v11.0.9
📦 pnpmView on GitHub →
🐛 6 fixes🔧 5 symbols
Summary
This patch addresses several critical bugs, including fixes for GitLab dependency installation, correct handling of semver build metadata during publishing, and restoring compatibility with custom npm configuration paths in CI environments. It also improves the Node.js version check error message.
Migration Steps
- If you rely on `NPM_CONFIG_USERCONFIG` for custom `.npmrc` location (e.g., in GitHub Actions), this patch restores compatibility.
- If you use `pnpm pack` and rely on `bundleDependencies`, verify that dependencies are correctly included after this patch.
- Ensure you are running Node.js v22.13 or newer to avoid the explicit error message.
- If you use `pnpm --prefix=<dir> install` in a workspace context, verify that `pnpm-workspace.yaml` is no longer being overwritten.
🐛 Bug Fixes
- Fixed installation of GitLab-hosted dependencies by changing the download URL from a GitLab API endpoint to the direct tarball link, resolving 406 errors and virtual store import issues.
- Restored compatibility with environments using `NPM_CONFIG_USERCONFIG` (or `npm_config_userconfig`) to locate the user-level `.npmrc`, fixing authentication issues in GitHub Actions workflows.
- Fixed `pnpm pack` not bundling dependencies listed in `bundleDependencies` (or `bundledDependencies`) due to an API change in npm-packlist.
- Fixed pnpm CLI crashing with a generic `SyntaxError: Invalid regular expression flags` on unsupported Node.js versions; now prints a clear error message requiring Node.js v22.13.
- Fixed `pnpm --prefix=<dir> install` overwriting existing `pnpm-workspace.yaml` manifests by correctly honoring the `--prefix` option when locating the workspace root.
- Fixed `pnpm publish --provenance` failing with 422 errors when package versions contained semver build metadata (e.g., `+abc1234`) by stripping the build segment before packing and publishing.