配置依赖
配置依赖允许你在多个项目之间共享和集中管理配置文件、设置和钩子。它们会在所有常规依赖(“dependencies”、“devDependencies”、“optionalDependencies”)之前安装,使其非常适合设置自定义钩子、补丁和目录条目。
🌐 Config dependencies allow you to share and centralize configuration files, settings, and hooks across multiple projects. They are installed before all regular dependencies ("dependencies", "devDependencies", "optionalDependencies"), making them ideal for setting up custom hooks, patches, and catalog entries.
配置依赖可帮助你将所有钩子、设置、补丁、覆盖、目录和规则保存在一个位置,并在多个存储库中使用它们。
🌐 Config dependencies help you keep all the hooks, settings, patches, overrides, catalogs, rules in a single place and use them across multiple repositories.
如果你的配置依赖名称遵循 pnpm-plugin-* 或 @*/pnpm-plugin-* 模式,pnpm 将自动从其根目录加载 pnpmfile.cjs。
🌐 If your config dependency is named following the pnpm-plugin-* or @*/pnpm-plugin-* pattern, pnpm will automatically load the pnpmfile.cjs from its root.
如何添加配置依赖
🌐 How to Add a Config Dependency
配置依赖在你的 pnpm-workspace.yaml 中定义,必须使用精确的版本和完整性校验码进行安装。
🌐 Config dependencies are defined in your pnpm-workspace.yaml and must be installed using an exact version and an integrity checksum.
例如,运行 pnpm add --config my-configs 会将此条目添加到你的 pnpm-workspace.yaml 中:
🌐 For example, running pnpm add --config my-configs will add this entry to your pnpm-workspace.yaml:
configDependencies:
my-configs: "1.0.0+sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw=="
重要:
- 配置依赖 不能 有自己的依赖。
- 配置依赖 不能 定义生命周期脚本(如
preinstall、postinstall等)。
用法
🌐 Usage
加载已构建依赖的允许列表
🌐 Loading an Allow List of Built Dependencies
你可以使用 onlyBuiltDependenciesFile 设置加载允许构建的软件包名称列表。
🌐 You can load a list of package names that are allowed to be built, using the onlyBuiltDependenciesFile setting.
配置依赖中的示例 allow.json 文件:
🌐 Example allow.json file inside a config dependency:
[
"@airbnb/node-memwatch",
"@apollo/protobufjs",
...
]
你的工作区配置:
🌐 Your workspace configuration:
configDependencies:
'@myorg/trusted-deps': 0.1.0+sha512-IERT0uXPBnSZGsCmoSuPzYNWhXWWnKkuc9q78KzLdmDWJhnrmvc7N4qaHJmaNKIusdCH2riO3iE34Osohj6n8w==
onlyBuiltDependenciesFile: node_modules/.pnpm-config/@myorg/trusted-deps/allow.json
安装钩子中使用的依赖
🌐 Installing Dependencies Used in Hooks
配置依赖在加载你的 .pnpmfile.cjs 的钩子之前被安装,从而允许你从配置包中导入逻辑。
🌐 Config dependencies are installed before hooks from your .pnpmfile.cjs are loaded, allowing you to import logic from config packages.
示例:
🌐 Example:
const { readPackage } = require('.pnpm-config/my-hooks')
module.exports = {
hooks: {
readPackage
}
}
动态更新 pnpm 设置
🌐 Updating pnpm Settings Dynamically
使用 updateConfig 钩子,你可以通过配置依赖动态更新 pnpm 的设置。
🌐 Using the updateConfig hook, you can dynamically update pnpm’s settings using config dependencies.
例如,以下 pnpmfile 会向 pnpm 的配置中添加一个新的 catalog 条目:
🌐 For example, the following pnpmfile adds a new catalog entry to pnpm's configuration:
module.exports = {
hooks: {
updateConfig (config) {
config.catalogs.default ??= {}
config.catalogs.default['is-odd'] = '1.0.0'
return config
}
}
}
如果你将其安装为配置依赖:
🌐 If you install it as config dependency:
pnpm add --config @myorg/pnpm-plugin-my-catalogs
然后你可以运行:
🌐 Then you can run:
pnpm add is-odd@catalog:
这将安装 is-odd@1.0.0 并将以下内容添加到你的 package.json 中:
🌐 This will install is-odd@1.0.0 and add the following to your package.json:
{
"dependencies": {
"is-odd": "catalog:"
}
}
这使得跨项目维护和共享集中配置和依赖版本变得容易。
🌐 This makes it easy to maintain and share centralized configuration and dependency versions across projects.
加载补丁文件
🌐 Loading Patch Files
你可以引用存储在配置依赖中的[补丁文件]。
🌐 You can reference patch files stored inside config dependencies.
示例:
🌐 Example:
configDependencies:
my-patches: "1.0.0+sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw=="
patchedDependencies:
react: "node_modules/.pnpm-config/my-patches/react.patch"