Skip to content

feat: support auditLevel#10554

Merged
zkochan merged 2 commits intopnpm:mainfrom
btea:feat/support-audit-level-config
Feb 6, 2026
Merged

feat: support auditLevel#10554
zkochan merged 2 commits intopnpm:mainfrom
btea:feat/support-audit-level-config

Conversation

@btea
Copy link
Copy Markdown
Member

@btea btea commented Feb 5, 2026

close #10540

@btea btea requested a review from zkochan as a code owner February 5, 2026 12:57
Copilot AI review requested due to automatic review settings February 5, 2026 12:57
Copilot AI reviewed Feb 5, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request attempts to add support for configuring audit-level in pnpm to address issue #10540, where pnpm audit does not respect the audit-level setting from .npmrc files. The PR adds audit-level configuration to pnpm's config system and adds a corresponding auditLevel property to the Config interface.

Changes:

  • Added audit-level configuration type definition to pnpm's type system
  • Added auditLevel property to the Config interface
  • Added audit-level to the list of excluded pnpm keys (not allowed in workspace config files)
  • Set default value for audit-level to 'low'
  • Added changeset documenting the change

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
config/config/src/types.ts Added audit-level type definition to pnpmTypes with valid values
config/config/src/index.ts Added default value 'low' for audit-level configuration
config/config/src/configFileKey.ts Added audit-level to excludedPnpmKeys list
config/config/src/Config.ts Added auditLevel property to Config interface with correct type
.changeset/lucky-bikes-nail.md Added changeset documenting the feature addition

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

ryo-manba
ryo-manba reviewed Feb 6, 2026
View reviewed changes
.changeset/lucky-bikes-nail.md Outdated
"@pnpm/config": minor
---

Support configuring `auditLevel` in the workspace file.
Copy link
Copy Markdown
Member

@ryo-manba ryo-manba Feb 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[Q] Isn't it already supported in pnpm-workspace.yaml?

Copy link
Copy Markdown
Member Author

@btea btea Feb 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, from the code logic perspective, any configuration written in pnpm-workspace.yaml will be read.

@zkochan zkochan merged commit 4158906 into pnpm:main Feb 6, 2026
11 of 12 checks passed
zkochan added a commit that referenced this pull request Feb 6, 2026
@btea @zkochan
feat: support auditLevel (#10554)
7d8be9f 
* feat: support `auditLevel`

* refactor: auditLevel

---------

Co-authored-by: Zoltan Kochan <z@kochan.io>
@btea btea deleted the feat/support-audit-level-config branch February 7, 2026 00:00
@btea btea mentioned this pull request Feb 7, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ryo-manba ryo-manba ryo-manba left review comments

Copilot code review Copilot Copilot left review comments

@zkochan zkochan zkochan approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

pnpm audit does not read .npmrc audit-level

4 participants

@btea @zkochan @ryo-manba