mirror/pnpm
1
0
Fork 0
mirror of https://github.com/pnpm/pnpm.git synced 2026-06-28 09:55:39 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
511e74200d00a9c4706cb22433da1cbef7d7c310
pnpm/installing/deps-resolver/src
History
Zoltan Kochan fe66535046 fix: converge incremental install by refreshing stale transitive pins (#12472) 
When a package is reused from the lockfile, its child edges are taken
verbatim and bypass the preferred-versions walk, so a transitive
dependency can stay pinned to an older version even after a direct
dependency resolved to a higher version that satisfies the same range —
leaving the lockfile non-convergent (an incremental install keeps a
duplicate that a fresh install would not).

The resolver now refreshes such a stale pin to the higher
direct-dependency version during resolution, via `preferredVersion`
(singular), which overrides the EXISTING_VERSION_SELECTOR_WEIGHT stability
bias. The older version is never resolved or fetched, and the incremental
result converges to what a fresh install produces. The pick is anchored to
direct dependencies (which resolve first), so it restores the automatic
dedupe removed in pnpm/pnpm#11110 without reintroducing its
non-determinism, and unlike the post-pass in pnpm/pnpm#11502 it does not
over-fetch.

pacquet is ported in the same change. Its full-subtree lockfile reuse is
coarser than pnpm's per-edge reuse, so it records per importer which direct
deps changed and their resolved versions, declines full-subtree reuse for a
parent that depends on a changed direct dep, and forces the higher version
in the child walk. Range satisfaction uses plain semver (not
prerelease-inclusive), matching pnpm's semver.satisfies(.., true).
2026-06-18 10:59:15 +02:00
..
dedupeInjectedDeps.ts
fix: dedupe workspace deps with children in single-project mode (#11448)
2026-06-17 13:37:09 +02:00
depPathToRef.ts
refactor: rename deps-resolver and env-installer packages (#11013)
2026-03-18 21:52:01 +01:00
getCatalogSnapshots.ts
refactor: rename deps-resolver and env-installer packages (#11013)
2026-03-18 21:52:01 +01:00
getExactSinglePreferredVersions.ts
refactor: rename deps-resolver and env-installer packages (#11013)
2026-03-18 21:52:01 +01:00
getNonDevWantedDependencies.ts
fix: reject path-traversal segments in dependency aliases (#11954)
2026-05-26 17:25:25 +02:00
getWantedDependencies.ts
fix: reject path-traversal segments in dependency aliases (#11954)
2026-05-26 17:25:25 +02:00
hoistPeers.ts
fix(deps-resolver): preserve locked optional peer candidates (#12075)
2026-06-02 07:30:52 +02:00
index.ts
fix: contain hoisted dependency aliases (GHSA-fr4h-3cph-29xv) (#12343)
2026-06-12 09:46:57 +02:00
linkPathToPeerVersion.ts
fix: preserve pnpm 10 peer suffix encoding for linked paths (#11297)
2026-04-19 12:57:16 +02:00
mergePeers.ts
refactor: rename deps-resolver and env-installer packages (#11013)
2026-03-18 21:52:01 +01:00
nextNodeId.ts
refactor: rename deps-resolver and env-installer packages (#11013)
2026-03-18 21:52:01 +01:00
parentIdsContainSequence.ts
refactor: rename deps-resolver and env-installer packages (#11013)
2026-03-18 21:52:01 +01:00
replaceVersionInBareSpecifier.ts
feat: add support for github prefix and named registries (#11324)
2026-04-29 12:38:56 +02:00
resolveDependencies.ts
fix: converge incremental install by refreshing stale transitive pins (#12472)
2026-06-18 10:59:15 +02:00
resolveDependencyTree.ts
fix(deps-resolver): make shared children resolution deterministic (#12362)
2026-06-12 21:12:58 +02:00
resolvePeers.ts
fix(resolver): stabilize transitivePeerDependencies in dependency cycles (#12286)
2026-06-16 13:39:37 +00:00
safeIsInnerLink.ts
refactor: rename deps-resolver and env-installer packages (#11013)
2026-03-18 21:52:01 +01:00
toResolveImporter.ts
fix(update): handle mixed direct and transitive selectors (#12105)
2026-06-17 07:29:57 +02:00
unwrapPackageName.ts
refactor: rename deps-resolver and env-installer packages (#11013)
2026-03-18 21:52:01 +01:00
updateLockfile.ts
fix: preserve integrity of remote tarball dependencies on re-resolution (#12096)
2026-06-01 16:06:59 +02:00
updateProjectManifest.ts
fix: preserve workspace specs on update (#12140)
2026-06-16 23:38:05 +00:00
validateDependencyAlias.ts
fix: reject path-traversal segments in dependency aliases (#11954)
2026-05-26 17:25:25 +02:00
validatePeerDependencies.ts
refactor: rename deps-resolver and env-installer packages (#11013)
2026-03-18 21:52:01 +01:00
wantedDepIsLocallyAvailable.ts
chore: update all dependencies to latest versions (#11032)
2026-03-19 23:28:53 +01:00