@pnpm/lockfile.utils 1100.1.1 → 1100.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/CHANGELOG.md +1342 -0
  2. package/package.json +10 -10
package/CHANGELOG.md ADDED
@@ -0,0 +1,1342 @@
1
+ # @pnpm/lockfile-utils
2
+
3
+ ## 1100.1.3
4
+
5
+ ### Patch Changes
6
+
7
+ - Updated dependencies:
8
+ - @pnpm/deps.path@1100.0.9
9
+ - @pnpm/hooks.types@1100.2.1
10
+ - @pnpm/lockfile.types@1100.0.14
11
+ - @pnpm/resolving.resolver-base@1100.5.2
12
+ - @pnpm/types@1101.4.0
13
+
14
+ ## 1100.1.2
15
+
16
+ ### Patch Changes
17
+
18
+ - Updated dependencies [a897ef7]
19
+ - @pnpm/hooks.types@1100.2.0
20
+
21
+ ## 1100.1.1
22
+
23
+ ### Patch Changes
24
+
25
+ - Updated dependencies [dcabb78]
26
+ - @pnpm/resolving.resolver-base@1100.5.1
27
+ - @pnpm/hooks.types@1100.1.1
28
+ - @pnpm/lockfile.types@1100.0.13
29
+
30
+ ## 1100.1.0
31
+
32
+ ### Minor Changes
33
+
34
+ - bae694f: Some registries generate tarballs on-demand and cannot provide an integrity checksum in their package metadata. In that case pnpm now computes the integrity from the downloaded tarball and stores it in the lockfile, so the entry is verifiable on subsequent installs instead of being written without an integrity (which would fail the next install). This also applies to `--lockfile-only`: the tarball is downloaded so its integrity can be computed. A lockfile entry that is still missing its integrity is rejected as a `ERR_PNPM_MISSING_TARBALL_INTEGRITY` lockfile verification violation (the install fails closed) rather than being silently re-fetched.
35
+
36
+ ### Patch Changes
37
+
38
+ - a84d2a1: Add `@pnpm/resolving.tarball-url`, which builds and recognizes the canonical npm tarball URL of a package. It vendors `getNpmTarballUrl` (previously the external `get-npm-tarball-url` package) and adds `isCanonicalRegistryTarballUrl`, the predicate the lockfile writer uses to decide whether a tarball URL is derivable from name+version+registry (and can therefore be omitted from `pnpm-lock.yaml`).
39
+
40
+ Exposing `isCanonicalRegistryTarballUrl` lets a custom resolver (pnpmfile `resolvers`) fronting a proxy that serves tarballs on a non-canonical path (e.g. an ephemeral `localhost:<port>`) rewrite the resolved tarball to the canonical form, so nothing host-specific is persisted to the lockfile. Previously this logic was private to `@pnpm/lockfile.utils`.
41
+
42
+ Two correctness fixes are included while consolidating the logic: the scoped-package unescape now handles uppercase `%2F` as well as `%2f` (percent-encoding is case-insensitive), and protocol-insensitive comparison strips only a leading `http(s)://` scheme instead of splitting on the first `://` (which could truncate URLs containing a later `://`).
43
+
44
+ - Updated dependencies [bae694f]
45
+ - Updated dependencies [a84d2a1]
46
+ - Updated dependencies [852d537]
47
+ - @pnpm/resolving.resolver-base@1100.5.0
48
+ - @pnpm/hooks.types@1100.1.0
49
+ - @pnpm/resolving.tarball-url@1100.0.0
50
+ - @pnpm/error@1100.0.1
51
+ - @pnpm/lockfile.types@1100.0.12
52
+
53
+ ## 1100.0.13
54
+
55
+ ### Patch Changes
56
+
57
+ - f20ad8f: Git dependencies that point to a subdirectory of a repository (`repo#commit&path:/sub/dir`) keep their `path` in the lockfile again. Since the integrity of git-hosted tarballs started being pinned in the lockfile, any install that actually downloaded the tarball rebuilt the lockfile resolution as `{ integrity, tarball, gitHosted }` and dropped the `path` field, while installs served from the store kept it — so the field disappeared seemingly at random. Without `path`, later installs from that lockfile silently unpacked the repository root instead of the subdirectory [#12304](https://github.com/pnpm/pnpm/issues/12304).
58
+ - Updated dependencies [681b593]
59
+ - Updated dependencies [a31faa7]
60
+ - @pnpm/types@1101.3.2
61
+ - @pnpm/deps.path@1100.0.8
62
+ - @pnpm/hooks.types@1100.0.12
63
+ - @pnpm/lockfile.types@1100.0.11
64
+ - @pnpm/resolving.resolver-base@1100.4.2
65
+
66
+ ## 1100.0.12
67
+
68
+ ### Patch Changes
69
+
70
+ - Updated dependencies [bf1b731]
71
+ - @pnpm/types@1101.3.1
72
+ - @pnpm/deps.path@1100.0.7
73
+ - @pnpm/hooks.types@1100.0.11
74
+ - @pnpm/lockfile.types@1100.0.10
75
+ - @pnpm/resolving.resolver-base@1100.4.1
76
+
77
+ ## 1100.0.11
78
+
79
+ ### Patch Changes
80
+
81
+ - Updated dependencies [a017bf3]
82
+ - Updated dependencies [6d17b66]
83
+ - @pnpm/types@1101.3.0
84
+ - @pnpm/resolving.resolver-base@1100.4.0
85
+ - @pnpm/deps.path@1100.0.6
86
+ - @pnpm/hooks.types@1100.0.10
87
+ - @pnpm/lockfile.types@1100.0.9
88
+
89
+ ## 1100.0.10
90
+
91
+ ### Patch Changes
92
+
93
+ - e55f4b5: Reject `pnpm-lock.yaml` entries whose remote tarball `resolution:` block is missing the `integrity` field. Previously the worker that extracts a downloaded tarball skipped hash verification when no integrity was supplied and minted a fresh one from the unverified bytes, so an attacker who could both alter the lockfile (e.g. via a pull request that strips `integrity:`) and serve modified content at the referenced tarball URL could install a tampered package without any error — including under `--frozen-lockfile`. pnpm now fails closed at lockfile-read time with `ERR_PNPM_MISSING_TARBALL_INTEGRITY`. Git-hosted tarballs (`gitHosted: true` or a URL on codeload.github.com / bitbucket.org / gitlab.com) and `file:` tarballs are exempt — the commit SHA in a git-host URL and the user-controlled local path already anchor the bytes.
94
+ - Updated dependencies [35d2355]
95
+ - @pnpm/types@1101.2.0
96
+ - @pnpm/deps.path@1100.0.5
97
+ - @pnpm/hooks.types@1100.0.9
98
+ - @pnpm/lockfile.types@1100.0.8
99
+ - @pnpm/resolving.resolver-base@1100.3.1
100
+
101
+ ## 1100.0.9
102
+
103
+ ### Patch Changes
104
+
105
+ - Updated dependencies [1627943]
106
+ - Updated dependencies [64afc92]
107
+ - @pnpm/resolving.resolver-base@1100.3.0
108
+ - @pnpm/types@1101.1.1
109
+ - @pnpm/hooks.types@1100.0.8
110
+ - @pnpm/lockfile.types@1100.0.7
111
+ - @pnpm/deps.path@1100.0.4
112
+
113
+ ## 1100.0.8
114
+
115
+ ### Patch Changes
116
+
117
+ - Updated dependencies [4195766]
118
+ - Updated dependencies [31538bf]
119
+ - @pnpm/resolving.resolver-base@1100.2.0
120
+ - @pnpm/hooks.types@1100.0.7
121
+ - @pnpm/lockfile.types@1100.0.6
122
+
123
+ ## 1100.0.7
124
+
125
+ ### Patch Changes
126
+
127
+ - Updated dependencies [b61e268]
128
+ - @pnpm/types@1101.1.0
129
+ - @pnpm/deps.path@1100.0.3
130
+ - @pnpm/hooks.types@1100.0.6
131
+ - @pnpm/lockfile.types@1100.0.5
132
+ - @pnpm/resolving.resolver-base@1100.1.3
133
+
134
+ ## 1100.0.6
135
+
136
+ ### Patch Changes
137
+
138
+ - cfa271b: Restored the heuristic that preserves tarball URLs in `pnpm-lock.yaml` when they cannot be derived from name+version+registry, even with the default `lockfileIncludeTarballUrl: false`. Without this, `pnpm install --frozen-lockfile` from an empty store fails with `ERR_PNPM_FETCH_404` for packages on registries that serve tarballs from a non-standard path — most notably GitHub Packages (`https://npm.pkg.github.com/download/<scope>/<name>/<version>/<hash>`) and JSR. `lockfileIncludeTarballUrl: true` continues to force the URL into the lockfile for every package [#11276](https://github.com/pnpm/pnpm/issues/11276).
139
+
140
+ ## 1100.0.5
141
+
142
+ ### Patch Changes
143
+
144
+ - 27425d7: Pin the integrity of git-hosted tarballs (codeload.github.com, gitlab.com, bitbucket.org) in the lockfile so that subsequent installs detect a tampered or substituted tarball and refuse to install it. Previously the lockfile only stored the tarball URL for git dependencies, so a compromised git host or a man-in-the-middle could serve arbitrary code on later installs without lockfile changes.
145
+
146
+ A new `gitHosted: true` field is recorded on git-hosted tarball resolutions in the lockfile, letting every reader/writer route them by a single typed check instead of pattern-matching the tarball URL in each call site. Lockfiles written by older pnpm versions are enriched on load (URL fallback) so the field can be relied on uniformly across the codebase.
147
+
148
+ - Updated dependencies [27425d7]
149
+ - @pnpm/lockfile.types@1100.0.4
150
+ - @pnpm/resolving.resolver-base@1100.1.2
151
+ - @pnpm/hooks.types@1100.0.5
152
+
153
+ ## 1100.0.4
154
+
155
+ ### Patch Changes
156
+
157
+ - 6b891a5: Fix `ERR_PNPM_FETCH_404` when installing a project whose lockfile depends on a `file:` tarball. The previous behavior dropped the `tarball` field from `file:` and git-hosted resolutions when `lockfile-include-tarball-url=false` (the default), even though those URLs cannot be reconstructed from the package name, version, and registry [#11407](https://github.com/pnpm/pnpm/issues/11407).
158
+ - Updated dependencies [184ce26]
159
+ - @pnpm/resolving.resolver-base@1100.1.1
160
+ - @pnpm/fetching.pick-fetcher@1100.0.4
161
+ - @pnpm/deps.path@1100.0.2
162
+ - @pnpm/hooks.types@1100.0.4
163
+ - @pnpm/lockfile.types@1100.0.3
164
+
165
+ ## 1100.0.3
166
+
167
+ ### Patch Changes
168
+
169
+ - @pnpm/fetching.pick-fetcher@1100.0.3
170
+ - @pnpm/hooks.types@1100.0.3
171
+
172
+ ## 1100.0.2
173
+
174
+ ### Patch Changes
175
+
176
+ - Updated dependencies [72c1e05]
177
+ - @pnpm/resolving.resolver-base@1100.1.0
178
+ - @pnpm/fetching.pick-fetcher@1100.0.2
179
+ - @pnpm/hooks.types@1100.0.2
180
+ - @pnpm/lockfile.types@1100.0.2
181
+
182
+ ## 1100.0.1
183
+
184
+ ### Patch Changes
185
+
186
+ - Updated dependencies [ff28085]
187
+ - @pnpm/types@1101.0.0
188
+ - @pnpm/deps.path@1100.0.1
189
+ - @pnpm/hooks.types@1100.0.1
190
+ - @pnpm/lockfile.types@1100.0.1
191
+ - @pnpm/resolving.resolver-base@1100.0.1
192
+ - @pnpm/fetching.pick-fetcher@1100.0.1
193
+
194
+ ## 1004.0.0
195
+
196
+ ### Major Changes
197
+
198
+ - 491a84f: This package is now pure ESM.
199
+ - 7d2fd48: Node.js v18, 19, 20, and 21 support discontinued.
200
+ - 394d88c: Remove extendProjectsWithTargetDirs.
201
+
202
+ ### Minor Changes
203
+
204
+ - a8f016c: Store config dependency and package manager integrity info in `pnpm-lock.yaml` instead of inlining it in `pnpm-workspace.yaml`. The workspace manifest now contains only clean version specifiers for `configDependencies`, while the resolved versions, integrity hashes, and tarball URLs are recorded in the lockfile as a separate YAML document. The env lockfile section also stores `packageManagerDependencies` resolved during version switching and self-update. Projects using the old inline-hash format are automatically migrated on install.
205
+
206
+ ### Patch Changes
207
+
208
+ - 38b8e35: Support for custom resolvers and fetchers.
209
+ - Updated dependencies [5f73b0f]
210
+ - Updated dependencies [facdd71]
211
+ - Updated dependencies [9b0a460]
212
+ - Updated dependencies [76718b3]
213
+ - Updated dependencies [a8f016c]
214
+ - Updated dependencies [cc1b8e3]
215
+ - Updated dependencies [606f53e]
216
+ - Updated dependencies [491a84f]
217
+ - Updated dependencies [7d2fd48]
218
+ - Updated dependencies [efb48dc]
219
+ - Updated dependencies [50fbeca]
220
+ - Updated dependencies [cb367b9]
221
+ - Updated dependencies [7b1c189]
222
+ - Updated dependencies [8ffb1a7]
223
+ - Updated dependencies [05fb1ae]
224
+ - Updated dependencies [71de2b3]
225
+ - Updated dependencies [10bc391]
226
+ - Updated dependencies [38b8e35]
227
+ - Updated dependencies [1e6de25]
228
+ - Updated dependencies [831f574]
229
+ - Updated dependencies [2df8b71]
230
+ - Updated dependencies [15549a9]
231
+ - Updated dependencies [cc7c0d2]
232
+ - Updated dependencies [9d3f00b]
233
+ - Updated dependencies [efb48dc]
234
+ - @pnpm/deps.path@1002.0.0
235
+ - @pnpm/resolving.resolver-base@1006.0.0
236
+ - @pnpm/types@1001.0.0
237
+ - @pnpm/lockfile.types@1003.0.0
238
+ - @pnpm/fetching.pick-fetcher@1002.0.0
239
+ - @pnpm/error@1001.0.0
240
+ - @pnpm/hooks.types@1002.0.0
241
+
242
+ ## 1003.0.3
243
+
244
+ ### Patch Changes
245
+
246
+ - Updated dependencies [7c1382f]
247
+ - Updated dependencies [7c1382f]
248
+ - Updated dependencies [dee39ec]
249
+ - @pnpm/types@1000.9.0
250
+ - @pnpm/resolver-base@1005.1.0
251
+ - @pnpm/lockfile.types@1002.0.2
252
+ - @pnpm/dependency-path@1001.1.3
253
+ - @pnpm/pick-fetcher@1001.0.0
254
+
255
+ ## 1003.0.2
256
+
257
+ ### Patch Changes
258
+
259
+ - @pnpm/dependency-path@1001.1.2
260
+
261
+ ## 1003.0.1
262
+
263
+ ### Patch Changes
264
+
265
+ - Updated dependencies [e792927]
266
+ - @pnpm/types@1000.8.0
267
+ - @pnpm/lockfile.types@1002.0.1
268
+ - @pnpm/dependency-path@1001.1.1
269
+ - @pnpm/resolver-base@1005.0.1
270
+ - @pnpm/pick-fetcher@1001.0.0
271
+
272
+ ## 1003.0.0
273
+
274
+ ### Major Changes
275
+
276
+ - d1edf73: Removed node fetcher. The binary fetcher should be used for downloading node assets.
277
+
278
+ ### Patch Changes
279
+
280
+ - Updated dependencies [d1edf73]
281
+ - Updated dependencies [d1edf73]
282
+ - Updated dependencies [86b33e9]
283
+ - Updated dependencies [d1edf73]
284
+ - Updated dependencies [f91922c]
285
+ - @pnpm/dependency-path@1001.1.0
286
+ - @pnpm/lockfile.types@1002.0.0
287
+ - @pnpm/resolver-base@1005.0.0
288
+ - @pnpm/pick-fetcher@1001.0.0
289
+
290
+ ## 1002.1.0
291
+
292
+ ### Minor Changes
293
+
294
+ - 1a07b8f: Added support for resolving and downloading the Node.js runtime specified in the [devEngines](https://github.com/openjs-foundation/package-metadata-interoperability-collab-space/issues/15) field of `package.json`.
295
+
296
+ Usage example:
297
+
298
+ ```json
299
+ {
300
+ "devEngines": {
301
+ "runtime": {
302
+ "name": "node",
303
+ "version": "^24.4.0",
304
+ "onFail": "download"
305
+ }
306
+ }
307
+ }
308
+ ```
309
+
310
+ When running `pnpm install`, pnpm will resolve Node.js to the latest version that satisfies the specified range and install it as a dependency of the project. As a result, when running scripts, the locally installed Node.js version will be used.
311
+
312
+ Unlike the existing options, `useNodeVersion` and `executionEnv.nodeVersion`, this new field supports version ranges, which are locked to exact versions during installation. The resolved version is stored in the pnpm lockfile, along with an integrity checksum for future validation of the Node.js content's validity.
313
+
314
+ Related PR: [#9755](https://github.com/pnpm/pnpm/pull/9755).
315
+
316
+ ### Patch Changes
317
+
318
+ - 2e85f29: Don't parse the dependency path twice.
319
+ - Updated dependencies [1a07b8f]
320
+ - Updated dependencies [1a07b8f]
321
+ - @pnpm/types@1000.7.0
322
+ - @pnpm/resolver-base@1004.1.0
323
+ - @pnpm/pick-fetcher@1000.1.0
324
+ - @pnpm/lockfile.types@1001.1.0
325
+ - @pnpm/dependency-path@1001.0.2
326
+
327
+ ## 1002.0.1
328
+
329
+ ### Patch Changes
330
+
331
+ - @pnpm/dependency-path@1001.0.1
332
+
333
+ ## 1002.0.0
334
+
335
+ ### Major Changes
336
+
337
+ - 540986f: Peers suffix renamed to peerDepGraphHash.
338
+
339
+ ### Patch Changes
340
+
341
+ - Updated dependencies [540986f]
342
+ - @pnpm/dependency-path@1001.0.0
343
+
344
+ ## 1001.0.12
345
+
346
+ ### Patch Changes
347
+
348
+ - Updated dependencies [2721291]
349
+ - Updated dependencies [6acf819]
350
+ - @pnpm/resolver-base@1004.0.0
351
+ - @pnpm/pick-fetcher@1000.0.1
352
+
353
+ ## 1001.0.11
354
+
355
+ ### Patch Changes
356
+
357
+ - Updated dependencies [5ec7255]
358
+ - @pnpm/types@1000.6.0
359
+ - @pnpm/lockfile.types@1001.0.8
360
+ - @pnpm/dependency-path@1000.0.9
361
+ - @pnpm/resolver-base@1003.0.1
362
+ - @pnpm/pick-fetcher@1000.0.0
363
+
364
+ ## 1001.0.10
365
+
366
+ ### Patch Changes
367
+
368
+ - Updated dependencies [8a9f3a4]
369
+ - Updated dependencies [5b73df1]
370
+ - Updated dependencies [9c3dd03]
371
+ - Updated dependencies [5b73df1]
372
+ - @pnpm/resolver-base@1003.0.0
373
+ - @pnpm/types@1000.5.0
374
+ - @pnpm/pick-fetcher@1000.0.0
375
+ - @pnpm/lockfile.types@1001.0.7
376
+ - @pnpm/dependency-path@1000.0.8
377
+
378
+ ## 1001.0.9
379
+
380
+ ### Patch Changes
381
+
382
+ - Updated dependencies [81f441c]
383
+ - @pnpm/resolver-base@1002.0.0
384
+ - @pnpm/pick-fetcher@1000.0.0
385
+
386
+ ## 1001.0.8
387
+
388
+ ### Patch Changes
389
+
390
+ - Updated dependencies [750ae7d]
391
+ - Updated dependencies [72cff38]
392
+ - @pnpm/types@1000.4.0
393
+ - @pnpm/resolver-base@1001.0.0
394
+ - @pnpm/lockfile.types@1001.0.6
395
+ - @pnpm/dependency-path@1000.0.7
396
+ - @pnpm/pick-fetcher@1000.0.0
397
+
398
+ ## 1001.0.7
399
+
400
+ ### Patch Changes
401
+
402
+ - Updated dependencies [5f7be64]
403
+ - Updated dependencies [5f7be64]
404
+ - @pnpm/types@1000.3.0
405
+ - @pnpm/lockfile.types@1001.0.5
406
+ - @pnpm/dependency-path@1000.0.6
407
+ - @pnpm/resolver-base@1000.2.1
408
+ - @pnpm/pick-fetcher@1000.0.0
409
+
410
+ ## 1001.0.6
411
+
412
+ ### Patch Changes
413
+
414
+ - Updated dependencies [3d52365]
415
+ - @pnpm/resolver-base@1000.2.0
416
+ - @pnpm/pick-fetcher@1000.0.0
417
+
418
+ ## 1001.0.5
419
+
420
+ ### Patch Changes
421
+
422
+ - @pnpm/dependency-path@1000.0.5
423
+
424
+ ## 1001.0.4
425
+
426
+ ### Patch Changes
427
+
428
+ - Updated dependencies [a5e4965]
429
+ - @pnpm/types@1000.2.1
430
+ - @pnpm/dependency-path@1000.0.4
431
+ - @pnpm/lockfile.types@1001.0.4
432
+ - @pnpm/resolver-base@1000.1.4
433
+ - @pnpm/pick-fetcher@1000.0.0
434
+
435
+ ## 1001.0.3
436
+
437
+ ### Patch Changes
438
+
439
+ - Updated dependencies [8fcc221]
440
+ - @pnpm/types@1000.2.0
441
+ - @pnpm/lockfile.types@1001.0.3
442
+ - @pnpm/dependency-path@1000.0.3
443
+ - @pnpm/resolver-base@1000.1.3
444
+ - @pnpm/pick-fetcher@1000.0.0
445
+
446
+ ## 1001.0.2
447
+
448
+ ### Patch Changes
449
+
450
+ - Updated dependencies [b562deb]
451
+ - @pnpm/types@1000.1.1
452
+ - @pnpm/lockfile.types@1001.0.2
453
+ - @pnpm/dependency-path@1000.0.2
454
+ - @pnpm/resolver-base@1000.1.2
455
+ - @pnpm/pick-fetcher@1000.0.0
456
+
457
+ ## 1001.0.1
458
+
459
+ ### Patch Changes
460
+
461
+ - Updated dependencies [9591a18]
462
+ - @pnpm/types@1000.1.0
463
+ - @pnpm/lockfile.types@1001.0.1
464
+ - @pnpm/dependency-path@1000.0.1
465
+ - @pnpm/resolver-base@1000.1.1
466
+ - @pnpm/pick-fetcher@1000.0.0
467
+
468
+ ## 1001.0.0
469
+
470
+ ### Major Changes
471
+
472
+ - a76da0c: Removed lockfile conversion from v6 to v9. If you need to convert lockfile v6 to v9, use pnpm CLI v9.
473
+
474
+ ### Patch Changes
475
+
476
+ - Updated dependencies [6483b64]
477
+ - Updated dependencies [a76da0c]
478
+ - @pnpm/resolver-base@1000.1.0
479
+ - @pnpm/lockfile.types@1001.0.0
480
+ - @pnpm/pick-fetcher@1000.0.0
481
+
482
+ ## 1.0.5
483
+
484
+ ### Patch Changes
485
+
486
+ - Updated dependencies [dcd2917]
487
+ - Updated dependencies [d55b259]
488
+ - @pnpm/dependency-path@6.0.0
489
+
490
+ ## 1.0.4
491
+
492
+ ### Patch Changes
493
+
494
+ - @pnpm/dependency-path@5.1.7
495
+
496
+ ## 1.0.3
497
+
498
+ ### Patch Changes
499
+
500
+ - Updated dependencies [d500d9f]
501
+ - @pnpm/types@12.2.0
502
+ - @pnpm/lockfile.types@1.0.3
503
+ - @pnpm/dependency-path@5.1.6
504
+ - @pnpm/resolver-base@13.0.4
505
+ - @pnpm/pick-fetcher@3.0.0
506
+
507
+ ## 1.0.2
508
+
509
+ ### Patch Changes
510
+
511
+ - Updated dependencies [7ee59a1]
512
+ - @pnpm/types@12.1.0
513
+ - @pnpm/lockfile.types@1.0.2
514
+ - @pnpm/dependency-path@5.1.5
515
+ - @pnpm/resolver-base@13.0.3
516
+ - @pnpm/pick-fetcher@3.0.0
517
+
518
+ ## 1.0.1
519
+
520
+ ### Patch Changes
521
+
522
+ - Updated dependencies [cb006df]
523
+ - @pnpm/lockfile.types@1.0.1
524
+ - @pnpm/types@12.0.0
525
+ - @pnpm/dependency-path@5.1.4
526
+ - @pnpm/resolver-base@13.0.2
527
+ - @pnpm/pick-fetcher@3.0.0
528
+
529
+ ## 1.0.0
530
+
531
+ ### Major Changes
532
+
533
+ - c5ef9b0: Package renamed from `@pnpm/lockfile-utils".
534
+
535
+ ### Patch Changes
536
+
537
+ - Updated dependencies [797ef0f]
538
+ - @pnpm/lockfile.types@1.0.0
539
+
540
+ ## 11.0.4
541
+
542
+ ### Patch Changes
543
+
544
+ - Updated dependencies [0ef168b]
545
+ - @pnpm/types@11.1.0
546
+ - @pnpm/lockfile-types@7.1.3
547
+ - @pnpm/dependency-path@5.1.3
548
+ - @pnpm/resolver-base@13.0.1
549
+ - @pnpm/pick-fetcher@3.0.0
550
+
551
+ ## 11.0.3
552
+
553
+ ### Patch Changes
554
+
555
+ - Updated dependencies [dd00eeb]
556
+ - Updated dependencies
557
+ - @pnpm/resolver-base@13.0.0
558
+ - @pnpm/types@11.0.0
559
+ - @pnpm/pick-fetcher@3.0.0
560
+ - @pnpm/lockfile-types@7.1.2
561
+ - @pnpm/dependency-path@5.1.2
562
+
563
+ ## 11.0.2
564
+
565
+ ### Patch Changes
566
+
567
+ - Updated dependencies [13e55b2]
568
+ - @pnpm/types@10.1.1
569
+ - @pnpm/lockfile-types@7.1.1
570
+ - @pnpm/dependency-path@5.1.1
571
+ - @pnpm/resolver-base@12.0.2
572
+ - @pnpm/pick-fetcher@3.0.0
573
+
574
+ ## 11.0.1
575
+
576
+ ### Patch Changes
577
+
578
+ - Updated dependencies [47341e5]
579
+ - @pnpm/dependency-path@5.1.0
580
+ - @pnpm/lockfile-types@7.1.0
581
+
582
+ ## 11.0.0
583
+
584
+ ### Major Changes
585
+
586
+ - Breaking changes to the API.
587
+
588
+ ### Patch Changes
589
+
590
+ - Updated dependencies [45f4262]
591
+ - Updated dependencies
592
+ - @pnpm/types@10.1.0
593
+ - @pnpm/lockfile-types@7.0.0
594
+ - @pnpm/dependency-path@5.0.0
595
+ - @pnpm/resolver-base@12.0.1
596
+ - @pnpm/pick-fetcher@3.0.0
597
+
598
+ ## 10.1.1
599
+
600
+ ### Patch Changes
601
+
602
+ - 7a0536e: Fix `Cannot read properties of undefined (reading 'missingPeersOfChildren')` exception that happens on install [#8041](https://github.com/pnpm/pnpm/issues/8041).
603
+
604
+ ## 10.1.0
605
+
606
+ ### Minor Changes
607
+
608
+ - 9719a42: New setting called `virtual-store-dir-max-length` added to modify the maximum allowed length of the directories inside `node_modules/.pnpm`. The default length is set to 120 characters. This setting is particularly useful on Windows, where there is a limit to the maximum length of a file path [#7355](https://github.com/pnpm/pnpm/issues/7355).
609
+
610
+ ### Patch Changes
611
+
612
+ - Updated dependencies [9719a42]
613
+ - @pnpm/dependency-path@4.0.0
614
+
615
+ ## 10.0.0
616
+
617
+ ### Major Changes
618
+
619
+ - cdd8365: Package ID does not contain the registry domain.
620
+ - 43cdd87: Node.js v16 support dropped. Use at least Node.js v18.12.
621
+ - d381a60: Support for lockfile v5 is dropped. Use pnpm v8 to convert lockfile v5 to lockfile v6 [#7470](https://github.com/pnpm/pnpm/pull/7470).
622
+
623
+ ### Patch Changes
624
+
625
+ - Updated dependencies [7733f3a]
626
+ - Updated dependencies [cdd8365]
627
+ - Updated dependencies [89b396b]
628
+ - Updated dependencies [43cdd87]
629
+ - Updated dependencies [086b69c]
630
+ - Updated dependencies [d381a60]
631
+ - Updated dependencies [27a96a8]
632
+ - Updated dependencies [b13d2dc]
633
+ - Updated dependencies [730929e]
634
+ - Updated dependencies [98a1266]
635
+ - @pnpm/types@10.0.0
636
+ - @pnpm/dependency-path@3.0.0
637
+ - @pnpm/lockfile-types@6.0.0
638
+ - @pnpm/resolver-base@12.0.0
639
+ - @pnpm/pick-fetcher@3.0.0
640
+
641
+ ## 9.0.5
642
+
643
+ ### Patch Changes
644
+
645
+ - Updated dependencies [31054a63e]
646
+ - @pnpm/resolver-base@11.1.0
647
+ - @pnpm/pick-fetcher@2.0.1
648
+
649
+ ## 9.0.4
650
+
651
+ ### Patch Changes
652
+
653
+ - Updated dependencies [4d34684f1]
654
+ - @pnpm/lockfile-types@5.1.5
655
+ - @pnpm/types@9.4.2
656
+ - @pnpm/dependency-path@2.1.7
657
+ - @pnpm/resolver-base@11.0.2
658
+ - @pnpm/pick-fetcher@2.0.1
659
+
660
+ ## 9.0.3
661
+
662
+ ### Patch Changes
663
+
664
+ - Updated dependencies
665
+ - @pnpm/lockfile-types@5.1.4
666
+ - @pnpm/types@9.4.1
667
+ - @pnpm/dependency-path@2.1.6
668
+ - @pnpm/resolver-base@11.0.1
669
+ - @pnpm/pick-fetcher@2.0.1
670
+
671
+ ## 9.0.2
672
+
673
+ ### Patch Changes
674
+
675
+ - d5a176af7: Fix a bug where `--fix-lockfile` crashes on tarballs [#7368](https://github.com/pnpm/pnpm/issues/7368).
676
+
677
+ ## 9.0.1
678
+
679
+ ### Patch Changes
680
+
681
+ - b4194fe52: Fixed out-of-memory exception that was happening on dependencies with many peer dependencies, when `node-linker` was set to `hoisted` [#6227](https://github.com/pnpm/pnpm/issues/6227).
682
+
683
+ ## 9.0.0
684
+
685
+ ### Major Changes
686
+
687
+ - 4c2450208: (Important) Tarball resolutions in `pnpm-lock.yaml` will no longer contain a `registry` field. This field has been unused for a long time. This change should not cause any issues besides backward compatible modifications to the lockfile [#7262](https://github.com/pnpm/pnpm/pull/7262).
688
+
689
+ ### Patch Changes
690
+
691
+ - Updated dependencies [4c2450208]
692
+ - @pnpm/resolver-base@11.0.0
693
+ - @pnpm/pick-fetcher@2.0.1
694
+
695
+ ## 8.0.7
696
+
697
+ ### Patch Changes
698
+
699
+ - Updated dependencies [43ce9e4a6]
700
+ - @pnpm/types@9.4.0
701
+ - @pnpm/lockfile-types@5.1.3
702
+ - @pnpm/dependency-path@2.1.5
703
+ - @pnpm/resolver-base@10.0.4
704
+ - @pnpm/pick-fetcher@2.0.1
705
+
706
+ ## 8.0.6
707
+
708
+ ### Patch Changes
709
+
710
+ - Updated dependencies [d774a3196]
711
+ - @pnpm/types@9.3.0
712
+ - @pnpm/lockfile-types@5.1.2
713
+ - @pnpm/dependency-path@2.1.4
714
+ - @pnpm/resolver-base@10.0.3
715
+ - @pnpm/pick-fetcher@2.0.1
716
+
717
+ ## 8.0.5
718
+
719
+ ### Patch Changes
720
+
721
+ - f394cfccd: Don't update git-hosted dependencies when adding an unrelated dependency [#7008](https://github.com/pnpm/pnpm/issues/7008).
722
+ - Updated dependencies [f394cfccd]
723
+ - @pnpm/pick-fetcher@2.0.1
724
+
725
+ ## 8.0.4
726
+
727
+ ### Patch Changes
728
+
729
+ - e9aa6f682: Apply fixes from @typescript-eslint v6 for nullish coalescing and optional chains. No behavior changes are expected with this change.
730
+
731
+ ## 8.0.3
732
+
733
+ ### Patch Changes
734
+
735
+ - Updated dependencies [aa2ae8fe2]
736
+ - @pnpm/types@9.2.0
737
+ - @pnpm/lockfile-types@5.1.1
738
+ - @pnpm/dependency-path@2.1.3
739
+ - @pnpm/resolver-base@10.0.2
740
+
741
+ ## 8.0.2
742
+
743
+ ### Patch Changes
744
+
745
+ - d9da627cd: Should always treat local file dependency as new dependency [#5381](https://github.com/pnpm/pnpm/issues/5381)
746
+
747
+ ## 8.0.1
748
+
749
+ ### Patch Changes
750
+
751
+ - Updated dependencies [9c4ae87bd]
752
+ - Updated dependencies [a9e0b7cbf]
753
+ - @pnpm/lockfile-types@5.1.0
754
+ - @pnpm/types@9.1.0
755
+ - @pnpm/dependency-path@2.1.2
756
+ - @pnpm/resolver-base@10.0.1
757
+
758
+ ## 8.0.0
759
+
760
+ ### Major Changes
761
+
762
+ - d58cdb962: Return details about the reason why the lockfile doesn't satisfy the manifest.
763
+
764
+ ## 7.0.1
765
+
766
+ ### Patch Changes
767
+
768
+ - Updated dependencies [c0760128d]
769
+ - @pnpm/dependency-path@2.1.1
770
+
771
+ ## 7.0.0
772
+
773
+ ### Major Changes
774
+
775
+ - 72ba638e3: Breaking changes to the API of `satisfiesPackageManifest`.
776
+
777
+ ## 6.0.1
778
+
779
+ ### Patch Changes
780
+
781
+ - Updated dependencies [5087636b6]
782
+ - Updated dependencies [94f94eed6]
783
+ - @pnpm/dependency-path@2.1.0
784
+
785
+ ## 6.0.0
786
+
787
+ ### Major Changes
788
+
789
+ - c92936158: The registry field is removed from the `resolution` object in `pnpm-lock.yaml`.
790
+ - eceaa8b8b: Node.js 14 support dropped.
791
+
792
+ ### Patch Changes
793
+
794
+ - Updated dependencies [c92936158]
795
+ - Updated dependencies [ca8f51e60]
796
+ - Updated dependencies [eceaa8b8b]
797
+ - Updated dependencies [0e26acb0f]
798
+ - @pnpm/lockfile-types@5.0.0
799
+ - @pnpm/dependency-path@2.0.0
800
+ - @pnpm/resolver-base@10.0.0
801
+ - @pnpm/types@9.0.0
802
+
803
+ ## 5.0.7
804
+
805
+ ### Patch Changes
806
+
807
+ - Updated dependencies [029143cff]
808
+ - Updated dependencies [029143cff]
809
+ - @pnpm/resolver-base@9.2.0
810
+
811
+ ## 5.0.6
812
+
813
+ ### Patch Changes
814
+
815
+ - Updated dependencies [d89d7a078]
816
+ - @pnpm/dependency-path@1.1.3
817
+
818
+ ## 5.0.5
819
+
820
+ ### Patch Changes
821
+
822
+ - Updated dependencies [9247f6781]
823
+ - @pnpm/dependency-path@1.1.2
824
+
825
+ ## 5.0.4
826
+
827
+ ### Patch Changes
828
+
829
+ - Updated dependencies [0f6e95872]
830
+ - @pnpm/dependency-path@1.1.1
831
+
832
+ ## 5.0.3
833
+
834
+ ### Patch Changes
835
+
836
+ - Updated dependencies [3ebce5db7]
837
+ - @pnpm/dependency-path@1.1.0
838
+
839
+ ## 5.0.2
840
+
841
+ ### Patch Changes
842
+
843
+ - Updated dependencies [b77651d14]
844
+ - @pnpm/types@8.10.0
845
+ - @pnpm/lockfile-types@4.3.6
846
+ - @pnpm/dependency-path@1.0.1
847
+ - @pnpm/resolver-base@9.1.5
848
+
849
+ ## 5.0.1
850
+
851
+ ### Patch Changes
852
+
853
+ - Updated dependencies [313702d76]
854
+ - @pnpm/dependency-path@1.0.0
855
+
856
+ ## 5.0.0
857
+
858
+ ### Major Changes
859
+
860
+ - ecc8794bb: Breaking change to the API of the `extendProjectsWithTargetDirs` function.
861
+
862
+ ### Patch Changes
863
+
864
+ - ecc8794bb: Sync all injected dependencies when hoisted node linker is used.
865
+
866
+ ## 4.2.8
867
+
868
+ ### Patch Changes
869
+
870
+ - Updated dependencies [702e847c1]
871
+ - @pnpm/types@8.9.0
872
+ - dependency-path@9.2.8
873
+ - @pnpm/lockfile-types@4.3.5
874
+ - @pnpm/resolver-base@9.1.4
875
+
876
+ ## 4.2.7
877
+
878
+ ### Patch Changes
879
+
880
+ - Updated dependencies [844e82f3a]
881
+ - @pnpm/types@8.8.0
882
+ - dependency-path@9.2.7
883
+ - @pnpm/lockfile-types@4.3.4
884
+ - @pnpm/resolver-base@9.1.3
885
+
886
+ ## 4.2.6
887
+
888
+ ### Patch Changes
889
+
890
+ - Updated dependencies [d665f3ff7]
891
+ - @pnpm/types@8.7.0
892
+ - dependency-path@9.2.6
893
+ - @pnpm/lockfile-types@4.3.3
894
+ - @pnpm/resolver-base@9.1.2
895
+
896
+ ## 4.2.5
897
+
898
+ ### Patch Changes
899
+
900
+ - Updated dependencies [156cc1ef6]
901
+ - @pnpm/types@8.6.0
902
+ - dependency-path@9.2.5
903
+ - @pnpm/lockfile-types@4.3.2
904
+ - @pnpm/resolver-base@9.1.1
905
+
906
+ ## 4.2.4
907
+
908
+ ### Patch Changes
909
+
910
+ - Updated dependencies [23984abd1]
911
+ - @pnpm/resolver-base@9.1.0
912
+
913
+ ## 4.2.3
914
+
915
+ ### Patch Changes
916
+
917
+ - 8103f92bd: Use a patched version of ramda to fix deprecation warnings on Node.js 16. Related issue: https://github.com/ramda/ramda/pull/3270
918
+
919
+ ## 4.2.2
920
+
921
+ ### Patch Changes
922
+
923
+ - Updated dependencies [c90798461]
924
+ - @pnpm/types@8.5.0
925
+ - dependency-path@9.2.4
926
+ - @pnpm/lockfile-types@4.3.1
927
+ - @pnpm/resolver-base@9.0.6
928
+
929
+ ## 4.2.1
930
+
931
+ ### Patch Changes
932
+
933
+ - c83f40c10: pnpm should not consider a lockfile out-of-date if `auto-install-peers` is set to `true` and the peer dependency is in `devDependencies` or `optionalDependencies` [#5080](https://github.com/pnpm/pnpm/issues/5080).
934
+
935
+ ## 4.2.0
936
+
937
+ ### Minor Changes
938
+
939
+ - 8dcfbe357: Add `publishDirectory` field to the lockfile and relink the project when it changes.
940
+
941
+ ### Patch Changes
942
+
943
+ - Updated dependencies [8dcfbe357]
944
+ - @pnpm/lockfile-types@4.3.0
945
+
946
+ ## 4.1.0
947
+
948
+ ### Minor Changes
949
+
950
+ - e3f4d131c: New option added: autoInstallPeers.
951
+
952
+ ## 4.0.10
953
+
954
+ ### Patch Changes
955
+
956
+ - dependency-path@9.2.3
957
+
958
+ ## 4.0.9
959
+
960
+ ### Patch Changes
961
+
962
+ - 5f643f23b: Update ramda to v0.28.
963
+
964
+ ## 4.0.8
965
+
966
+ ### Patch Changes
967
+
968
+ - Updated dependencies [fc581d371]
969
+ - dependency-path@9.2.2
970
+
971
+ ## 4.0.7
972
+
973
+ ### Patch Changes
974
+
975
+ - Updated dependencies [d01c32355]
976
+ - Updated dependencies [8e5b77ef6]
977
+ - Updated dependencies [8e5b77ef6]
978
+ - @pnpm/lockfile-types@4.2.0
979
+ - @pnpm/types@8.4.0
980
+ - dependency-path@9.2.1
981
+ - @pnpm/resolver-base@9.0.5
982
+
983
+ ## 4.0.6
984
+
985
+ ### Patch Changes
986
+
987
+ - Updated dependencies [2a34b21ce]
988
+ - Updated dependencies [c635f9fc1]
989
+ - @pnpm/types@8.3.0
990
+ - @pnpm/lockfile-types@4.1.0
991
+ - dependency-path@9.2.0
992
+ - @pnpm/resolver-base@9.0.4
993
+
994
+ ## 4.0.5
995
+
996
+ ### Patch Changes
997
+
998
+ - Updated dependencies [fb5bbfd7a]
999
+ - Updated dependencies [725636a90]
1000
+ - @pnpm/types@8.2.0
1001
+ - dependency-path@9.1.4
1002
+ - @pnpm/lockfile-types@4.0.3
1003
+ - @pnpm/resolver-base@9.0.3
1004
+
1005
+ ## 4.0.4
1006
+
1007
+ ### Patch Changes
1008
+
1009
+ - Updated dependencies [4d39e4a0c]
1010
+ - @pnpm/types@8.1.0
1011
+ - dependency-path@9.1.3
1012
+ - @pnpm/lockfile-types@4.0.2
1013
+ - @pnpm/resolver-base@9.0.2
1014
+
1015
+ ## 4.0.3
1016
+
1017
+ ### Patch Changes
1018
+
1019
+ - Updated dependencies [c57695550]
1020
+ - dependency-path@9.1.2
1021
+
1022
+ ## 4.0.2
1023
+
1024
+ ### Patch Changes
1025
+
1026
+ - Updated dependencies [18ba5e2c0]
1027
+ - @pnpm/types@8.0.1
1028
+ - dependency-path@9.1.1
1029
+ - @pnpm/lockfile-types@4.0.1
1030
+ - @pnpm/resolver-base@9.0.1
1031
+
1032
+ ## 4.0.1
1033
+
1034
+ ### Patch Changes
1035
+
1036
+ - 688b0eaff: When checking if the lockfile is up-to-date, an empty `dependenciesMeta` field in the manifest should be satisfied by a not set field in the lockfile [#4463](https://github.com/pnpm/pnpm/pull/4463).
1037
+ - Updated dependencies [0a70aedb1]
1038
+ - dependency-path@9.1.0
1039
+
1040
+ ## 4.0.0
1041
+
1042
+ ### Major Changes
1043
+
1044
+ - 542014839: Node.js 12 is not supported.
1045
+
1046
+ ### Patch Changes
1047
+
1048
+ - Updated dependencies [d504dc380]
1049
+ - Updated dependencies [faf830b8f]
1050
+ - Updated dependencies [542014839]
1051
+ - @pnpm/types@8.0.0
1052
+ - dependency-path@9.0.0
1053
+ - @pnpm/lockfile-types@4.0.0
1054
+ - @pnpm/resolver-base@9.0.0
1055
+
1056
+ ## 3.2.1
1057
+
1058
+ ### Patch Changes
1059
+
1060
+ - Updated dependencies [b138d048c]
1061
+ - @pnpm/lockfile-types@3.2.0
1062
+ - @pnpm/types@7.10.0
1063
+ - dependency-path@8.0.11
1064
+ - @pnpm/resolver-base@8.1.6
1065
+
1066
+ ## 3.2.0
1067
+
1068
+ ### Minor Changes
1069
+
1070
+ - cdc521cfa: Injected package location should be properly detected in a hoisted `node_modules`.
1071
+
1072
+ ## 3.1.6
1073
+
1074
+ ### Patch Changes
1075
+
1076
+ - Updated dependencies [26cd01b88]
1077
+ - @pnpm/types@7.9.0
1078
+ - dependency-path@8.0.10
1079
+ - @pnpm/lockfile-types@3.1.5
1080
+ - @pnpm/resolver-base@8.1.5
1081
+
1082
+ ## 3.1.5
1083
+
1084
+ ### Patch Changes
1085
+
1086
+ - Updated dependencies [b5734a4a7]
1087
+ - @pnpm/types@7.8.0
1088
+ - dependency-path@8.0.9
1089
+ - @pnpm/lockfile-types@3.1.4
1090
+ - @pnpm/resolver-base@8.1.4
1091
+
1092
+ ## 3.1.4
1093
+
1094
+ ### Patch Changes
1095
+
1096
+ - Updated dependencies [6493e0c93]
1097
+ - @pnpm/types@7.7.1
1098
+ - dependency-path@8.0.8
1099
+ - @pnpm/lockfile-types@3.1.3
1100
+ - @pnpm/resolver-base@8.1.3
1101
+
1102
+ ## 3.1.3
1103
+
1104
+ ### Patch Changes
1105
+
1106
+ - Updated dependencies [ba9b2eba1]
1107
+ - @pnpm/types@7.7.0
1108
+ - dependency-path@8.0.7
1109
+ - @pnpm/lockfile-types@3.1.2
1110
+ - @pnpm/resolver-base@8.1.2
1111
+
1112
+ ## 3.1.2
1113
+
1114
+ ### Patch Changes
1115
+
1116
+ - 3cf543fc1: Non-standard tarball URL should be correctly calculated when the registry has no trailing slash in the configuration file [#4052](https://github.com/pnpm/pnpm/issues/4052). This is a regression caused introduced in v6.23.2 caused by [#4032](https://github.com/pnpm/pnpm/pull/4032).
1117
+
1118
+ ## 3.1.1
1119
+
1120
+ ### Patch Changes
1121
+
1122
+ - Updated dependencies [302ae4f6f]
1123
+ - @pnpm/types@7.6.0
1124
+ - dependency-path@8.0.6
1125
+ - @pnpm/lockfile-types@3.1.1
1126
+ - @pnpm/resolver-base@8.1.1
1127
+
1128
+ ## 3.1.0
1129
+
1130
+ ### Minor Changes
1131
+
1132
+ - 4ab87844a: New utility function added: `extendProjectsWithTargetDirs()`.
1133
+
1134
+ ### Patch Changes
1135
+
1136
+ - Updated dependencies [4ab87844a]
1137
+ - Updated dependencies [4ab87844a]
1138
+ - Updated dependencies [4ab87844a]
1139
+ - @pnpm/types@7.5.0
1140
+ - @pnpm/resolver-base@8.1.0
1141
+ - @pnpm/lockfile-types@3.1.0
1142
+ - dependency-path@8.0.5
1143
+
1144
+ ## 3.0.8
1145
+
1146
+ ### Patch Changes
1147
+
1148
+ - Updated dependencies [b734b45ea]
1149
+ - @pnpm/types@7.4.0
1150
+ - dependency-path@8.0.4
1151
+ - @pnpm/resolver-base@8.0.4
1152
+
1153
+ ## 3.0.7
1154
+
1155
+ ### Patch Changes
1156
+
1157
+ - Updated dependencies [8e76690f4]
1158
+ - @pnpm/types@7.3.0
1159
+ - dependency-path@8.0.3
1160
+ - @pnpm/resolver-base@8.0.3
1161
+
1162
+ ## 3.0.6
1163
+
1164
+ ### Patch Changes
1165
+
1166
+ - Updated dependencies [6c418943c]
1167
+ - dependency-path@8.0.2
1168
+
1169
+ ## 3.0.5
1170
+
1171
+ ### Patch Changes
1172
+
1173
+ - Updated dependencies [724c5abd8]
1174
+ - @pnpm/types@7.2.0
1175
+ - dependency-path@8.0.1
1176
+ - @pnpm/resolver-base@8.0.2
1177
+
1178
+ ## 3.0.4
1179
+
1180
+ ### Patch Changes
1181
+
1182
+ - a1a03d145: Import only the required functions from ramda.
1183
+
1184
+ ## 3.0.3
1185
+
1186
+ ### Patch Changes
1187
+
1188
+ - Updated dependencies [20e2f235d]
1189
+ - dependency-path@8.0.0
1190
+
1191
+ ## 3.0.2
1192
+
1193
+ ### Patch Changes
1194
+
1195
+ - Updated dependencies [97c64bae4]
1196
+ - @pnpm/types@7.1.0
1197
+ - dependency-path@7.0.1
1198
+ - @pnpm/resolver-base@8.0.1
1199
+
1200
+ ## 3.0.1
1201
+
1202
+ ### Patch Changes
1203
+
1204
+ - Updated dependencies [9ceab68f0]
1205
+ - dependency-path@7.0.0
1206
+
1207
+ ## 3.0.0
1208
+
1209
+ ### Major Changes
1210
+
1211
+ - 97b986fbc: Node.js 10 support is dropped. At least Node.js 12.17 is required for the package to work.
1212
+
1213
+ ### Patch Changes
1214
+
1215
+ - Updated dependencies [97b986fbc]
1216
+ - Updated dependencies [6871d74b2]
1217
+ - Updated dependencies [e4efddbd2]
1218
+ - Updated dependencies [f2bb5cbeb]
1219
+ - dependency-path@6.0.0
1220
+ - @pnpm/lockfile-types@3.0.0
1221
+ - @pnpm/resolver-base@8.0.0
1222
+ - @pnpm/types@7.0.0
1223
+
1224
+ ## 2.0.22
1225
+
1226
+ ### Patch Changes
1227
+
1228
+ - Updated dependencies [9ad8c27bf]
1229
+ - Updated dependencies [9ad8c27bf]
1230
+ - @pnpm/lockfile-types@2.2.0
1231
+ - @pnpm/types@6.4.0
1232
+ - dependency-path@5.1.1
1233
+ - @pnpm/resolver-base@7.1.1
1234
+
1235
+ ## 2.0.21
1236
+
1237
+ ### Patch Changes
1238
+
1239
+ - Updated dependencies [e27dcf0dc]
1240
+ - dependency-path@5.1.0
1241
+
1242
+ ## 2.0.20
1243
+
1244
+ ### Patch Changes
1245
+
1246
+ - Updated dependencies [8698a7060]
1247
+ - @pnpm/resolver-base@7.1.0
1248
+
1249
+ ## 2.0.19
1250
+
1251
+ ### Patch Changes
1252
+
1253
+ - Updated dependencies [39142e2ad]
1254
+ - dependency-path@5.0.6
1255
+
1256
+ ## 2.0.18
1257
+
1258
+ ### Patch Changes
1259
+
1260
+ - Updated dependencies [b5d694e7f]
1261
+ - @pnpm/lockfile-types@2.1.1
1262
+ - @pnpm/types@6.3.1
1263
+ - dependency-path@5.0.5
1264
+ - @pnpm/resolver-base@7.0.5
1265
+
1266
+ ## 2.0.17
1267
+
1268
+ ### Patch Changes
1269
+
1270
+ - Updated dependencies [d54043ee4]
1271
+ - Updated dependencies [d54043ee4]
1272
+ - @pnpm/lockfile-types@2.1.0
1273
+ - @pnpm/types@6.3.0
1274
+ - dependency-path@5.0.4
1275
+ - @pnpm/resolver-base@7.0.4
1276
+
1277
+ ## 2.0.16
1278
+
1279
+ ### Patch Changes
1280
+
1281
+ - 1140ef721: When getting resolution from package snapshot, always prefer the registry that is present in the package snapshot.
1282
+ - a2ef8084f: Use the same versions of dependencies across the pnpm monorepo.
1283
+ - Updated dependencies [a2ef8084f]
1284
+ - dependency-path@5.0.3
1285
+
1286
+ ## 2.0.15
1287
+
1288
+ ### Patch Changes
1289
+
1290
+ - Updated dependencies [db17f6f7b]
1291
+ - @pnpm/types@6.2.0
1292
+ - dependency-path@5.0.2
1293
+ - @pnpm/resolver-base@7.0.3
1294
+
1295
+ ## 2.0.14
1296
+
1297
+ ### Patch Changes
1298
+
1299
+ - Updated dependencies [71a8c8ce3]
1300
+ - @pnpm/types@6.1.0
1301
+ - dependency-path@5.0.1
1302
+ - @pnpm/resolver-base@7.0.2
1303
+
1304
+ ## 2.0.13
1305
+
1306
+ ### Patch Changes
1307
+
1308
+ - Updated dependencies [41d92948b]
1309
+ - dependency-path@5.0.0
1310
+
1311
+ ## 2.0.12
1312
+
1313
+ ### Patch Changes
1314
+
1315
+ - Updated dependencies [da091c711]
1316
+ - Updated dependencies [6a8a97eee]
1317
+ - @pnpm/types@6.0.0
1318
+ - @pnpm/lockfile-types@2.0.1
1319
+ - dependency-path@4.0.7
1320
+ - @pnpm/resolver-base@7.0.1
1321
+
1322
+ ## 2.0.12-alpha.1
1323
+
1324
+ ### Patch Changes
1325
+
1326
+ - Updated dependencies [6a8a97eee]
1327
+ - @pnpm/lockfile-types@2.0.1-alpha.0
1328
+
1329
+ ## 2.0.12-alpha.0
1330
+
1331
+ ### Patch Changes
1332
+
1333
+ - Updated dependencies [da091c71]
1334
+ - @pnpm/types@6.0.0-alpha.0
1335
+ - dependency-path@4.0.7-alpha.0
1336
+ - @pnpm/resolver-base@7.0.1-alpha.0
1337
+
1338
+ ## 2.0.11
1339
+
1340
+ ### Patch Changes
1341
+
1342
+ - 907c63a48: Dependencies updated.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@pnpm/lockfile.utils",
3
- "version": "1100.1.1",
3
+ "version": "1100.1.3",
4
4
  "description": "Utils for dealing with pnpm-lock.yaml",
5
5
  "keywords": [
6
6
  "pnpm",
@@ -29,22 +29,22 @@
29
29
  "!*.map"
30
30
  ],
31
31
  "dependencies": {
32
- "ramda": "npm:@pnpm/ramda@0.28.1",
33
- "@pnpm/deps.path": "1100.0.8",
34
- "@pnpm/hooks.types": "1100.1.1",
35
- "@pnpm/resolving.resolver-base": "1100.5.1",
32
+ "@pnpm/deps.path": "1100.0.9",
33
+ "@pnpm/error": "1100.0.1",
34
+ "@pnpm/hooks.types": "1100.2.1",
35
+ "@pnpm/lockfile.types": "1100.0.14",
36
+ "@pnpm/resolving.resolver-base": "1100.5.2",
36
37
  "@pnpm/resolving.tarball-url": "1100.0.0",
37
- "@pnpm/lockfile.types": "1100.0.13",
38
- "@pnpm/types": "1101.3.2",
39
- "@pnpm/error": "1100.0.1"
38
+ "@pnpm/types": "1101.4.0",
39
+ "ramda": "npm:@pnpm/ramda@0.28.1"
40
40
  },
41
41
  "devDependencies": {
42
42
  "@jest/globals": "30.4.1",
43
+ "@pnpm/lockfile.utils": "1100.1.3",
43
44
  "@types/ramda": "0.31.1",
44
45
  "tempy": "3.0.0",
45
46
  "write-yaml-file": "^6.0.0",
46
- "yaml-tag": "1.1.0",
47
- "@pnpm/lockfile.utils": "1100.1.1"
47
+ "yaml-tag": "1.1.0"
48
48
  },
49
49
  "engines": {
50
50
  "node": ">=22.13"