Releases: JamieMason/syncpack
15.3.1
15.3.0
15.3.0 (2026-05-18)
Adds a new Range Only Version Group to close the gap left behind by lint-semver-ranges and set-semver-ranges prior to the Rust rewrite in syncpack v14.
This version group loosens syncpack to only enforce that every dependency uses the semver range prefix required by its semver group, ^, ~, exact, etc. and ignores the version number. This is useful when you want to standardise how packages pin their dependencies, but are otherwise not ready or don't want to enforce a specific version they all should use.
Features
15.2.0
15.2.0 (2026-05-17)
The main changes are 2 new config properties:
- An optional
severityproperty on Version Groups, to override the default behaviour of each status code tofix,error, orwarn(requested by #325 and #216). - An optional
sourceModeconfig lets youextendthe package.json files discovered via your package manager, instead of the default ofreplace.
Features
- config: allow autofix to be optionally disabled (d589d3e), closes #325 #216
- config: allow other .json files when explicitly set (5c83a60), closes #333
- config: allow sources to append rather than replace (99cc046), closes #205
Bug Fixes
15.1.2
15.1.2 (2026-05-10)
This release adds a new syncpack update --interactive option, a 30 minute TTL cache which can be skipped with a new syncpack update --no-cache option, and Update Groups to set policies for if and how various dependencies should be updated.
Features
- config: add updateGroups to set registry update policies (bd7573e), closes #244
- update: add --interactive prompt (8b1334a)
- update: cache registry responses for 30mins (08bd28c)
Bug Fixes
15.1.1
15.0.0
15.0.0 (2026-05-04)
This release adds full support for pnpm catalogs and bun catalogs. Your default catalog, named catalogs, and all of the entries within them are now first-class citizens in syncpack and can be grouped, targeted, updated, or even banned like any other dependency in your project.
A new Catalog Version Group lets you auto-migrate all or parts of your repo to use catalogs and ensures that the correct catalogs are always used in the future. syncpack update --dependency-types pnpmCatalog will update your default catalog with the latest versions from the npm registry, and Semver Groups can target your catalogs to ensure they always use exact version numbers (or ~, ^ etc).
There is also a new minimumReleaseAge config which defaults to your pnpm configuration, if neither are set then it will default to 1 day.
The customTypes docs have been rewritten and some catalogs examples have been added to the syncpack update docs.
Finally there is a new Migrate to 15 which repeats what is below, you should only be affected if you're on older versions of pnpm and using overrides.
With this huge overhaul to support all this catalogs functionality, there may be some new lint errors that appear, but I don't expect so as most of the behaviour is opt-in via you setting a "policy": "catalog" for parts of your monorepo.
Finally – syncpack is free and always will be, just please help us spread the word and spare a moment to share us on your socials.
⚠ BREAKING CHANGES
pnpmOverrides now reads pnpm-workspace.yaml
The default pnpmOverrides dependency type now reads overrides from pnpm-workspace.yaml instead of pnpm.overrides in package.json. This matches pnpm's current convention for managing overrides.
Restoring the legacy behaviour
If your overrides still live in package.json under pnpm.overrides, define pnpmOverridesLegacy in your config to point at the legacy location:
{
"customTypes": {
"pnpmOverridesLegacy": {
"strategy": "versionsByName",
"path": "pnpm.overrides"
}
}
}The default pnpmOverrides continues to manage the YAML location.
Features
- groups: add full pnpm/bun catalogs support (53d54e0), closes #258
- pnpm: read pnpmOverrides from pnpm-workspace.yaml (72ce5ef), closes #304
- update: add minimumReleaseAge and default to 1 day (a6648ab), closes #302
Bug Fixes
- cargo: update dependencies (a375df4)
- cli: do not display --version and --help as errors (2abe490), closes #331
- cli: fix panic when using --config option (76f1553), closes #332
- config: prevent ERR_UNSUPPORTED_ESM_URL_SCHEME on Windows (127ae12), closes #327 #328
- core: widen detection of pnpm and bun projects (be883f5)
- npm: detect musl libc to resolve correct binary (89d5654), closes #329
- rust: update edition from 2021 to 2024 (efad1b5)
14.3.1
14.3.0
14.2.1
14.2.1 (2026-03-21)
Bug Fixes
- cargo: update dependencies (c6b8a0c)
Performance Improvements
- core: avoid clone when reading props (e1dea16)
- core: avoid reserialising json to compare (422a26a)
- core: detect indent/newline once (e476300)
- specifier: lazily create node_[range|version] (cc1eac7)
- specifier: optimise parsing (9a91292)
syncpack list in seconds (lower is better)
14.2.1 │ ██ 0.155s
14.2.0 │ ███ 0.196s
14.1.0 │ ███ 0.196s
14.0.2 │ ██ 0.167s
14.0.1 │ ███ 0.190s
14.0.0 │ ██ 0.160s
13.0.4 │ ████████████████████████████████████████ 2.699s
13.0.3 │ ████████████████████████████████████████ 2.699s
13.0.2 │ ████████████████████████████████████████ 2.697s
13.0.1 │ ████████████████████████████████████████ 2.696s
13.0.0 │ █████████████████████████████████████ 2.528s
12.4.0 │ ███████████████████████████████████ 2.363s
12.3.3 │ ████████████████████████████████████ 2.410s
12.3.2 │ ███████████████████████████████████ 2.340s
12.3.1 │ ███████████████████████████████████ 2.394s
12.3.0 │ ███████████████████████████████████ 2.377s
12.2.0 │ ████████████████████████████████████████ 2.708s
12.1.0 │ ██████████████████████████████ 2.006s
12.0.1 │ ███████████████████████████████ 2.106s
12.0.0 │ ███████████████████████████████ 2.104s
11.2.1 │ ███████████████ 1.049s
10.0.0 │ ███████ 0.447s
9.0.0 │ ███████ 0.495s
8.0.0 │ ██████ 0.406s
7.0.0 │ ██████ 0.415s