配置依赖
配置依赖允许你在多个项目之间共享和集中配置文件、设置和钩子。它们在所有常规依赖("dependencies"、"devDependencies"、"optionalDependencies")之前安装,非常适合设置自定义钩子、补丁和目录条目。
¥Config dependencies allow you to share and centralize configuration files, settings, and hooks across multiple projects. They are installed before all regular dependencies ("dependencies", "devDependencies", "optionalDependencies"), making them ideal for setting up custom hooks, patches, and catalog entries.
配置依赖可帮助你将所有钩子、设置、补丁、覆盖、目录和规则保存在一个位置,并在多个存储库中使用它们。
¥Config dependencies help you keep all the hooks, settings, patches, overrides, catalogs, rules in a single place and use them across multiple repositories.
如果你的配置依赖按照 pnpm-plugin-* 模式命名,pnpm 将自动从其根目录加载 pnpmfile.cjs。
¥If your config dependency is named following the pnpm-plugin-* pattern, pnpm will automatically load the pnpmfile.cjs from its root.
如何添加配置依赖
¥How to Add a Config Dependency
配置依赖在你的 pnpm-workspace.yaml 中定义,必须使用精确版本和完整性校验和进行安装。
¥Config dependencies are defined in your pnpm-workspace.yaml and must be installed using an exact version and an integrity checksum.
示例:
¥Example:
configDependencies:
my-configs: "1.0.0+sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw=="
重要提示:
�¥Important:
-
配置依赖不能有自己的依赖。
¥Config dependencies cannot have their own dependencies.
-
配置依赖不能定义生命周期脚本(如
preinstall、postinstall等)。¥Config dependencies cannot define lifecycle scripts (like
preinstall,postinstall, etc.).
用法
¥Usage
加载已构建依赖的允许列表
¥Loading an Allow List of Built Dependencies
你可以使用 onlyBuiltDependenciesFile 设置加载允许构建的包名称列表。
¥You can load a list of package names that are allowed to be built, using the onlyBuiltDependenciesFile setting.
配置依赖 (@pnpm/trusted-deps) 中的 allow.json 文件示例:
¥Example allow.json file inside a config dependency (@pnpm/trusted-deps):
[
"@airbnb/node-memwatch",
"@apollo/protobufjs",
...
]
你的工作区配置:
¥Your workspace configuration:
configDependencies:
'@pnpm/trusted-deps': 0.1.0+sha512-IERT0uXPBnSZGsCmoSuPzYNWhXWWnKkuc9q78KzLdmDWJhnrmvc7N4qaHJmaNKIusdCH2riO3iE34Osohj6n8w==
onlyBuiltDependenciesFile: node_modules/.pnpm-config/@pnpm/trusted-deps/allow.json
安装钩子中使用的依赖
¥Installing Dependencies Used in Hooks
配置依赖在加载 .pnpmfile.cjs 中的钩子之前安装,允许你从配置包中导入逻辑。
¥Config dependencies are installed before hooks from your .pnpmfile.cjs are loaded, allowing you to import logic from config packages.
示例:
¥Example:
const { readPackage } = require('.pnpm-config/my-hooks')
module.exports = {
hooks: {
readPackage
}
}
动态更新 pnpm 设置
¥Updating pnpm Settings Dynamically
使用 updateConfig 钩子,你可以使用配置依赖动态更新 pnpm 的设置。
¥Using the updateConfig hook, you can dynamically update pnpm’s settings using config dependencies.
例如,以下 pnpmfile 会在 pnpm 的配置中添加一个新的 catalog 条目:
¥For example, the following pnpmfile adds a new catalog entry to pnpm's configuration:
module.exports = {
hooks: {
updateConfig (config) {
config.catalogs.default ??= {}
config.catalogs.default['is-odd'] = '1.0.0'
return config
}
}
}
安装并加载:
¥Install and load it:
configDependencies:
my-catalogs: "1.0.0+sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw=="
pnpmfile: "node_modules/.pnpm-config/my-catalogs/pnpmfile.cjs"
然后你可以运行:
¥Then you can run:
pnpm add is-odd@catalog:
这将安��装 is-odd@1.0.0 并将以下内容添加到你的 package.json:
¥This will install is-odd@1.0.0 and add the following to your package.json:
{
"dependencies": {
"is-odd": "catalog:"
}
}
这使得跨项目维护和共享集中配置和依赖版本变得容易。
¥This makes it easy to maintain and share centralized configuration and dependency versions across projects.
加载补丁文件
¥Loading Patch Files
你可以引用存储在配置依赖中的 补丁文件。
¥You can reference patch files stored inside config dependencies.
示例:
¥Example:
configDependencies:
my-patches: "1.0.0+sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw=="
patchedDependencies:
react: "node_modules/.pnpm-config/my-patches/react.patch"