pnpm 10.27
pnpm 10.27 添加了一个新设置,用于忽略较旧包版本的信任策略检查,引入了用于全局虚拟存储修剪的项目注册表,并包含了多个错误修复。
🌐 pnpm 10.27 adds a new setting to ignore trust policy checks for older package versions, introduces a project registry for global virtual store pruning, and includes several bug fixes.
小幅更改
🌐 Minor Changes
trustPolicyIgnoreAfter
添加 trustPolicyIgnoreAfter 允许你忽略对于在指定时间之前发布的软件包的信任策略检查 #10352。
🌐 Adding trustPolicyIgnoreAfter allows you to ignore trust policy checks for packages published more than a specified time ago #10352.
全局虚拟存储改进
🌐 Global Virtual Store Improvements
为全局虚拟存储修剪支持添加了项目注册表。
🌐 Added project registry for global virtual store prune support.
使用存储的项目现在通过 {storeDir}/v10/projects/ 中的符号链接注册。这使得 pnpm store prune 能够跟踪哪些包仍被活跃项目使用,并安全地从全局虚拟存储中移除未使用的包。
🌐 Projects using the store are now registered via symlinks in {storeDir}/v10/projects/. This enables pnpm store prune to track which packages are still in use by active projects and safely remove unused packages from the global virtual store.
半破坏性更新。 更改了虚拟全局存储中未作用域包的位置。它们现在将存储在名为 @ 的目录下,以保持统一的四级目录深度。
为全局虚拟存储添加了标记-清除垃圾回收。
🌐 Added mark-and-sweep garbage collection for global virtual store.
pnpm store prune 现在会从全局虚拟存储的 links/ 目录中移除未使用的包。算法如下:
- 扫描所有注册的项目以查找指向存储的符号链接
- 遍历传递依赖以标记可到达的包
- 删除未标记为可访问的任何包目录
这包括对工作区 monorepos 的支持——项目中的所有 node_modules 目录(包括工作区包中的目录)都会被扫描。
🌐 This includes support for workspace monorepos - all node_modules directories within a project (including those in workspace packages) are scanned.
补丁更改
🌐 Patch Changes
-
Throw an error if the value of the
tokenHelperor<url>:tokenHelpersetting contains an environment variable. -
Git dependencies with build scripts should respect the
dangerouslyAllowAllBuildssettings #10376. -
Skip the package manager check when running with --global and a project packageManager is configured, and warn that the check is skipped.
-
pnpm store pruneshould not fail if the dlx cache directory has files, not only directories #10384 -
Fixed a bug (#9759) where
pnpm addwould incorrectly modify a catalog entry inpnpm-workspace.yamlto its exact version.