npm pnpm 7.10.0

latest releases: 9.1.4, 9.1.3, 9.1.2...
21 months ago

Minor Changes

  • New time-based resolution strategy supported.

    When resolution-mode is set to time-based, pnpm will resolve dependencies the following way:

    1. Direct dependencies will be resolved to their lowest versions. So if there is foo@^1.1.0 in the dependencies, then 1.1.0 will be installed.
    2. Subdependencies will be resolved from versions that were published before the last direct dependency was published.

    With this resolution mode installations with hot cache are faster. It also reduces the chance of subdependency hijacking as subdependencies will be updated only if direct dependencies are updated.

    This resolution mode works only with npm's full metadata. So it is slower in some scenarios. However, if you use Verdaccio v5.15.1 or newer, you may set the registry-supports-time-field setting to true, and it will be really fast.

    Related RFC.

  • Enhance pnpm env with the remove command. To remove a Node.js version installed by pnpm, run:

    pnpm env remove --global <node.js version>

Patch Changes

  • pnpm store prune should remove all cached metadata.
  • Don't modify the manifest of the injected workspace project, when it has the same dependency in prod and peer dependencies.

Our Gold Sponsors

Our Silver Sponsors

What's Changed

  • test: fix NODE_PATH test on Windows by @zkochan in #5257
  • refactor: resolve dependencies by @zkochan in #5267
  • feat(env): add remove command to pnpm env by @mark-omarov in #5263
  • docs(CONTRIBUTING): correct setup instructions for first-time clone by @gwhitney in #5289
  • fix: don't modify the injected project's manifest by @zkochan in #5294
  • feat: time-based resolution mode by @zkochan in #5238
  • feat: resolve direct deps to lowest version when resolution-mode is time-based by @zkochan in #5298
  • fix: add fallback for time-based resolution by @zkochan in #5302

New Contributors

Full Changelog: v7.9.5...v7.10.0

Don't miss a new pnpm release

NewReleases is sending notifications on new releases.