Tweaks-,--verbose inyarn workspaces foreach;-v will now only print the prefixes,-vv will be necessary to also print the timings.
Adds a new--json option toyarn run when called without script name
Fixesnode-modules linkerlink: dependencies mistreatment as inner workspaces, when they point to a parent folder of a workspace
Fixes spurious "No candidates found" errors
Fixes missing executable permissions when usingnodeLinker: pnpm
Fixes packages being incorrectly flagged as optional
Fixes cache key corruptions due to uncontrolled git merges
Fixesyarn version apply --all --dry-run making unexpected changes
Fixesyarn npm login when the remote registry is Verdaccio
TheZipFS andZipOpenFS classes have been moved from@yarnpkg/fslib to@yarnpkg/libzip. They no longer need or accept thelibzip parameter.
- Reading the zip archives is now done on the Node.js side for performance; as a result, the
open,ZIP_CREATE, andZIP_TRUNCATE bindings are no longer needed forZipFS and have also been removed.
Thedependencies field sent returned byResolver#resolve must now be the result of aConfiguration#normalizeDependencyMap call. This change is prompted by a refactoring of how default protocols (ienpm:) are injected into descriptors. The previous implementation caused various descriptors to never be normalized, which made it difficult to know what were the descriptors each function should expect.
Similarly, the descriptors returned byResolve#getResolutionDependencies are now expected to be the result ofConfiguration#normalizeDependency calls.
Note that this only applies to thedependencies field; thepeerDependencies field is unchanged, as it must only contains semver ranges without any protocol (with an exception forworkspace:, but that's not relevant here).
TheResolve#getResolutionDependencies function must now return an object of arbitrary string keys and descriptor values (instead of a map withDescriptorHash keys). Those descriptors will be resolved and assigned to the same keys as the initial object. This change allows resolvers to wrap resolution dependencies from other resolvers, which wasn't possible before since it'd have caused the key to change.
ThegenerateLoader function in@yarnpkg/pnp no longer generates the$$SETUP_STATE function, it now needs to be present in theloader passed to the function.
ThegetCustomDataKey function inInstaller from@yarnpkg/core has been moved toLinker.
renderForm'soptions argument is now required to enforce that custom streams are always specified.
npmConfigUtils.getAuditRegistry no longer takes aManifest as its first argument.
TheFetchOptions.skipIntegrityCheck option has been removed. UseFetchOptions.cacheOptions.skipIntegrityCheck instead.
MapConfigurationValue has been removed. UsemiscUtils.ToMapValue instead.
Manifest.isManifestFieldCompatible andManifest.prototype.isCompatibleWith{OS,CPU} have been removed. UseManifest.prototype.getConditions andstructUtils.isPackageCompatible instead.
versionUtils.{fetchBase,fetchRoot,fetchChangedFiles} have been moved from@yarnpkg/plugin-version to@yarnpkg/plugin-git. UsegitUtils.{fetchBase,fetchRoot,fetchChangedFiles} instead.
For consistency reasons:
Link{Resolver,Fetcher} have been renamed toPortal{Resolver,Fetcher}RawLink{Resolver,Fetcher} have been renamed toLink{Resolver,Fetcher}
FakeFS classes are now required to implementlutimes{Sync,Promise}.
workspace.dependencies has been removed. Useworkspace.anchoredPackage.dependencies instead.
TheInstaller class must now returnBuildRequest structures instead ofBuildDirective[]. This lets you mark that the build must be skipped, and the reason why.
startCacheReport has been removed, and is now part of the output generated byfetchEverything.
forgettableNames &forgettableBufferSize have been removed (the only messages using them have been removed, making the forgettable logs implementation obsolete).
workspace.locator has been removed. You can instead use:
workspace.anchoredLocator to get the locator that's used throughout the dependency tree.workspace.manifest.version to get the workspace version.
configuration.{packageExtensions,refreshPackageExtensions} have been removed. Useconfiguration.getPackageExtensions instead.
configuration.normalizePackage now requires apackageExtensions option.
ProjectLookup has been removed. BothConfiguration.find andConfiguration.findProjectCwd now always do a lockfile lookup.
This PR contains the following updates:
3.8.2->4.9.1Release Notes
yarnpkg/berry (yarn)
v4.9.1Compare Source
v4.9.0Compare Source
v4.8.1Compare Source
v4.8.0Compare Source
v4.7.0Compare Source
v4.6.0Compare Source
v4.5.3Compare Source
v4.5.2Compare Source
v4.5.1Compare Source
v4.5.0Compare Source
v4.4.1Compare Source
v4.4.0Compare Source
v4.3.1Compare Source
v4.3.0Compare Source
v4.2.2Compare Source
v4.2.1Compare Source
v4.2.0Compare Source
v4.1.1Compare Source
v4.1.0Compare Source
Tweaks
-,--verboseinyarn workspaces foreach;-vwill now only print the prefixes,-vvwill be necessary to also print the timings.Adds a new
--jsonoption toyarn runwhen called without script nameFixes
node-moduleslinkerlink:dependencies mistreatment as inner workspaces, when they point to a parent folder of a workspaceFixes spurious "No candidates found" errors
Fixes missing executable permissions when using
nodeLinker: pnpmFixes packages being incorrectly flagged as optional
Fixes cache key corruptions due to uncontrolled git merges
Fixes
yarn version apply --all --dry-runmaking unexpected changesFixes
yarn npm loginwhen the remote registry is Verdacciov4.0.2Compare Source
v4.0.1Compare Source
node-moduleslinker when inner workspace depends on outer workspaceyarn npm audit --ignore NUMwhich didn't apply to deprecationsyarn npm audit --jsonwhich didn't print the right output format@yarnpkg/coreyarn explain peer-requirementscommandv4.0.0Compare Source
Major Changes
With Node.js 16'snow being End of Life'd, we dropped support for Node.js versions lower than 18.12.
Some important defaults have changed:
yarn initandyarn set versionwill prefer usingpackageManagerrather thanyarnPathwhen possible (when they detectCOREPACK_ROOTin your environment variables).yarn initwill no longer use zero-install by default. You still can enable it, but it should make it easier to start one-of projects without having to rewrite the configuration afterwards.enableGlobalCachenow defaults totrue. If your project uses Zero-Installs, the firstyarn installyou run after migrating to 4.0 will automatically setenableGlobalCache: falsein your local.yarnrc.yml.yarn workspaces foreachnow requires one of--all,--recursive,--since, or--worktreeto be explicitly specified; the previous default was--worktree, but it was rarely what users expected.compressionLevelnow defaults to0rather thanmixed. It's been proved significantly faster on installs, and the size impact was reasonable enough to change the default. Note that it benefits youeven if you use Zero-Installs: as per our tests, a zero-compression is actually easier to handle for Git (you can see by yourself with those examples usingcompressionLevel: 0vscompressionLevel: mixed).yarn installafter migrating from 3.6 to 4.0. If you do, it will automatically set the old default (compressionLevel: mixed) in your.yarnrc.ymlfile. You can then remove it whenever you feel ready to actually change the compression settings.All official Yarn plugins are now included by default in the bundle we provide. You no longer need to run
yarn plugin importforofficial plugins (you still need to do it for third-party plugins, of course).Yarn's UI during installs has been greatly improved:
node-gypand transitive peer dependency errors) have been removed.yarn rebuildcalls.yarn npm audit.Some settings were renamed or removed:
caFilePathis nowhttpsCaFilePathpreferAggregateCacheInfohas been removed (it's now always on)pnpDataPathhas been removed to adhere to our newPnP specification. For consistency, all PnP files will now be hardcoded to a single value so that third-party tools can implement the PnP specification without relying on the Yarn configuration.The
yarn npm auditcommand has been reimplemented:/-/npm/v1/security/advisories/bulkendpoint.npmAuditRegistrycan be used to temporarily route audit queries to the npm registry.yarn npm audit ! --no-deprecations.Some legacy layers have been sunset:
.pnp.jsfile when migrating.--assume-fresh-projectflag ofyarn inithas been removed.API Changes
The following changes only affect people writing Yarn plugins:
The
ZipFSandZipOpenFSclasses have been moved from@yarnpkg/fslibto@yarnpkg/libzip. They no longer need or accept thelibzipparameter.open,ZIP_CREATE, andZIP_TRUNCATEbindings are no longer needed forZipFSand have also been removed.The
dependenciesfield sent returned byResolver#resolvemust now be the result of aConfiguration#normalizeDependencyMapcall. This change is prompted by a refactoring of how default protocols (ienpm:) are injected into descriptors. The previous implementation caused various descriptors to never be normalized, which made it difficult to know what were the descriptors each function should expect.Similarly, the descriptors returned by
Resolve#getResolutionDependenciesare now expected to be the result ofConfiguration#normalizeDependencycalls.Note that this only applies to the
dependenciesfield; thepeerDependenciesfield is unchanged, as it must only contains semver ranges without any protocol (with an exception forworkspace:, but that's not relevant here).The
Resolve#getResolutionDependenciesfunction must now return an object of arbitrary string keys and descriptor values (instead of a map withDescriptorHashkeys). Those descriptors will be resolved and assigned to the same keys as the initial object. This change allows resolvers to wrap resolution dependencies from other resolvers, which wasn't possible before since it'd have caused the key to change.The
generateLoaderfunction in@yarnpkg/pnpno longer generates the$$SETUP_STATEfunction, it now needs to be present in theloaderpassed to the function.The
getCustomDataKeyfunction inInstallerfrom@yarnpkg/corehas been moved toLinker.renderForm'soptionsargument is now required to enforce that custom streams are always specified.npmConfigUtils.getAuditRegistryno longer takes aManifestas its first argument.The
FetchOptions.skipIntegrityCheckoption has been removed. UseFetchOptions.cacheOptions.skipIntegrityCheckinstead.MapConfigurationValuehas been removed. UsemiscUtils.ToMapValueinstead.Manifest.isManifestFieldCompatibleandManifest.prototype.isCompatibleWith{OS,CPU}have been removed. UseManifest.prototype.getConditionsandstructUtils.isPackageCompatibleinstead.versionUtils.{fetchBase,fetchRoot,fetchChangedFiles}have been moved from@yarnpkg/plugin-versionto@yarnpkg/plugin-git. UsegitUtils.{fetchBase,fetchRoot,fetchChangedFiles}instead.For consistency reasons:
Link{Resolver,Fetcher}have been renamed toPortal{Resolver,Fetcher}RawLink{Resolver,Fetcher}have been renamed toLink{Resolver,Fetcher}FakeFSclasses are now required to implementlutimes{Sync,Promise}.workspace.dependencieshas been removed. Useworkspace.anchoredPackage.dependenciesinstead.The
Installerclass must now returnBuildRequeststructures instead ofBuildDirective[]. This lets you mark that the build must be skipped, and the reason why.startCacheReporthas been removed, and is now part of the output generated byfetchEverything.forgettableNames&forgettableBufferSizehave been removed (the only messages using them have been removed, making the forgettable logs implementation obsolete).workspace.locatorhas been removed. You can instead use:workspace.anchoredLocatorto get the locator that's used throughout the dependency tree.workspace.manifest.versionto get the workspace version.configuration.{packageExtensions,refreshPackageExtensions}have been removed. Useconfiguration.getPackageExtensionsinstead.configuration.normalizePackagenow requires apackageExtensionsoption.ProjectLookuphas been removed. BothConfiguration.findandConfiguration.findProjectCwdnow always do a lockfile lookup.Installs
pnpmlinker avoids creating symlinks that lead to loops on the file system, by moving them higher up in the directory structure.pnpmlinker no longer reports duplicate "incompatible virtual" warnings.Features
enableOfflineModeis a new setting that, when set, will instruct Yarn to only use the metadata and archives already stored on the local machine rather than download them from the registry. This can be useful when performing local development under network-constrained environments (trains, planes, ...).yarn run binnow injects the environment variables defined in.env.yarnwhen spawning a process. This can be configured using theinjectEnvironmentFilesvariable.yarn workspaces foreachnow automatically enables theyarn workspaces foreach ! --verboseflag in interactive terminals.Bugfixes
yarn dlxwill no longer report false-positiveUNUSED_PACKAGE_EXTENSIONwarningsyarn workspacewill now set$INIT_CWDto the CLI working directory rather than the workspace root.Shell
Compatibility
FileHandle.readLines.v3.8.7Compare Source
v3.8.6Compare Source
v3.8.5Compare Source
v3.8.4Compare Source
v3.8.3Compare Source
Configuration
📅Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated byMend Renovate. View therepository job log.