chore(deps): update pnpm to v7.12.2

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
pnpm (source)	7.8.0 -> 7.12.2

---

Release Notes

pnpm/pnpm

v7.12.2

Compare Source

Patch Changes

• Don't crash when auto-install-peers is true and the project has many complex circular dependencies #​5394.
• pnpm link --global should work with the --dir=<path> option #​5371.

Our Gold Sponsors

Our Silver Sponsors

What's Changed

• fix: error in pnpm --dir link --global by @​lvhttps://github.com/pnpm/pnpm/pull/5371l/5371
• fix: cli crash with auto-install-peers=true by @​zkochhttps://github.com/pnpm/pnpm/pull/5394l/5394

New Contributors

• @​lvqq made their first contributihttps://github.com/pnpm/pnpm/pull/5371l/5371

Full Changelog: pnpm/pnpm@v7.12.1...v7.12.2

v7.12.1

Compare Source

Patch Changes

• Deduplicate peer dependencies when automatically installing them #​5373.

Our Gold Sponsors

Our Silver Sponsors

What's Changed

• fix: deduplicate peer deps by @​zkochhttps://github.com/pnpm/pnpm/pull/5377l/5377

Full Changelog: pnpm/pnpm@v7.12.0...v7.12.1

v7.12.0

Compare Source

Minor Changes

• A new setting supported in the pnpm section of the package.json file: allowNonAppliedPatches. When it is set to true, non-applied patches will not cause an error, just a warning will be printed. For example:

  {
    "name": "foo",
    "version": "1.0.0",
    "pnpm": {
      "patchedDependencies": {
        "express@4.18.1": "patches/express@4.18.1.patch"
      },
      "allowNonAppliedPatches": true
    }
  }

• Now it is possible to exclude packages from hoisting by prepending a ! to the pattern. This works with both the hoist-pattern and public-hoist-pattern settings. For instance:

  public-hoist-pattern[]='*types*'
  public-hoist-pattern[]='!@​types/react'
  
  hoist-pattern[]='*eslint*'
  hoist-pattern[]='!*eslint-plugin*'
  

  Ref #​5272

Patch Changes

• When the same dependency with missing peers is used in multiple workspace projects, install the missing peers in each workspace project #​4820.
• pnpm patch should work on files that don't have an end of line #​5320.
• Fix pnpm patch using a custom --edit-dir.

Our Gold Sponsors

Our Silver Sponsors

What's Changed

• fix(patch): allow to edit a package in any directory by @​zkochhttps://github.com/pnpm/pnpm/pull/5331l/5331
• feat(matcher): ignore patterns by @​LuciNyhttps://github.com/pnpm/pnpm/pull/5336l/5336
• fix(patch): ignore No newline at end of file by @​await-ohttps://github.com/pnpm/pnpm/pull/5321l/5321
• feat(patch): allow non-applied patches by @​larrybahr-ocelhttps://github.com/pnpm/pnpm/pull/5354l/5354
• chore: update @​pnpm/meta-updater by @​ibehttps://github.com/pnpm/pnpm/pull/5360pm/pull/5360
• fix: auto-install-peers in a workspace by @​zkochhttps://github.com/pnpm/pnpm/pull/5359l/5359

New Contributors

• @​await-ovo made their first contributihttps://github.com/pnpm/pnpm/pull/5321l/5321
• @​larrybahr-ocelot made their first contributihttps://github.com/pnpm/pnpm/pull/5354l/5354

Full Changelog: pnpm/pnpm@v7.11.0...v7.12.0

v7.11.0

Compare Source

Minor Changes

• pnpm patch: edit the patched package in a directory specified by the --edit-dir option. E.g., pnpm patch express@3.1.0 --edit-dir=/home/xxx/src/patched-express #​5304

Patch Changes

• Auto installing a peer dependency in a workspace that also has it as a dev dependency in another project #​5144.
• When an error happens during installation of a subdependency, print some context information in order to be able to locate that subdependency. Print the exact chain of packages that led to the problematic dependency.

Our Gold Sponsors

Our Silver Sponsors

What's Changed

• feat(plugin-command-patching): add path option to patch command by @​roseline1https://github.com/pnpm/pnpm/pull/5304l/5304
• fix: improve dependency installation error message by @​zkochhttps://github.com/pnpm/pnpm/pull/5247l/5247
• fix: auto installing peer dep in a workspace by @​zkochhttps://github.com/pnpm/pnpm/pull/5307l/5307

New Contributors

• @​roseline124 made their first contributihttps://github.com/pnpm/pnpm/pull/5304l/5304

Full Changelog: pnpm/pnpm@v7.10.0...v7.11.0

v7.10.0

Compare Source

Minor Changes

• New time-based resolution strategy supported.

  When resolution-mode is set to time-based, pnpm will resolve dependencies the following way:

  1. Direct dependencies will be resolved to their lowest versions. So if there is foo@^1.1.0 in the dependencies, then 1.1.0 will be installed.
  2. Subdependencies will be resolved from versions that were published before the last direct dependency was published.

  With this resolution mode installations with hot cache are faster. It also reduces the chance of subdependency hijacking as subdependencies will be updated only if direct dependencies are updated.

  This resolution mode works only with npm's full metadata. So it is slower in some scenarios. However, if you use Verdaccio v5.15.1 or newer, you may set the registry-supports-time-field setting to true, and it will be really fast.

  Related RFC.

• Enhance pnpm env with the remove command. To remove a Node.js version installed by pnpm, run:

  pnpm env remove --global <node.js version>
  

Patch Changes

• pnpm store prune should remove all cached metadata.
• Don't modify the manifest of the injected workspace project, when it has the same dependency in prod and peer dependencies.

Our Gold Sponsors

Our Silver Sponsors

What's Changed

• test: fix NODE_PATH test on Windows by @​zkochhttps://github.com/pnpm/pnpm/pull/5257l/5257
• refactor: resolve dependencies by @​zkochhttps://github.com/pnpm/pnpm/pull/5267l/5267
• feat(env): add remove command to pnpm env by @​mark-omarhttps://github.com/pnpm/pnpm/pull/5263l/5263
• docs(CONTRIBUTING): correct setup instructions for first-time clone by @​gwhitnhttps://github.com/pnpm/pnpm/pull/5289l/5289
• fix: don't modify the injected project's manifest by @​zkochhttps://github.com/pnpm/pnpm/pull/5294l/5294
• feat: time-based resolution mode by @​zkochhttps://github.com/pnpm/pnpm/pull/5238l/5238
• feat: resolve direct deps to lowest version when resolution-mode is time-based by @​zkochhttps://github.com/pnpm/pnpm/pull/5298l/5298
• fix: add fallback for time-based resolution by @​zkochhttps://github.com/pnpm/pnpm/pull/5302l/5302

New Contributors

• @​mark-omarov made their first contributihttps://github.com/pnpm/pnpm/pull/5263l/5263
• @​gwhitney made their first contributihttps://github.com/pnpm/pnpm/pull/5289l/5289

Full Changelog: pnpm/pnpm@v7.9.5...v7.10.0

v7.9.5

Compare Source

Patch Changes

• Set NODE_PATH when prefer-symlinked-executables is enabled #​5251.
• Fail with a meaningful error when the audit endpoint doesn't exist #​5200.
• Symlink a local dependency to node_modules, even if the target directory doesn't exist #​5219.

Our Gold Sponsors

Our Silver Sponsors

What's Changed

• Fix pnpm audit bad API response on private registry by @​timtong19https://github.com/pnpm/pnpm/pull/5246l/5246
• fix: set NODE_PATH when is turned on by @​d3https://github.com/pnpm/pnpm/pull/5251l/5251
• fix: symlink local dep even when target dir does not exist by @​zkochhttps://github.com/pnpm/pnpm/pull/5253l/5253
• fix: only set extraEnv for preferSymlinkedExecutables if it's not windows by @​d3https://github.com/pnpm/pnpm/pull/5256l/5256

New Contributors

• @​timtong1982 made their first contributihttps://github.com/pnpm/pnpm/pull/5246l/5246

Full Changelog: pnpm/pnpm@v7.9.4...v7.9.5

v7.9.4

Compare Source

Patch Changes

• Auto install peer dependencies when auto-install-peers is set to true and the lockfile is up to date #​5213.
• pnpm env: for Node.js<16 install the x64 build on Darwin ARM as ARM build is not available #​5239.
• pnpm env: log a message when the node.js tarball starts the download #​5241.
• Fix pnpm install --merge-git-branch-lockfile when the lockfile is up to date #​5212.

Our Gold Sponsors

Our Silver Sponsors

What's Changed

• feat(cafs): extend cafs with getFilePathByModeInCafs by @​d3https://github.com/pnpm/pnpm/pull/5232l/5232
• fix: mergeGitBranchLockfiles when merged lockfile is up-to-date by @​chengcybhttps://github.com/pnpm/pnpm/pull/5233l/5233
• test: all test packages should be from the @​pnpm.e2e scope by @&#8203https://github.com/pnpm/pnpm/pull/5211pm/pull/5211
• fix: node<16 download fail on arm chips on macos by @​ambar-arkhttps://github.com/pnpm/pnpm/pull/5239l/5239
• feat(env): show state on fetching node by @​JacobLinCohttps://github.com/pnpm/pnpm/pull/5241l/5241
• Fix: install peerDeps which is not optional on headless install by @​Shinyaigehttps://github.com/pnpm/pnpm/pull/5243l/5243

New Contributors

• @​ambar-arkin made their first contributihttps://github.com/pnpm/pnpm/pull/5239l/5239
• @​JacobLinCool made their first contributihttps://github.com/pnpm/pnpm/pull/5241l/5241
• @​Shinyaigeek made their first contributihttps://github.com/pnpm/pnpm/pull/5243l/5243

Full Changelog: pnpm/pnpm@v7.9.3...v7.9.4

v7.9.3

Compare Source

Patch Changes

• Remove legacy signal handlers #​5224

Our Gold Sponsors

Our Silver Sponsors

What's Changed

• fix: remove legacy signal handlers by @​d3https://github.com/pnpm/pnpm/pull/5224l/5224

Full Changelog: pnpm/pnpm@v7.9.2...v7.9.3

v7.9.2

Compare Source

Patch Changes

• When the same package is both in "peerDependencies" and in "dependencies", treat this dependency as a peer dependency if it may be resolved from the dependencies of parent packages #​5210.
• Update node-gyp to v9.
• Update the compatibility database.

Our Gold Sponsors

Our Silver Sponsors

v7.9.1

Compare Source

Patch Changes

• pnpm setup: don't use setx to set env variables on Windows.

Our Gold Sponsors

Our Silver Sponsors

v7.9.0

Compare Source

Minor Changes

• When ignore-dep-scripts is true, ignore scripts of dependencies but run the scripts of the project.
• When ignore-compatibility-db is set to true, the compatibility database will not be used to patch dependencies #​5132.
• Print the versions of packages in peer dependency warnings and errors.
• Support a new hook for passing a custom package importer to the store controller.

Patch Changes

• Don't print the same deprecation warning multiple times.
• On POSIX pnpm setup should suggest users to source the config instead of restarting the terminal.
• Installing a package with bin that points to an .exe file on Windows #​5159.
• Fix bug where the package manifest was not resolved if verify-store-integrity is set to false.
• Fix sorting of keys in lockfile to make it more deterministic and prevent unnecessary churn in the lockfile #​5151.
• Don't create a separate bundle for pnpx.

Our Gold Sponsors

Our Silver Sponsors

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by Mend Renovate. View repository job log here.