Skip to content

chore(deps): update pnpm to v10.27.0 #1279

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
bfra-me merged 1 commit into from
Jan 2, 2026
Merged

chore(deps): update pnpm to v10.27.0 #1279

bfra-me merged 1 commit into from
Jan 2, 2026

Conversation

@bfra-me
Copy link
Contributor

@bfra-me bfra-me bot commented Jan 2, 2026

This PR contains the following updates:

Package Change Age Confidence OpenSSF Code Search
pnpm (source) 10.26.210.27.0 age confidence OpenSSF Scorecard GitHub Code Search for "pnpm"

Release Notes

pnpm/pnpm (pnpm)

v10.27.0: pnpm 10.27

Compare Source

Minor Changes

  • Adding trustPolicyIgnoreAfter allows you to ignore trust policy checks for packages published more than a specified time ago#​10352.

  • Added project registry for global virtual store prune support.

    Projects using the store are now registered via symlinks in {storeDir}/v10/projects/. This enables pnpm store prune to track which packages are still in use by active projects and safely remove unused packages from the global virtual store.

  • Semi-breaking. Changed the location of unscoped packages in the virtual global store. They will now be stored under a directory named @ to maintain a uniform 4-level directory depth.

  • Added mark-and-sweep garbage collection for global virtual store.

    pnpm store prune now removes unused packages from the global virtual store's links/ directory. The algorithm:

    1. Scans all registered projects for symlinks pointing to the store
    2. Walks transitive dependencies to mark reachable packages
    3. Removes any package directories not marked as reachable

    This includes support for workspace monorepos - all node_modules directories within a project (including those in workspace packages) are scanned.

Patch Changes

  • Throw an error if the value of the tokenHelper or <url>:tokenHelper setting contains an environment variable.
  • Git dependencies with build scripts should respect the dangerouslyAllowAllBuilds settings #​10376.
  • Skip the package manager check when running with --global and a project packageManager is configured, and warn that the check is skipped.
  • pnpm store prune should not fail if the dlx cache directory has files, not only directories #​10384
  • Fixed a bug (#​9759) where pnpm add would incorrectly modify a catalog entry in pnpm-workspace.yaml to its exact version.

Platinum Sponsors

Bit

Gold Sponsors

Discord CodeRabbit Workleap
Stackblitz Vite

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@bfra-me bfra-me bot requested a review from a team as a code owner January 2, 2026 21:19
@bfra-me bfra-me bot added automerge Automated merge approved dependencies Dependency updates or security alerts javascript minor Minor version changes packageManager Package manager changes renovate Renovate bot updates labels Jan 2, 2026
@bfra-me bfra-me bot enabled auto-merge (squash) January 2, 2026 21:19
@bfra-me bfra-me bot merged commit eb62614 into main Jan 2, 2026
11 checks passed
@bfra-me bfra-me bot deleted the renovate/pnpm-10.x branch January 2, 2026 21:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

automerge Automated merge approved dependencies Dependency updates or security alerts minor Minor version changes packageManager Package manager changes renovate Renovate bot updates

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant