mirror of https://github.com/pnpm/pnpm.git synced 2026-03-28 12:01:37 -04:00

Files

roysandrew 143ca78d09 fix(npm-resolver): respect version constraints when falling back to workspace packages (#10704 )

* fix(npm-resolver): respect version constraints when falling back to workspace packages

When link-workspace-packages=true, the fallback resolution paths (registry 404
and no matching registry version) pass update: Boolean(opts.update) to
tryResolveFromWorkspacePackages. On fresh installs without a lockfile entry,
opts.update is 'compatible' (truthy), which overrides the version spec to '*'
and matches any workspace package regardless of version.

Change both fallback call sites to pass update: false so version constraints
are always respected for non-workspace-protocol dependencies. The workspace:
protocol path returns before these blocks and correctly continues to use
opts.update.

Close #10173

* test: clarify npm-resolver test names for workspace version mismatch scenarios

---------

Co-authored-by: Zoltan Kochan <z@kochan.io>

2026-02-28 01:52:38 +01:00

src

fix(npm-resolver): respect version constraints when falling back to workspace packages (#10704 )

2026-02-28 01:52:38 +01:00

test

fix(npm-resolver): respect version constraints when falling back to workspace packages (#10704 )

2026-02-28 01:52:38 +01:00

CHANGELOG.md

chore(release): 10.20.0

2025-10-28 17:35:21 +01:00

example.js

refactor: rename pref to bare specifier (#9445 )

2025-04-20 22:58:08 +02:00

package.json

feat!: drop Node.js 22.12 support

2026-02-18 14:54:09 +01:00

README.md

refactor: rename pref to bare specifier (#9445 )

2025-04-20 22:58:08 +02:00

tsconfig.json

perf: migrate internal cache and index files to MessagePack serialization (#10500 )

2026-01-23 01:31:09 +01:00

tsconfig.lint.json

refactor: put all non-public projects to directories that start with __

2022-11-20 02:40:44 +02:00

README.md

@pnpm/npm-resolver

Resolver for npm-hosted packages

Installation

pnpm add @pnpm/npm-resolver

Usage

'use strict'
const createResolveFromNpm = require('@pnpm/npm-resolver').default

const resolveFromNpm = createResolveFromNpm({
  store: '.store',
  offline: false,
  rawConfig: {
    registry: 'https://registry.npmjs.org/',
  },
})

resolveFromNpm({alias: 'is-positive', bareSpecifier: '1.0.0'}, {
  registry: 'https://registry.npmjs.org/',
})
.then(resolveResult => console.log(JSON.stringify(resolveResult, null, 2)))
//> {
//    "id": "registry.npmjs.org/is-positive/1.0.0",
//    "latest": "3.1.0",
//    "package": {
//      "name": "is-positive",
//      "version": "1.0.0",
//      "devDependencies": {
//        "ava": "^0.0.4"
//      },
//      "_hasShrinkwrap": false,
//      "directories": {},
//      "dist": {
//        "shasum": "88009856b64a2f1eb7d8bb0179418424ae0452cb",
//        "tarball": "https://registry.npmjs.org/is-positive/-/is-positive-1.0.0.tgz"
//      },
//      "engines": {
//        "node": ">=0.10.0"
//      }
//    },
//    "resolution": {
//      "integrity": "sha1-iACYVrZKLx632LsBeUGEJK4EUss=",
//      "registry": "https://registry.npmjs.org/",
//      "tarball": "https://registry.npmjs.org/is-positive/-/is-positive-1.0.0.tgz"
//    },
//    "resolvedVia": "npm-registry"
//  }

License

MIT