search

ansidev / swetrix-vue

Swetrix Tracking integration for Vue v3
https://swetrix-vue.netlify.app/?utm_source=github&utm_medium=repository
MIT License
1 stars 1 forks source link

chore(deps): update pnpm to v7.16.0 #12

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
pnpm (source) 7.9.3 -> 7.16.0 age adoption passing confidence

Release Notes

pnpm/pnpm ### [`v7.16.0`](https://togithub.com/pnpm/pnpm/releases/tag/v7.16.0) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.15.0...v7.16.0) #### Minor Changes - Support `pnpm env list` to list global or remote Node.js versions [#​5546](https://togithub.com/pnpm/pnpm/issues/5546). #### Patch Changes - Replace environment variable placeholders with their values, when reading `.npmrc` files in subdirectories inside a workspace [#​2570](https://togithub.com/pnpm/pnpm/issues/2570). - Fix an error that sometimes happen on projects with linked local dependencies [#​5327](https://togithub.com/pnpm/pnpm/issues/5327). #### Our Gold Sponsors
#### Our Silver Sponsors
### [`v7.15.0`](https://togithub.com/pnpm/pnpm/releases/tag/v7.15.0) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.14.2...v7.15.0) #### Minor Changes - Support `--format=json` option to output outdated packages in JSON format with `outdated` command [#​2705](https://togithub.com/pnpm/pnpm/issues/2705). ```bash pnpm outdated --format=json #or pnpm outdated --json ``` - A new setting supported for ignoring vulnerabilities by their CVEs. The ignored CVEs may be listed in the `pnpm.auditConfig.ignoreCves` field of `package.json`. For instance: ```json { "pnpm": { "auditConfig": { "ignoreCves": [ "CVE-2019-10742", "CVE-2020-28168", "CVE-2021-3749", "CVE-2020-7598" ] } } } ``` #### Patch Changes - The reporter should not crash when the CLI process is kill during lifecycle scripts execution [#​5588](https://togithub.com/pnpm/pnpm/pull/5588). - Installation shouldn't fail when the injected dependency has broken symlinks. The broken symlinks should be just skipped [#​5598](https://togithub.com/pnpm/pnpm/issues/5598). #### Our Gold Sponsors
#### Our Silver Sponsors
### [`v7.14.2`](https://togithub.com/pnpm/pnpm/releases/tag/v7.14.2) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.14.1...v7.14.2) #### Patch Changes - Don't fail if cannot override the name field of the error object [#​5572](https://togithub.com/pnpm/pnpm/issues/5572). - Don't fail on rename across devices. #### Our Gold Sponsors
#### Our Silver Sponsors
### [`v7.14.1`](https://togithub.com/pnpm/pnpm/releases/tag/v7.14.1) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.14.0...v7.14.1) #### Patch Changes - `pnpm list --long --json` should print licenses and authors of packages [#​5533](https://togithub.com/pnpm/pnpm/pull/5533). - Don't crash on lockfile with no packages field [#​5553](https://togithub.com/pnpm/pnpm/issues/5553). - Version overrider should have higher priority then custom read package hook from `.pnpmfile.cjs`. - Don't print context information when running install for the `pnpm dlx` command. - Print a warning if a `package.json` has a workspaces field but there is no `pnpm-workspace.yaml` file [#​5363](https://togithub.com/pnpm/pnpm/issues/5363). - It should be possible to set a custom home directory for pnpm by changing the PNPM_HOME environment variable. #### Our Gold Sponsors
#### Our Silver Sponsors
### [`v7.14.0`](https://togithub.com/pnpm/pnpm/releases/tag/v7.14.0) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.13.6...v7.14.0) ##### Minor Changes - Add `pnpm doctor` command to do checks for known common issues ##### Patch Changes - Ignore the `always-auth` setting. pnpm will never reuse the registry auth token for requesting the package tarball, if the package tarball is hosted on a different domain. So, for example, if your registry is at `https://company.registry.com/` but the tarballs are hosted at `https://tarballs.com/`, then you will have to configure the auth token for both domains in your `.npmrc`: @​my-company:registry=https://company.registry.com/ //company.registry.com/=SOME_AUTH_TOKEN //tarballs.com/=SOME_AUTH_TOKEN ##### Our Gold Sponsors
##### Our Silver Sponsors
### [`v7.13.6`](https://togithub.com/pnpm/pnpm/releases/tag/v7.13.6) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.13.5...v7.13.6) #### Patch Changes - Downgrade `@pnpm/npm-conf` to remove annoying builtin warning [#​5518](https://togithub.com/pnpm/pnpm/issues/5518). - `pnpm link --global ` should not change the type of the dependency [#​5478](https://togithub.com/pnpm/pnpm/issues/5478). - When the `pnpm outdated` command fails, print in which directory it failed. #### Our Gold Sponsors
#### Our Silver Sponsors
### [`v7.13.5`](https://togithub.com/pnpm/pnpm/releases/tag/v7.13.5) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.13.4...v7.13.5) #### Patch Changes - Print a warning when cannot read the built-in npm configuration. - Also include missing deeply linked workspace packages at headless installation [#​5034](https://togithub.com/pnpm/pnpm/issues/5034). - `pnpm outdated` should work when the package tarballs are hosted on a domain that differs from the registry's domain [#​5492](https://togithub.com/pnpm/pnpm/issues/5492). - `strict-peer-dependencies` is set to `false` by default. #### Our Gold Sponsors
#### Our Silver Sponsors
### [`v7.13.4`](https://togithub.com/pnpm/pnpm/releases/tag/v7.13.4) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.13.3...v7.13.4) #### Patch Changes - `pnpm link --global` should work when a custom target directory is specified with the `--dir` CLI option [#​5473](https://togithub.com/pnpm/pnpm/pull/5473). - It should be possible to override dependencies with local packages using overrides [#​5443](https://togithub.com/pnpm/pnpm/issues/5443). #### Our Gold Sponsors
#### Our Silver Sponsors
### [`v7.13.3`](https://togithub.com/pnpm/pnpm/releases/tag/v7.13.3) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.13.2...v7.13.3) #### Patch Changes - Don't crash when `auto-install-peers` is set to `true` and installation is done on a workspace with that has the same dependencies in multiple projects [#​5454](https://togithub.com/pnpm/pnpm/issues/5454). - Add global option in `pnpm link --help` [#​5461](https://togithub.com/pnpm/pnpm/pull/5461). - Show execution time on `install`, `update`, `add`, and `remove` [#​1021](https://togithub.com/pnpm/pnpm/issues/1021). - Fix the return path of `pnpm pack`, when a custom destination directory is used [#​5471](https://togithub.com/pnpm/pnpm/issues/5471). #### Our Gold Sponsors
#### Our Silver Sponsors
### [`v7.13.2`](https://togithub.com/pnpm/pnpm/releases/tag/v7.13.2) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.13.1...v7.13.2) ##### Patch Changes - When linking commands to a directory, remove any .exe files that are already present in that target directory by the same name. This fixes an issue with pnpm global update on Windows. If pnpm was installed with the standalone script and then updated with pnpm using `pnpm add --global pnpm`, the exe file initially created by the standalone script should be removed. - When a direct dependency fails to resolve, print the path to the project directory in the error message. - `pnpm patch-commit` should work when the patch directory is specified with a trailing slash [#​5449](https://togithub.com/pnpm/pnpm/issues/5449). ##### Our Gold Sponsors
##### Our Silver Sponsors
### [`v7.13.1`](https://togithub.com/pnpm/pnpm/releases/tag/v7.13.1) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.13.0...v7.13.1) #### Patch Changes - `pnpm update --interactive` should not list dependencies ignored via the `pnpm.updateConfig.ignoreDependencies` setting. #### Our Gold Sponsors
#### Our Silver Sponsors
### [`v7.13.0`](https://togithub.com/pnpm/pnpm/releases/tag/v7.13.0) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.12.2...v7.13.0) ##### Minor Changes - Ignore packages listed in `package.json` > `pnpm.updateConfig.ignoreDependencies` fields on update/outdated command [#​5358](https://togithub.com/pnpm/pnpm/issues/5358) For instance, if you don't want `webpack` automatically to be updated when you run `pnpm update --latest`, put this to your `package.json`: ```json { "pnpm": { "updateConfig": { "ignoreDependencies": ["webpack"] } } } ``` Patterns are also supported, so you may ignore for instance any packages from a scope: `@babel/*`. - It is possible now to update all dependencies except the listed ones using `!`. For instance, update all dependencies, except `lodash`: pnpm update !lodash It also works with pattends, for instance: pnpm update !@​babel/* And it may be combined with other patterns: pnpm update @​babel/* !@​babel/core ##### Patch Changes - Hooks should be applied on `pnpm deploy` [#​5306](https://togithub.com/pnpm/pnpm/issues/5306). - Stop `--filter-prod` option to run command on all the projects when used on workspace. `--filter-prod` option now only filter from `dependencies` and omit `devDependencies` instead of including all the packages when used on workspace. So what was happening is that if you use `--filter-prod` on workspace root like this: ```bash pnpm --filter-prod ...build-modules exec node -e 'console.log(require(`./package.json`).name)' ``` it was printing all the package of workspace, where it should only print the package name of itself and packages where it has been added as `dependency` (not as `devDependencies`) - Don't override the root dependency when auto installing peer dependencies [#​5412](https://togithub.com/pnpm/pnpm/issues/5412). ##### Our Gold Sponsors
##### Our Silver Sponsors
##### What's Changed * GitHub Workflows security hardening by @​sashashu[https://github.com/pnpm/pnpm/pull/5405](https://togithub.com/pnpm/pnpm/pull/5405)l/5405 * feat: merge readPackage hook from opts and pnpmfile by @​AGrz[https://github.com/pnpm/pnpm/pull/5403](https://togithub.com/pnpm/pnpm/pull/5403)l/5403 * feat: excluding deps from update by @​zkoch[https://github.com/pnpm/pnpm/pull/5432](https://togithub.com/pnpm/pnpm/pull/5432)l/5432 * fix: dir path repeated join in link global by @​lv[https://github.com/pnpm/pnpm/pull/5434](https://togithub.com/pnpm/pnpm/pull/5434)l/5434 * fix: filter-prod flag including all workspace pkgs by @​noorulh[https://github.com/pnpm/pnpm/pull/5437](https://togithub.com/pnpm/pnpm/pull/5437)l/5437 * Feature: ignore packages listed in `package.json > pnpm.updateConfig.ignoreDependencies` on update/outdated commands by @​Shinyaige[https://github.com/pnpm/pnpm/pull/5408](https://togithub.com/pnpm/pnpm/pull/5408)l/5408 * fix: don't override root deps when auto installing peers by @​zkoch[https://github.com/pnpm/pnpm/pull/5442](https://togithub.com/pnpm/pnpm/pull/5442)l/5442 ##### New Contributors * @​sashashura made their first contributi[https://github.com/pnpm/pnpm/pull/5405](https://togithub.com/pnpm/pnpm/pull/5405)l/5405 * @​AGrzes made their first contributi[https://github.com/pnpm/pnpm/pull/5403](https://togithub.com/pnpm/pnpm/pull/5403)l/5403 * @​noorulh06 made their first contributi[https://github.com/pnpm/pnpm/pull/5437](https://togithub.com/pnpm/pnpm/pull/5437)l/5437 **Full Changelog**: https://github.com/pnpm/pnpm/compare/v7.12.2...v7.13.0 ### [`v7.12.2`](https://togithub.com/pnpm/pnpm/releases/tag/v7.12.2) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.12.1...v7.12.2) #### Patch Changes - Don't crash when auto-install-peers is true and the project has many complex circular dependencies [#​5394](https://togithub.com/pnpm/pnpm/pull/5394). - `pnpm link --global` should work with the `--dir=` option [#​5371](https://togithub.com/pnpm/pnpm/pull/5371). #### Our Gold Sponsors
#### Our Silver Sponsors
#### What's Changed * fix: error in pnpm --dir link --global by @​lv[https://github.com/pnpm/pnpm/pull/5371](https://togithub.com/pnpm/pnpm/pull/5371)l/5371 * fix: cli crash with auto-install-peers=true by @​zkoch[https://github.com/pnpm/pnpm/pull/5394](https://togithub.com/pnpm/pnpm/pull/5394)l/5394 #### New Contributors * @​lvqq made their first contributi[https://github.com/pnpm/pnpm/pull/5371](https://togithub.com/pnpm/pnpm/pull/5371)l/5371 **Full Changelog**: https://github.com/pnpm/pnpm/compare/v7.12.1...v7.12.2 ### [`v7.12.1`](https://togithub.com/pnpm/pnpm/releases/tag/v7.12.1) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.12.0...v7.12.1) #### Patch Changes - Deduplicate peer dependencies when automatically installing them [#​5373](https://togithub.com/pnpm/pnpm/issues/5373). #### Our Gold Sponsors
#### Our Silver Sponsors
#### What's Changed * fix: deduplicate peer deps by @​zkoch[https://github.com/pnpm/pnpm/pull/5377](https://togithub.com/pnpm/pnpm/pull/5377)l/5377 **Full Changelog**: https://github.com/pnpm/pnpm/compare/v7.12.0...v7.12.1 ### [`v7.12.0`](https://togithub.com/pnpm/pnpm/releases/tag/v7.12.0) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.11.0...v7.12.0) ##### Minor Changes - A new setting supported in the pnpm section of the `package.json` file: `allowNonAppliedPatches`. When it is set to `true`, non-applied patches will not cause an error, just a warning will be printed. For example: ```json { "name": "foo", "version": "1.0.0", "pnpm": { "patchedDependencies": { "express@4.18.1": "patches/express@4.18.1.patch" }, "allowNonAppliedPatches": true } } ``` - Now it is possible to exclude packages from hoisting by prepending a `!` to the pattern. This works with both the `hoist-pattern` and `public-hoist-pattern` settings. For instance: public-hoist-pattern[]='*types*' public-hoist-pattern[]='!@​types/react' hoist-pattern[]='*eslint*' hoist-pattern[]='!*eslint-plugin*' Ref [#​5272](https://togithub.com/pnpm/pnpm/issues/5272) ##### Patch Changes - When the same dependency with missing peers is used in multiple workspace projects, install the missing peers in each workspace project [#​4820](https://togithub.com/pnpm/pnpm/issues/4820). - `pnpm patch` should work on files that don't have an end of line [#​5320](https://togithub.com/pnpm/pnpm/issues/5320). - Fix `pnpm patch` using a custom `--edit-dir`. ##### Our Gold Sponsors
##### Our Silver Sponsors
##### What's Changed * fix(patch): allow to edit a package in any directory by @​zkoch[https://github.com/pnpm/pnpm/pull/5331](https://togithub.com/pnpm/pnpm/pull/5331)l/5331 * feat(matcher): ignore patterns by @​LuciNy[https://github.com/pnpm/pnpm/pull/5336](https://togithub.com/pnpm/pnpm/pull/5336)l/5336 * fix(patch): ignore No newline at end of file by @​await-o[https://github.com/pnpm/pnpm/pull/5321](https://togithub.com/pnpm/pnpm/pull/5321)l/5321 * feat(patch): allow non-applied patches by @​larrybahr-ocel[https://github.com/pnpm/pnpm/pull/5354](https://togithub.com/pnpm/pnpm/pull/5354)l/5354 * chore: update @​pnpm/meta-updater by @​ibe[https://github.com/pnpm/pnpm/pull/5360](https://togithub.com/pnpm/pnpm/pull/5360)pm/pull/5360 * fix: auto-install-peers in a workspace by @​zkoch[https://github.com/pnpm/pnpm/pull/5359](https://togithub.com/pnpm/pnpm/pull/5359)l/5359 ##### New Contributors * @​await-ovo made their first contributi[https://github.com/pnpm/pnpm/pull/5321](https://togithub.com/pnpm/pnpm/pull/5321)l/5321 * @​larrybahr-ocelot made their first contributi[https://github.com/pnpm/pnpm/pull/5354](https://togithub.com/pnpm/pnpm/pull/5354)l/5354 **Full Changelog**: https://github.com/pnpm/pnpm/compare/v7.11.0...v7.12.0 ### [`v7.11.0`](https://togithub.com/pnpm/pnpm/releases/tag/v7.11.0) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.10.0...v7.11.0) #### Minor Changes - `pnpm patch`: edit the patched package in a directory specified by the `--edit-dir` option. E.g., `pnpm patch express@3.1.0 --edit-dir=/home/xxx/src/patched-express` [#​5304](https://togithub.com/pnpm/pnpm/pull/5304) #### Patch Changes - Auto installing a peer dependency in a workspace that also has it as a dev dependency in another project [#​5144](https://togithub.com/pnpm/pnpm/issues/5144). - When an error happens during installation of a subdependency, print some context information in order to be able to locate that subdependency. Print the exact chain of packages that led to the problematic dependency. #### Our Gold Sponsors
#### Our Silver Sponsors
#### What's Changed * feat(plugin-command-patching): add path option to patch command by @​roseline1[https://github.com/pnpm/pnpm/pull/5304](https://togithub.com/pnpm/pnpm/pull/5304)l/5304 * fix: improve dependency installation error message by @​zkoch[https://github.com/pnpm/pnpm/pull/5247](https://togithub.com/pnpm/pnpm/pull/5247)l/5247 * fix: auto installing peer dep in a workspace by @​zkoch[https://github.com/pnpm/pnpm/pull/5307](https://togithub.com/pnpm/pnpm/pull/5307)l/5307 #### New Contributors * @​roseline124 made their first contributi[https://github.com/pnpm/pnpm/pull/5304](https://togithub.com/pnpm/pnpm/pull/5304)l/5304 **Full Changelog**: https://github.com/pnpm/pnpm/compare/v7.10.0...v7.11.0 ### [`v7.10.0`](https://togithub.com/pnpm/pnpm/releases/tag/v7.10.0) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.9.5...v7.10.0) #### Minor Changes - New time-based resolution strategy supported. When `resolution-mode` is set to `time-based`, pnpm will resolve dependencies the following way: 1. Direct dependencies will be resolved to their lowest versions. So if there is `foo@^1.1.0` in the dependencies, then `1.1.0` will be installed. 2. Subdependencies will be resolved from versions that were published before the last direct dependency was published. With this resolution mode installations with hot cache are faster. It also reduces the chance of subdependency hijacking as subdependencies will be updated only if direct dependencies are updated. This resolution mode works only with npm's [full metadata](https://togithub.com/npm/registry/blob/master/docs/responses/package-metadata.md#full-metadata-format). So it is slower in some scenarios. However, if you use [Verdaccio](https://verdaccio.org/) v5.15.1 or newer, you may set the `registry-supports-time-field` setting to `true`, and it will be really fast. Related [RFC](https://togithub.com/pnpm/rfcs/pull/2). - Enhance `pnpm env` with the `remove` command. To remove a Node.js version installed by pnpm, run: pnpm env remove --global #### Patch Changes - `pnpm store prune` should remove all cached metadata. - Don't modify the manifest of the injected workspace project, when it has the same dependency in prod and peer dependencies. #### Our Gold Sponsors
#### Our Silver Sponsors

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • [ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

  • © Githubissues.
  • Githubissues is a development platform for aggregating issues.