"pnpm 11 RC introduces a new SQLite-backed store index, on by default supply chain protections, isolated global installs via the global virtual store, and a unified allowBuilds setting."
"Security defaults are tightened, with the minimumReleaseAge setting defaulting to 1 day, meaning newly published versions are not resolved for 24 hours, and blockExoticSubdeps defaults to true."
"Build script settings have been consolidated into a single allowBuilds option, and strictDepBuilds is now true by default, simplifying the configuration process."
"Global installs are now properly isolated, with each pnpm add -g package receiving its own directory, package.json, node_modules, and lockfile, enhancing package management."
pnpm 11 RC features a major overhaul focusing on performance, supply chain safety, and configuration. It introduces a SQLite-backed store index and enhanced security defaults, including a 24-hour delay for newly published versions. The configuration has been simplified, consolidating build script settings into a single allowBuilds option. Global installs are now isolated, with each package having its own directory and lockfile. The release requires Node.js v22 or later, dropping support for earlier versions, and includes new commands and aliases for improved usability.
Read at InfoQ
Unable to calculate read time
Collection
[
|
...
]