Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump pnpm from 6.11.0 to 6.35.1 #50

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump pnpm from 6.11.0 to 6.35.1 #50

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 20, 2022
edited
Loading

Bumps pnpm from 6.11.0 to 6.35.1.

Release notes

Sourced from pnpm's releases.

v6.35.1

Patch Changes

  • Replace environment variable placeholders with their values, when reading .npmrc files in subdirectories inside a workspace #2570.
  • Don't fail if cannot override the name field of the error object #5572.

v6.35.0

Patch Changes

  • Installing a package with bin that points to an .exe file on Windows #5159.

  • Ignore the always-auth setting.

    pnpm will never reuse the registry auth token for requesting the package tarball, if the package tarball is hosted on a different domain.

    So, for example, if your registry is at https://company.registry.com/ but the tarballs are hosted at https://tarballs.com/, then you will have to configure the auth token for both domains in your .npmrc:

    @my-company:registry=https://company.registry.com/
//company.registry.com/=SOME_AUTH_TOKEN
//tarballs.com/=SOME_AUTH_TOKEN

  • When an error happens during installation of a subdependency, print some context information in order to be able to locate that subdependency. Print the exact chain of packages that led to the problematic dependency.

v6.34.0

Minor Changes

Full Changelog: pnpm/pnpm@v6.33.1...v6.34.0

v6.33.1

Patch Changes

  • Don't print any info messages about .pnpmfile.cjs #5027.
  • Do not print a package with unchanged version in the installation summary #5032.
  • Remove file reporter logging. Logged file is not useful #4949.

v6.32.25

Patch Changes

  • pnpm audit --fix should not add an override for a vulnerable package that has no fixes released.
  • Resolve native workspace path for case-insensitive file systems #4904.
  • pnpm env use should throw an error on a system that use the MUSL libc.

v6.32.24

Patch Changes

  • Don't crash when pnpm update --interactive is cancelled with Ctrl+c.
  • The use-node-version setting should work with prerelease Node.js versions. For instance:

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by pnpmuser, a new releaser for pnpm since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 20, 2022
@dependabot
Bump pnpm from 6.11.0 to 6.35.1
30fc280 
Bumps [pnpm](https://github.com/pnpm/pnpm) from 6.11.0 to 6.35.1.
- [Release notes](https://github.com/pnpm/pnpm/releases)
- [Commits](pnpm/pnpm@v6.11.0...v6.35.1)

---
updated-dependencies:
- dependency-name: pnpm
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/pnpm-6.35.1 branch from e163925 to 30fc280 Compare November 20, 2022 19:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants