Skip to content

chore(deps): update dependency pnpm to ^10.33.0#161

Open
renovate[bot] wants to merge 1 commit intodevelopmentfrom
renovate/pnpm-10.x
Open

chore(deps): update dependency pnpm to ^10.33.0#161
renovate[bot] wants to merge 1 commit intodevelopmentfrom
renovate/pnpm-10.x

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented Feb 17, 2026
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
pnpm (source) ^10.28.2^10.33.0 age confidence

Release Notes

pnpm/pnpm (pnpm)

v10.33.0

Compare Source

v10.32.1: pnpm 10.32.1

Compare Source

Patch Changes

  • Fix a regression where pnpm-workspace.yaml without a packages field caused all directories to be treated as workspace projects. This broke projects that use pnpm-workspace.yaml only for settings (e.g. minimumReleaseAge) without defining workspace packages #​10909.

Platinum Sponsors

Bit

Gold Sponsors

Sanity Discord Vite
SerpApi CodeRabbit Stackblitz
Workleap Nx

v10.32.0: pnpm 10.32

Compare Source

Minor Changes

  • Added --all flag to pnpm approve-builds that approves all pending builds without interactive prompts #​10136.

Patch Changes

  • Reverted change related to setting explicitly the npm config file path, which caused regressions.
  • Reverted fix related to lockfile-include-tarball-url. Fixes #​10915.

Platinum Sponsors

Bit

Gold Sponsors

Sanity Discord Vite
SerpApi CodeRabbit Stackblitz
Workleap Nx

v10.31.0

Compare Source

v10.30.3

Compare Source

v10.30.2

Compare Source

v10.30.1: pnpm 10.30.1

Compare Source

Patch Changes

  • Use the /-/npm/v1/security/audits/quick endpoint as the primary audit endpoint, falling back to /-/npm/v1/security/audits when it fails #​10649.

Platinum Sponsors

Bit

Gold Sponsors

Sanity Discord Vite
SerpApi CodeRabbit Workleap
Stackblitz Nx

v10.30.0: pnpm 10.30

Compare Source

Minor Changes

  • pnpm why now shows a reverse dependency tree. The searched package appears at the root with its dependents as branches, walking back to workspace roots. This replaces the previous forward-tree output which was noisy and hard to read for deeply nested dependencies.

Patch Changes

  • Revert pnpm why dependency pruning to prefer correctness over memory consumption. Reverted PR: #​7122.
  • Optimize pnpm why and pnpm list performance in workspaces with many importers by sharing the dependency graph and materialization cache across all importers instead of rebuilding them independently for each one #​10596.

Platinum Sponsors

Bit

Gold Sponsors

Sanity Discord Vite
SerpApi CodeRabbit Workleap
Stackblitz Nx

v10.29.3

Compare Source

v10.29.2

Compare Source

v10.29.1: pnpm 10.29.1

Compare Source

Minor Changes

  • The pnpm dlx / pnpx command now supports the catalog: protocol. Example: pnpm dlx shx@catalog:.
  • Support configuring auditLevel in the pnpm-workspace.yaml file #​10540.
  • Support bare workspace: protocol without version specifier. It is now treated as workspace:* and resolves to the concrete version during publish #​10436.

Patch Changes

  • Fixed pnpm list --json returning incorrect paths when using global virtual store #​10187.

  • Fix pnpm store path and pnpm store status using workspace root for path resolution when storeDir is relative #​10290.

  • Fixed pnpm run -r failing with "No projects matched the filters" when an empty pnpm-workspace.yaml exists #​10497.

  • Fixed a bug where catalogMode: strict would write the literal string "catalog:" to pnpm-workspace.yaml instead of the resolved version specifier when re-adding an existing catalog dependency #​10176.

  • Fixed the documentation URL shown in pnpm completion --help to point to the correct page at https://pnpm.io/completion #​10281.

  • Skip local file: protocol dependencies during pnpm fetch. This fixes an issue where pnpm fetch would fail in Docker builds when local directory dependencies were not available #​10460.

  • Fixed pnpm audit --json to respect the --audit-level setting for both exit code and output filtering #​10540.

  • update tar to version 7.5.7 to fix security issue

    Updating the version of dependency tar to 7.5.7 because the previous one have a security vulnerability reported here: CVE-2026-24842

  • Fix pnpm audit --fix replacing reference overrides (e.g. $foo) with concrete versions #​10325.

  • Fix shamefullyHoist set via updateConfig in .pnpmfile.cjs not being converted to publicHoistPattern #​10271.

  • pnpm help should correctly report if the currently running pnpm CLI is bundled with Node.js #​10561.

  • Add a warning when the current directory contains the PATH delimiter character. On macOS, folder names containing forward slashes (/) appear as colons (:) at the Unix layer. Since colons are PATH separators in POSIX systems, this breaks PATH injection for node_modules/.bin, causing binaries to not be found when running commands like pnpm exec #​10457.

Platinum Sponsors

Bit

Gold Sponsors

Discord CodeRabbit Workleap
Stackblitz Vite

Configuration

📅 Schedule: (in timezone Europe/Berlin)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot force-pushed the renovate/pnpm-10.x branch 2 times, most recently from ca1dae8 to ceabe22 Compare February 20, 2026 17:30
@renovate renovate Bot changed the title chore(deps): update dependency pnpm to ^10.29.3 chore(deps): update dependency pnpm to ^10.30.0 Feb 20, 2026
@renovate renovate Bot force-pushed the renovate/pnpm-10.x branch from ceabe22 to cbcb82d Compare February 23, 2026 02:06
@renovate renovate Bot changed the title chore(deps): update dependency pnpm to ^10.30.0 chore(deps): update dependency pnpm to ^10.30.1 Feb 23, 2026
@renovate renovate Bot force-pushed the renovate/pnpm-10.x branch from cbcb82d to 34b8a54 Compare February 27, 2026 01:18
@renovate renovate Bot changed the title chore(deps): update dependency pnpm to ^10.30.1 chore(deps): update dependency pnpm to ^10.30.2 Feb 27, 2026
@renovate renovate Bot force-pushed the renovate/pnpm-10.x branch from 34b8a54 to 1e5e0e7 Compare March 1, 2026 20:49
@renovate renovate Bot changed the title chore(deps): update dependency pnpm to ^10.30.2 chore(deps): update dependency pnpm to ^10.30.3 Mar 1, 2026
@renovate renovate Bot force-pushed the renovate/pnpm-10.x branch from 1e5e0e7 to 4ebc7aa Compare March 11, 2026 02:49
@renovate renovate Bot changed the title chore(deps): update dependency pnpm to ^10.30.3 chore(deps): update dependency pnpm to ^10.31.0 Mar 11, 2026
@renovate renovate Bot force-pushed the renovate/pnpm-10.x branch from 4ebc7aa to eead73c Compare March 12, 2026 22:51
@renovate renovate Bot changed the title chore(deps): update dependency pnpm to ^10.31.0 chore(deps): update dependency pnpm to ^10.32.0 Mar 12, 2026
@renovate renovate Bot force-pushed the renovate/pnpm-10.x branch from eead73c to ed50bc6 Compare March 14, 2026 01:52
@renovate renovate Bot changed the title chore(deps): update dependency pnpm to ^10.32.0 chore(deps): update dependency pnpm to ^10.32.1 Mar 14, 2026
@renovate renovate Bot force-pushed the renovate/pnpm-10.x branch from ed50bc6 to ee80b0b Compare March 27, 2026 17:16
@renovate renovate Bot changed the title chore(deps): update dependency pnpm to ^10.32.1 chore(deps): update dependency pnpm to ^10.33.0 Mar 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants