2025-12-15 23:04:00 +01:00
4 changed files with 56 additions and 5 deletions
--- a/pnpm-10.23.0.tgz
+++ b/pnpm-10.23.0.tgz
--- a/pnpm-10.25.0.tgz
+++ b/pnpm-10.25.0.tgz
--- a/pnpm.changes
+++ b/pnpm.changes
@@ -1,8 +1,59 @@
+-------------------------------------------------------------------
+Sat Dec 13 12:41:20 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
+
+- update to 10.25.0:
+  * Minor Changes
+    - Allow loading certificates from cert, ca, and key for
+      specific registry URLs. E.g.,
+      //registry.example.com/:ca=-----BEGIN CERTIFICATE-----....
+      Previously this was only working via certfile, cafile, and
+      keyfile.
+      These properties are supported in .npmrc, but were ignored by
+      pnpm, this will make pnpm read and use them as well.
+      Related PR: #10230.
+    - Added a new flag called --bare to pnpm init for creating a
+      package.json with the bare minimum of required fields #10226.
+  * Patch Changes
+    - Improved reporting of ignored dependency scripts #10276.
+    - pnpm install should build any dependencies that were added to
+      onlyBuiltDependencies and were not built yet #10256.
+    - pnpm publish -r --force should allow to run publish over
+      already existing versions in the registry #10272.
+    - Don't fail with a ERR_PNPM_MISSING_TIME error if a package
+      that is excluded from trust policy checks is missing the time
+      field in the metadata.
+
+-------------------------------------------------------------------
+Sat Dec 13 12:35:54 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
+
+- update to 10.24.0:
+  * Minor Changes
+    - Increased network concurrency on machines with many CPU
+      cores. pnpm now automatically selects a network concurrency
+      between 16 and 64, based on the number of pnpm workers
+      (calculated as workers × 3). This improves performance on
+      high-core systems #10068.
+  * Patch Changes
+    - trustPolicy should ignore the trust evidences of prerelease
+      versions, when installing a non-prerelease version.
+    - Handle ENOENT errors thrown by fs.linkSync(), which can occur
+      in containerized environments (OverlayFS) instead of EXDEV.
+      The operation now gracefully falls back to fs.copyFileSync()
+      in these cases #10217.
+    - Reverted: pnpm self-update should download pnpm from the
+      configured npm registry #10205.
+    - Packages that don't have a package.json file (like Node.js)
+      should not be reimported from the store on every install.
+      Another file from the package should be checked in order to
+      verify its presence in node_modules.
+    - Correctly read auth tokens for URLs that contain underscores
+      #17.
+
 -------------------------------------------------------------------
 Sun Nov 23 09:07:44 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>

 - update to 10.23.0:
-* Minor Changes
+  * Minor Changes
    - Added --lockfile-only option to pnpm list #10020.
  * Patch Changes
    - pnpm self-update should download pnpm from the configured npm
--- a/pnpm.spec
+++ b/pnpm.spec
@@ -23,7 +23,7 @@
 %global __nodejs_provides %{nil}
 %global __nodejs_requires %{nil}
 Name:           pnpm
-Version:        10.23.0
+Version:        10.25.0
 Release:        0
 Summary:        Fast, disk space efficient package manager
 License:        MIT