Skip to content

chore(deps-dev): bump pnpm from 6.32.10 to 7.13.0#203

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/pnpm-7.13.0
Closed

chore(deps-dev): bump pnpm from 6.32.10 to 7.13.0#203
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/pnpm-7.13.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Oct 3, 2022

Copy link
Copy Markdown
Contributor

Bumps pnpm from 6.32.10 to 7.13.0.

Release notes

Sourced from pnpm's releases.

v7.13.0

Minor Changes

  • Ignore packages listed in package.json > pnpm.updateConfig.ignoreDependencies fields on update/outdated command #5358

    For instance, if you don't want webpack automatically to be updated when you run pnpm update --latest, put this to your package.json:

    {
      "pnpm": {
        "updateConfig": {
          "ignoreDependencies": ["webpack"]
        }
      }
    }

    Patterns are also supported, so you may ignore for instance any packages from a scope: @babel/*.

  • It is possible now to update all dependencies except the listed ones using !. For instance, update all dependencies, except lodash:

      pnpm update !lodash
    

    It also works with pattends, for instance:

      pnpm update !@babel/*
    

    And it may be combined with other patterns:

      pnpm update @babel/* !@babel/core
    

Patch Changes

  • Hooks should be applied on pnpm deploy #5306.

  • Stop --filter-prod option to run command on all the projects when used on workspace. --filter-prod option now only filter from dependencies and omit devDependencies instead of including all the packages when used on workspace. So what was happening is that if you use --filter-prod on workspace root like this:

    pnpm --filter-prod ...build-modules exec node -e 'console.log(require(`./package.json`).name)'

    it was printing all the package of workspace, where it should only print the package name of itself and packages where it has been added as dependency (not as devDependencies)

  • Don't override the root dependency when auto installing peer dependencies #5412.

Our Gold Sponsors

... (truncated)

Commits
  • a74d26c chore(release): 7.13.0
  • ff331dd fix: don't override root deps when auto installing peers (#5442)
  • d30f3ac test: set maxWorkers to 1
  • d665f3f feat: ignore packages listed in `package.json > pnpm.updateConfig.ignoreDepen...
  • 5179dfe fix: filter-prod flag including all workspace pkgs (#5437)
  • 5beb4e2 fix: dir path repeated join in link global (#5434)
  • 2e830c0 refactor: projects finding/filtering/sorting
  • abb41a6 feat: excluding deps from update (#5432)
  • 2bf89ec docs: add link to feature comparison page
  • 51566e3 feat: merge readPackage hook from opts and pnpmfile (#5403)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [pnpm](https://github.com/pnpm/pnpm) from 6.32.10 to 7.13.0.
- [Release notes](https://github.com/pnpm/pnpm/releases)
- [Commits](pnpm/pnpm@v6.32.10...v7.13.0)

---
updated-dependencies:
- dependency-name: pnpm
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Oct 3, 2022
@netlify

netlify Bot commented Oct 3, 2022

Copy link
Copy Markdown

Deploy Preview for nexusweather failed.

Name Link
🔨 Latest commit 9d6845c
🔍 Latest deploy log https://app.netlify.com/sites/nexusweather/deploys/633ae21850170a00083dadb0

@dependabot @github

dependabot Bot commented on behalf of github Oct 10, 2022

Copy link
Copy Markdown
Contributor Author

Superseded by #206.

@dependabot dependabot Bot closed this Oct 10, 2022
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/pnpm-7.13.0 branch October 10, 2022 14:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants