@pnpm/engine.pm.commands 1101.2.2 → 1101.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -1,5 +1,35 @@
1
1
  # @pnpm/engine.pm.commands
2
2
 
3
+ ## 1101.2.3
4
+
5
+ ### Patch Changes
6
+
7
+ - `pnpm add -g`, `pnpm update -g`, `pnpm setup`, and the self-updater no longer fail with `ERR_PNPM_MISSING_TIME` when `trustPolicy: no-downgrade` or `resolutionMode: time-based` is set in the global config [#12883](https://github.com/pnpm/pnpm/issues/12883). The decision to fetch full registry metadata now lives in one place, and the `no-downgrade` trust policy always requests full metadata (matching the self-updater), since the trust evidence it checks is missing from abbreviated metadata even on registries that include the `time` field.
8
+
9
+ - Updated dependencies:
10
+ - @pnpm/bins.linker@1100.0.17
11
+ - @pnpm/building.policy@1100.0.13
12
+ - @pnpm/cli.meta@1100.0.9
13
+ - @pnpm/cli.utils@1101.0.14
14
+ - @pnpm/config.pick-registry-for-package@1100.0.10
15
+ - @pnpm/config.reader@1101.12.0
16
+ - @pnpm/config.version-policy@1100.1.7
17
+ - @pnpm/deps.graph-hasher@1100.2.10
18
+ - @pnpm/deps.security.signatures@1101.2.4
19
+ - @pnpm/global.commands@1100.0.34
20
+ - @pnpm/global.packages@1100.0.11
21
+ - @pnpm/installing.client@1100.2.14
22
+ - @pnpm/installing.deps-restorer@1102.1.5
23
+ - @pnpm/installing.env-installer@1102.0.6
24
+ - @pnpm/lockfile.fs@1100.1.11
25
+ - @pnpm/lockfile.types@1100.0.14
26
+ - @pnpm/network.auth-header@1101.1.4
27
+ - @pnpm/resolving.npm-resolver@1102.1.3
28
+ - @pnpm/store.connection-manager@1100.3.6
29
+ - @pnpm/store.controller@1102.0.5
30
+ - @pnpm/types@1101.4.0
31
+ - @pnpm/workspace.project-manifest-reader@1100.0.15
32
+
3
33
  ## 1101.2.2
4
34
 
5
35
  ### Patch Changes
@@ -237,7 +237,6 @@ async function installFromResolution(installDir, opts, params) {
237
237
  devDependencies: false,
238
238
  optionalDependencies: true,
239
239
  };
240
- const fetchFullMetadata = Boolean(opts.supportedArchitectures?.libc);
241
240
  await installGlobalPackages({
242
241
  ...opts,
243
242
  global: false,
@@ -253,7 +252,6 @@ async function installFromResolution(installDir, opts, params) {
253
252
  workspaceDir: undefined,
254
253
  sharedWorkspaceLockfile: false,
255
254
  lockfileOnly: false,
256
- fetchFullMetadata,
257
255
  include,
258
256
  includeDirect: include,
259
257
  allowBuilds: {},
@@ -11,7 +11,7 @@ import { resolvePackageManagerIntegrities } from '@pnpm/installing.env-installer
11
11
  import { readEnvLockfile } from '@pnpm/lockfile.fs';
12
12
  import { globalInfo, globalWarn } from '@pnpm/logger';
13
13
  import { whichVersionIsPinned } from '@pnpm/resolving.npm-resolver';
14
- import { createStoreController } from '@pnpm/store.connection-manager';
14
+ import { createStoreController, shouldFetchFullMetadata } from '@pnpm/store.connection-manager';
15
15
  import { readProjectManifest } from '@pnpm/workspace.project-manifest-reader';
16
16
  import { pick } from 'ramda';
17
17
  import { renderHelp } from 'render-help';
@@ -52,15 +52,11 @@ export async function handler(opts, params) {
52
52
  throw new PnpmError('CANT_SELF_UPDATE_IN_COREPACK', 'You should update pnpm with corepack');
53
53
  }
54
54
  globalInfo('Checking for updates...');
55
- // Resolve the engine version exactly as a regular install would. The
56
- // no-downgrade trust check reads per-version trust evidence (`_npmUser` /
57
- // `dist.attestations`) that abbreviated metadata never carries so it
58
- // always needs full metadata, regardless of `registrySupportsTimeField`
59
- // (which only concerns the `time` field). Time-based resolution needs
60
- // only `time`. `minimumReleaseAge` is handled by the resolver's on-demand
61
- // abbreviated→full upgrade, so it isn't requested up front here.
62
- const fullMetadata = (opts.trustPolicy === 'no-downgrade' ||
63
- (opts.resolutionMode === 'time-based' && !opts.registrySupportsTimeField));
55
+ // Resolve the engine version exactly as a regular install would.
56
+ // `minimumReleaseAge` is not part of `shouldFetchFullMetadata` because the
57
+ // resolver upgrades abbreviated metadata to full on demand for the
58
+ // maturity check, so it isn't requested up front here.
59
+ const fullMetadata = shouldFetchFullMetadata(opts);
64
60
  const { resolve: baseResolve } = createResolver({
65
61
  ...opts,
66
62
  configByUri: opts.configByUri,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@pnpm/engine.pm.commands",
3
- "version": "1101.2.2",
3
+ "version": "1101.2.3",
4
4
  "description": "pnpm commands for self-updating and setting up pnpm",
5
5
  "keywords": [
6
6
  "pnpm",
@@ -27,31 +27,31 @@
27
27
  "!*.map"
28
28
  ],
29
29
  "dependencies": {
30
- "@pnpm/bins.linker": "1100.0.16",
31
- "@pnpm/building.policy": "1100.0.12",
32
- "@pnpm/cli.meta": "1100.0.8",
33
- "@pnpm/cli.utils": "1101.0.13",
34
- "@pnpm/config.pick-registry-for-package": "1100.0.9",
35
- "@pnpm/config.reader": "1101.11.2",
36
- "@pnpm/config.version-policy": "1100.1.6",
37
- "@pnpm/deps.graph-hasher": "1100.2.9",
38
- "@pnpm/deps.security.signatures": "1101.2.3",
30
+ "@pnpm/bins.linker": "1100.0.17",
31
+ "@pnpm/building.policy": "1100.0.13",
32
+ "@pnpm/cli.meta": "1100.0.9",
33
+ "@pnpm/cli.utils": "1101.0.14",
34
+ "@pnpm/config.pick-registry-for-package": "1100.0.10",
35
+ "@pnpm/config.reader": "1101.12.0",
36
+ "@pnpm/config.version-policy": "1100.1.7",
37
+ "@pnpm/deps.graph-hasher": "1100.2.10",
38
+ "@pnpm/deps.security.signatures": "1101.2.4",
39
39
  "@pnpm/error": "1100.0.1",
40
- "@pnpm/global.commands": "1100.0.33",
41
- "@pnpm/global.packages": "1100.0.10",
42
- "@pnpm/installing.client": "1100.2.13",
43
- "@pnpm/installing.deps-restorer": "1102.1.4",
44
- "@pnpm/installing.env-installer": "1102.0.5",
45
- "@pnpm/lockfile.fs": "1100.1.10",
46
- "@pnpm/lockfile.types": "1100.0.13",
47
- "@pnpm/network.auth-header": "1101.1.3",
40
+ "@pnpm/global.commands": "1100.0.34",
41
+ "@pnpm/global.packages": "1100.0.11",
42
+ "@pnpm/installing.client": "1100.2.14",
43
+ "@pnpm/installing.deps-restorer": "1102.1.5",
44
+ "@pnpm/installing.env-installer": "1102.0.6",
45
+ "@pnpm/lockfile.fs": "1100.1.11",
46
+ "@pnpm/lockfile.types": "1100.0.14",
47
+ "@pnpm/network.auth-header": "1101.1.4",
48
48
  "@pnpm/os.env.path-extender": "^3.0.1",
49
- "@pnpm/resolving.npm-resolver": "1102.1.2",
49
+ "@pnpm/resolving.npm-resolver": "1102.1.3",
50
50
  "@pnpm/shell.path": "1100.0.1",
51
- "@pnpm/store.connection-manager": "1100.3.5",
52
- "@pnpm/store.controller": "1102.0.4",
53
- "@pnpm/types": "1101.3.2",
54
- "@pnpm/workspace.project-manifest-reader": "1100.0.14",
51
+ "@pnpm/store.connection-manager": "1100.3.6",
52
+ "@pnpm/store.controller": "1102.0.5",
53
+ "@pnpm/types": "1101.4.0",
54
+ "@pnpm/workspace.project-manifest-reader": "1100.0.15",
55
55
  "cross-spawn": "^7.0.6",
56
56
  "detect-libc": "^2.1.2",
57
57
  "path-name": "^1.0.0",
@@ -66,11 +66,11 @@
66
66
  "devDependencies": {
67
67
  "@jest/globals": "30.4.1",
68
68
  "@pnpm/constants": "1100.0.0",
69
- "@pnpm/engine.pm.commands": "1101.2.2",
69
+ "@pnpm/engine.pm.commands": "1101.2.3",
70
70
  "@pnpm/error": "1100.0.1",
71
71
  "@pnpm/logger": "1100.0.0",
72
- "@pnpm/prepare": "1100.0.18",
73
- "@pnpm/testing.mock-agent": "1101.0.4",
72
+ "@pnpm/prepare": "1100.0.19",
73
+ "@pnpm/testing.mock-agent": "1101.0.5",
74
74
  "@types/cross-spawn": "^6.0.6",
75
75
  "@types/ramda": "0.31.1",
76
76
  "@types/semver": "7.7.1"