chore(release): 11.5.1#12126
Conversation
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Plus Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (58)
📝 WalkthroughWalkthroughThis PR aggregates eight completed changesets into pnpm version 11.5.1, updating package versions and CHANGELOG entries across the monorepo. Changes include audit performance improvements, workspace state robustness, peer dependency resolution fixes, headless environment setup, and publish manifest normalization, with a license update for pnpm-agent. Changespnpm 11.5.1 Patch Release
Estimated code review effort🎯 2 (Simple) | ⏱️ ~12 minutes Possibly related PRs
Poem
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Review Summary by QodoRelease pnpm 11.5.1 with bug fixes and performance improvements
WalkthroughsDescription• Release version 11.5.1 with multiple bug fixes and improvements • Improved pnpm audit performance by pruning non-vulnerable subtrees • Fixed workspace state cache crash on partial writes or malformed data • Fixed tarball integrity preservation during dependency re-resolution • Fixed peer dependency resolution in diamond dependency patterns • Normalized repository field in publish manifests for registry compatibility • Set npm_config_user_agent for root lifecycle scripts in headless installs • Preserved optional peer versions in lockfile during resolution • Updated promise-share dependency from 2.0.0 to 2.0.1 • Updated pnpm-agent license to PolyForm Shield License 1.0.0 Diagramflowchart LR
A["Release 11.5.1"] --> B["Bug Fixes"]
A --> C["Performance"]
A --> D["Dependencies"]
B --> B1["Workspace State"]
B --> B2["Tarball Integrity"]
B --> B3["Peer Resolution"]
B --> B4["Repository Normalization"]
C --> C1["Audit Performance"]
D --> D1["promise-share 2.0.1"]
D --> D2["pnpm-agent License"]
File Changes1. .changeset-released/release-11-5-1.txt
|
There was a problem hiding this comment.
Pull request overview
This PR cuts the pnpm 11.5.1 patch release by updating package versions and changelogs across the workspace, updating the workspace catalog/lockfile for a dependency bump, and archiving released changesets.
Changes:
- Bump
pnpmand multiple workspace package versions for the 11.5.1 release. - Add new release entries to package changelogs and remove the now-released
.changeset/*.mdfiles (recorded in.changeset-released/). - Update the workspace catalog + lockfile for
promise-share^2.0.0→^2.0.1.
Reviewed changes
Copilot reviewed 58 out of 59 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| workspace/state/package.json | Bump @pnpm/workspace.state version for release. |
| workspace/state/CHANGELOG.md | Add 1100.0.18 release notes. |
| releasing/exportable-manifest/package.json | Bump @pnpm/releasing.exportable-manifest version for release. |
| releasing/exportable-manifest/CHANGELOG.md | Add 1100.1.2 release notes. |
| releasing/commands/package.json | Bump @pnpm/releasing.commands version for release. |
| releasing/commands/CHANGELOG.md | Add 1100.4.1 release notes / dependency updates. |
| pnpm/package.json | Bump pnpm to 11.5.1. |
| pnpm/CHANGELOG.md | Add 11.5.1 release notes. |
| pnpm/artifacts/win32-x64/package.json | Bump Windows x64 artifact package version to 11.5.1. |
| pnpm/artifacts/win32-arm64/package.json | Bump Windows arm64 artifact package version to 11.5.1. |
| pnpm/artifacts/linux-x64/package.json | Bump Linux x64 artifact package version to 11.5.1. |
| pnpm/artifacts/linux-x64-musl/package.json | Bump Linux x64 musl artifact package version to 11.5.1. |
| pnpm/artifacts/linux-arm64/package.json | Bump Linux arm64 artifact package version to 11.5.1. |
| pnpm/artifacts/linux-arm64-musl/package.json | Bump Linux arm64 musl artifact package version to 11.5.1. |
| pnpm/artifacts/exe/package.json | Bump standalone exe artifact package version to 11.5.1. |
| pnpm/artifacts/darwin-arm64/package.json | Bump macOS arm64 artifact package version to 11.5.1. |
| pnpm-workspace.yaml | Update catalog dependency promise-share to ^2.0.1. |
| pnpm-lock.yaml | Lockfile update reflecting promise-share@2.0.1 and related snapshot changes. |
| patching/commands/package.json | Bump @pnpm/patching.commands version for release. |
| patching/commands/CHANGELOG.md | Add 1100.1.1 entry (dependency bump). |
| lockfile/make-dedicated-lockfile/package.json | Bump @pnpm/lockfile.make-dedicated-lockfile version for release. |
| lockfile/make-dedicated-lockfile/CHANGELOG.md | Add 1100.0.15 entry (dependency bump). |
| installing/env-installer/package.json | Bump @pnpm/installing.env-installer version for release. |
| installing/env-installer/CHANGELOG.md | Add 1101.1.5 entry (dependency updates). |
| installing/deps-restorer/package.json | Bump @pnpm/installing.deps-restorer version for release. |
| installing/deps-restorer/CHANGELOG.md | Add 1101.1.8 entry (user-agent change). |
| installing/deps-resolver/package.json | Bump @pnpm/installing.deps-resolver version for release. |
| installing/deps-resolver/CHANGELOG.md | Add 1100.1.6 entry (integrity/peer resolution fixes). |
| installing/deps-installer/package.json | Bump @pnpm/installing.deps-installer version for release. |
| installing/deps-installer/CHANGELOG.md | Add 1101.6.1 entry (dependency updates). |
| installing/commands/package.json | Bump @pnpm/installing.commands version for release. |
| installing/commands/CHANGELOG.md | Add 1100.7.1 entry (dependency updates). |
| global/commands/package.json | Bump @pnpm/global.commands version for release. |
| global/commands/CHANGELOG.md | Add 1100.0.24 entry (dependency bump). |
| exec/commands/package.json | Bump @pnpm/exec.commands version for release. |
| exec/commands/CHANGELOG.md | Add 1100.2.1 entry (dependency bumps). |
| engine/pm/commands/package.json | Bump @pnpm/engine.pm.commands version for release. |
| engine/pm/commands/CHANGELOG.md | Add 1101.1.19 entry (dependency updates). |
| deps/status/package.json | Bump @pnpm/deps.status version for release. |
| deps/status/CHANGELOG.md | Add 1100.0.21 entry (dependency bump). |
| deps/inspection/commands/package.json | Bump @pnpm/deps.inspection.commands version for release. |
| deps/inspection/commands/CHANGELOG.md | Add 1100.3.3 entry (dependency bump). |
| deps/compliance/commands/package.json | Bump @pnpm/deps.compliance.commands version for release. |
| deps/compliance/commands/CHANGELOG.md | Add 1101.3.1 entry (dependency updates). |
| deps/compliance/audit/package.json | Bump @pnpm/deps.compliance.audit version for release. |
| deps/compliance/audit/CHANGELOG.md | Add 1101.0.12 entry (audit perf change). |
| building/commands/package.json | Bump @pnpm/building.commands version for release. |
| building/commands/CHANGELOG.md | Add 1100.1.1 entry (dependency bump). |
| agent/server/package.json | Bump pnpm-agent version for release. |
| agent/server/CHANGELOG.md | Add 0.0.21 entry (license note + dependency bump). |
| .changeset/twelve-peers-diamond.md | Remove released changeset (archived via .changeset-released). |
| .changeset/steady-optional-peers.md | Remove released changeset (archived via .changeset-released). |
| .changeset/publish-normalize-repository.md | Remove released changeset (archived via .changeset-released). |
| .changeset/preserve-tarball-integrity-on-reresolution.md | Remove released changeset (archived via .changeset-released). |
| .changeset/pnpm-agent-shield-license.md | Remove released changeset (archived via .changeset-released). |
| .changeset/lucky-user-agent.md | Remove released changeset (archived via .changeset-released). |
| .changeset/fix-workspace-state-race.md | Remove released changeset (archived via .changeset-released). |
| .changeset/audit-path-traversal-performance.md | Remove released changeset (archived via .changeset-released). |
| .changeset-released/release-11-5-1.txt | Record released changeset IDs for the 11.5.1 release. |
Files not reviewed (1)
- pnpm-lock.yaml: Language not supported
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # @pnpm/exportable-manifest | ||
|
|
||
| ## 1100.1.2 |
| - d99b725: `pnpm-agent` is now source-available under the [PolyForm Shield License 1.0.0](https://polyformproject.org/licenses/shield/1.0.0) instead of MIT. It may be run, modified, and self-hosted for any purpose except providing a product that competes with it. | ||
| - @pnpm/installing.deps-installer@1101.6.1 |
Release of pnpm 11.5.1.
Shipped in this release (pnpm CLI)
pnpm auditperformance — prune non-vulnerable lockfile subtrees and stop path enumeration once vulnerable findings reach the path cap. #12087npm_config_user_agentfor root lifecycle scripts during headless installs. #12092integrityfield of a remote (non-registry) tarball dependency on re-resolution — fixes later installs failing withERR_PNPM_MISSING_TARBALL_INTEGRITY. #12096 (closes #12067)repositoryfield into the{ type, url }object form in the publish manifest — fixes registries such as Gitea/Codeberg rejectingpnpm publishwith a 500 error. #12109 (closes #12099)Written by an agent (Claude Code, claude-opus-4-8).
Summary by CodeRabbit
Bug Fixes
pnpm auditperformance with optimized lockfile pruningChanges
Chores