search

usagizmo / webapp-template

SvelteKit x Tailwind CSS x Supabase x Turborepo (pnpm)
https://webapp-template.usagizmo.com
MIT License
119 stars 12 forks source link

chore(deps): update pnpm to v7.29.3 #715

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
pnpm (source) 7.26.3 -> 7.29.3 age adoption passing confidence

Release Notes

pnpm/pnpm ### [`v7.29.3`](https://togithub.com/pnpm/pnpm/releases/tag/v7.29.3) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.29.2...v7.29.3) #### Patch Changes - Command shim should not set higher priority to the `node_modules/.pnpm/node_modules` directory through the `NODE_PATH` env variable, then the command's own `node_modules` directory [#​5176](https://togithub.com/pnpm/pnpm/issues/5176). - `extend-node-path` is set back to `true` by default. It was set to `false` in v7.29.2 in order to fix issues with multiple versions of Jest in one workspace. It has caused other issues, so now we keep extending `NODE_PATH`. We have fixed the Jest issue with a different solution [#​6213](https://togithub.com/pnpm/pnpm/issues/6213). #### Our Gold Sponsors
#### Our Silver Sponsors
### [`v7.29.2`](https://togithub.com/pnpm/pnpm/compare/v7.29.1...v7.29.2) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.29.1...v7.29.2) ### [`v7.29.1`](https://togithub.com/pnpm/pnpm/releases/tag/v7.29.1) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.29.0...v7.29.1) ##### Patch Changes - Settings related to authorization should be set/deleted by npm CLI [#​6181](https://togithub.com/pnpm/pnpm/issues/6181). ##### Our Gold Sponsors
##### Our Silver Sponsors
### [`v7.29.0`](https://togithub.com/pnpm/pnpm/releases/tag/v7.29.0) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.28.0...v7.29.0) ##### Minor Changes - A new setting is now supported: `dedupe-peer-dependents`. When this setting is set to `true`, packages with peer dependencies will be deduplicated after peers resolution. For instance, let's say we have a workspace with two projects and both of them have `webpack` in their dependencies. `webpack` has `esbuild` in its optional peer dependencies, and one of the projects has `esbuild` in its dependencies. In this case, pnpm will link two instances of `webpack` to the `node_modules/.pnpm` directory: one with `esbuild` and another one without it: node_modules .pnpm webpack@1.0.0_esbuild@1.0.0 webpack@1.0.0 project1 node_modules webpack -> ../../node_modules/.pnpm/webpack@1.0.0/node_modules/webpack project2 node_modules webpack -> ../../node_modules/.pnpm/webpack@1.0.0_esbuild@1.0.0/node_modules/webpack esbuild This makes sense because `webpack` is used in two projects, and one of the projects doesn't have `esbuild`, so the two projects cannot share the same instance of `webpack`. However, this is not what most developers expect, especially since in a hoisted `node_modules`, there would only be one instance of `webpack`. Therefore, you may now use the `dedupe-peer-dependents` setting to deduplicate `webpack` when it has no conflicting peer dependencies (explanation at the end). In this case, if we set `dedupe-peer-dependents` to `true`, both projects will use the same `webpack` instance, which is the one that has `esbuild` resolved: node_modules .pnpm webpack@1.0.0_esbuild@1.0.0 project1 node_modules webpack -> ../../node_modules/.pnpm/webpack@1.0.0_esbuild@1.0.0/node_modules/webpack project2 node_modules webpack -> ../../node_modules/.pnpm/webpack@1.0.0_esbuild@1.0.0/node_modules/webpack esbuild **What are conflicting peer dependencies?** By conflicting peer dependencies we mean a scenario like the following one: node_modules .pnpm webpack@1.0.0_react@16.0.0_esbuild@1.0.0 webpack@1.0.0_react@17.0.0 project1 node_modules webpack -> ../../node_modules/.pnpm/webpack@1.0.0/node_modules/webpack react (v17) project2 node_modules webpack -> ../../node_modules/.pnpm/webpack@1.0.0_esbuild@1.0.0/node_modules/webpack esbuild react (v16) In this case, we cannot dedupe `webpack` as `webpack` has `react` in its peer dependencies and `react` is resolved from two different versions in the context of the two projects. ##### Patch Changes - The configuration added by `pnpm setup` should check if the pnpm home directory is already in the PATH before adding to the PATH. Before this change, this code was added to the shell: ```sh export PNPM_HOME="$HOME/Library/pnpm" export PATH="$PNPM_HOME:$PATH" ``` Now this will be added: ```sh export PNPM_HOME="$HOME/Library/pnpm" case ":$PATH:" in *":$PNPM_HOME:"*) ;; *) export PATH="$PNPM_HOME:$PATH" ;; esac ``` - Add `skipped` status in exec report summary when script is missing [#​6139](https://togithub.com/pnpm/pnpm/pull/6139). - `pnpm env -g` should fail with a meaningful error message if pnpm cannot find the pnpm home directory, which is the directory into which Node.js is installed. - Should not throw an error when local dependency use file protocol [#​6115](https://togithub.com/pnpm/pnpm/issues/6115). - Fix the incorrect error block when subproject has been patched [#​6183](https://togithub.com/pnpm/pnpm/issues/6183) ##### Our Gold Sponsors
##### Our Silver Sponsors
### [`v7.28.0`](https://togithub.com/pnpm/pnpm/releases/tag/v7.28.0) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.27.1...v7.28.0) #### Minor Changes - Add `--report-summary` for `pnpm exec` and `pnpm run` [#​6008](https://togithub.com/pnpm/pnpm/issues/6008). - Show path info for `pnpm why --json` or `--long` [#​6103](https://togithub.com/pnpm/pnpm/issues/6103). - Extend the `pnpm.peerDependencyRules.allowedVersions` `package.json` option to support the `parent>child` selector syntax. This syntax allows for extending specific `peerDependencies` [#​6108](https://togithub.com/pnpm/pnpm/pull/6108). #### Patch Changes - Update the lockfile if a workspace has a new project with no dependencies. - Fix a case of installs not being deterministic and causing lockfile changes between repeat installs. When a dependency only declares `peerDependenciesMeta` and not `peerDependencies`, `dependencies`, or `optionalDependencies`, the dependency's peers were not considered deterministically before. - `patch-commit` should auto apply patches in workspaces [#​6048](https://togithub.com/pnpm/pnpm/issues/6048) - Automatically fix conflicts in v6 lockfile. - `pnpm config set` should write to the global config file by default [#​5877](https://togithub.com/pnpm/pnpm/issues/5877). #### Our Gold Sponsors
#### Our Silver Sponsors
### [`v7.27.1`](https://togithub.com/pnpm/pnpm/releases/tag/v7.27.1) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.27.0...v7.27.1) ##### Patch Changes - Add `store path` description to the `pnpm` cli help. - Print a hint that suggests to run `pnpm store prune`, when a tarball integrity error happens. - Don't retry installation if the integrity checksum of a package failed and no lockfile was present. - Fail with a meaningful error message when cannot parse a proxy URL. - The `strict-ssl`, `ca`, `key`, and `cert` settings should work with HTTPS proxy servers [#​4689](https://togithub.com/pnpm/pnpm/issues/4689). ##### Our Gold Sponsors
##### Our Silver Sponsors
### [`v7.27.0`](https://togithub.com/pnpm/pnpm/releases/tag/v7.27.0) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v7.26.3...v7.27.0) ##### Minor Changes - A new `resolution-mode` added: `lowest-direct`. With this resolution mode direct dependencies will be resolved to their lowest versions. So if there is `foo@^1.1.0` in the dependencies, then `1.1.0` will be installed, even if the latest version of `foo` is `1.2.0`. - Support script selector with RegExp such as `pnpm run /build:.*/` and execute the matched scripts with the RegExp [#​5871](https://togithub.com/pnpm/pnpm/pull/5871). ##### Patch Changes - Fix version number replacing for namespaced workspace packages. `workspace:@​foo/bar@*` should be replaced with `npm:@​foo/bar@` on publish [#​6052](https://togithub.com/pnpm/pnpm/pull/6052). - When resolving dependencies, prefer versions that are already used in the root of the project. This is important to minimize the number of packages that will be nested during hoisting [#​6054](https://togithub.com/pnpm/pnpm/pull/6054). - Deduplicate direct dependencies. Let's say there are two projects in the workspace that dependend on `foo`. One project has `foo@1.0.0` in the dependencies while another one has `foo@^1.0.0` in the dependencies. In this case, `foo@1.0.0` should be installed to both projects as satisfies the version specs of both projects. - Use Map rather than Object in `createPackageExtender` to prevent read the prototype property to native function ##### Our Gold Sponsors
##### Our Silver Sponsors

Configuration

📅 Schedule: Branch creation - "before 5am on monday" in timezone Asia/Tokyo, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

vercel[bot] commented 1 year ago

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated
webapp-template-mockup ✅ Ready (Inspect) Visit Preview 💬 Add your feedback Mar 17, 2023 at 0:11AM (UTC)
webapp-template-web ✅ Ready (Inspect) Visit Preview 💬 Add your feedback Mar 17, 2023 at 0:11AM (UTC)