chore(deps): update pnpm to v8.7.4 - autoclosed

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
pnpm (source)	8.6.6 -> 8.7.4

---

Release Notes

pnpm/pnpm (pnpm)

v8.7.4

Compare Source

Patch Changes

• Fix a bug causing the pnpm server to hang if a tarball worker was requested while another worker was exiting #​7041.
• Fixes a regression published with pnpm v8.7.3. Don't hang while reading package.json from the content-addressable store #​7051.
• Allow create scoped package with preferred version. #​7053
• Reverting a change shipped in v8.7 that caused issues with the pnpm deploy command and "injected dependencies" #​6943.

Our Gold Sponsors

Our Silver Sponsors

v8.7.3

Compare Source

Patch Changes

• Fix a bug causing errors to be printed as "Cannot read properties of undefined (reading 'code')" instead of the underlying reason when using the pnpm store server #​7032

Our Gold Sponsors

Our Silver Sponsors

v8.7.2

Compare Source

v8.7.1

Compare Source

Patch Changes

• Fixed an issue with extracting some old versions of tarballs #​6991.
• Side-effects cache will now be leveraged when running install in a workspace that uses dedicated lockfiles for each project #​6890.
• Reduce concurrency in the pnpm -r publish command #​6968.
• Improved the pnpm update --interactive output by grouping dependencies by type. Additionally, a new column has been added with links to the documentation for outdated packages #​6978.

Our Gold Sponsors

Our Silver Sponsors

v8.7.0

Compare Source

Minor Changes

• Improve performance of installation by using a worker pool for extracting packages and writing them to the content-addressable store #​6850
• The default value of the resolution-mode setting is changed to highest. This setting was changed to lowest-direct in v8.0.0 and some users were not happy with the change. A twitter poll concluded that most of the users want the old behaviour (resolution-mode set to highest by default). This is a semi-breaking change but should not affect users that commit their lockfile #​6463.

Patch Changes

• Warn when linking a package with peerDependencies #​615.
• Add support for npm lockfile v3 in pnpm import #​6233.
• Override peerDependencies in pnpm.overrides #​6759.
• Respect workspace alias syntax in pkg graph #​6922
• Emit a clear error message when users attempt to specify an undownloadable node version #​6916.
• pnpm patch should write patch files with a trailing newline #​6905.
• Dedupe deps with the same alias in direct dependencies 6966
• Don't prefix install output for the dlx command.
• Performance optimizations. Package tarballs are now download directly to memory and built to an ArrayBuffer. Hashing and other operations are avoided until the stream has been fully received #​6819.

Our Gold Sponsors

Our Silver Sponsors

v8.6.12

Compare Source

Patch Changes

• Make the error message friendlier when a user attempts to run a command that does not exist #​6887.
• pnpm patch should work correctly when shared-workspace-file is set to false #​6885.
• pnpm env use should retry deleting the previous Node.js executable #​6587.
• pnpm dlx should not print an error stack when the underlying script execution fails #​6698.
• When showing the download progress of large tarball files, always display the same number of digits after the decimal point #​6901.
• Report download progress less frequently to improve performance #​6906.
• pnpm install --frozen-lockfile --lockfile-only should fail if the lockfile is not up to date with the package.json files #​6913.

Our Gold Sponsors

Our Silver Sponsors

v8.6.11

Compare Source

Patch Changes

• Change the install error message when a lockfile is wanted but absent to indicate the wanted lockfile is absent, not present. This now reflects the actual error #​6851.
• When dealing with a local dependency that is a path to a symlink, a new symlink should be created to the original symlink, not to the actual directory location.
• The length of the temporary file names in the content-addressable store reduced in order to prevent ENAMETOOLONG errors from happening #​6842.
• Don't print "added" stats, when installing with --lockfile-only.
• Installation of a git-hosted dependency should not fail if the pnpm-lock.yaml file of the installed dependency is not up-to-date #​6865.
• Don't ignore empty strings in params #​6594.
• Always set dedupe-peer-dependents to false, when running installation during deploy #​6858.
• When several containers use the same store simultaneously, there's a chance that multiple containers may create a temporary file at the same time. In such scenarios, pnpm could fail to rename the temporary file in one of the containers. This issue has been addressed: pnpm will no longer fail if the temporary file is absent but the destination file exists.
• Authorization token should be found in the configuration, when the requested URL is explicitly specified with a default port (443 on HTTPS or 80 on HTTP) #​6863.

Our Gold Sponsors

Our Silver Sponsors

v8.6.10

Compare Source

Patch Changes

• Installation succeeds if a non-optional dependency of an optional dependency has failing installation scripts #​6822.
• The length of the temporary file names in the content-addressable store reduced in order to prevent ENAMETOOLONG errors from happening #​6842.
• Ignore empty patch content when patch-commit.
• Sort keys in packageExtensions before calculating packageExtensionsChecksum #​6824.
• Pass the right scheme to git ls-remote in order to prevent a fallback to git+ssh that would result in a 'host key verification failed' issue #​6806
• The "postpublish" script of a git-hosted dependency is not executed, while building the dependency #​6822.

Our Gold Sponsors

Our Silver Sponsors

v8.6.9

Compare Source

Patch Changes

• Temporarily revert the fix to #​6805 to fix the regression it caused #​6827.

Our Gold Sponsors

Our Silver Sponsors

v8.6.8

Compare Source

Patch Changes

• When the same file is appended multiple times into a tarball, the last occurrence is selected when unpacking the tarball.
• Fixed a bug in which pnpm passed the wrong scheme to git ls-remote, causing a fallback to git+ssh and resulting in a 'host key verification failed' issue #​6805.
• Added support for publishConfig.registry in package.json for publishing #​6775.
• pnpm rebuild now uploads the built artifacts to the content-addressable store.
• If a command cannot be created in .bin, the exact error message is now displayed.
• Treat linked dependencies with a tag version type as up-to-date #​6592.
• pnpm setup now prints more details when it cannot detect the active shell.

Our Gold Sponsors

Our Silver Sponsors

v8.6.7

Compare Source

Patch Changes

• Ensure consistent output for scripts executed concurrently, both within a single project and across multiple projects. Each script's output will now be printed in a separate section of the terminal, when running multiple scripts in a single project using regex #​6692.
• The --parallel CLI flag should work on single project #​6692.
• Optimizing project manifest normalization, reducing amoung of data copying #​6763.
• Move loading wantedLockfile outside dependenciesHierarchyForPackage, preventing OOM crash when loading the same lock file too many times #​6757.
• Replace ineffective use of ramda difference with better alternative #​6760.

Our Gold Sponsors

Our Silver Sponsors

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
unocss-preset-theme	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Sep 6, 2023 1:00am