@pnpm/lockfile.utils 1100.1.1 → 1100.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/CHANGELOG.md +1331 -0
  2. package/package.json +7 -7
package/CHANGELOG.md ADDED
@@ -0,0 +1,1331 @@
1
+ # @pnpm/lockfile-utils
2
+
3
+ ## 1100.1.2
4
+
5
+ ### Patch Changes
6
+
7
+ - Updated dependencies [a897ef7]
8
+ - @pnpm/hooks.types@1100.2.0
9
+
10
+ ## 1100.1.1
11
+
12
+ ### Patch Changes
13
+
14
+ - Updated dependencies [dcabb78]
15
+ - @pnpm/resolving.resolver-base@1100.5.1
16
+ - @pnpm/hooks.types@1100.1.1
17
+ - @pnpm/lockfile.types@1100.0.13
18
+
19
+ ## 1100.1.0
20
+
21
+ ### Minor Changes
22
+
23
+ - bae694f: Some registries generate tarballs on-demand and cannot provide an integrity checksum in their package metadata. In that case pnpm now computes the integrity from the downloaded tarball and stores it in the lockfile, so the entry is verifiable on subsequent installs instead of being written without an integrity (which would fail the next install). This also applies to `--lockfile-only`: the tarball is downloaded so its integrity can be computed. A lockfile entry that is still missing its integrity is rejected as a `ERR_PNPM_MISSING_TARBALL_INTEGRITY` lockfile verification violation (the install fails closed) rather than being silently re-fetched.
24
+
25
+ ### Patch Changes
26
+
27
+ - a84d2a1: Add `@pnpm/resolving.tarball-url`, which builds and recognizes the canonical npm tarball URL of a package. It vendors `getNpmTarballUrl` (previously the external `get-npm-tarball-url` package) and adds `isCanonicalRegistryTarballUrl`, the predicate the lockfile writer uses to decide whether a tarball URL is derivable from name+version+registry (and can therefore be omitted from `pnpm-lock.yaml`).
28
+
29
+ Exposing `isCanonicalRegistryTarballUrl` lets a custom resolver (pnpmfile `resolvers`) fronting a proxy that serves tarballs on a non-canonical path (e.g. an ephemeral `localhost:<port>`) rewrite the resolved tarball to the canonical form, so nothing host-specific is persisted to the lockfile. Previously this logic was private to `@pnpm/lockfile.utils`.
30
+
31
+ Two correctness fixes are included while consolidating the logic: the scoped-package unescape now handles uppercase `%2F` as well as `%2f` (percent-encoding is case-insensitive), and protocol-insensitive comparison strips only a leading `http(s)://` scheme instead of splitting on the first `://` (which could truncate URLs containing a later `://`).
32
+
33
+ - Updated dependencies [bae694f]
34
+ - Updated dependencies [a84d2a1]
35
+ - Updated dependencies [852d537]
36
+ - @pnpm/resolving.resolver-base@1100.5.0
37
+ - @pnpm/hooks.types@1100.1.0
38
+ - @pnpm/resolving.tarball-url@1100.0.0
39
+ - @pnpm/error@1100.0.1
40
+ - @pnpm/lockfile.types@1100.0.12
41
+
42
+ ## 1100.0.13
43
+
44
+ ### Patch Changes
45
+
46
+ - f20ad8f: Git dependencies that point to a subdirectory of a repository (`repo#commit&path:/sub/dir`) keep their `path` in the lockfile again. Since the integrity of git-hosted tarballs started being pinned in the lockfile, any install that actually downloaded the tarball rebuilt the lockfile resolution as `{ integrity, tarball, gitHosted }` and dropped the `path` field, while installs served from the store kept it — so the field disappeared seemingly at random. Without `path`, later installs from that lockfile silently unpacked the repository root instead of the subdirectory [#12304](https://github.com/pnpm/pnpm/issues/12304).
47
+ - Updated dependencies [681b593]
48
+ - Updated dependencies [a31faa7]
49
+ - @pnpm/types@1101.3.2
50
+ - @pnpm/deps.path@1100.0.8
51
+ - @pnpm/hooks.types@1100.0.12
52
+ - @pnpm/lockfile.types@1100.0.11
53
+ - @pnpm/resolving.resolver-base@1100.4.2
54
+
55
+ ## 1100.0.12
56
+
57
+ ### Patch Changes
58
+
59
+ - Updated dependencies [bf1b731]
60
+ - @pnpm/types@1101.3.1
61
+ - @pnpm/deps.path@1100.0.7
62
+ - @pnpm/hooks.types@1100.0.11
63
+ - @pnpm/lockfile.types@1100.0.10
64
+ - @pnpm/resolving.resolver-base@1100.4.1
65
+
66
+ ## 1100.0.11
67
+
68
+ ### Patch Changes
69
+
70
+ - Updated dependencies [a017bf3]
71
+ - Updated dependencies [6d17b66]
72
+ - @pnpm/types@1101.3.0
73
+ - @pnpm/resolving.resolver-base@1100.4.0
74
+ - @pnpm/deps.path@1100.0.6
75
+ - @pnpm/hooks.types@1100.0.10
76
+ - @pnpm/lockfile.types@1100.0.9
77
+
78
+ ## 1100.0.10
79
+
80
+ ### Patch Changes
81
+
82
+ - e55f4b5: Reject `pnpm-lock.yaml` entries whose remote tarball `resolution:` block is missing the `integrity` field. Previously the worker that extracts a downloaded tarball skipped hash verification when no integrity was supplied and minted a fresh one from the unverified bytes, so an attacker who could both alter the lockfile (e.g. via a pull request that strips `integrity:`) and serve modified content at the referenced tarball URL could install a tampered package without any error — including under `--frozen-lockfile`. pnpm now fails closed at lockfile-read time with `ERR_PNPM_MISSING_TARBALL_INTEGRITY`. Git-hosted tarballs (`gitHosted: true` or a URL on codeload.github.com / bitbucket.org / gitlab.com) and `file:` tarballs are exempt — the commit SHA in a git-host URL and the user-controlled local path already anchor the bytes.
83
+ - Updated dependencies [35d2355]
84
+ - @pnpm/types@1101.2.0
85
+ - @pnpm/deps.path@1100.0.5
86
+ - @pnpm/hooks.types@1100.0.9
87
+ - @pnpm/lockfile.types@1100.0.8
88
+ - @pnpm/resolving.resolver-base@1100.3.1
89
+
90
+ ## 1100.0.9
91
+
92
+ ### Patch Changes
93
+
94
+ - Updated dependencies [1627943]
95
+ - Updated dependencies [64afc92]
96
+ - @pnpm/resolving.resolver-base@1100.3.0
97
+ - @pnpm/types@1101.1.1
98
+ - @pnpm/hooks.types@1100.0.8
99
+ - @pnpm/lockfile.types@1100.0.7
100
+ - @pnpm/deps.path@1100.0.4
101
+
102
+ ## 1100.0.8
103
+
104
+ ### Patch Changes
105
+
106
+ - Updated dependencies [4195766]
107
+ - Updated dependencies [31538bf]
108
+ - @pnpm/resolving.resolver-base@1100.2.0
109
+ - @pnpm/hooks.types@1100.0.7
110
+ - @pnpm/lockfile.types@1100.0.6
111
+
112
+ ## 1100.0.7
113
+
114
+ ### Patch Changes
115
+
116
+ - Updated dependencies [b61e268]
117
+ - @pnpm/types@1101.1.0
118
+ - @pnpm/deps.path@1100.0.3
119
+ - @pnpm/hooks.types@1100.0.6
120
+ - @pnpm/lockfile.types@1100.0.5
121
+ - @pnpm/resolving.resolver-base@1100.1.3
122
+
123
+ ## 1100.0.6
124
+
125
+ ### Patch Changes
126
+
127
+ - cfa271b: Restored the heuristic that preserves tarball URLs in `pnpm-lock.yaml` when they cannot be derived from name+version+registry, even with the default `lockfileIncludeTarballUrl: false`. Without this, `pnpm install --frozen-lockfile` from an empty store fails with `ERR_PNPM_FETCH_404` for packages on registries that serve tarballs from a non-standard path — most notably GitHub Packages (`https://npm.pkg.github.com/download/<scope>/<name>/<version>/<hash>`) and JSR. `lockfileIncludeTarballUrl: true` continues to force the URL into the lockfile for every package [#11276](https://github.com/pnpm/pnpm/issues/11276).
128
+
129
+ ## 1100.0.5
130
+
131
+ ### Patch Changes
132
+
133
+ - 27425d7: Pin the integrity of git-hosted tarballs (codeload.github.com, gitlab.com, bitbucket.org) in the lockfile so that subsequent installs detect a tampered or substituted tarball and refuse to install it. Previously the lockfile only stored the tarball URL for git dependencies, so a compromised git host or a man-in-the-middle could serve arbitrary code on later installs without lockfile changes.
134
+
135
+ A new `gitHosted: true` field is recorded on git-hosted tarball resolutions in the lockfile, letting every reader/writer route them by a single typed check instead of pattern-matching the tarball URL in each call site. Lockfiles written by older pnpm versions are enriched on load (URL fallback) so the field can be relied on uniformly across the codebase.
136
+
137
+ - Updated dependencies [27425d7]
138
+ - @pnpm/lockfile.types@1100.0.4
139
+ - @pnpm/resolving.resolver-base@1100.1.2
140
+ - @pnpm/hooks.types@1100.0.5
141
+
142
+ ## 1100.0.4
143
+
144
+ ### Patch Changes
145
+
146
+ - 6b891a5: Fix `ERR_PNPM_FETCH_404` when installing a project whose lockfile depends on a `file:` tarball. The previous behavior dropped the `tarball` field from `file:` and git-hosted resolutions when `lockfile-include-tarball-url=false` (the default), even though those URLs cannot be reconstructed from the package name, version, and registry [#11407](https://github.com/pnpm/pnpm/issues/11407).
147
+ - Updated dependencies [184ce26]
148
+ - @pnpm/resolving.resolver-base@1100.1.1
149
+ - @pnpm/fetching.pick-fetcher@1100.0.4
150
+ - @pnpm/deps.path@1100.0.2
151
+ - @pnpm/hooks.types@1100.0.4
152
+ - @pnpm/lockfile.types@1100.0.3
153
+
154
+ ## 1100.0.3
155
+
156
+ ### Patch Changes
157
+
158
+ - @pnpm/fetching.pick-fetcher@1100.0.3
159
+ - @pnpm/hooks.types@1100.0.3
160
+
161
+ ## 1100.0.2
162
+
163
+ ### Patch Changes
164
+
165
+ - Updated dependencies [72c1e05]
166
+ - @pnpm/resolving.resolver-base@1100.1.0
167
+ - @pnpm/fetching.pick-fetcher@1100.0.2
168
+ - @pnpm/hooks.types@1100.0.2
169
+ - @pnpm/lockfile.types@1100.0.2
170
+
171
+ ## 1100.0.1
172
+
173
+ ### Patch Changes
174
+
175
+ - Updated dependencies [ff28085]
176
+ - @pnpm/types@1101.0.0
177
+ - @pnpm/deps.path@1100.0.1
178
+ - @pnpm/hooks.types@1100.0.1
179
+ - @pnpm/lockfile.types@1100.0.1
180
+ - @pnpm/resolving.resolver-base@1100.0.1
181
+ - @pnpm/fetching.pick-fetcher@1100.0.1
182
+
183
+ ## 1004.0.0
184
+
185
+ ### Major Changes
186
+
187
+ - 491a84f: This package is now pure ESM.
188
+ - 7d2fd48: Node.js v18, 19, 20, and 21 support discontinued.
189
+ - 394d88c: Remove extendProjectsWithTargetDirs.
190
+
191
+ ### Minor Changes
192
+
193
+ - a8f016c: Store config dependency and package manager integrity info in `pnpm-lock.yaml` instead of inlining it in `pnpm-workspace.yaml`. The workspace manifest now contains only clean version specifiers for `configDependencies`, while the resolved versions, integrity hashes, and tarball URLs are recorded in the lockfile as a separate YAML document. The env lockfile section also stores `packageManagerDependencies` resolved during version switching and self-update. Projects using the old inline-hash format are automatically migrated on install.
194
+
195
+ ### Patch Changes
196
+
197
+ - 38b8e35: Support for custom resolvers and fetchers.
198
+ - Updated dependencies [5f73b0f]
199
+ - Updated dependencies [facdd71]
200
+ - Updated dependencies [9b0a460]
201
+ - Updated dependencies [76718b3]
202
+ - Updated dependencies [a8f016c]
203
+ - Updated dependencies [cc1b8e3]
204
+ - Updated dependencies [606f53e]
205
+ - Updated dependencies [491a84f]
206
+ - Updated dependencies [7d2fd48]
207
+ - Updated dependencies [efb48dc]
208
+ - Updated dependencies [50fbeca]
209
+ - Updated dependencies [cb367b9]
210
+ - Updated dependencies [7b1c189]
211
+ - Updated dependencies [8ffb1a7]
212
+ - Updated dependencies [05fb1ae]
213
+ - Updated dependencies [71de2b3]
214
+ - Updated dependencies [10bc391]
215
+ - Updated dependencies [38b8e35]
216
+ - Updated dependencies [1e6de25]
217
+ - Updated dependencies [831f574]
218
+ - Updated dependencies [2df8b71]
219
+ - Updated dependencies [15549a9]
220
+ - Updated dependencies [cc7c0d2]
221
+ - Updated dependencies [9d3f00b]
222
+ - Updated dependencies [efb48dc]
223
+ - @pnpm/deps.path@1002.0.0
224
+ - @pnpm/resolving.resolver-base@1006.0.0
225
+ - @pnpm/types@1001.0.0
226
+ - @pnpm/lockfile.types@1003.0.0
227
+ - @pnpm/fetching.pick-fetcher@1002.0.0
228
+ - @pnpm/error@1001.0.0
229
+ - @pnpm/hooks.types@1002.0.0
230
+
231
+ ## 1003.0.3
232
+
233
+ ### Patch Changes
234
+
235
+ - Updated dependencies [7c1382f]
236
+ - Updated dependencies [7c1382f]
237
+ - Updated dependencies [dee39ec]
238
+ - @pnpm/types@1000.9.0
239
+ - @pnpm/resolver-base@1005.1.0
240
+ - @pnpm/lockfile.types@1002.0.2
241
+ - @pnpm/dependency-path@1001.1.3
242
+ - @pnpm/pick-fetcher@1001.0.0
243
+
244
+ ## 1003.0.2
245
+
246
+ ### Patch Changes
247
+
248
+ - @pnpm/dependency-path@1001.1.2
249
+
250
+ ## 1003.0.1
251
+
252
+ ### Patch Changes
253
+
254
+ - Updated dependencies [e792927]
255
+ - @pnpm/types@1000.8.0
256
+ - @pnpm/lockfile.types@1002.0.1
257
+ - @pnpm/dependency-path@1001.1.1
258
+ - @pnpm/resolver-base@1005.0.1
259
+ - @pnpm/pick-fetcher@1001.0.0
260
+
261
+ ## 1003.0.0
262
+
263
+ ### Major Changes
264
+
265
+ - d1edf73: Removed node fetcher. The binary fetcher should be used for downloading node assets.
266
+
267
+ ### Patch Changes
268
+
269
+ - Updated dependencies [d1edf73]
270
+ - Updated dependencies [d1edf73]
271
+ - Updated dependencies [86b33e9]
272
+ - Updated dependencies [d1edf73]
273
+ - Updated dependencies [f91922c]
274
+ - @pnpm/dependency-path@1001.1.0
275
+ - @pnpm/lockfile.types@1002.0.0
276
+ - @pnpm/resolver-base@1005.0.0
277
+ - @pnpm/pick-fetcher@1001.0.0
278
+
279
+ ## 1002.1.0
280
+
281
+ ### Minor Changes
282
+
283
+ - 1a07b8f: Added support for resolving and downloading the Node.js runtime specified in the [devEngines](https://github.com/openjs-foundation/package-metadata-interoperability-collab-space/issues/15) field of `package.json`.
284
+
285
+ Usage example:
286
+
287
+ ```json
288
+ {
289
+ "devEngines": {
290
+ "runtime": {
291
+ "name": "node",
292
+ "version": "^24.4.0",
293
+ "onFail": "download"
294
+ }
295
+ }
296
+ }
297
+ ```
298
+
299
+ When running `pnpm install`, pnpm will resolve Node.js to the latest version that satisfies the specified range and install it as a dependency of the project. As a result, when running scripts, the locally installed Node.js version will be used.
300
+
301
+ Unlike the existing options, `useNodeVersion` and `executionEnv.nodeVersion`, this new field supports version ranges, which are locked to exact versions during installation. The resolved version is stored in the pnpm lockfile, along with an integrity checksum for future validation of the Node.js content's validity.
302
+
303
+ Related PR: [#9755](https://github.com/pnpm/pnpm/pull/9755).
304
+
305
+ ### Patch Changes
306
+
307
+ - 2e85f29: Don't parse the dependency path twice.
308
+ - Updated dependencies [1a07b8f]
309
+ - Updated dependencies [1a07b8f]
310
+ - @pnpm/types@1000.7.0
311
+ - @pnpm/resolver-base@1004.1.0
312
+ - @pnpm/pick-fetcher@1000.1.0
313
+ - @pnpm/lockfile.types@1001.1.0
314
+ - @pnpm/dependency-path@1001.0.2
315
+
316
+ ## 1002.0.1
317
+
318
+ ### Patch Changes
319
+
320
+ - @pnpm/dependency-path@1001.0.1
321
+
322
+ ## 1002.0.0
323
+
324
+ ### Major Changes
325
+
326
+ - 540986f: Peers suffix renamed to peerDepGraphHash.
327
+
328
+ ### Patch Changes
329
+
330
+ - Updated dependencies [540986f]
331
+ - @pnpm/dependency-path@1001.0.0
332
+
333
+ ## 1001.0.12
334
+
335
+ ### Patch Changes
336
+
337
+ - Updated dependencies [2721291]
338
+ - Updated dependencies [6acf819]
339
+ - @pnpm/resolver-base@1004.0.0
340
+ - @pnpm/pick-fetcher@1000.0.1
341
+
342
+ ## 1001.0.11
343
+
344
+ ### Patch Changes
345
+
346
+ - Updated dependencies [5ec7255]
347
+ - @pnpm/types@1000.6.0
348
+ - @pnpm/lockfile.types@1001.0.8
349
+ - @pnpm/dependency-path@1000.0.9
350
+ - @pnpm/resolver-base@1003.0.1
351
+ - @pnpm/pick-fetcher@1000.0.0
352
+
353
+ ## 1001.0.10
354
+
355
+ ### Patch Changes
356
+
357
+ - Updated dependencies [8a9f3a4]
358
+ - Updated dependencies [5b73df1]
359
+ - Updated dependencies [9c3dd03]
360
+ - Updated dependencies [5b73df1]
361
+ - @pnpm/resolver-base@1003.0.0
362
+ - @pnpm/types@1000.5.0
363
+ - @pnpm/pick-fetcher@1000.0.0
364
+ - @pnpm/lockfile.types@1001.0.7
365
+ - @pnpm/dependency-path@1000.0.8
366
+
367
+ ## 1001.0.9
368
+
369
+ ### Patch Changes
370
+
371
+ - Updated dependencies [81f441c]
372
+ - @pnpm/resolver-base@1002.0.0
373
+ - @pnpm/pick-fetcher@1000.0.0
374
+
375
+ ## 1001.0.8
376
+
377
+ ### Patch Changes
378
+
379
+ - Updated dependencies [750ae7d]
380
+ - Updated dependencies [72cff38]
381
+ - @pnpm/types@1000.4.0
382
+ - @pnpm/resolver-base@1001.0.0
383
+ - @pnpm/lockfile.types@1001.0.6
384
+ - @pnpm/dependency-path@1000.0.7
385
+ - @pnpm/pick-fetcher@1000.0.0
386
+
387
+ ## 1001.0.7
388
+
389
+ ### Patch Changes
390
+
391
+ - Updated dependencies [5f7be64]
392
+ - Updated dependencies [5f7be64]
393
+ - @pnpm/types@1000.3.0
394
+ - @pnpm/lockfile.types@1001.0.5
395
+ - @pnpm/dependency-path@1000.0.6
396
+ - @pnpm/resolver-base@1000.2.1
397
+ - @pnpm/pick-fetcher@1000.0.0
398
+
399
+ ## 1001.0.6
400
+
401
+ ### Patch Changes
402
+
403
+ - Updated dependencies [3d52365]
404
+ - @pnpm/resolver-base@1000.2.0
405
+ - @pnpm/pick-fetcher@1000.0.0
406
+
407
+ ## 1001.0.5
408
+
409
+ ### Patch Changes
410
+
411
+ - @pnpm/dependency-path@1000.0.5
412
+
413
+ ## 1001.0.4
414
+
415
+ ### Patch Changes
416
+
417
+ - Updated dependencies [a5e4965]
418
+ - @pnpm/types@1000.2.1
419
+ - @pnpm/dependency-path@1000.0.4
420
+ - @pnpm/lockfile.types@1001.0.4
421
+ - @pnpm/resolver-base@1000.1.4
422
+ - @pnpm/pick-fetcher@1000.0.0
423
+
424
+ ## 1001.0.3
425
+
426
+ ### Patch Changes
427
+
428
+ - Updated dependencies [8fcc221]
429
+ - @pnpm/types@1000.2.0
430
+ - @pnpm/lockfile.types@1001.0.3
431
+ - @pnpm/dependency-path@1000.0.3
432
+ - @pnpm/resolver-base@1000.1.3
433
+ - @pnpm/pick-fetcher@1000.0.0
434
+
435
+ ## 1001.0.2
436
+
437
+ ### Patch Changes
438
+
439
+ - Updated dependencies [b562deb]
440
+ - @pnpm/types@1000.1.1
441
+ - @pnpm/lockfile.types@1001.0.2
442
+ - @pnpm/dependency-path@1000.0.2
443
+ - @pnpm/resolver-base@1000.1.2
444
+ - @pnpm/pick-fetcher@1000.0.0
445
+
446
+ ## 1001.0.1
447
+
448
+ ### Patch Changes
449
+
450
+ - Updated dependencies [9591a18]
451
+ - @pnpm/types@1000.1.0
452
+ - @pnpm/lockfile.types@1001.0.1
453
+ - @pnpm/dependency-path@1000.0.1
454
+ - @pnpm/resolver-base@1000.1.1
455
+ - @pnpm/pick-fetcher@1000.0.0
456
+
457
+ ## 1001.0.0
458
+
459
+ ### Major Changes
460
+
461
+ - a76da0c: Removed lockfile conversion from v6 to v9. If you need to convert lockfile v6 to v9, use pnpm CLI v9.
462
+
463
+ ### Patch Changes
464
+
465
+ - Updated dependencies [6483b64]
466
+ - Updated dependencies [a76da0c]
467
+ - @pnpm/resolver-base@1000.1.0
468
+ - @pnpm/lockfile.types@1001.0.0
469
+ - @pnpm/pick-fetcher@1000.0.0
470
+
471
+ ## 1.0.5
472
+
473
+ ### Patch Changes
474
+
475
+ - Updated dependencies [dcd2917]
476
+ - Updated dependencies [d55b259]
477
+ - @pnpm/dependency-path@6.0.0
478
+
479
+ ## 1.0.4
480
+
481
+ ### Patch Changes
482
+
483
+ - @pnpm/dependency-path@5.1.7
484
+
485
+ ## 1.0.3
486
+
487
+ ### Patch Changes
488
+
489
+ - Updated dependencies [d500d9f]
490
+ - @pnpm/types@12.2.0
491
+ - @pnpm/lockfile.types@1.0.3
492
+ - @pnpm/dependency-path@5.1.6
493
+ - @pnpm/resolver-base@13.0.4
494
+ - @pnpm/pick-fetcher@3.0.0
495
+
496
+ ## 1.0.2
497
+
498
+ ### Patch Changes
499
+
500
+ - Updated dependencies [7ee59a1]
501
+ - @pnpm/types@12.1.0
502
+ - @pnpm/lockfile.types@1.0.2
503
+ - @pnpm/dependency-path@5.1.5
504
+ - @pnpm/resolver-base@13.0.3
505
+ - @pnpm/pick-fetcher@3.0.0
506
+
507
+ ## 1.0.1
508
+
509
+ ### Patch Changes
510
+
511
+ - Updated dependencies [cb006df]
512
+ - @pnpm/lockfile.types@1.0.1
513
+ - @pnpm/types@12.0.0
514
+ - @pnpm/dependency-path@5.1.4
515
+ - @pnpm/resolver-base@13.0.2
516
+ - @pnpm/pick-fetcher@3.0.0
517
+
518
+ ## 1.0.0
519
+
520
+ ### Major Changes
521
+
522
+ - c5ef9b0: Package renamed from `@pnpm/lockfile-utils".
523
+
524
+ ### Patch Changes
525
+
526
+ - Updated dependencies [797ef0f]
527
+ - @pnpm/lockfile.types@1.0.0
528
+
529
+ ## 11.0.4
530
+
531
+ ### Patch Changes
532
+
533
+ - Updated dependencies [0ef168b]
534
+ - @pnpm/types@11.1.0
535
+ - @pnpm/lockfile-types@7.1.3
536
+ - @pnpm/dependency-path@5.1.3
537
+ - @pnpm/resolver-base@13.0.1
538
+ - @pnpm/pick-fetcher@3.0.0
539
+
540
+ ## 11.0.3
541
+
542
+ ### Patch Changes
543
+
544
+ - Updated dependencies [dd00eeb]
545
+ - Updated dependencies
546
+ - @pnpm/resolver-base@13.0.0
547
+ - @pnpm/types@11.0.0
548
+ - @pnpm/pick-fetcher@3.0.0
549
+ - @pnpm/lockfile-types@7.1.2
550
+ - @pnpm/dependency-path@5.1.2
551
+
552
+ ## 11.0.2
553
+
554
+ ### Patch Changes
555
+
556
+ - Updated dependencies [13e55b2]
557
+ - @pnpm/types@10.1.1
558
+ - @pnpm/lockfile-types@7.1.1
559
+ - @pnpm/dependency-path@5.1.1
560
+ - @pnpm/resolver-base@12.0.2
561
+ - @pnpm/pick-fetcher@3.0.0
562
+
563
+ ## 11.0.1
564
+
565
+ ### Patch Changes
566
+
567
+ - Updated dependencies [47341e5]
568
+ - @pnpm/dependency-path@5.1.0
569
+ - @pnpm/lockfile-types@7.1.0
570
+
571
+ ## 11.0.0
572
+
573
+ ### Major Changes
574
+
575
+ - Breaking changes to the API.
576
+
577
+ ### Patch Changes
578
+
579
+ - Updated dependencies [45f4262]
580
+ - Updated dependencies
581
+ - @pnpm/types@10.1.0
582
+ - @pnpm/lockfile-types@7.0.0
583
+ - @pnpm/dependency-path@5.0.0
584
+ - @pnpm/resolver-base@12.0.1
585
+ - @pnpm/pick-fetcher@3.0.0
586
+
587
+ ## 10.1.1
588
+
589
+ ### Patch Changes
590
+
591
+ - 7a0536e: Fix `Cannot read properties of undefined (reading 'missingPeersOfChildren')` exception that happens on install [#8041](https://github.com/pnpm/pnpm/issues/8041).
592
+
593
+ ## 10.1.0
594
+
595
+ ### Minor Changes
596
+
597
+ - 9719a42: New setting called `virtual-store-dir-max-length` added to modify the maximum allowed length of the directories inside `node_modules/.pnpm`. The default length is set to 120 characters. This setting is particularly useful on Windows, where there is a limit to the maximum length of a file path [#7355](https://github.com/pnpm/pnpm/issues/7355).
598
+
599
+ ### Patch Changes
600
+
601
+ - Updated dependencies [9719a42]
602
+ - @pnpm/dependency-path@4.0.0
603
+
604
+ ## 10.0.0
605
+
606
+ ### Major Changes
607
+
608
+ - cdd8365: Package ID does not contain the registry domain.
609
+ - 43cdd87: Node.js v16 support dropped. Use at least Node.js v18.12.
610
+ - d381a60: Support for lockfile v5 is dropped. Use pnpm v8 to convert lockfile v5 to lockfile v6 [#7470](https://github.com/pnpm/pnpm/pull/7470).
611
+
612
+ ### Patch Changes
613
+
614
+ - Updated dependencies [7733f3a]
615
+ - Updated dependencies [cdd8365]
616
+ - Updated dependencies [89b396b]
617
+ - Updated dependencies [43cdd87]
618
+ - Updated dependencies [086b69c]
619
+ - Updated dependencies [d381a60]
620
+ - Updated dependencies [27a96a8]
621
+ - Updated dependencies [b13d2dc]
622
+ - Updated dependencies [730929e]
623
+ - Updated dependencies [98a1266]
624
+ - @pnpm/types@10.0.0
625
+ - @pnpm/dependency-path@3.0.0
626
+ - @pnpm/lockfile-types@6.0.0
627
+ - @pnpm/resolver-base@12.0.0
628
+ - @pnpm/pick-fetcher@3.0.0
629
+
630
+ ## 9.0.5
631
+
632
+ ### Patch Changes
633
+
634
+ - Updated dependencies [31054a63e]
635
+ - @pnpm/resolver-base@11.1.0
636
+ - @pnpm/pick-fetcher@2.0.1
637
+
638
+ ## 9.0.4
639
+
640
+ ### Patch Changes
641
+
642
+ - Updated dependencies [4d34684f1]
643
+ - @pnpm/lockfile-types@5.1.5
644
+ - @pnpm/types@9.4.2
645
+ - @pnpm/dependency-path@2.1.7
646
+ - @pnpm/resolver-base@11.0.2
647
+ - @pnpm/pick-fetcher@2.0.1
648
+
649
+ ## 9.0.3
650
+
651
+ ### Patch Changes
652
+
653
+ - Updated dependencies
654
+ - @pnpm/lockfile-types@5.1.4
655
+ - @pnpm/types@9.4.1
656
+ - @pnpm/dependency-path@2.1.6
657
+ - @pnpm/resolver-base@11.0.1
658
+ - @pnpm/pick-fetcher@2.0.1
659
+
660
+ ## 9.0.2
661
+
662
+ ### Patch Changes
663
+
664
+ - d5a176af7: Fix a bug where `--fix-lockfile` crashes on tarballs [#7368](https://github.com/pnpm/pnpm/issues/7368).
665
+
666
+ ## 9.0.1
667
+
668
+ ### Patch Changes
669
+
670
+ - b4194fe52: Fixed out-of-memory exception that was happening on dependencies with many peer dependencies, when `node-linker` was set to `hoisted` [#6227](https://github.com/pnpm/pnpm/issues/6227).
671
+
672
+ ## 9.0.0
673
+
674
+ ### Major Changes
675
+
676
+ - 4c2450208: (Important) Tarball resolutions in `pnpm-lock.yaml` will no longer contain a `registry` field. This field has been unused for a long time. This change should not cause any issues besides backward compatible modifications to the lockfile [#7262](https://github.com/pnpm/pnpm/pull/7262).
677
+
678
+ ### Patch Changes
679
+
680
+ - Updated dependencies [4c2450208]
681
+ - @pnpm/resolver-base@11.0.0
682
+ - @pnpm/pick-fetcher@2.0.1
683
+
684
+ ## 8.0.7
685
+
686
+ ### Patch Changes
687
+
688
+ - Updated dependencies [43ce9e4a6]
689
+ - @pnpm/types@9.4.0
690
+ - @pnpm/lockfile-types@5.1.3
691
+ - @pnpm/dependency-path@2.1.5
692
+ - @pnpm/resolver-base@10.0.4
693
+ - @pnpm/pick-fetcher@2.0.1
694
+
695
+ ## 8.0.6
696
+
697
+ ### Patch Changes
698
+
699
+ - Updated dependencies [d774a3196]
700
+ - @pnpm/types@9.3.0
701
+ - @pnpm/lockfile-types@5.1.2
702
+ - @pnpm/dependency-path@2.1.4
703
+ - @pnpm/resolver-base@10.0.3
704
+ - @pnpm/pick-fetcher@2.0.1
705
+
706
+ ## 8.0.5
707
+
708
+ ### Patch Changes
709
+
710
+ - f394cfccd: Don't update git-hosted dependencies when adding an unrelated dependency [#7008](https://github.com/pnpm/pnpm/issues/7008).
711
+ - Updated dependencies [f394cfccd]
712
+ - @pnpm/pick-fetcher@2.0.1
713
+
714
+ ## 8.0.4
715
+
716
+ ### Patch Changes
717
+
718
+ - e9aa6f682: Apply fixes from @typescript-eslint v6 for nullish coalescing and optional chains. No behavior changes are expected with this change.
719
+
720
+ ## 8.0.3
721
+
722
+ ### Patch Changes
723
+
724
+ - Updated dependencies [aa2ae8fe2]
725
+ - @pnpm/types@9.2.0
726
+ - @pnpm/lockfile-types@5.1.1
727
+ - @pnpm/dependency-path@2.1.3
728
+ - @pnpm/resolver-base@10.0.2
729
+
730
+ ## 8.0.2
731
+
732
+ ### Patch Changes
733
+
734
+ - d9da627cd: Should always treat local file dependency as new dependency [#5381](https://github.com/pnpm/pnpm/issues/5381)
735
+
736
+ ## 8.0.1
737
+
738
+ ### Patch Changes
739
+
740
+ - Updated dependencies [9c4ae87bd]
741
+ - Updated dependencies [a9e0b7cbf]
742
+ - @pnpm/lockfile-types@5.1.0
743
+ - @pnpm/types@9.1.0
744
+ - @pnpm/dependency-path@2.1.2
745
+ - @pnpm/resolver-base@10.0.1
746
+
747
+ ## 8.0.0
748
+
749
+ ### Major Changes
750
+
751
+ - d58cdb962: Return details about the reason why the lockfile doesn't satisfy the manifest.
752
+
753
+ ## 7.0.1
754
+
755
+ ### Patch Changes
756
+
757
+ - Updated dependencies [c0760128d]
758
+ - @pnpm/dependency-path@2.1.1
759
+
760
+ ## 7.0.0
761
+
762
+ ### Major Changes
763
+
764
+ - 72ba638e3: Breaking changes to the API of `satisfiesPackageManifest`.
765
+
766
+ ## 6.0.1
767
+
768
+ ### Patch Changes
769
+
770
+ - Updated dependencies [5087636b6]
771
+ - Updated dependencies [94f94eed6]
772
+ - @pnpm/dependency-path@2.1.0
773
+
774
+ ## 6.0.0
775
+
776
+ ### Major Changes
777
+
778
+ - c92936158: The registry field is removed from the `resolution` object in `pnpm-lock.yaml`.
779
+ - eceaa8b8b: Node.js 14 support dropped.
780
+
781
+ ### Patch Changes
782
+
783
+ - Updated dependencies [c92936158]
784
+ - Updated dependencies [ca8f51e60]
785
+ - Updated dependencies [eceaa8b8b]
786
+ - Updated dependencies [0e26acb0f]
787
+ - @pnpm/lockfile-types@5.0.0
788
+ - @pnpm/dependency-path@2.0.0
789
+ - @pnpm/resolver-base@10.0.0
790
+ - @pnpm/types@9.0.0
791
+
792
+ ## 5.0.7
793
+
794
+ ### Patch Changes
795
+
796
+ - Updated dependencies [029143cff]
797
+ - Updated dependencies [029143cff]
798
+ - @pnpm/resolver-base@9.2.0
799
+
800
+ ## 5.0.6
801
+
802
+ ### Patch Changes
803
+
804
+ - Updated dependencies [d89d7a078]
805
+ - @pnpm/dependency-path@1.1.3
806
+
807
+ ## 5.0.5
808
+
809
+ ### Patch Changes
810
+
811
+ - Updated dependencies [9247f6781]
812
+ - @pnpm/dependency-path@1.1.2
813
+
814
+ ## 5.0.4
815
+
816
+ ### Patch Changes
817
+
818
+ - Updated dependencies [0f6e95872]
819
+ - @pnpm/dependency-path@1.1.1
820
+
821
+ ## 5.0.3
822
+
823
+ ### Patch Changes
824
+
825
+ - Updated dependencies [3ebce5db7]
826
+ - @pnpm/dependency-path@1.1.0
827
+
828
+ ## 5.0.2
829
+
830
+ ### Patch Changes
831
+
832
+ - Updated dependencies [b77651d14]
833
+ - @pnpm/types@8.10.0
834
+ - @pnpm/lockfile-types@4.3.6
835
+ - @pnpm/dependency-path@1.0.1
836
+ - @pnpm/resolver-base@9.1.5
837
+
838
+ ## 5.0.1
839
+
840
+ ### Patch Changes
841
+
842
+ - Updated dependencies [313702d76]
843
+ - @pnpm/dependency-path@1.0.0
844
+
845
+ ## 5.0.0
846
+
847
+ ### Major Changes
848
+
849
+ - ecc8794bb: Breaking change to the API of the `extendProjectsWithTargetDirs` function.
850
+
851
+ ### Patch Changes
852
+
853
+ - ecc8794bb: Sync all injected dependencies when hoisted node linker is used.
854
+
855
+ ## 4.2.8
856
+
857
+ ### Patch Changes
858
+
859
+ - Updated dependencies [702e847c1]
860
+ - @pnpm/types@8.9.0
861
+ - dependency-path@9.2.8
862
+ - @pnpm/lockfile-types@4.3.5
863
+ - @pnpm/resolver-base@9.1.4
864
+
865
+ ## 4.2.7
866
+
867
+ ### Patch Changes
868
+
869
+ - Updated dependencies [844e82f3a]
870
+ - @pnpm/types@8.8.0
871
+ - dependency-path@9.2.7
872
+ - @pnpm/lockfile-types@4.3.4
873
+ - @pnpm/resolver-base@9.1.3
874
+
875
+ ## 4.2.6
876
+
877
+ ### Patch Changes
878
+
879
+ - Updated dependencies [d665f3ff7]
880
+ - @pnpm/types@8.7.0
881
+ - dependency-path@9.2.6
882
+ - @pnpm/lockfile-types@4.3.3
883
+ - @pnpm/resolver-base@9.1.2
884
+
885
+ ## 4.2.5
886
+
887
+ ### Patch Changes
888
+
889
+ - Updated dependencies [156cc1ef6]
890
+ - @pnpm/types@8.6.0
891
+ - dependency-path@9.2.5
892
+ - @pnpm/lockfile-types@4.3.2
893
+ - @pnpm/resolver-base@9.1.1
894
+
895
+ ## 4.2.4
896
+
897
+ ### Patch Changes
898
+
899
+ - Updated dependencies [23984abd1]
900
+ - @pnpm/resolver-base@9.1.0
901
+
902
+ ## 4.2.3
903
+
904
+ ### Patch Changes
905
+
906
+ - 8103f92bd: Use a patched version of ramda to fix deprecation warnings on Node.js 16. Related issue: https://github.com/ramda/ramda/pull/3270
907
+
908
+ ## 4.2.2
909
+
910
+ ### Patch Changes
911
+
912
+ - Updated dependencies [c90798461]
913
+ - @pnpm/types@8.5.0
914
+ - dependency-path@9.2.4
915
+ - @pnpm/lockfile-types@4.3.1
916
+ - @pnpm/resolver-base@9.0.6
917
+
918
+ ## 4.2.1
919
+
920
+ ### Patch Changes
921
+
922
+ - c83f40c10: pnpm should not consider a lockfile out-of-date if `auto-install-peers` is set to `true` and the peer dependency is in `devDependencies` or `optionalDependencies` [#5080](https://github.com/pnpm/pnpm/issues/5080).
923
+
924
+ ## 4.2.0
925
+
926
+ ### Minor Changes
927
+
928
+ - 8dcfbe357: Add `publishDirectory` field to the lockfile and relink the project when it changes.
929
+
930
+ ### Patch Changes
931
+
932
+ - Updated dependencies [8dcfbe357]
933
+ - @pnpm/lockfile-types@4.3.0
934
+
935
+ ## 4.1.0
936
+
937
+ ### Minor Changes
938
+
939
+ - e3f4d131c: New option added: autoInstallPeers.
940
+
941
+ ## 4.0.10
942
+
943
+ ### Patch Changes
944
+
945
+ - dependency-path@9.2.3
946
+
947
+ ## 4.0.9
948
+
949
+ ### Patch Changes
950
+
951
+ - 5f643f23b: Update ramda to v0.28.
952
+
953
+ ## 4.0.8
954
+
955
+ ### Patch Changes
956
+
957
+ - Updated dependencies [fc581d371]
958
+ - dependency-path@9.2.2
959
+
960
+ ## 4.0.7
961
+
962
+ ### Patch Changes
963
+
964
+ - Updated dependencies [d01c32355]
965
+ - Updated dependencies [8e5b77ef6]
966
+ - Updated dependencies [8e5b77ef6]
967
+ - @pnpm/lockfile-types@4.2.0
968
+ - @pnpm/types@8.4.0
969
+ - dependency-path@9.2.1
970
+ - @pnpm/resolver-base@9.0.5
971
+
972
+ ## 4.0.6
973
+
974
+ ### Patch Changes
975
+
976
+ - Updated dependencies [2a34b21ce]
977
+ - Updated dependencies [c635f9fc1]
978
+ - @pnpm/types@8.3.0
979
+ - @pnpm/lockfile-types@4.1.0
980
+ - dependency-path@9.2.0
981
+ - @pnpm/resolver-base@9.0.4
982
+
983
+ ## 4.0.5
984
+
985
+ ### Patch Changes
986
+
987
+ - Updated dependencies [fb5bbfd7a]
988
+ - Updated dependencies [725636a90]
989
+ - @pnpm/types@8.2.0
990
+ - dependency-path@9.1.4
991
+ - @pnpm/lockfile-types@4.0.3
992
+ - @pnpm/resolver-base@9.0.3
993
+
994
+ ## 4.0.4
995
+
996
+ ### Patch Changes
997
+
998
+ - Updated dependencies [4d39e4a0c]
999
+ - @pnpm/types@8.1.0
1000
+ - dependency-path@9.1.3
1001
+ - @pnpm/lockfile-types@4.0.2
1002
+ - @pnpm/resolver-base@9.0.2
1003
+
1004
+ ## 4.0.3
1005
+
1006
+ ### Patch Changes
1007
+
1008
+ - Updated dependencies [c57695550]
1009
+ - dependency-path@9.1.2
1010
+
1011
+ ## 4.0.2
1012
+
1013
+ ### Patch Changes
1014
+
1015
+ - Updated dependencies [18ba5e2c0]
1016
+ - @pnpm/types@8.0.1
1017
+ - dependency-path@9.1.1
1018
+ - @pnpm/lockfile-types@4.0.1
1019
+ - @pnpm/resolver-base@9.0.1
1020
+
1021
+ ## 4.0.1
1022
+
1023
+ ### Patch Changes
1024
+
1025
+ - 688b0eaff: When checking if the lockfile is up-to-date, an empty `dependenciesMeta` field in the manifest should be satisfied by a not set field in the lockfile [#4463](https://github.com/pnpm/pnpm/pull/4463).
1026
+ - Updated dependencies [0a70aedb1]
1027
+ - dependency-path@9.1.0
1028
+
1029
+ ## 4.0.0
1030
+
1031
+ ### Major Changes
1032
+
1033
+ - 542014839: Node.js 12 is not supported.
1034
+
1035
+ ### Patch Changes
1036
+
1037
+ - Updated dependencies [d504dc380]
1038
+ - Updated dependencies [faf830b8f]
1039
+ - Updated dependencies [542014839]
1040
+ - @pnpm/types@8.0.0
1041
+ - dependency-path@9.0.0
1042
+ - @pnpm/lockfile-types@4.0.0
1043
+ - @pnpm/resolver-base@9.0.0
1044
+
1045
+ ## 3.2.1
1046
+
1047
+ ### Patch Changes
1048
+
1049
+ - Updated dependencies [b138d048c]
1050
+ - @pnpm/lockfile-types@3.2.0
1051
+ - @pnpm/types@7.10.0
1052
+ - dependency-path@8.0.11
1053
+ - @pnpm/resolver-base@8.1.6
1054
+
1055
+ ## 3.2.0
1056
+
1057
+ ### Minor Changes
1058
+
1059
+ - cdc521cfa: Injected package location should be properly detected in a hoisted `node_modules`.
1060
+
1061
+ ## 3.1.6
1062
+
1063
+ ### Patch Changes
1064
+
1065
+ - Updated dependencies [26cd01b88]
1066
+ - @pnpm/types@7.9.0
1067
+ - dependency-path@8.0.10
1068
+ - @pnpm/lockfile-types@3.1.5
1069
+ - @pnpm/resolver-base@8.1.5
1070
+
1071
+ ## 3.1.5
1072
+
1073
+ ### Patch Changes
1074
+
1075
+ - Updated dependencies [b5734a4a7]
1076
+ - @pnpm/types@7.8.0
1077
+ - dependency-path@8.0.9
1078
+ - @pnpm/lockfile-types@3.1.4
1079
+ - @pnpm/resolver-base@8.1.4
1080
+
1081
+ ## 3.1.4
1082
+
1083
+ ### Patch Changes
1084
+
1085
+ - Updated dependencies [6493e0c93]
1086
+ - @pnpm/types@7.7.1
1087
+ - dependency-path@8.0.8
1088
+ - @pnpm/lockfile-types@3.1.3
1089
+ - @pnpm/resolver-base@8.1.3
1090
+
1091
+ ## 3.1.3
1092
+
1093
+ ### Patch Changes
1094
+
1095
+ - Updated dependencies [ba9b2eba1]
1096
+ - @pnpm/types@7.7.0
1097
+ - dependency-path@8.0.7
1098
+ - @pnpm/lockfile-types@3.1.2
1099
+ - @pnpm/resolver-base@8.1.2
1100
+
1101
+ ## 3.1.2
1102
+
1103
+ ### Patch Changes
1104
+
1105
+ - 3cf543fc1: Non-standard tarball URL should be correctly calculated when the registry has no trailing slash in the configuration file [#4052](https://github.com/pnpm/pnpm/issues/4052). This is a regression caused introduced in v6.23.2 caused by [#4032](https://github.com/pnpm/pnpm/pull/4032).
1106
+
1107
+ ## 3.1.1
1108
+
1109
+ ### Patch Changes
1110
+
1111
+ - Updated dependencies [302ae4f6f]
1112
+ - @pnpm/types@7.6.0
1113
+ - dependency-path@8.0.6
1114
+ - @pnpm/lockfile-types@3.1.1
1115
+ - @pnpm/resolver-base@8.1.1
1116
+
1117
+ ## 3.1.0
1118
+
1119
+ ### Minor Changes
1120
+
1121
+ - 4ab87844a: New utility function added: `extendProjectsWithTargetDirs()`.
1122
+
1123
+ ### Patch Changes
1124
+
1125
+ - Updated dependencies [4ab87844a]
1126
+ - Updated dependencies [4ab87844a]
1127
+ - Updated dependencies [4ab87844a]
1128
+ - @pnpm/types@7.5.0
1129
+ - @pnpm/resolver-base@8.1.0
1130
+ - @pnpm/lockfile-types@3.1.0
1131
+ - dependency-path@8.0.5
1132
+
1133
+ ## 3.0.8
1134
+
1135
+ ### Patch Changes
1136
+
1137
+ - Updated dependencies [b734b45ea]
1138
+ - @pnpm/types@7.4.0
1139
+ - dependency-path@8.0.4
1140
+ - @pnpm/resolver-base@8.0.4
1141
+
1142
+ ## 3.0.7
1143
+
1144
+ ### Patch Changes
1145
+
1146
+ - Updated dependencies [8e76690f4]
1147
+ - @pnpm/types@7.3.0
1148
+ - dependency-path@8.0.3
1149
+ - @pnpm/resolver-base@8.0.3
1150
+
1151
+ ## 3.0.6
1152
+
1153
+ ### Patch Changes
1154
+
1155
+ - Updated dependencies [6c418943c]
1156
+ - dependency-path@8.0.2
1157
+
1158
+ ## 3.0.5
1159
+
1160
+ ### Patch Changes
1161
+
1162
+ - Updated dependencies [724c5abd8]
1163
+ - @pnpm/types@7.2.0
1164
+ - dependency-path@8.0.1
1165
+ - @pnpm/resolver-base@8.0.2
1166
+
1167
+ ## 3.0.4
1168
+
1169
+ ### Patch Changes
1170
+
1171
+ - a1a03d145: Import only the required functions from ramda.
1172
+
1173
+ ## 3.0.3
1174
+
1175
+ ### Patch Changes
1176
+
1177
+ - Updated dependencies [20e2f235d]
1178
+ - dependency-path@8.0.0
1179
+
1180
+ ## 3.0.2
1181
+
1182
+ ### Patch Changes
1183
+
1184
+ - Updated dependencies [97c64bae4]
1185
+ - @pnpm/types@7.1.0
1186
+ - dependency-path@7.0.1
1187
+ - @pnpm/resolver-base@8.0.1
1188
+
1189
+ ## 3.0.1
1190
+
1191
+ ### Patch Changes
1192
+
1193
+ - Updated dependencies [9ceab68f0]
1194
+ - dependency-path@7.0.0
1195
+
1196
+ ## 3.0.0
1197
+
1198
+ ### Major Changes
1199
+
1200
+ - 97b986fbc: Node.js 10 support is dropped. At least Node.js 12.17 is required for the package to work.
1201
+
1202
+ ### Patch Changes
1203
+
1204
+ - Updated dependencies [97b986fbc]
1205
+ - Updated dependencies [6871d74b2]
1206
+ - Updated dependencies [e4efddbd2]
1207
+ - Updated dependencies [f2bb5cbeb]
1208
+ - dependency-path@6.0.0
1209
+ - @pnpm/lockfile-types@3.0.0
1210
+ - @pnpm/resolver-base@8.0.0
1211
+ - @pnpm/types@7.0.0
1212
+
1213
+ ## 2.0.22
1214
+
1215
+ ### Patch Changes
1216
+
1217
+ - Updated dependencies [9ad8c27bf]
1218
+ - Updated dependencies [9ad8c27bf]
1219
+ - @pnpm/lockfile-types@2.2.0
1220
+ - @pnpm/types@6.4.0
1221
+ - dependency-path@5.1.1
1222
+ - @pnpm/resolver-base@7.1.1
1223
+
1224
+ ## 2.0.21
1225
+
1226
+ ### Patch Changes
1227
+
1228
+ - Updated dependencies [e27dcf0dc]
1229
+ - dependency-path@5.1.0
1230
+
1231
+ ## 2.0.20
1232
+
1233
+ ### Patch Changes
1234
+
1235
+ - Updated dependencies [8698a7060]
1236
+ - @pnpm/resolver-base@7.1.0
1237
+
1238
+ ## 2.0.19
1239
+
1240
+ ### Patch Changes
1241
+
1242
+ - Updated dependencies [39142e2ad]
1243
+ - dependency-path@5.0.6
1244
+
1245
+ ## 2.0.18
1246
+
1247
+ ### Patch Changes
1248
+
1249
+ - Updated dependencies [b5d694e7f]
1250
+ - @pnpm/lockfile-types@2.1.1
1251
+ - @pnpm/types@6.3.1
1252
+ - dependency-path@5.0.5
1253
+ - @pnpm/resolver-base@7.0.5
1254
+
1255
+ ## 2.0.17
1256
+
1257
+ ### Patch Changes
1258
+
1259
+ - Updated dependencies [d54043ee4]
1260
+ - Updated dependencies [d54043ee4]
1261
+ - @pnpm/lockfile-types@2.1.0
1262
+ - @pnpm/types@6.3.0
1263
+ - dependency-path@5.0.4
1264
+ - @pnpm/resolver-base@7.0.4
1265
+
1266
+ ## 2.0.16
1267
+
1268
+ ### Patch Changes
1269
+
1270
+ - 1140ef721: When getting resolution from package snapshot, always prefer the registry that is present in the package snapshot.
1271
+ - a2ef8084f: Use the same versions of dependencies across the pnpm monorepo.
1272
+ - Updated dependencies [a2ef8084f]
1273
+ - dependency-path@5.0.3
1274
+
1275
+ ## 2.0.15
1276
+
1277
+ ### Patch Changes
1278
+
1279
+ - Updated dependencies [db17f6f7b]
1280
+ - @pnpm/types@6.2.0
1281
+ - dependency-path@5.0.2
1282
+ - @pnpm/resolver-base@7.0.3
1283
+
1284
+ ## 2.0.14
1285
+
1286
+ ### Patch Changes
1287
+
1288
+ - Updated dependencies [71a8c8ce3]
1289
+ - @pnpm/types@6.1.0
1290
+ - dependency-path@5.0.1
1291
+ - @pnpm/resolver-base@7.0.2
1292
+
1293
+ ## 2.0.13
1294
+
1295
+ ### Patch Changes
1296
+
1297
+ - Updated dependencies [41d92948b]
1298
+ - dependency-path@5.0.0
1299
+
1300
+ ## 2.0.12
1301
+
1302
+ ### Patch Changes
1303
+
1304
+ - Updated dependencies [da091c711]
1305
+ - Updated dependencies [6a8a97eee]
1306
+ - @pnpm/types@6.0.0
1307
+ - @pnpm/lockfile-types@2.0.1
1308
+ - dependency-path@4.0.7
1309
+ - @pnpm/resolver-base@7.0.1
1310
+
1311
+ ## 2.0.12-alpha.1
1312
+
1313
+ ### Patch Changes
1314
+
1315
+ - Updated dependencies [6a8a97eee]
1316
+ - @pnpm/lockfile-types@2.0.1-alpha.0
1317
+
1318
+ ## 2.0.12-alpha.0
1319
+
1320
+ ### Patch Changes
1321
+
1322
+ - Updated dependencies [da091c71]
1323
+ - @pnpm/types@6.0.0-alpha.0
1324
+ - dependency-path@4.0.7-alpha.0
1325
+ - @pnpm/resolver-base@7.0.1-alpha.0
1326
+
1327
+ ## 2.0.11
1328
+
1329
+ ### Patch Changes
1330
+
1331
+ - 907c63a48: Dependencies updated.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@pnpm/lockfile.utils",
3
- "version": "1100.1.1",
3
+ "version": "1100.1.2",
4
4
  "description": "Utils for dealing with pnpm-lock.yaml",
5
5
  "keywords": [
6
6
  "pnpm",
@@ -29,22 +29,22 @@
29
29
  "!*.map"
30
30
  ],
31
31
  "dependencies": {
32
- "ramda": "npm:@pnpm/ramda@0.28.1",
33
32
  "@pnpm/deps.path": "1100.0.8",
34
- "@pnpm/hooks.types": "1100.1.1",
33
+ "@pnpm/error": "1100.0.1",
34
+ "@pnpm/hooks.types": "1100.2.0",
35
+ "@pnpm/lockfile.types": "1100.0.13",
35
36
  "@pnpm/resolving.resolver-base": "1100.5.1",
36
37
  "@pnpm/resolving.tarball-url": "1100.0.0",
37
- "@pnpm/lockfile.types": "1100.0.13",
38
38
  "@pnpm/types": "1101.3.2",
39
- "@pnpm/error": "1100.0.1"
39
+ "ramda": "npm:@pnpm/ramda@0.28.1"
40
40
  },
41
41
  "devDependencies": {
42
42
  "@jest/globals": "30.4.1",
43
+ "@pnpm/lockfile.utils": "1100.1.2",
43
44
  "@types/ramda": "0.31.1",
44
45
  "tempy": "3.0.0",
45
46
  "write-yaml-file": "^6.0.0",
46
- "yaml-tag": "1.1.0",
47
- "@pnpm/lockfile.utils": "1100.1.1"
47
+ "yaml-tag": "1.1.0"
48
48
  },
49
49
  "engines": {
50
50
  "node": ">=22.13"