Change8

v10.11.1

📦 pnpmView on GitHub →
🐛 8 fixes🔧 5 symbols

Summary

This patch release resolves multiple regressions and bugs affecting pnpm deploy, URL‑based dependencies, strict peer dependency handling, environment variable naming, lockfile generation, overrides handling, URL parsing, and silent run output.

🐛 Bug Fixes

  • Fix an issue where `pnpm deploy --legacy` creates unexpected directories when the root `package.json` has a workspace package as a peer dependency (see #9550).
  • Dependencies specified via a URL that redirects are now locked to the target only if it is immutable, fixing a regression when installing from GitHub releases (see #9531).
  • Installation no longer exits with an error when `strictPeerDependencies` is true but all issues are ignored by `peerDependencyRules` (see #9505).
  • Switch to using `pnpm_config_` environment variables instead of `npm_config_` (see #9571).
  • Fix a regression introduced in v10.9.0 where the `--lockfile-only` flag on `pnpm update` produced a different `pnpm-lock.yaml` than an update without the flag.
  • Allow `pnpm deploy` to work in repositories with `overrides` when `inject-workspace-packages=true` (see #9283).
  • Resolve path loss caused by parsing URL addresses, fixing a regression shipped in pnpm v10.11 (see #9502).
  • `pnpm -r --silent run` no longer prints out section headers (see #9563).

🔧 Affected Symbols

pnpm deploypnpm updatepnpm -r --silent runpnpm_config_ environment variablesnpm_config_ environment variables