Skip to content

v7.15.0
Compare
Choose a tag to compare
@github-actions github-actions released this 09 Nov 23:20
· 1127 commits to main since this release
v7.15.0
This tag was signed with the committer’s verified signature.
zkochan Zoltan Kochan
GPG key ID: 649E4D4AF74E7DEC
Learn about vigilant mode.
a276532
This commit was signed with the committer’s verified signature.
zkochan Zoltan Kochan
GPG key ID: 649E4D4AF74E7DEC
Learn about vigilant mode.

Minor Changes

  • Support --format=json option to output outdated packages in JSON format with outdated command #2705.

    pnpm outdated --format=json
#or
pnpm outdated --json

  • A new setting supported for ignoring vulnerabilities by their CVEs. The ignored CVEs may be listed in the pnpm.auditConfig.ignoreCves field of package.json. For instance:

    {
  "pnpm": {
    "auditConfig": {
      "ignoreCves": [
        "CVE-2019-10742",
        "CVE-2020-28168",
        "CVE-2021-3749",
        "CVE-2020-7598"
      ]
    }
  }
}

Patch Changes

  • The reporter should not crash when the CLI process is kill during lifecycle scripts execution #5588.
  • Installation shouldn't fail when the injected dependency has broken symlinks. The broken symlinks should be just skipped #5598.

Our Gold Sponsors

Our Silver Sponsors
Assets 9