Skip to content

fix: update pnpm to v11.7.0#267

Merged
zkochan merged 2 commits into
masterfrom
update-pnpm
Jun 15, 2026
Merged

fix: update pnpm to v11.7.0#267
zkochan merged 2 commits into
masterfrom
update-pnpm

Conversation

@zkochan

@zkochan zkochan commented Jun 15, 2026

Copy link
Copy Markdown
Member

Summary by CodeRabbit

  • Chores
    • Updated pnpm from version 11.1.1 to 11.7.0 across all platform-specific packages (Linux, macOS, Windows).
    • Updated related dependency constraints for improved compatibility.

@coderabbitai

coderabbitai Bot commented Jun 15, 2026

Copy link
Copy Markdown

Review Change Stack

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (1)
  • dist/index.js is excluded by !**/dist/**

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 1b76e5eb-eafc-4e54-afd4-1c9acab6fc16

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

Two bootstrap lockfiles update pnpm and @pnpm/exe from 11.1.1 to 11.7.0. All platform-specific @pnpm/* entries in exe-lock.json receive new version, resolved, and integrity values; the detect-libc constraint is tightened to ^2.1.2. pnpm-lock.json receives matching version, URL, and hash updates.

Changes

Bootstrap lockfile bump to pnpm 11.7.0

Layer / File(s) Summary
Update exe-lock.json and pnpm-lock.json to 11.7.0
src/install-pnpm/bootstrap/exe-lock.json, src/install-pnpm/bootstrap/pnpm-lock.json
All version/resolved/integrity fields for @pnpm/exe and its six platform packages (linux-x64, linuxstatic-arm64, linuxstatic-x64, macos-arm64, win-arm64, win-x64) are bumped from 11.1.1 to 11.7.0; detect-libc constraint tightened from ^2.0.3 to ^2.1.2; pnpm-lock.json root entry and package entry updated to match.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

  • pnpm/action-setup#248: Performs the same lockfile bump pattern (exe-lock.json + pnpm-lock.json) for the previous version step (11.0.4 → 11.1.1).

Poem

🐇 Hop, hop, hooray — version numbers rise,
From one-one-one to seven, what a surprise!
New hashes and URLs, all locked in tight,
detect-libc bumped to keep the build right.
A lockfile leap for every platform near,
The rabbit stamps it done — let's ship, my dear! 🎉

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title directly and specifically describes the main change: updating pnpm to version 11.7.0, which is reflected in both lockfiles and dependency files.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch update-pnpm

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@qodo-free-for-open-source-projects

Copy link
Copy Markdown

PR Summary by Qodo

Bump bootstrap pnpm/@pnpm/exe locks to v11.7.0
⚙️ Configuration changes 🕐 Less than 10 minutes

Grey Divider

Walkthroughs

Description
• Pin bootstrap pnpm runtime to v11.7.0 for consistent installs.
• Update @pnpm/exe and platform binaries to match the new pnpm release.
• Refresh lockfile integrity metadata and transitive detect-libc constraint.
Diagram
graph TD
  A["Bootstrap installer"] --> B["pnpm-lock.json"] --> D[("npm registry")]
  A --> C["exe-lock.json"] --> D
Loading
High-Level Assessment

The following are alternative approaches to this PR:

1. Use Corepack to pin pnpm version
  • ➕ Reduces need for custom bootstrap lockfiles
  • ➕ Standardizes version management across Node toolchains
  • ➖ Requires ensuring Corepack is available/enabled in all environments
  • ➖ May not cover platform-specific exe packaging needs of current bootstrap
2. Automate toolchain bumps (Renovate/Dependabot + CI verification)
  • ➕ Keeps pnpm updates frequent and smaller
  • ➕ Can gate upgrades behind install/build smoke tests
  • ➖ Still requires lockfile regeneration and review discipline
  • ➖ Adds operational overhead if automation is not already in place

Recommendation: For a targeted upgrade, the current approach (updating the pinned bootstrap lockfiles) is appropriate and keeps installs deterministic. Consider Corepack or automated toolchain-bump workflows only if you want to reduce ongoing manual maintenance of bootstrap pinning.

Grey Divider

File Changes

Other (2)
exe-lock.json Bump @pnpm/exe and platform binaries to 11.7.0 +33/-33

Bump @pnpm/exe and platform binaries to 11.7.0

• Updates the pinned @pnpm/exe version from 11.1.1 to 11.7.0, including refreshed resolved URLs and integrity hashes. Also updates optional platform package pins to 11.7.0 and bumps the detect-libc semver range used by @pnpm/exe.

src/install-pnpm/bootstrap/exe-lock.json


pnpm-lock.json Bump pnpm package lock to 11.7.0 +4/-4

Bump pnpm package lock to 11.7.0

• Updates the pinned pnpm version from 11.1.1 to 11.7.0, including resolved tarball URL and integrity hash, to ensure bootstrap installs the intended tool version.

src/install-pnpm/bootstrap/pnpm-lock.json


Grey Divider

Qodo Logo

@zkochan zkochan merged commit 0ebf471 into master Jun 15, 2026
21 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant