pnpm 10.25.0 → 10.26.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -16,9 +16,9 @@ hoistedLocations:
|
|
|
16
16
|
agent-base@7.1.4:
|
|
17
17
|
- node_modules/agent-base
|
|
18
18
|
ansi-regex@5.0.1:
|
|
19
|
-
- node_modules/strip-ansi-cjs/node_modules/ansi-regex
|
|
20
|
-
- node_modules/wrap-ansi-cjs/node_modules/ansi-regex
|
|
21
19
|
- node_modules/string-width-cjs/node_modules/ansi-regex
|
|
20
|
+
- node_modules/wrap-ansi-cjs/node_modules/ansi-regex
|
|
21
|
+
- node_modules/strip-ansi-cjs/node_modules/ansi-regex
|
|
22
22
|
ansi-regex@6.2.2:
|
|
23
23
|
- node_modules/ansi-regex
|
|
24
24
|
ansi-styles@4.3.0:
|
|
@@ -44,8 +44,8 @@ hoistedLocations:
|
|
|
44
44
|
eastasianwidth@0.2.0:
|
|
45
45
|
- node_modules/eastasianwidth
|
|
46
46
|
emoji-regex@8.0.0:
|
|
47
|
-
- node_modules/wrap-ansi-cjs/node_modules/emoji-regex
|
|
48
47
|
- node_modules/string-width-cjs/node_modules/emoji-regex
|
|
48
|
+
- node_modules/wrap-ansi-cjs/node_modules/emoji-regex
|
|
49
49
|
emoji-regex@9.2.2:
|
|
50
50
|
- node_modules/emoji-regex
|
|
51
51
|
encoding@0.1.13:
|
|
@@ -103,8 +103,8 @@ hoistedLocations:
|
|
|
103
103
|
minipass-sized@1.0.3:
|
|
104
104
|
- node_modules/minipass-sized
|
|
105
105
|
minipass@3.3.6:
|
|
106
|
-
- node_modules/minipass-flush/node_modules/minipass
|
|
107
106
|
- node_modules/minipass-pipeline/node_modules/minipass
|
|
107
|
+
- node_modules/minipass-flush/node_modules/minipass
|
|
108
108
|
- node_modules/minipass-sized/node_modules/minipass
|
|
109
109
|
minipass@7.1.2:
|
|
110
110
|
- node_modules/minipass
|
|
@@ -158,8 +158,8 @@ hoistedLocations:
|
|
|
158
158
|
string-width@5.1.2:
|
|
159
159
|
- node_modules/string-width
|
|
160
160
|
strip-ansi@6.0.1:
|
|
161
|
-
- node_modules/wrap-ansi-cjs/node_modules/strip-ansi
|
|
162
161
|
- node_modules/string-width-cjs/node_modules/strip-ansi
|
|
162
|
+
- node_modules/wrap-ansi-cjs/node_modules/strip-ansi
|
|
163
163
|
- node_modules/strip-ansi-cjs
|
|
164
164
|
strip-ansi@7.1.2:
|
|
165
165
|
- node_modules/strip-ansi
|
|
@@ -182,8 +182,8 @@ hoistedLocations:
|
|
|
182
182
|
wrap-ansi@8.1.0:
|
|
183
183
|
- node_modules/wrap-ansi
|
|
184
184
|
yallist@4.0.0:
|
|
185
|
-
- node_modules/minipass-flush/node_modules/yallist
|
|
186
185
|
- node_modules/minipass-pipeline/node_modules/yallist
|
|
186
|
+
- node_modules/minipass-flush/node_modules/yallist
|
|
187
187
|
- node_modules/minipass-sized/node_modules/yallist
|
|
188
188
|
yallist@5.0.0:
|
|
189
189
|
- node_modules/yallist
|
|
@@ -194,9 +194,9 @@ included:
|
|
|
194
194
|
injectedDeps: {}
|
|
195
195
|
layoutVersion: 5
|
|
196
196
|
nodeLinker: hoisted
|
|
197
|
-
packageManager: pnpm@10.
|
|
197
|
+
packageManager: pnpm@10.26.0
|
|
198
198
|
pendingBuilds: []
|
|
199
|
-
prunedAt:
|
|
199
|
+
prunedAt: Fri, 19 Dec 2025 01:15:55 GMT
|
|
200
200
|
publicHoistPattern: []
|
|
201
201
|
registries:
|
|
202
202
|
'@jsr': https://npm.jsr.io/
|
package/dist/pnpm.cjs
CHANGED
|
@@ -2972,7 +2972,7 @@ var require_lib4 = __commonJS({
|
|
|
2972
2972
|
var load_json_file_1 = __importDefault2(require_load_json_file());
|
|
2973
2973
|
var defaultManifest = {
|
|
2974
2974
|
name: true ? "pnpm" : "pnpm",
|
|
2975
|
-
version: true ? "10.
|
|
2975
|
+
version: true ? "10.26.1" : "0.0.0"
|
|
2976
2976
|
};
|
|
2977
2977
|
var pkgJson;
|
|
2978
2978
|
if (require.main == null) {
|
|
@@ -14654,7 +14654,8 @@ var require_dependencyBuildOptions = __commonJS({
|
|
|
14654
14654
|
"dangerouslyAllowAllBuilds",
|
|
14655
14655
|
"onlyBuiltDependencies",
|
|
14656
14656
|
"onlyBuiltDependenciesFile",
|
|
14657
|
-
"neverBuiltDependencies"
|
|
14657
|
+
"neverBuiltDependencies",
|
|
14658
|
+
"allowBuilds"
|
|
14658
14659
|
];
|
|
14659
14660
|
var hasDependencyBuildOptions = (config) => exports2.DEPS_BUILD_CONFIG_KEYS.some((key) => config[key] != null);
|
|
14660
14661
|
exports2.hasDependencyBuildOptions = hasDependencyBuildOptions;
|
|
@@ -15098,6 +15099,7 @@ var require_types2 = __commonJS({
|
|
|
15098
15099
|
"public-hoist-pattern": Array,
|
|
15099
15100
|
"publish-branch": String,
|
|
15100
15101
|
"recursive-install": Boolean,
|
|
15102
|
+
"block-exotic-subdeps": Boolean,
|
|
15101
15103
|
reporter: String,
|
|
15102
15104
|
"resolution-mode": ["highest", "time-based", "lowest-direct"],
|
|
15103
15105
|
"resolve-peers-from-workspace-root": Boolean,
|
|
@@ -18817,6 +18819,7 @@ var require_getOptionsFromRootManifest = __commonJS({
|
|
|
18817
18819
|
const settings = getOptionsFromPnpmSettings(manifestDir, {
|
|
18818
18820
|
...(0, pick_1.default)([
|
|
18819
18821
|
"allowNonAppliedPatches",
|
|
18822
|
+
"allowBuilds",
|
|
18820
18823
|
"allowUnusedPatches",
|
|
18821
18824
|
"allowedDeprecatedVersions",
|
|
18822
18825
|
"auditConfig",
|
|
@@ -18849,7 +18852,7 @@ var require_getOptionsFromRootManifest = __commonJS({
|
|
|
18849
18852
|
return settings;
|
|
18850
18853
|
}
|
|
18851
18854
|
function getOptionsFromPnpmSettings(manifestDir, pnpmSettings, manifest) {
|
|
18852
|
-
const renamedKeys = ["allowNonAppliedPatches"];
|
|
18855
|
+
const renamedKeys = ["allowNonAppliedPatches", "allowBuilds"];
|
|
18853
18856
|
const settings = (0, omit_1.default)(renamedKeys, replaceEnvInSettings(pnpmSettings));
|
|
18854
18857
|
if (settings.overrides) {
|
|
18855
18858
|
if (Object.keys(settings.overrides).length === 0) {
|
|
@@ -18876,6 +18879,20 @@ var require_getOptionsFromRootManifest = __commonJS({
|
|
|
18876
18879
|
if (pnpmSettings.ignorePatchFailures != null) {
|
|
18877
18880
|
settings.ignorePatchFailures = pnpmSettings.ignorePatchFailures;
|
|
18878
18881
|
}
|
|
18882
|
+
if (pnpmSettings.allowBuilds) {
|
|
18883
|
+
settings.onlyBuiltDependencies ??= [];
|
|
18884
|
+
settings.ignoredBuiltDependencies ??= [];
|
|
18885
|
+
for (const [packagePattern, build] of Object.entries(pnpmSettings.allowBuilds)) {
|
|
18886
|
+
switch (build) {
|
|
18887
|
+
case true:
|
|
18888
|
+
settings.onlyBuiltDependencies.push(packagePattern);
|
|
18889
|
+
break;
|
|
18890
|
+
case false:
|
|
18891
|
+
settings.ignoredBuiltDependencies.push(packagePattern);
|
|
18892
|
+
break;
|
|
18893
|
+
}
|
|
18894
|
+
}
|
|
18895
|
+
}
|
|
18879
18896
|
return settings;
|
|
18880
18897
|
}
|
|
18881
18898
|
function replaceEnvInSettings(settings) {
|
|
@@ -19616,6 +19633,7 @@ var require_lib23 = __commonJS({
|
|
|
19616
19633
|
"public-hoist-pattern": [],
|
|
19617
19634
|
"recursive-install": true,
|
|
19618
19635
|
registry: npmDefaults.registry,
|
|
19636
|
+
"block-exotic-subdeps": false,
|
|
19619
19637
|
"resolution-mode": "highest",
|
|
19620
19638
|
"resolve-peers-from-workspace-root": true,
|
|
19621
19639
|
"save-peer": false,
|
|
@@ -53795,6 +53813,7 @@ var require_lib33 = __commonJS({
|
|
|
53795
53813
|
Object.defineProperty(exports2, "createGitHostedPkgId", { enumerable: true, get: function() {
|
|
53796
53814
|
return createGitHostedPkgId_js_1.createGitHostedPkgId;
|
|
53797
53815
|
} });
|
|
53816
|
+
var error_1 = require_lib6();
|
|
53798
53817
|
function createGitResolver(opts) {
|
|
53799
53818
|
return async function resolveGit(wantedDependency) {
|
|
53800
53819
|
const parsedSpec = await (0, parseBareSpecifier_js_1.parseBareSpecifier)(wantedDependency.bareSpecifier, opts);
|
|
@@ -53858,18 +53877,28 @@ var require_lib33 = __commonJS({
|
|
|
53858
53877
|
return refs;
|
|
53859
53878
|
}
|
|
53860
53879
|
async function resolveRef(repo, ref, range) {
|
|
53861
|
-
|
|
53880
|
+
const committish = ref.match(/^[0-9a-f]{7,40}$/) !== null;
|
|
53881
|
+
if (committish && ref.length === 40) {
|
|
53862
53882
|
return ref;
|
|
53863
53883
|
}
|
|
53864
|
-
const refs = await getRepoRefs(repo, range ? null : ref);
|
|
53865
|
-
|
|
53884
|
+
const refs = await getRepoRefs(repo, range ?? committish ? null : ref);
|
|
53885
|
+
const result2 = resolveRefFromRefs(refs, repo, ref, committish, range);
|
|
53886
|
+
if (committish && !result2.startsWith(ref)) {
|
|
53887
|
+
throw new error_1.PnpmError("GIT_AMBIGUOUS_REF", `resolved commit ${result2} from commit-ish reference ${ref}`);
|
|
53888
|
+
}
|
|
53889
|
+
return result2;
|
|
53866
53890
|
}
|
|
53867
|
-
function resolveRefFromRefs(refs, repo, ref, range) {
|
|
53891
|
+
function resolveRefFromRefs(refs, repo, ref, committish, range) {
|
|
53868
53892
|
if (!range) {
|
|
53869
|
-
|
|
53893
|
+
let commitId = refs[ref] || refs[`refs/${ref}`] || refs[`refs/tags/${ref}^{}`] || // prefer annotated tags
|
|
53870
53894
|
refs[`refs/tags/${ref}`] || refs[`refs/heads/${ref}`];
|
|
53871
53895
|
if (!commitId) {
|
|
53872
|
-
|
|
53896
|
+
const commits = committish ? Object.values(refs).filter((value) => value.startsWith(ref)) : [];
|
|
53897
|
+
if (commits.length === 1) {
|
|
53898
|
+
commitId = commits[0];
|
|
53899
|
+
} else {
|
|
53900
|
+
throw new Error(`Could not resolve ${ref} to a commit of ${repo}.`);
|
|
53901
|
+
}
|
|
53873
53902
|
}
|
|
53874
53903
|
return commitId;
|
|
53875
53904
|
} else {
|
|
@@ -60438,6 +60467,22 @@ var require_trustChecks = __commonJS({
|
|
|
60438
60467
|
}
|
|
60439
60468
|
});
|
|
60440
60469
|
|
|
60470
|
+
// ../resolving/npm-resolver/lib/normalizeRegistryUrl.js
|
|
60471
|
+
var require_normalizeRegistryUrl = __commonJS({
|
|
60472
|
+
"../resolving/npm-resolver/lib/normalizeRegistryUrl.js"(exports2) {
|
|
60473
|
+
"use strict";
|
|
60474
|
+
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
60475
|
+
exports2.normalizeRegistryUrl = normalizeRegistryUrl;
|
|
60476
|
+
function normalizeRegistryUrl(urlString) {
|
|
60477
|
+
try {
|
|
60478
|
+
return new URL(urlString).toString();
|
|
60479
|
+
} catch {
|
|
60480
|
+
return urlString;
|
|
60481
|
+
}
|
|
60482
|
+
}
|
|
60483
|
+
}
|
|
60484
|
+
});
|
|
60485
|
+
|
|
60441
60486
|
// ../resolving/npm-resolver/lib/index.js
|
|
60442
60487
|
var require_lib49 = __commonJS({
|
|
60443
60488
|
"../resolving/npm-resolver/lib/index.js"(exports2) {
|
|
@@ -60476,6 +60521,7 @@ var require_lib49 = __commonJS({
|
|
|
60476
60521
|
var whichVersionIsPinned_js_1 = require_whichVersionIsPinned();
|
|
60477
60522
|
var pickPackageFromMeta_js_1 = require_pickPackageFromMeta();
|
|
60478
60523
|
var trustChecks_js_1 = require_trustChecks();
|
|
60524
|
+
var normalizeRegistryUrl_js_1 = require_normalizeRegistryUrl();
|
|
60479
60525
|
var NoMatchingVersionError = class extends error_1.PnpmError {
|
|
60480
60526
|
packageMeta;
|
|
60481
60527
|
immatureVersion;
|
|
@@ -60669,7 +60715,7 @@ var require_lib49 = __commonJS({
|
|
|
60669
60715
|
const id = `${pickedPackage.name}@${pickedPackage.version}`;
|
|
60670
60716
|
const resolution = {
|
|
60671
60717
|
integrity: getIntegrity(pickedPackage.dist),
|
|
60672
|
-
tarball: pickedPackage.dist.tarball
|
|
60718
|
+
tarball: (0, normalizeRegistryUrl_js_1.normalizeRegistryUrl)(pickedPackage.dist.tarball)
|
|
60673
60719
|
};
|
|
60674
60720
|
let normalizedBareSpecifier;
|
|
60675
60721
|
if (opts.calcSpecifier) {
|
|
@@ -60714,7 +60760,7 @@ var require_lib49 = __commonJS({
|
|
|
60714
60760
|
const id = `${pickedPackage.name}@${pickedPackage.version}`;
|
|
60715
60761
|
const resolution = {
|
|
60716
60762
|
integrity: getIntegrity(pickedPackage.dist),
|
|
60717
|
-
tarball: pickedPackage.dist.tarball
|
|
60763
|
+
tarball: (0, normalizeRegistryUrl_js_1.normalizeRegistryUrl)(pickedPackage.dist.tarball)
|
|
60718
60764
|
};
|
|
60719
60765
|
return {
|
|
60720
60766
|
id,
|
|
@@ -60921,16 +60967,17 @@ var require_lib50 = __commonJS({
|
|
|
60921
60967
|
}
|
|
60922
60968
|
if (isRepository(wantedDependency.bareSpecifier))
|
|
60923
60969
|
return null;
|
|
60970
|
+
const normalizedBareSpecifier = new URL(wantedDependency.bareSpecifier).toString();
|
|
60924
60971
|
let resolvedUrl;
|
|
60925
|
-
const response = await fetchFromRegistry(
|
|
60972
|
+
const response = await fetchFromRegistry(normalizedBareSpecifier, { method: "HEAD" });
|
|
60926
60973
|
if (response?.headers?.get("cache-control")?.includes("immutable")) {
|
|
60927
60974
|
resolvedUrl = response.url;
|
|
60928
60975
|
} else {
|
|
60929
|
-
resolvedUrl =
|
|
60976
|
+
resolvedUrl = normalizedBareSpecifier;
|
|
60930
60977
|
}
|
|
60931
60978
|
return {
|
|
60932
|
-
id:
|
|
60933
|
-
normalizedBareSpecifier
|
|
60979
|
+
id: normalizedBareSpecifier,
|
|
60980
|
+
normalizedBareSpecifier,
|
|
60934
60981
|
resolution: {
|
|
60935
60982
|
tarball: resolvedUrl
|
|
60936
60983
|
},
|
|
@@ -97053,6 +97100,13 @@ var require_lib72 = __commonJS({
|
|
|
97053
97100
|
return { shouldBeBuilt: false, pkgDir };
|
|
97054
97101
|
if (opts.ignoreScripts)
|
|
97055
97102
|
return { shouldBeBuilt: true, pkgDir };
|
|
97103
|
+
if (!opts.allowBuild?.(manifest.name, manifest.version)) {
|
|
97104
|
+
throw new error_1.PnpmError("GIT_DEP_PREPARE_NOT_ALLOWED", `The git-hosted package "${manifest.name}@${manifest.version}" needs to execute build scripts but is not in the "onlyBuiltDependencies" allowlist.`, {
|
|
97105
|
+
hint: `Add the package to "onlyBuiltDependencies" in your project's pnpm-workspace.yaml to allow it to run scripts. For example:
|
|
97106
|
+
onlyBuiltDependencies:
|
|
97107
|
+
- "${manifest.name}"`
|
|
97108
|
+
});
|
|
97109
|
+
}
|
|
97056
97110
|
const pm = (await (0, preferred_pm_1.default)(gitRootDir))?.name ?? "npm";
|
|
97057
97111
|
const execOpts = {
|
|
97058
97112
|
depPath: `${manifest.name}@${manifest.version}`,
|
|
@@ -97583,17 +97637,13 @@ var require_lib74 = __commonJS({
|
|
|
97583
97637
|
var logger_1 = require_lib();
|
|
97584
97638
|
var prepare_package_1 = require_lib72();
|
|
97585
97639
|
var worker_1 = require_lib73();
|
|
97640
|
+
var error_1 = require_lib6();
|
|
97586
97641
|
var rimraf_1 = __importDefault2(require_rimraf());
|
|
97587
97642
|
var execa_1 = __importDefault2(require_lib17());
|
|
97588
97643
|
var url_1 = require("url");
|
|
97589
97644
|
function createGitFetcher(createOpts) {
|
|
97590
97645
|
const allowedHosts = new Set(createOpts?.gitShallowHosts ?? []);
|
|
97591
97646
|
const ignoreScripts = createOpts.ignoreScripts ?? false;
|
|
97592
|
-
const preparePkg = prepare_package_1.preparePackage.bind(null, {
|
|
97593
|
-
ignoreScripts: createOpts.ignoreScripts,
|
|
97594
|
-
rawConfig: createOpts.rawConfig,
|
|
97595
|
-
unsafePerm: createOpts.unsafePerm
|
|
97596
|
-
});
|
|
97597
97647
|
const gitFetcher = async (cafs, resolution, opts) => {
|
|
97598
97648
|
const tempLocation = await cafs.tempDir();
|
|
97599
97649
|
if (allowedHosts.size > 0 && shouldUseShallow(resolution.repo, allowedHosts)) {
|
|
@@ -97604,9 +97654,18 @@ var require_lib74 = __commonJS({
|
|
|
97604
97654
|
await execGit(["clone", resolution.repo, tempLocation]);
|
|
97605
97655
|
}
|
|
97606
97656
|
await execGit(["checkout", resolution.commit], { cwd: tempLocation });
|
|
97657
|
+
const receivedCommit = await execGit(["rev-parse", "HEAD"], { cwd: tempLocation });
|
|
97658
|
+
if (receivedCommit.trim() !== resolution.commit) {
|
|
97659
|
+
throw new error_1.PnpmError("GIT_CHECKOUT_FAILED", `received commit ${receivedCommit.trim()} does not match expected value ${resolution.commit}`);
|
|
97660
|
+
}
|
|
97607
97661
|
let pkgDir;
|
|
97608
97662
|
try {
|
|
97609
|
-
const prepareResult = await
|
|
97663
|
+
const prepareResult = await (0, prepare_package_1.preparePackage)({
|
|
97664
|
+
allowBuild: opts.allowBuild,
|
|
97665
|
+
ignoreScripts: createOpts.ignoreScripts,
|
|
97666
|
+
rawConfig: createOpts.rawConfig,
|
|
97667
|
+
unsafePerm: createOpts.unsafePerm
|
|
97668
|
+
}, tempLocation, resolution.path ?? "");
|
|
97610
97669
|
pkgDir = prepareResult.pkgDir;
|
|
97611
97670
|
if (ignoreScripts && prepareResult.shouldBeBuilt) {
|
|
97612
97671
|
(0, logger_1.globalWarn)(`The git-hosted package fetched from "${resolution.repo}" has to be built but the build scripts were ignored.`);
|
|
@@ -97646,7 +97705,8 @@ var require_lib74 = __commonJS({
|
|
|
97646
97705
|
}
|
|
97647
97706
|
async function execGit(args, opts) {
|
|
97648
97707
|
const fullArgs = prefixGitArgs().concat(args || []);
|
|
97649
|
-
await (0, execa_1.default)("git", fullArgs, opts);
|
|
97708
|
+
const { stdout } = await (0, execa_1.default)("git", fullArgs, opts);
|
|
97709
|
+
return stdout;
|
|
97650
97710
|
}
|
|
97651
97711
|
}
|
|
97652
97712
|
});
|
|
@@ -98082,7 +98142,10 @@ var require_gitHostedTarballFetcher = __commonJS({
|
|
|
98082
98142
|
},
|
|
98083
98143
|
force: true
|
|
98084
98144
|
});
|
|
98085
|
-
const { shouldBeBuilt, pkgDir } = await (0, prepare_package_1.preparePackage)(
|
|
98145
|
+
const { shouldBeBuilt, pkgDir } = await (0, prepare_package_1.preparePackage)({
|
|
98146
|
+
...opts,
|
|
98147
|
+
allowBuild: fetcherOpts.allowBuild
|
|
98148
|
+
}, tempLocation, resolution.path ?? "");
|
|
98086
98149
|
const files = await (0, fs_packlist_1.packlist)(pkgDir);
|
|
98087
98150
|
if (!resolution.path && files.length === Object.keys(filesIndex).length) {
|
|
98088
98151
|
if (!shouldBeBuilt) {
|
|
@@ -108792,6 +108855,7 @@ var require_packageRequester = __commonJS({
|
|
|
108792
108855
|
}
|
|
108793
108856
|
const pkg = manifest != null ? (0, pick_1.default)(["name", "version"], manifest) : {};
|
|
108794
108857
|
const fetchResult = ctx.fetchPackageToStore({
|
|
108858
|
+
allowBuild: options.allowBuild,
|
|
108795
108859
|
fetchRawManifest: true,
|
|
108796
108860
|
force: forceFetch,
|
|
108797
108861
|
ignoreScripts: options.ignoreScripts,
|
|
@@ -108805,7 +108869,11 @@ var require_packageRequester = __commonJS({
|
|
|
108805
108869
|
supportedArchitectures: options.supportedArchitectures
|
|
108806
108870
|
});
|
|
108807
108871
|
if (!manifest) {
|
|
108808
|
-
|
|
108872
|
+
const fetchedResult = await fetchResult.fetching();
|
|
108873
|
+
manifest = fetchedResult.bundledManifest;
|
|
108874
|
+
if (fetchedResult.integrity && !resolution.type && !resolution.integrity) {
|
|
108875
|
+
resolution.integrity = fetchedResult.integrity;
|
|
108876
|
+
}
|
|
108809
108877
|
}
|
|
108810
108878
|
return {
|
|
108811
108879
|
body: {
|
|
@@ -108990,6 +109058,7 @@ If you want to ignore this issue, set the strict-store-pkg-content-check to fals
|
|
|
108990
109058
|
}
|
|
108991
109059
|
const priority = (++ctx.requestsQueue.counter % ctx.requestsQueue.concurrency === 0 ? -1 : 1) * 1e3;
|
|
108992
109060
|
const fetchedPackage = await ctx.requestsQueue.add(async () => ctx.fetch(opts.pkg.id, resolution, {
|
|
109061
|
+
allowBuild: opts.allowBuild,
|
|
108993
109062
|
filesIndexFile,
|
|
108994
109063
|
lockfileDir: opts.lockfileDir,
|
|
108995
109064
|
readManifest: opts.fetchRawManifest,
|
|
@@ -109013,9 +109082,10 @@ If you want to ignore this issue, set the strict-store-pkg-content-check to fals
|
|
|
109013
109082
|
version: opts.pkg.version
|
|
109014
109083
|
}
|
|
109015
109084
|
}), { priority });
|
|
109016
|
-
|
|
109085
|
+
const integrity = opts.pkg.resolution.integrity ?? fetchedPackage.integrity;
|
|
109086
|
+
if (isLocalTarballDep && integrity) {
|
|
109017
109087
|
await fs_1.promises.mkdir(target, { recursive: true });
|
|
109018
|
-
await graceful_fs_1.default.writeFile(path_1.default.join(target, TARBALL_INTEGRITY_FILENAME),
|
|
109088
|
+
await graceful_fs_1.default.writeFile(path_1.default.join(target, TARBALL_INTEGRITY_FILENAME), integrity, "utf8");
|
|
109019
109089
|
}
|
|
109020
109090
|
fetching.resolve({
|
|
109021
109091
|
files: {
|
|
@@ -109024,7 +109094,8 @@ If you want to ignore this issue, set the strict-store-pkg-content-check to fals
|
|
|
109024
109094
|
packageImportMethod: fetchedPackage.packageImportMethod,
|
|
109025
109095
|
requiresBuild: fetchedPackage.requiresBuild
|
|
109026
109096
|
},
|
|
109027
|
-
bundledManifest: fetchedPackage.manifest == null ? fetchedPackage.manifest : normalizeBundledManifest(fetchedPackage.manifest)
|
|
109097
|
+
bundledManifest: fetchedPackage.manifest == null ? fetchedPackage.manifest : normalizeBundledManifest(fetchedPackage.manifest),
|
|
109098
|
+
integrity
|
|
109028
109099
|
});
|
|
109029
109100
|
} catch (err) {
|
|
109030
109101
|
fetching.reject(err);
|
|
@@ -109966,7 +110037,24 @@ var require_lib97 = __commonJS({
|
|
|
109966
110037
|
if (opts.cleanupUnusedCatalogs) {
|
|
109967
110038
|
shouldBeUpdated = removePackagesFromWorkspaceCatalog(manifest, opts.allProjects ?? []) || shouldBeUpdated;
|
|
109968
110039
|
}
|
|
109969
|
-
|
|
110040
|
+
const updatedFields = { ...opts.updatedFields };
|
|
110041
|
+
if (manifest.allowBuilds != null && (updatedFields.onlyBuiltDependencies != null || updatedFields.ignoredBuiltDependencies != null)) {
|
|
110042
|
+
const allowBuilds = { ...manifest.allowBuilds };
|
|
110043
|
+
if (updatedFields.onlyBuiltDependencies != null) {
|
|
110044
|
+
for (const pattern of updatedFields.onlyBuiltDependencies) {
|
|
110045
|
+
allowBuilds[pattern] = true;
|
|
110046
|
+
}
|
|
110047
|
+
}
|
|
110048
|
+
if (updatedFields.ignoredBuiltDependencies != null) {
|
|
110049
|
+
for (const pattern of updatedFields.ignoredBuiltDependencies) {
|
|
110050
|
+
allowBuilds[pattern] = false;
|
|
110051
|
+
}
|
|
110052
|
+
}
|
|
110053
|
+
updatedFields.allowBuilds = allowBuilds;
|
|
110054
|
+
delete updatedFields.onlyBuiltDependencies;
|
|
110055
|
+
delete updatedFields.ignoredBuiltDependencies;
|
|
110056
|
+
}
|
|
110057
|
+
for (const [key, value] of Object.entries(updatedFields)) {
|
|
109970
110058
|
if (!(0, equals_1.default)(manifest[key], value)) {
|
|
109971
110059
|
shouldBeUpdated = true;
|
|
109972
110060
|
if (value == null) {
|
|
@@ -148889,6 +148977,7 @@ var require_lockfileToDepGraph = __commonJS({
|
|
|
148889
148977
|
core_loggers_1.progressLogger.debug({ packageId, requester: opts.lockfileDir, status: "resolved" });
|
|
148890
148978
|
try {
|
|
148891
148979
|
fetchResponse = await opts.storeController.fetchPackage({
|
|
148980
|
+
allowBuild: opts.allowBuild,
|
|
148892
148981
|
force: false,
|
|
148893
148982
|
lockfileDir: opts.lockfileDir,
|
|
148894
148983
|
ignoreScripts: opts.ignoreScripts,
|
|
@@ -150020,6 +150109,7 @@ var require_lockfileToHoistedDepGraph = __commonJS({
|
|
|
150020
150109
|
} else {
|
|
150021
150110
|
try {
|
|
150022
150111
|
fetchResponse = opts.storeController.fetchPackage({
|
|
150112
|
+
allowBuild: opts.allowBuild,
|
|
150023
150113
|
force: false,
|
|
150024
150114
|
lockfileDir: opts.lockfileDir,
|
|
150025
150115
|
ignoreScripts: opts.ignoreScripts,
|
|
@@ -150416,8 +150506,10 @@ var require_lib164 = __commonJS({
|
|
|
150416
150506
|
}
|
|
150417
150507
|
}
|
|
150418
150508
|
}
|
|
150509
|
+
const allowBuild = (0, builder_policy_1.createAllowBuildFunction)(opts);
|
|
150419
150510
|
const lockfileToDepGraphOpts = {
|
|
150420
150511
|
...opts,
|
|
150512
|
+
allowBuild,
|
|
150421
150513
|
importerIds,
|
|
150422
150514
|
lockfileDir,
|
|
150423
150515
|
skipped,
|
|
@@ -150452,7 +150544,6 @@ var require_lib164 = __commonJS({
|
|
|
150452
150544
|
}
|
|
150453
150545
|
let newHoistedDependencies;
|
|
150454
150546
|
let linkedToRoot = 0;
|
|
150455
|
-
const allowBuild = (0, builder_policy_1.createAllowBuildFunction)(opts);
|
|
150456
150547
|
if (opts.nodeLinker === "hoisted" && hierarchy && prevGraph) {
|
|
150457
150548
|
await (0, linkHoistedModules_js_1.linkHoistedModules)(opts.storeController, graph, prevGraph, hierarchy, {
|
|
150458
150549
|
allowBuild,
|
|
@@ -152451,6 +152542,7 @@ var require_resolveDependencies = __commonJS({
|
|
|
152451
152542
|
wantedDependency.bareSpecifier = (0, replaceVersionInBareSpecifier_js_1.replaceVersionInBareSpecifier)(wantedDependency.bareSpecifier, options.preferredVersion);
|
|
152452
152543
|
}
|
|
152453
152544
|
pkgResponse = await ctx.storeController.requestPackage(wantedDependency, {
|
|
152545
|
+
allowBuild: ctx.allowBuild,
|
|
152454
152546
|
alwaysTryWorkspacePackages: ctx.linkWorkspacePackagesDepth >= options.currentDepth,
|
|
152455
152547
|
currentPkg: currentPkg ? {
|
|
152456
152548
|
id: currentPkg.pkgId,
|
|
@@ -152513,6 +152605,13 @@ var require_resolveDependencies = __commonJS({
|
|
|
152513
152605
|
rawSpec: wantedDependency.bareSpecifier
|
|
152514
152606
|
}
|
|
152515
152607
|
});
|
|
152608
|
+
if (ctx.blockExoticSubdeps && options.currentDepth > 0 && pkgResponse.body.resolvedVia != null && // This is already coming from the lockfile, we skip the check in this case for now. Should be fixed later.
|
|
152609
|
+
isExoticDep(pkgResponse.body.resolvedVia)) {
|
|
152610
|
+
const error = new error_1.PnpmError("EXOTIC_SUBDEP", `Exotic dependency "${wantedDependency.alias ?? wantedDependency.bareSpecifier}" (resolved via ${pkgResponse.body.resolvedVia}) is not allowed in subdependencies when blockExoticSubdeps is enabled`);
|
|
152611
|
+
error.prefix = options.prefix;
|
|
152612
|
+
error.pkgsStack = getPkgsInfoFromIds(options.parentIds, ctx.resolvedPkgsById);
|
|
152613
|
+
throw error;
|
|
152614
|
+
}
|
|
152516
152615
|
if (ctx.allPreferredVersions && pkgResponse.body.manifest?.version) {
|
|
152517
152616
|
if (!ctx.allPreferredVersions[pkgResponse.body.manifest.name]) {
|
|
152518
152617
|
ctx.allPreferredVersions[pkgResponse.body.manifest.name] = {};
|
|
@@ -152801,6 +152900,19 @@ var require_resolveDependencies = __commonJS({
|
|
|
152801
152900
|
const existingCatalogResolution = wantedLockfile.catalogs?.[catalogLookup.catalogName]?.[wantedDependency.alias];
|
|
152802
152901
|
return existingCatalogResolution?.specifier === catalogLookup.specifier ? existingCatalogResolution.version : void 0;
|
|
152803
152902
|
}
|
|
152903
|
+
var NON_EXOTIC_RESOLVED_VIA = /* @__PURE__ */ new Set([
|
|
152904
|
+
"custom-resolver",
|
|
152905
|
+
"github.com/denoland/deno",
|
|
152906
|
+
"github.com/oven-sh/bun",
|
|
152907
|
+
"jsr-registry",
|
|
152908
|
+
"local-filesystem",
|
|
152909
|
+
"nodejs.org",
|
|
152910
|
+
"npm-registry",
|
|
152911
|
+
"workspace"
|
|
152912
|
+
]);
|
|
152913
|
+
function isExoticDep(resolvedVia) {
|
|
152914
|
+
return !NON_EXOTIC_RESOLVED_VIA.has(resolvedVia);
|
|
152915
|
+
}
|
|
152804
152916
|
}
|
|
152805
152917
|
});
|
|
152806
152918
|
|
|
@@ -152826,6 +152938,7 @@ var require_resolveDependencyTree = __commonJS({
|
|
|
152826
152938
|
const wantedToBeSkippedPackageIds = /* @__PURE__ */ new Set();
|
|
152827
152939
|
const autoInstallPeers = opts.autoInstallPeers === true;
|
|
152828
152940
|
const ctx = {
|
|
152941
|
+
allowBuild: opts.allowBuild,
|
|
152829
152942
|
autoInstallPeers,
|
|
152830
152943
|
autoInstallPeersFromHighestMatch: opts.autoInstallPeersFromHighestMatch === true,
|
|
152831
152944
|
allowedDeprecatedVersions: opts.allowedDeprecatedVersions,
|
|
@@ -152867,7 +152980,8 @@ var require_resolveDependencyTree = __commonJS({
|
|
|
152867
152980
|
maximumPublishedBy: opts.minimumReleaseAge ? new Date(Date.now() - opts.minimumReleaseAge * 60 * 1e3) : void 0,
|
|
152868
152981
|
publishedByExclude: opts.minimumReleaseAgeExclude ? createPackageVersionPolicyByExclude(opts.minimumReleaseAgeExclude, "minimumReleaseAgeExclude") : void 0,
|
|
152869
152982
|
trustPolicy: opts.trustPolicy,
|
|
152870
|
-
trustPolicyExclude: opts.trustPolicyExclude ? createPackageVersionPolicyByExclude(opts.trustPolicyExclude, "trustPolicyExclude") : void 0
|
|
152983
|
+
trustPolicyExclude: opts.trustPolicyExclude ? createPackageVersionPolicyByExclude(opts.trustPolicyExclude, "trustPolicyExclude") : void 0,
|
|
152984
|
+
blockExoticSubdeps: opts.blockExoticSubdeps
|
|
152871
152985
|
};
|
|
152872
152986
|
function createPackageVersionPolicyByExclude(patterns, key) {
|
|
152873
152987
|
try {
|
|
@@ -157498,7 +157612,8 @@ var require_extendInstallOptions = __commonJS({
|
|
|
157498
157612
|
disallowWorkspaceCycles: false,
|
|
157499
157613
|
excludeLinksFromLockfile: false,
|
|
157500
157614
|
virtualStoreDirMaxLength: 120,
|
|
157501
|
-
peersSuffixMaxLength: 1e3
|
|
157615
|
+
peersSuffixMaxLength: 1e3,
|
|
157616
|
+
blockExoticSubdeps: false
|
|
157502
157617
|
};
|
|
157503
157618
|
};
|
|
157504
157619
|
function extendOptions(opts) {
|
|
@@ -159031,7 +159146,9 @@ Note that in CI environments, this setting is enabled by default.`
|
|
|
159031
159146
|
if (opts.dedupe) {
|
|
159032
159147
|
forgetResolutionsOfAllPrevWantedDeps(ctx.wantedLockfile);
|
|
159033
159148
|
}
|
|
159149
|
+
const allowBuild = (0, builder_policy_1.createAllowBuildFunction)(opts);
|
|
159034
159150
|
let { dependenciesGraph, dependenciesByProjectId, linkedDependenciesByProjectId, updatedCatalogs, newLockfile, outdatedDependencies, peerDependencyIssuesByProjects, wantedToBeSkippedPackageIds, waitTillAllFetchingsFinish } = await (0, resolve_dependencies_1.resolveDependencies)(projects, {
|
|
159151
|
+
allowBuild,
|
|
159035
159152
|
allowedDeprecatedVersions: opts.allowedDeprecatedVersions,
|
|
159036
159153
|
allowUnusedPatches: opts.allowUnusedPatches,
|
|
159037
159154
|
autoInstallPeers: opts.autoInstallPeers,
|
|
@@ -159077,7 +159194,8 @@ Note that in CI environments, this setting is enabled by default.`
|
|
|
159077
159194
|
minimumReleaseAge: opts.minimumReleaseAge,
|
|
159078
159195
|
minimumReleaseAgeExclude: opts.minimumReleaseAgeExclude,
|
|
159079
159196
|
trustPolicy: opts.trustPolicy,
|
|
159080
|
-
trustPolicyExclude: opts.trustPolicyExclude
|
|
159197
|
+
trustPolicyExclude: opts.trustPolicyExclude,
|
|
159198
|
+
blockExoticSubdeps: opts.blockExoticSubdeps
|
|
159081
159199
|
});
|
|
159082
159200
|
if (!opts.include.optionalDependencies || !opts.include.devDependencies || !opts.include.dependencies) {
|
|
159083
159201
|
linkedDependenciesByProjectId = (0, map_1.default)((linkedDeps) => linkedDeps.filter((linkedDep) => !(linkedDep.dev && !opts.include.devDependencies || linkedDep.optional && !opts.include.optionalDependencies || !linkedDep.dev && !linkedDep.optional && !opts.include.dependencies)), linkedDependenciesByProjectId ?? {});
|
|
@@ -159112,7 +159230,6 @@ Note that in CI environments, this setting is enabled by default.`
|
|
|
159112
159230
|
mergeGitBranchLockfiles: opts.mergeGitBranchLockfiles
|
|
159113
159231
|
};
|
|
159114
159232
|
let stats;
|
|
159115
|
-
const allowBuild = (0, builder_policy_1.createAllowBuildFunction)(opts);
|
|
159116
159233
|
let ignoredBuilds;
|
|
159117
159234
|
if (!opts.lockfileOnly && !isInstallationOnlyForLockfileCheck && opts.enableModulesDir) {
|
|
159118
159235
|
const result2 = await (0, link_js_1.linkPackages)(projects, dependenciesGraph, {
|
|
@@ -175650,6 +175767,11 @@ var require_createDeployFiles = __commonJS({
|
|
|
175650
175767
|
// the effects of the package extensions should already be part of the package snapshots
|
|
175651
175768
|
pnpmfileChecksum: void 0,
|
|
175652
175769
|
// the effects of the pnpmfile should already be part of the package snapshots
|
|
175770
|
+
settings: {
|
|
175771
|
+
...lockfile.settings,
|
|
175772
|
+
injectWorkspacePackages: void 0
|
|
175773
|
+
// the effects of injecting workspace packages should already be part of the lockfile
|
|
175774
|
+
},
|
|
175653
175775
|
importers: {
|
|
175654
175776
|
["."]: targetSnapshot
|
|
175655
175777
|
},
|
|
@@ -176026,6 +176148,8 @@ var require_deploy = __commonJS({
|
|
|
176026
176148
|
modulesDir: void 0,
|
|
176027
176149
|
confirmModulesPurge: false,
|
|
176028
176150
|
frozenLockfile: true,
|
|
176151
|
+
injectWorkspacePackages: void 0,
|
|
176152
|
+
// the effects of injecting workspace packages should already be part of the package snapshots
|
|
176029
176153
|
overrides: void 0,
|
|
176030
176154
|
// the effects of the overrides should already be part of the package snapshots
|
|
176031
176155
|
hooks: {
|
|
@@ -179248,7 +179372,11 @@ ${details}`;
|
|
|
179248
179372
|
if (change === null || diff == null) {
|
|
179249
179373
|
return latestManifest.deprecated ? chalk_1.default.redBright.bold("Deprecated") : latestManifest.version;
|
|
179250
179374
|
}
|
|
179251
|
-
|
|
179375
|
+
const versionText = (0, colorize_semver_diff_1.default)({ change, diff });
|
|
179376
|
+
if (latestManifest.deprecated) {
|
|
179377
|
+
return `${versionText} ${chalk_1.default.redBright("(deprecated)")}`;
|
|
179378
|
+
}
|
|
179379
|
+
return versionText;
|
|
179252
179380
|
}
|
|
179253
179381
|
function renderDetails({ latestManifest }) {
|
|
179254
179382
|
if (latestManifest == null)
|
|
@@ -181020,7 +181148,8 @@ var require_publish2 = __commonJS({
|
|
|
181020
181148
|
const { tarballPath } = await pack.api({
|
|
181021
181149
|
...opts,
|
|
181022
181150
|
dir,
|
|
181023
|
-
packDestination
|
|
181151
|
+
packDestination,
|
|
181152
|
+
dryRun: false
|
|
181024
181153
|
});
|
|
181025
181154
|
await copyNpmrc({ dir, workspaceDir: opts.workspaceDir, packDestination });
|
|
181026
181155
|
const { status } = (0, run_npm_1.runNpm)(opts.npmPath, ["publish", "--ignore-scripts", path_1.default.basename(tarballPath), ...args], {
|
|
@@ -181123,6 +181252,7 @@ var require_pack2 = __commonJS({
|
|
|
181123
181252
|
out: String,
|
|
181124
181253
|
recursive: Boolean,
|
|
181125
181254
|
...(0, pick_1.default)([
|
|
181255
|
+
"dry-run",
|
|
181126
181256
|
"pack-destination",
|
|
181127
181257
|
"pack-gzip-level",
|
|
181128
181258
|
"json",
|
|
@@ -181139,6 +181269,10 @@ var require_pack2 = __commonJS({
|
|
|
181139
181269
|
{
|
|
181140
181270
|
title: "Options",
|
|
181141
181271
|
list: [
|
|
181272
|
+
{
|
|
181273
|
+
description: "Does everything `pnpm pack` would do except actually writing the tarball to disk.",
|
|
181274
|
+
name: "--dry-run"
|
|
181275
|
+
},
|
|
181142
181276
|
{
|
|
181143
181277
|
description: "Directory in which `pnpm pack` will save tarballs. The default is the current working directory.",
|
|
181144
181278
|
name: "--pack-destination <dir>"
|
|
@@ -181285,20 +181419,22 @@ ${filename}`).join("\n\n");
|
|
|
181285
181419
|
}
|
|
181286
181420
|
}
|
|
181287
181421
|
const destDir = packDestination ? path_1.default.isAbsolute(packDestination) ? packDestination : path_1.default.join(dir, packDestination ?? ".") : dir;
|
|
181288
|
-
|
|
181289
|
-
|
|
181290
|
-
|
|
181291
|
-
|
|
181292
|
-
|
|
181293
|
-
|
|
181294
|
-
|
|
181295
|
-
|
|
181296
|
-
|
|
181297
|
-
|
|
181298
|
-
|
|
181299
|
-
|
|
181300
|
-
|
|
181301
|
-
|
|
181422
|
+
if (!opts.dryRun) {
|
|
181423
|
+
await fs_1.default.promises.mkdir(destDir, { recursive: true });
|
|
181424
|
+
await packPkg({
|
|
181425
|
+
destFile: path_1.default.join(destDir, tarballName),
|
|
181426
|
+
filesMap,
|
|
181427
|
+
modulesDir: path_1.default.join(opts.dir, "node_modules"),
|
|
181428
|
+
packGzipLevel: opts.packGzipLevel,
|
|
181429
|
+
manifest: publishManifest,
|
|
181430
|
+
bins: [
|
|
181431
|
+
...(await (0, package_bins_1.getBinsFromPackageManifest)(publishManifest, dir)).map(({ path: path2 }) => path2),
|
|
181432
|
+
...(manifest.publishConfig?.executableFiles ?? []).map((executableFile) => path_1.default.join(dir, executableFile))
|
|
181433
|
+
]
|
|
181434
|
+
});
|
|
181435
|
+
if (!opts.ignoreScripts) {
|
|
181436
|
+
await _runScriptsIfPresent(["postpack"], entryManifest);
|
|
181437
|
+
}
|
|
181302
181438
|
}
|
|
181303
181439
|
let packedTarballPath;
|
|
181304
181440
|
if (opts.dir !== destDir) {
|
package/dist/worker.js
CHANGED
|
@@ -9855,7 +9855,19 @@ var require_start = __commonJS({
|
|
|
9855
9855
|
const { filesIndex, manifest } = cafs.addFilesFromTarball(buffer, true);
|
|
9856
9856
|
const { filesIntegrity, filesMap } = processFilesIndex(filesIndex);
|
|
9857
9857
|
const requiresBuild = writeFilesIndexFile(filesIndexFile, { manifest: manifest ?? {}, files: filesIntegrity });
|
|
9858
|
-
return {
|
|
9858
|
+
return {
|
|
9859
|
+
status: "success",
|
|
9860
|
+
value: {
|
|
9861
|
+
filesIndex: filesMap,
|
|
9862
|
+
manifest,
|
|
9863
|
+
requiresBuild,
|
|
9864
|
+
integrity: integrity ?? calcIntegrity(buffer)
|
|
9865
|
+
}
|
|
9866
|
+
};
|
|
9867
|
+
}
|
|
9868
|
+
function calcIntegrity(buffer) {
|
|
9869
|
+
const calculatedHash = crypto.hash("sha512", buffer, "hex");
|
|
9870
|
+
return `sha512-${Buffer.from(calculatedHash, "hex").toString("base64")}`;
|
|
9859
9871
|
}
|
|
9860
9872
|
function initStore({ storeDir }) {
|
|
9861
9873
|
fs_1.default.mkdirSync(storeDir, { recursive: true });
|