|
| 1 | +--- |
| 2 | +title: What's New |
| 3 | +description: High-level summary of changes to syncpack's public API and documentation since v15.0.0 |
| 4 | +sidebar: |
| 5 | + badge: New |
| 6 | +--- |
| 7 | + |
| 8 | +import { Badge } from "@astrojs/starlight/components"; |
| 9 | + |
| 10 | +## Range Only version group <Badge text="15.3.0" variant="note" /> |
| 11 | + |
| 12 | +[`semverRangeOnly`](VERSION_GROUP_RANGE_ONLY) enforces a consistent semver range prefix (`^`, `~`, exact) across instances without syncing the version numbers themselves. |
| 13 | + |
| 14 | +## Update summary lists only accepted updates <Badge text="15.3.0" variant="note" /> |
| 15 | + |
| 16 | +The summary printed after choosing updates to apply using [`syncpack update --interactive`](COMMAND_UPDATE) now lists only the updates you actually applied, rather than every candidate found. |
| 17 | + |
| 18 | +## Optionally override autofix per status code <Badge text="15.2.0" variant="note" /> |
| 19 | + |
| 20 | +The [`severity`](REF_SEVERITY) map on a version group lets you disable autofixing on a per-[status code](REF_STATUS_CODES) basis, and instead error or warn. |
| 21 | + |
| 22 | +```jsonc title=".syncpackrc.json" |
| 23 | +{ |
| 24 | + "versionGroups": [ |
| 25 | + { |
| 26 | + "dependencies": ["lodash"], |
| 27 | + "isBanned": true, |
| 28 | + "severity": { "IsBanned": "warn" }, |
| 29 | + }, |
| 30 | + ], |
| 31 | +} |
| 32 | +``` |
| 33 | + |
| 34 | +## Extend source patterns instead of replacing <Badge text="15.2.0" variant="note" /> |
| 35 | + |
| 36 | +A new [`sourceMode`](CONFIG_SOURCE_MODE) option (and `--source-mode` flag) can override the default of `"replace"` to use `"extend"` to append your package.json glob patterns to those discovered from `workspaces` / `pnpm-workspace.yaml` / `lerna.json`. |
| 37 | + |
| 38 | +## Non-`package.json` files as sources <Badge text="15.2.0" variant="note" /> |
| 39 | + |
| 40 | +A fairly niche feature request, but the [`source`](CONFIG_SOURCE) option now accepts other `.json` filenames than `package.json` when explicitly listed. Some bugs with Glob and gitignore matching were also fixed in this release. |
| 41 | + |
| 42 | +## Update Groups <Badge text="15.1.1" variant="note" /> |
| 43 | + |
| 44 | +[`updateGroups`](CONFIG_UPDATE_GROUPS) control how and whether various parts of your monorepo should be updated from the npm registry. See [Targeted](UPDATE_GROUP_TARGETED) and [Ignored](UPDATE_GROUP_IGNORED). |
| 45 | + |
| 46 | +```jsonc title=".syncpackrc.json" |
| 47 | +{ |
| 48 | + "updateGroups": [ |
| 49 | + { "dependencies": ["storybook", "@storybook/**"], "target": "patch" }, |
| 50 | + { "dependencyTypes": ["dev"], "target": "minor" }, |
| 51 | + { "dependencyTypes": ["peer"], "isIgnored": true }, |
| 52 | + ], |
| 53 | +} |
| 54 | +``` |
| 55 | + |
| 56 | +When both the CLI's `--target` and a group's `target` apply, the **stricter** of the two wins. |
| 57 | + |
| 58 | +## Interactive update picker <Badge text="15.1.1" variant="note" /> |
| 59 | + |
| 60 | +`syncpack update --interactive` opens a keyboard-driven picker so you choose which updates to apply. Use `space` to toggle, `a` to toggle all, `enter` to confirm. |
| 61 | + |
| 62 | +## Registry response caching <Badge text="15.1.1" variant="note" /> |
| 63 | + |
| 64 | +Registry responses are cached on disk for 30 minutes by default to avoid repeat network calls. Pass `--no-cache` to bypass for the current run. |
| 65 | + |
| 66 | +## pnpm and Bun catalogs <Badge text="15.0.0" variant="note" /> |
| 67 | + |
| 68 | +Full support for the `catalog:` protocol. Define a dependency's version once and have every package consume it via `catalog:` or `catalog:{name}`. |
| 69 | + |
| 70 | +- New [Catalog](VERSION_GROUP_CATALOG) version group enforces that matched dependencies live in a catalog and are consumed via the protocol. |
| 71 | +- Syncpack writes catalog entries to `pnpm-workspace.yaml` (pnpm) or the root `package.json` (Bun), creating the implicit `default` catalog at fix time when one does not yet exist. |
| 72 | +- Filter updates by catalog: `syncpack update --dependency-types pnpmCatalog`, or by named catalog: `pnpmCatalog:react18`. |
| 73 | + |
| 74 | +## minimumReleaseAge <Badge text="15.0.0" variant="note" /> |
| 75 | + |
| 76 | +[`minimumReleaseAge`](CONFIG_MINIMUM_RELEASE_AGE) excludes versions published more recently than the configured window, reducing supply-chain attack risk. Defaults to `1440` minutes (one day). Inherits from `pnpm-workspace.yaml` when unset; set `0` to disable. |
| 77 | + |
| 78 | +## pnpmOverrides reads from pnpm-workspace.yaml <Badge text="15.0.0" variant="danger" /> |
| 79 | + |
| 80 | +**Breaking change.** The default `pnpmOverrides` dependency type now reads `overrides` from `pnpm-workspace.yaml` instead of `pnpm.overrides` in `package.json`. See the [v15 migration guide](GUIDE_MIGRATE_V15) for how to restore the legacy behaviour with `pnpmOverridesLegacy`. |
0 commit comments