Sourced from pnpm's releases.

pnpm 10.12.1

Minor Changes

• Experimental. Added support for global virtual stores. When enabled, node_modules contains only symlinks to a central virtual store, rather than to node_modules/.pnpm. By default, this central store is located at <store-path>/links (you can find the store path by running pnpm store path).

  In the central virtual store, each package is hard linked into a directory whose name is the hash of its dependency graph. This allows multiple projects on the system to symlink shared dependencies from this central location, significantly improving installation speed when a warm cache is available.

  This is conceptually similar to how NixOS manages packages, using dependency graph hashes to create isolated and reusable package directories.

  To enable the global virtual store, set enableGlobalVirtualStore: true in your root pnpm-workspace.yaml, or globally via:

  pnpm config -g set enable-global-virtual-store true
  

  NOTE: In CI environments, where caches are typically cold, this setting may slow down installation. pnpm automatically disables the global virtual store when running in CI.

  Short demo of the speed of installation with this new setting enabled: https://www.youtube.com/watch?v=pNDFfJvaubY&ab_channel=pnpm

  Related PR: #8190

• The pnpm update command now supports updating catalog: protocol dependencies and writes new specifiers to pnpm-workspace.yaml.

• A new catalogMode setting is available for controlling if and how dependencies are added to the default catalog. It can be configured to several modes:

  • strict: Only allows dependency versions from the catalog. Adding a dependency outside the catalog's version range will cause an error.
  • prefer: Prefers catalog versions, but will fall back to direct dependencies if no compatible version is found.
  • manual (default): Does not automatically add dependencies to the catalog.

• Added two new CLI options (--save-catalog and --save-catalog-name=<name>) to pnpm add to save new dependencies as catalog entries. catalog: or catalog:<name> will be added to package.json and the package specifier will be added to the catalogs or catalog[<name>] object in pnpm-workspace.yaml #9425.

• Semi-breaking. The keys used for side-effects caches have changed. If you have a side-effects cache generated by a previous version of pnpm, the new version will not use it and will create a new cache instead #9605.

• Added a new setting called ci for explicitly telling pnpm if the current environment is a CI or not.

Patch Changes

• Sort versions printed by pnpm patch using semantic versioning rules.
• Improve the way the error message displays mismatched specifiers. Show differences instead of 2 whole objects #9598.
• Revert #9574 to fix a regression #9596.

Platinum Sponsors

... (truncated)

Sourced from pnpm's changelog.

10.12.1

Minor Changes

• Experimental. Added support for global virtual stores. When enabled, node_modules contains only symlinks to a central virtual store, rather to node_modules/.pnpm. By default, this central store is located at <store-path>/links (you can find the store path by running pnpm store path).

  In the central virtual store, each package is hard linked into a directory whose name is the hash of its dependency graph. This allows multiple projects on the system to symlink shared dependencies from this central location, significantly improving installation speed when a warm cache is available.

  This is conceptually similar to how NixOS manages packages, using dependency graph hashes to create isolated and reusable package directories.

  To enable the global virtual store, set enableGlobalVirtualStore: true in your root pnpm-workspace.yaml, or globally via:

  pnpm config -g set enable-global-virtual-store true
  

  NOTE: In CI environments, where caches are typically cold, this setting may slow down installation. pnpm automatically disables the global virtual store when running in CI.

  Related PR: #8190

• The pnpm update command now supports updating catalog: protocol dependencies and writes new specifiers to pnpm-workspace.yaml.
• Added two new CLI options (--save-catalog and --save-catalog-name=<name>) to pnpm add to save new dependencies as catalog entries. catalog: or catalog:<name> will be added to package.json and the package specifier will be added to the catalogs or catalog[<name>] object in pnpm-workspace.yaml #9425.
• Semi-breaking. The keys used for side-effects caches have changed. If you have a side-effects cache generated by a previous version of pnpm, the new version will not use it and will create a new cache instead #9605.
• Added a new setting called ci for explicitly telling pnpm if the current environment is a CI or not.

Patch Changes

• Sort versions printed by pnpm patch using semantic versioning rules.
• Improve the way the error message displays mismatched specifiers. Show differences instead of 2 whole objects #9598.
• Revert #9574 to fix a regression #9596.

• fe2811e chore(release): 10.12.1
• 89bc2c6 chore(release): 10.12.0
• b217bbb feat: add a new setting for telling pnpm if the env is CI (#9616)
• 6489c87 docs: update sponsors
• b0ead51 feat: global virtual store (#8190)
• 1959f99 revert: fix(deploy/legacy): unexpected directory creations (#9597)
• cecd039 chore(release): 10.11.1
• 95b088c fix(deploy/legacy): unexpected directory creations (#9574)
• 1c741b5 fix: use pnpm_config_ instead of npm_config_ (#9571)
• 8e0b4ef test: correct a test name (#9537)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions