-
-
Notifications
You must be signed in to change notification settings - Fork 6.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): update pnpm to v8 #12830
Conversation
Run & review this pull request in StackBlitz Codeflow. |
Edited/Blocked NotificationRenovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR. You can manually request rebase by checking the rebase/retry box above. ⚠ Warning: custom changes will be lost. |
It looks like node 14 still works after updating 🤔 |
Have a look into what I did in ci.yaml ! |
Oh, nice one! cc @dominikg, this could work, no? |
this works as long as there is no To ensure pnpm7 uses the new lockfile format, you could set it in .npmrc or modify the install command for node14 but hopefully it just picks it up from the existing lockfile Not really a fan of the duplication in ci.yml but as we are going to remove node14 soonish, it's not a dealbreaker. |
@dominikg the pnpm's source code uses some Otherwise I would also expect the CI to already fail due to invalid lock file format |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Can confirm that pnpm7 would automatically install with lockfile format 6 by default too.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this would be nice. I've been holding off on updating SvelteKit and imagetools
as having different versions was causing me difficulty
This is exactly what my motivation is to upgrade Vite to pnpm v8 |
It seems Codeflow is having issues with the lockfile after this PR. I'm discussing this with @d3lm, let's hold the merge a bit if possible. |
yeah, webcontainer needs to update pnpm to at least 7.24, briefly discussed here stackblitz/webcontainer-core#871 (comment) if codeflow support is important for vite repo itself, should we add a ci check for it? |
pnpm has been updated to the latest version in WebContainer (8.2.0) and it's been deployed to production. I hope that this is now ready to move forward and it's no longer blocked. |
Thanks for the quick update @d3lm! I tested this PR (and some other projects) and it works great. Let's merge it then! |
This PR contains the following updates:
7.30.0
->8.2.0
Release Notes
pnpm/pnpm
v8.2.0
Compare Source
Minor Changes
.npmrc
. This is a convention used by Yarn too.Using
${NAME-fallback}
will returnfallback
ifNAME
isn't set.${NAME:-fallback}
will returnfallback
ifNAME
isn't set, or is an empty string #6018.Patch Changes
-g
to mismatch registries error info when original command has-g
option #6224.pnpm config get <key>
should print boolean values #6360link:
protocol inpackage.json
#6372Our Gold Sponsors
Our Silver Sponsors
v8.1.1
Compare Source
Patch Changes
@yarnpkg/shell
to fix issues in the shell emulator #6320.@
character #6332.preResolution
hook.Our Gold Sponsors
Our Silver Sponsors
v8.1.0
Compare Source
Minor Changes
dedupe-direct-deps
, which is disabled by default. When set totrue
, dependencies that are already symlinked to the rootnode_modules
directory of the workspace will not be symlinked to subprojectnode_modules
directories. This feature was enabled by default in v8.0.0 but caused issues, so it's best to disable it by default #6299.ignore-workspace-cycles
to silence workspace cycle warning #6308.Patch Changes
Our Gold Sponsors
Our Silver Sponsors
v8.0.0
Compare Source
We are excited to announce the latest release of pnpm! To install it, check the installation page.
Major Changes
Node.js 14 Support Discontinued
If you still require Node.js 14, don't worry. We ship pnpm bundled with Node.js. This means that regardless of which Node.js version you've installed, pnpm will operate using the necessary Node.js runtime. For this to work you need to install pnpm either using the standalone script or install the
@pnpm/exe
package.Configuration Updates
auto-install-peers
: enabled by default.dedupe-peer-dependents
: enabled by default.resolve-peers-from-workspace-root
: enabled by default.save-workspace-protocol
: set torolling
by default.resolution-mode
: set tolowest-direct
by default.publishConfig.linkDirectory
: enabled by default.Most of the configuration changes are related to peer dependencies. Most of these settings were implemented long ago, and we recommended them to users encountering peer dependency issues. The recently added
dedupe-peer-dependents
resolved many such problems. With these new defaults, pnpm will face significantly fewer issues during migration from other package managers.Lockfile Modifications
importers
section. The newpnpm-lock.yaml
file is more resistant to git merge conflicts!resolution
object inpnpm-lock.yaml
.Other Changes
files
field in thepackage.json
, only the files that are listed in it will be deployed. The same logic is applied when injecting packages. This behaviour can be changed by setting thedeploy-all-files
setting totrue
(Related issue #5911).Migration Instructions
Before updating pnpm to v8 in your CI, regenerate your
pnpm-lock.yaml
. To upgrade your lockfile, runpnpm install
and commit the changes. Existing dependencies will not be updated; however, due to configuration changes in pnpm v8, some missing peer dependencies may be added to the lockfile and some packages may get deduplicated.You can commit the new lockfile even before upgrading Node.js in the CI, as pnpm v7 already supports the new lockfile format.
pnpm v7 Support
pnpm v7 will likely not receive any new features, but it will continue to get bug fixes for a few months and vulnerability fixes for at least a year.
Our Gold Sponsors
Our Silver Sponsors
v7.32.0
Compare Source
Minor Changes
.npmrc
. This is a convention used by Yarn too.Using
${NAME-fallback}
will returnfallback
ifNAME
isn't set.${NAME:-fallback}
will returnfallback
ifNAME
isn't set, or is an empty string #6018.Patch Changes
pnpm config get <key>
returns empty when the value is a booleanlink:
protocol inpackage.json
.Our Gold Sponsors
Our Silver Sponsors
v7.31.0
Compare Source
Minor Changes
ignore-workspace-cycles
to silence workspace cycle warning #6308.Patch Changes
@yarnpkg/shell
to fix issues in the shell emulator #6320.@
char #6332.Our Gold Sponsors
Our Silver Sponsors
v7.30.5
Compare Source
Patch Changes
pnpm audit
should work even if there are nopackage.json
file, just apnpm-lock.yaml
file.dedupe-peer-dependents
istrue
#6154.Our Gold Sponsors
Our Silver Sponsors
v7.30.4
Compare Source
v7.30.3
Compare Source
Patch Changes
Our Gold Sponsors
Our Silver Sponsors
v7.30.2
Compare Source
v7.30.1
Compare Source
Patch Changes
pnpm-lock.yaml
file if it has no changes andpnpm install --frozen-lockfile
was executed #6158.git+ssh
that use semver selectors #6239.pnpm audit
output #6203Our Gold Sponsors
Our Silver Sponsors
Configuration
📅 Schedule: Branch creation - "before 3am on Monday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.