Bump pnpm from 10.10.0 to 10.11.0 in the npm group
Type: Pull Request
State: Merged
![dependabot[bot]](https://github.com/dependabot.png){kind=small}
dependabot[bot]Association: Contributor
Comments: 0
(4 months ago)
(4 months ago)
(4 months ago)
by github-actions[bot]
dependencies javascript
poad
Bumps the npm group with 1 update: pnpm.
Updates pnpm from 10.10.0 to 10.11.0
Release notes
Sourced from pnpm's releases.
pnpm 10.11
Minor Changes
A new setting added for
pnpm initto create apackage.jsonwithtype=module, wheninit-typeismodule. Works as a flag for the init command too #9463.Added support for Nushell to
pnpm setup#6476.Added two new flags to the
pnpm auditcommand,--ignoreand--ignore-unfixable#8474.Ignore all vulnerabilities that have no solution:
> pnpm audit --ignore-unfixableProvide a list of CVE's to ignore those specifically, even if they have a resolution.
> pnpm audit --ignore=CVE-2021-1234 --ignore=CVE-2021-5678Added support for recursively running pack in every project of a workspace #4351.
Now you can run
pnpm -r packto pack all packages in the workspace.Patch Changes
- pnpm version management should work, when
dangerouslyAllowAllBuildsis set totrue#9472.pnpm linkshould work from inside a workspace #9506.- Set the default
workspaceConcurrencytoMath.min(os.availableParallelism(), 4)#9493.- Installation should not exit with an error if
strictPeerDependenciesistruebut all issues are ignored bypeerDependencyRules#9505.- Read
updateConfigfrompnpm-workspace.yaml#9500.- Add support for
recursive pack- Remove
url.parseusage to fix warning on Node.js 24 #9492.pnpm runshould be able to run commands from the workspace root, ifignoreScriptsis set tottrue#4858.Platinum Sponsors
... (truncated)
Changelog
Sourced from pnpm's changelog.
10.11.0
Minor Changes
A new setting added for
pnpm initto create apackage.jsonwithtype=module, wheninit-typeismodule. Works as a flag for the init command too #9463.Added support for Nushell to
pnpm setup#6476.Added two new flags to the
pnpm auditcommand,--ignoreand--ignore-unfixable#8474.Ignore all vulnerabilities that have no solution:
> pnpm audit --ignore-unfixableProvide a list of CVE's to ignore those specifically, even if they have a resolution.
> pnpm audit --ignore=CVE-2021-1234 --ignore=CVE-2021-5678Added support for recursively running pack in every project of a workspace #4351.
Now you can run
pnpm -r packto pack all packages in the workspace.Patch Changes
- pnpm version management should work, when
dangerouslyAllowAllBuildsis set totrue#9472.pnpm linkshould work from inside a workspace #9506.- Set the default
workspaceConcurrencytoMath.min(os.availableParallelism(), 4)#9493.- Installation should not exit with an error if
strictPeerDependenciesistruebut all issues are ignored bypeerDependencyRules#9505.- Read
updateConfigfrompnpm-workspace.yaml#9500.- Add support for
recursive pack- Remove
url.parseusage to fix warning on Node.js 24 #9492.pnpm runshould be able to run commands from the workspace root, ifignoreScriptsis set tottrue#4858.
Commits
789e723chore(release): 10.11.0e4af08cfix: linking package globally from workspace should work (#9521)f0c3ed6fix: don't fail with strictPeerDependencies=true if the peerDependencyRules i...36d1448feat: addworkspace-concurrencycli option for pack and publish command (#9...62029d1fix: add command --allow-build option should specify package (#9489)- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions
Pull Request Statistics
1
2
+6
-6
Package Dependencies
pnpm
npm
10.10.0 → 10.11.0
Minor
the npm group
Technical Details
| ID: | 246479 |
| UUID: | 2517385968 |
| Node ID: | PR_kwDOMiUr3s6WDELw |
| Host: | GitHub |
| Repository: | poad/github-sbom-viewer |
| Merge State: | Unknown |