
|
+
- @pnpm/installing.client@1100.0.1
|
|
780
|
+
- @pnpm/installing.deps-restorer@1100.0.1
|
|
781
|
+
- @pnpm/installing.env-installer@1100.0.1
|
|
782
|
+
- @pnpm/lockfile.types@1100.0.1
|
|
783
|
+
- @pnpm/resolving.npm-resolver@1100.0.1
|
|
784
|
+
- @pnpm/store.controller@1100.0.1
|
|
785
|
+
- @pnpm/workspace.project-manifest-reader@1100.0.1
|
|
786
|
+
- @pnpm/store.connection-manager@1100.0.1
|
|
787
|
+
|
|
788
|
+
## 1001.0.0
|
|
789
|
+
|
|
790
|
+
### Major Changes
|
|
791
|
+
|
|
792
|
+
- 491a84f: This package is now pure ESM.
|
|
793
|
+
- 7d2fd48: Node.js v18, 19, 20, and 21 support discontinued.
|
|
794
|
+
|
|
795
|
+
### Minor Changes
|
|
796
|
+
|
|
797
|
+
- a8f016c: Store config dependency and package manager integrity info in `pnpm-lock.yaml` instead of inlining it in `pnpm-workspace.yaml`. The workspace manifest now contains only clean version specifiers for `configDependencies`, while the resolved versions, integrity hashes, and tarball URLs are recorded in the lockfile as a separate YAML document. The env lockfile section also stores `packageManagerDependencies` resolved during version switching and self-update. Projects using the old inline-hash format are automatically migrated on install.
|
|
798
|
+
- f0ae1b9: Store globally installed binaries in a `bin` subdirectory of `PNPM_HOME` instead of directly in `PNPM_HOME`. This prevents internal directories like `global/` and `store/` from polluting shell autocompletion when `PNPM_HOME` is on PATH [#10986](https://github.com/pnpm/pnpm/issues/10986).
|
|
799
|
+
|
|
800
|
+
After upgrading, run `pnpm setup` to update your shell configuration.
|
|
801
|
+
|
|
802
|
+
### Patch Changes
|
|
803
|
+
|
|
804
|
+
- 46f1016: `pnpm self-update` should always install the non-executable pnpm package (pnpm in the registry) and never the `@pnpm/exe` package, when installing v11 or newer. We currently cannot ship `@pnpm/exe` as `pkg` doesn't work with ESM [#10190](https://github.com/pnpm/pnpm/pull/10190).
|
|
805
|
+
- 253858d: Fixed `pnpm self-update` breaking when running `@pnpm/exe`. The platform binary (e.g., `@pnpm/macos-arm64`) was not found in pnpm's symlinked `node_modules` layout because it was looked up at the top level instead of as a sibling of `@pnpm/exe` in the virtual store.
|
|
806
|
+
- 1ab0f7b: Fixed version switching via `packageManager` field failing when pnpm is installed as a standalone executable in environments without a system Node.js [#10687](https://github.com/pnpm/pnpm/issues/10687).
|
|
807
|
+
- Updated dependencies [ac4c9f4]
|
|
808
|
+
- Updated dependencies [7730a7f]
|
|
809
|
+
- Updated dependencies [5f73b0f]
|
|
810
|
+
- Updated dependencies [449dacf]
|
|
811
|
+
- Updated dependencies [ae8b816]
|
|
812
|
+
- Updated dependencies [facdd71]
|
|
813
|
+
- Updated dependencies [394d88c]
|
|
814
|
+
- Updated dependencies [e2e0a32]
|
|
815
|
+
- Updated dependencies [3c72b6b]
|
|
816
|
+
- Updated dependencies [9f5c0e3]
|
|
817
|
+
- Updated dependencies [a297ebc]
|
|
818
|
+
- Updated dependencies [76718b3]
|
|
819
|
+
- Updated dependencies [821b36a]
|
|
820
|
+
- Updated dependencies [a8f016c]
|
|
821
|
+
- Updated dependencies [cc1b8e3]
|
|
822
|
+
- Updated dependencies [5a0ed1d]
|
|
823
|
+
- Updated dependencies [90bd3c3]
|
|
824
|
+
- Updated dependencies [1cc61e8]
|
|
825
|
+
- Updated dependencies [606f53e]
|
|
826
|
+
- Updated dependencies [831f574]
|
|
827
|
+
- Updated dependencies [0e9c559]
|
|
828
|
+
- Updated dependencies [c7203b9]
|
|
829
|
+
- Updated dependencies [bb17724]
|
|
830
|
+
- Updated dependencies [2fccb03]
|
|
831
|
+
- Updated dependencies [82f4610]
|
|
832
|
+
- Updated dependencies [05fb1ae]
|
|
833
|
+
- Updated dependencies [cd743ef]
|
|
834
|
+
- Updated dependencies [da2429d]
|
|
835
|
+
- Updated dependencies [1cc61e8]
|
|
836
|
+
- Updated dependencies [19f36cf]
|
|
837
|
+
- Updated dependencies [491a84f]
|
|
838
|
+
- Updated dependencies [62f760e]
|
|
839
|
+
- Updated dependencies [f0ae1b9]
|
|
840
|
+
- Updated dependencies [9fc552d]
|
|
841
|
+
- Updated dependencies [394d88c]
|
|
842
|
+
- Updated dependencies [6e9cad3]
|
|
843
|
+
- Updated dependencies [61cad0c]
|
|
844
|
+
- Updated dependencies [312226c]
|
|
845
|
+
- Updated dependencies [cb228c9]
|
|
846
|
+
- Updated dependencies [19f36cf]
|
|
847
|
+
- Updated dependencies [d8be970]
|
|
848
|
+
- Updated dependencies [7fab2a2]
|
|
849
|
+
- Updated dependencies [cb367b9]
|
|
850
|
+
- Updated dependencies [543c7e4]
|
|
851
|
+
- Updated dependencies [9eddabb]
|
|
852
|
+
- Updated dependencies [075aa99]
|
|
853
|
+
- Updated dependencies [c4045fc]
|
|
854
|
+
- Updated dependencies [fd511e4]
|
|
855
|
+
- Updated dependencies [ae43ac7]
|
|
856
|
+
- Updated dependencies [ccec8e7]
|
|
857
|
+
- Updated dependencies [98a5f1c]
|
|
858
|
+
- Updated dependencies [143ca78]
|
|
859
|
+
- Updated dependencies [ba065f6]
|
|
860
|
+
- Updated dependencies [4158906]
|
|
861
|
+
- Updated dependencies [6f361aa]
|
|
862
|
+
- Updated dependencies [ac944ef]
|
|
863
|
+
- Updated dependencies [0625e20]
|
|
864
|
+
- Updated dependencies [938ea1f]
|
|
865
|
+
- Updated dependencies [2cb0657]
|
|
866
|
+
- Updated dependencies [bb8baa7]
|
|
867
|
+
- Updated dependencies [7d2fd48]
|
|
868
|
+
- Updated dependencies [9eddabb]
|
|
869
|
+
- Updated dependencies [cc7c0d2]
|
|
870
|
+
- Updated dependencies [144ce0e]
|
|
871
|
+
- Updated dependencies [efb48dc]
|
|
872
|
+
- Updated dependencies [56a59df]
|
|
873
|
+
- Updated dependencies [d5d4eed]
|
|
874
|
+
- Updated dependencies [095f659]
|
|
875
|
+
- Updated dependencies [96704a1]
|
|
876
|
+
- Updated dependencies [50fbeca]
|
|
877
|
+
- Updated dependencies [4a36b9a]
|
|
878
|
+
- Updated dependencies [cb367b9]
|
|
879
|
+
- Updated dependencies [7b1c189]
|
|
880
|
+
- Updated dependencies [51b04c3]
|
|
881
|
+
- Updated dependencies [d01b81f]
|
|
882
|
+
- Updated dependencies [3ed41f4]
|
|
883
|
+
- Updated dependencies [8ffb1a7]
|
|
884
|
+
- Updated dependencies [05fb1ae]
|
|
885
|
+
- Updated dependencies [f40177f]
|
|
886
|
+
- Updated dependencies [615bd24]
|
|
887
|
+
- Updated dependencies [05158d2]
|
|
888
|
+
- Updated dependencies [71de2b3]
|
|
889
|
+
- Updated dependencies [10bc391]
|
|
890
|
+
- Updated dependencies [ba70035]
|
|
891
|
+
- Updated dependencies [3585d9a]
|
|
892
|
+
- Updated dependencies [38b8e35]
|
|
893
|
+
- Updated dependencies [b7f0f21]
|
|
894
|
+
- Updated dependencies [1e6de25]
|
|
895
|
+
- Updated dependencies [831f574]
|
|
896
|
+
- Updated dependencies [2df8b71]
|
|
897
|
+
- Updated dependencies [2f98ec8]
|
|
898
|
+
- Updated dependencies [ed1a7fe]
|
|
899
|
+
- Updated dependencies [15549a9]
|
|
900
|
+
- Updated dependencies [cc7c0d2]
|
|
901
|
+
- Updated dependencies [5bf7768]
|
|
902
|
+
- Updated dependencies [ae43ac7]
|
|
903
|
+
- Updated dependencies [09bb8db]
|
|
904
|
+
- Updated dependencies [a5fdbf9]
|
|
905
|
+
- Updated dependencies [7354e6b]
|
|
906
|
+
- Updated dependencies [9d3f00b]
|
|
907
|
+
- Updated dependencies [6557dc0]
|
|
908
|
+
- Updated dependencies [efb48dc]
|
|
909
|
+
- Updated dependencies [9587dac]
|
|
910
|
+
- Updated dependencies [09a999a]
|
|
911
|
+
- Updated dependencies [559f903]
|
|
912
|
+
- Updated dependencies [3574905]
|
|
913
|
+
- Updated dependencies [4362c06]
|
|
914
|
+
- @pnpm/installing.deps-restorer@1007.0.0
|
|
915
|
+
- @pnpm/config.reader@1005.0.0
|
|
916
|
+
- @pnpm/deps.graph-hasher@1003.0.0
|
|
917
|
+
- @pnpm/bins.linker@1001.0.0
|
|
918
|
+
- @pnpm/resolving.npm-resolver@1005.0.0
|
|
919
|
+
- @pnpm/store.controller@1005.0.0
|
|
920
|
+
- @pnpm/types@1001.0.0
|
|
921
|
+
- @pnpm/installing.env-installer@1001.0.0
|
|
922
|
+
- @pnpm/lockfile.types@1003.0.0
|
|
923
|
+
- @pnpm/cli.utils@1002.0.0
|
|
924
|
+
- @pnpm/building.policy@1000.0.0
|
|
925
|
+
- @pnpm/workspace.project-manifest-reader@1002.0.0
|
|
926
|
+
- @pnpm/store.connection-manager@1003.0.0
|
|
927
|
+
- @pnpm/installing.client@1002.0.0
|
|
928
|
+
- @pnpm/error@1001.0.0
|
|
929
|
+
- @pnpm/cli.meta@1001.0.0
|
|
930
|
+
- @pnpm/global.packages@1000.0.0
|
|
931
|
+
- @pnpm/global.commands@1000.0.0
|
|
@@ -49,6 +49,12 @@ export declare function installPnpmToStore(pnpmVersion: string, opts: {
|
|
|
49
49
|
} & VerifyPnpmEngineIdentityOptions): Promise<{
|
|
50
50
|
binDir: string;
|
|
51
51
|
}>;
|
|
52
|
+
/**
|
|
53
|
+
* The install dir under `globalDir` that already holds `pkgName` at exactly
|
|
54
|
+
* `version`, or `undefined` when the global install is missing, at a
|
|
55
|
+
* different version, or unreadable.
|
|
56
|
+
*/
|
|
57
|
+
export declare function findGlobalPnpmInstallDir(globalDir: string, pkgName: string, version: string): Promise<string | undefined>;
|
|
52
58
|
/**
|
|
53
59
|
* Computes the scope-local directory name of the `@pnpm/exe` platform
|
|
54
60
|
* package for a given host. Returns the legacy name currently published on npm
|
|
@@ -117,18 +117,9 @@ function findPnpmGvsPath(lockfile, pkgName, globalVirtualStoreDir, allowBuilds)
|
|
|
117
117
|
async function installPnpmToGlobalDir(opts, pkgName, version, wantedLockfile) {
|
|
118
118
|
const globalDir = opts.globalPkgDir;
|
|
119
119
|
cleanOrphanedInstallDirs(globalDir);
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
const pkgJsonPath = path.join(existing.installDir, 'node_modules', pkgName, 'package.json');
|
|
124
|
-
try {
|
|
125
|
-
const pkgJson = JSON.parse(fs.readFileSync(pkgJsonPath, 'utf8'));
|
|
126
|
-
if (pkgJson.version === version) {
|
|
127
|
-
const binDir = path.join(existing.installDir, 'bin');
|
|
128
|
-
return { alreadyExisted: true, installDir: existing.installDir, binDir };
|
|
129
|
-
}
|
|
130
|
-
}
|
|
131
|
-
catch { }
|
|
120
|
+
const existingInstallDir = await findGlobalPnpmInstallDir(globalDir, pkgName, version);
|
|
121
|
+
if (existingInstallDir != null) {
|
|
122
|
+
return { alreadyExisted: true, installDir: existingInstallDir, binDir: path.join(existingInstallDir, 'bin') };
|
|
132
123
|
}
|
|
133
124
|
const installDir = createInstallDir(globalDir);
|
|
134
125
|
const binDir = path.join(installDir, 'bin');
|
|
@@ -175,6 +166,23 @@ async function installPnpmToGlobalDir(opts, pkgName, version, wantedLockfile) {
|
|
|
175
166
|
throw err;
|
|
176
167
|
}
|
|
177
168
|
}
|
|
169
|
+
/**
|
|
170
|
+
* The install dir under `globalDir` that already holds `pkgName` at exactly
|
|
171
|
+
* `version`, or `undefined` when the global install is missing, at a
|
|
172
|
+
* different version, or unreadable.
|
|
173
|
+
*/
|
|
174
|
+
export async function findGlobalPnpmInstallDir(globalDir, pkgName, version) {
|
|
175
|
+
const existing = findGlobalPackage(globalDir, pkgName);
|
|
176
|
+
if (!existing)
|
|
177
|
+
return undefined;
|
|
178
|
+
try {
|
|
179
|
+
const pkgJson = JSON.parse(await fs.promises.readFile(path.join(existing.installDir, 'node_modules', pkgName, 'package.json'), 'utf8'));
|
|
180
|
+
if (pkgJson.version === version)
|
|
181
|
+
return existing.installDir;
|
|
182
|
+
}
|
|
183
|
+
catch { }
|
|
184
|
+
return undefined;
|
|
185
|
+
}
|
|
178
186
|
async function installFromLockfile(installDir, binDir, opts) {
|
|
179
187
|
const rootImporter = opts.wantedLockfile.importers['.'];
|
|
180
188
|
const dependencies = rootImporter?.dependencies ?? {};
|
|
@@ -229,7 +237,6 @@ async function installFromResolution(installDir, opts, params) {
|
|
|
229
237
|
devDependencies: false,
|
|
230
238
|
optionalDependencies: true,
|
|
231
239
|
};
|
|
232
|
-
const fetchFullMetadata = Boolean(opts.supportedArchitectures?.libc);
|
|
233
240
|
await installGlobalPackages({
|
|
234
241
|
...opts,
|
|
235
242
|
global: false,
|
|
@@ -245,7 +252,6 @@ async function installFromResolution(installDir, opts, params) {
|
|
|
245
252
|
workspaceDir: undefined,
|
|
246
253
|
sharedWorkspaceLockfile: false,
|
|
247
254
|
lockfileOnly: false,
|
|
248
|
-
fetchFullMetadata,
|
|
249
255
|
include,
|
|
250
256
|
includeDirect: include,
|
|
251
257
|
allowBuilds: {},
|
|
@@ -11,12 +11,12 @@ import { resolvePackageManagerIntegrities } from '@pnpm/installing.env-installer
|
|
|
11
11
|
import { readEnvLockfile } from '@pnpm/lockfile.fs';
|
|
12
12
|
import { globalInfo, globalWarn } from '@pnpm/logger';
|
|
13
13
|
import { whichVersionIsPinned } from '@pnpm/resolving.npm-resolver';
|
|
14
|
-
import { createStoreController } from '@pnpm/store.connection-manager';
|
|
14
|
+
import { createStoreController, shouldFetchFullMetadata } from '@pnpm/store.connection-manager';
|
|
15
15
|
import { readProjectManifest } from '@pnpm/workspace.project-manifest-reader';
|
|
16
16
|
import { pick } from 'ramda';
|
|
17
17
|
import { renderHelp } from 'render-help';
|
|
18
18
|
import semver from 'semver';
|
|
19
|
-
import { installPnpm } from './installPnpm.js';
|
|
19
|
+
import { findGlobalPnpmInstallDir, installPnpm, pnpmPackageNameToInstall } from './installPnpm.js';
|
|
20
20
|
export function rcOptionsTypes() {
|
|
21
21
|
return pick([], allTypes);
|
|
22
22
|
}
|
|
@@ -52,15 +52,11 @@ export async function handler(opts, params) {
|
|
|
52
52
|
throw new PnpmError('CANT_SELF_UPDATE_IN_COREPACK', 'You should update pnpm with corepack');
|
|
53
53
|
}
|
|
54
54
|
globalInfo('Checking for updates...');
|
|
55
|
-
// Resolve the engine version exactly as a regular install would.
|
|
56
|
-
//
|
|
57
|
-
//
|
|
58
|
-
//
|
|
59
|
-
|
|
60
|
-
// only `time`. `minimumReleaseAge` is handled by the resolver's on-demand
|
|
61
|
-
// abbreviated→full upgrade, so it isn't requested up front here.
|
|
62
|
-
const fullMetadata = (opts.trustPolicy === 'no-downgrade' ||
|
|
63
|
-
(opts.resolutionMode === 'time-based' && !opts.registrySupportsTimeField));
|
|
55
|
+
// Resolve the engine version exactly as a regular install would.
|
|
56
|
+
// `minimumReleaseAge` is not part of `shouldFetchFullMetadata` because the
|
|
57
|
+
// resolver upgrades abbreviated metadata to full on demand for the
|
|
58
|
+
// maturity check, so it isn't requested up front here.
|
|
59
|
+
const fullMetadata = shouldFetchFullMetadata(opts);
|
|
64
60
|
const { resolve: baseResolve } = createResolver({
|
|
65
61
|
...opts,
|
|
66
62
|
configByUri: opts.configByUri,
|
|
@@ -196,7 +192,11 @@ export async function handler(opts, params) {
|
|
|
196
192
|
return `The current project is already set to use pnpm v${resolution.manifest.version}`;
|
|
197
193
|
}
|
|
198
194
|
}
|
|
199
|
-
|
|
195
|
+
// Version equality with the running binary alone must not skip the
|
|
196
|
+
// update: a removed global install can be recovered by running a local
|
|
197
|
+
// pnpm of the same version (see pnpm/pnpm#12877).
|
|
198
|
+
if (resolution.manifest.version === packageManager.version &&
|
|
199
|
+
await findGlobalPnpmInstallDir(opts.globalPkgDir, pnpmPackageNameToInstall(resolution.manifest.version), resolution.manifest.version) != null) {
|
|
200
200
|
return `The currently active ${packageManager.name} v${packageManager.version} is already "${bareSpecifier}" and doesn't need an update`;
|
|
201
201
|
}
|
|
202
202
|
if (isImplicitLatest && semver.lt(resolution.manifest.version, packageManager.version)) {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@pnpm/engine.pm.commands",
|
|
3
|
-
"version": "1101.2.
|
|
3
|
+
"version": "1101.2.3",
|
|
4
4
|
"description": "pnpm commands for self-updating and setting up pnpm",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"pnpm",
|
|
@@ -27,53 +27,53 @@
|
|
|
27
27
|
"!*.map"
|
|
28
28
|
],
|
|
29
29
|
"dependencies": {
|
|
30
|
+
"@pnpm/bins.linker": "1100.0.17",
|
|
31
|
+
"@pnpm/building.policy": "1100.0.13",
|
|
32
|
+
"@pnpm/cli.meta": "1100.0.9",
|
|
33
|
+
"@pnpm/cli.utils": "1101.0.14",
|
|
34
|
+
"@pnpm/config.pick-registry-for-package": "1100.0.10",
|
|
35
|
+
"@pnpm/config.reader": "1101.12.0",
|
|
36
|
+
"@pnpm/config.version-policy": "1100.1.7",
|
|
37
|
+
"@pnpm/deps.graph-hasher": "1100.2.10",
|
|
38
|
+
"@pnpm/deps.security.signatures": "1101.2.4",
|
|
39
|
+
"@pnpm/error": "1100.0.1",
|
|
40
|
+
"@pnpm/global.commands": "1100.0.34",
|
|
41
|
+
"@pnpm/global.packages": "1100.0.11",
|
|
42
|
+
"@pnpm/installing.client": "1100.2.14",
|
|
43
|
+
"@pnpm/installing.deps-restorer": "1102.1.5",
|
|
44
|
+
"@pnpm/installing.env-installer": "1102.0.6",
|
|
45
|
+
"@pnpm/lockfile.fs": "1100.1.11",
|
|
46
|
+
"@pnpm/lockfile.types": "1100.0.14",
|
|
47
|
+
"@pnpm/network.auth-header": "1101.1.4",
|
|
30
48
|
"@pnpm/os.env.path-extender": "^3.0.1",
|
|
49
|
+
"@pnpm/resolving.npm-resolver": "1102.1.3",
|
|
50
|
+
"@pnpm/shell.path": "1100.0.1",
|
|
51
|
+
"@pnpm/store.connection-manager": "1100.3.6",
|
|
52
|
+
"@pnpm/store.controller": "1102.0.5",
|
|
53
|
+
"@pnpm/types": "1101.4.0",
|
|
54
|
+
"@pnpm/workspace.project-manifest-reader": "1100.0.15",
|
|
31
55
|
"cross-spawn": "^7.0.6",
|
|
32
56
|
"detect-libc": "^2.1.2",
|
|
33
57
|
"path-name": "^1.0.0",
|
|
34
58
|
"ramda": "npm:@pnpm/ramda@0.28.1",
|
|
35
59
|
"render-help": "^2.0.0",
|
|
36
60
|
"semver": "^7.8.4",
|
|
37
|
-
"symlink-dir": "^10.0.1"
|
|
38
|
-
"@pnpm/bins.linker": "1100.0.16",
|
|
39
|
-
"@pnpm/building.policy": "1100.0.12",
|
|
40
|
-
"@pnpm/cli.meta": "1100.0.8",
|
|
41
|
-
"@pnpm/cli.utils": "1101.0.13",
|
|
42
|
-
"@pnpm/config.pick-registry-for-package": "1100.0.9",
|
|
43
|
-
"@pnpm/config.reader": "1101.11.1",
|
|
44
|
-
"@pnpm/config.version-policy": "1100.1.6",
|
|
45
|
-
"@pnpm/deps.graph-hasher": "1100.2.8",
|
|
46
|
-
"@pnpm/deps.security.signatures": "1101.2.3",
|
|
47
|
-
"@pnpm/global.packages": "1100.0.10",
|
|
48
|
-
"@pnpm/global.commands": "1100.0.32",
|
|
49
|
-
"@pnpm/error": "1100.0.1",
|
|
50
|
-
"@pnpm/installing.env-installer": "1102.0.4",
|
|
51
|
-
"@pnpm/lockfile.fs": "1100.1.9",
|
|
52
|
-
"@pnpm/installing.deps-restorer": "1102.1.3",
|
|
53
|
-
"@pnpm/lockfile.types": "1100.0.13",
|
|
54
|
-
"@pnpm/resolving.npm-resolver": "1102.1.2",
|
|
55
|
-
"@pnpm/shell.path": "1100.0.1",
|
|
56
|
-
"@pnpm/network.auth-header": "1101.1.3",
|
|
57
|
-
"@pnpm/store.connection-manager": "1100.3.4",
|
|
58
|
-
"@pnpm/types": "1101.3.2",
|
|
59
|
-
"@pnpm/workspace.project-manifest-reader": "1100.0.14",
|
|
60
|
-
"@pnpm/store.controller": "1102.0.3",
|
|
61
|
-
"@pnpm/installing.client": "1100.2.12"
|
|
61
|
+
"symlink-dir": "^10.0.1"
|
|
62
62
|
},
|
|
63
63
|
"peerDependencies": {
|
|
64
64
|
"@pnpm/logger": "^1100.0.0"
|
|
65
65
|
},
|
|
66
66
|
"devDependencies": {
|
|
67
67
|
"@jest/globals": "30.4.1",
|
|
68
|
-
"@types/cross-spawn": "^6.0.6",
|
|
69
|
-
"@types/ramda": "0.31.1",
|
|
70
|
-
"@types/semver": "7.7.1",
|
|
71
68
|
"@pnpm/constants": "1100.0.0",
|
|
69
|
+
"@pnpm/engine.pm.commands": "1101.2.3",
|
|
72
70
|
"@pnpm/error": "1100.0.1",
|
|
73
71
|
"@pnpm/logger": "1100.0.0",
|
|
74
|
-
"@pnpm/
|
|
75
|
-
"@pnpm/
|
|
76
|
-
"@
|
|
72
|
+
"@pnpm/prepare": "1100.0.19",
|
|
73
|
+
"@pnpm/testing.mock-agent": "1101.0.5",
|
|
74
|
+
"@types/cross-spawn": "^6.0.6",
|
|
75
|
+
"@types/ramda": "0.31.1",
|
|
76
|
+
"@types/semver": "7.7.1"
|
|
77
77
|
},
|
|
78
78
|
"engines": {
|
|
79
79
|
"node": ">=22.13"
|