forked from Automattic/jetpack
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpnpm-workspace.yaml
More file actions
88 lines (75 loc) · 3.08 KB
/
pnpm-workspace.yaml
File metadata and controls
88 lines (75 loc) · 3.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
packages:
- projects/*/*
- '!projects/js-packages/jetpack-cli'
- projects/plugins/*/tests/e2e
- tools/cli
- tools/e2e-commons
- tools/js-tools
- tools/performance
- .github/files/coverage-munger
engineStrict: true
managePackageManagerVersions: false
preferWorkspacePackages: true
# Be strict about peer deps
autoInstallPeers: false
dedupePeerDependents: false
strictPeerDependencies: true
# No hoisting by default.
hoistPattern: []
# Silence this warning. Our `jetpack dependencies build-order` (also used by `jetpack build --all`) checks for cycles itself, plus it has a way to indicate that a dep is only for testing.
ignoreWorkspaceCycles: true
# Package compromise avoidance: let new releases age a day, and don't allow trust downgrades unless explicitly excepted.
minimumReleaseAge: 1440
minimumReleaseAgeExclude:
# Packages we often want to immediately update after releasing them.
- '@automattic/*'
- '@woocommerce/*'
- '@wordpress/*'
# Renovate security update: dompurify@3.4.0
- dompurify@3.4.0
# Need to unblock @wordpress/* package updates
- '@types/wordpress__block-editor@15.0.6'
# Renovate security update: postcss@8.5.10
- postcss@8.5.10
trustPolicy: no-downgrade
trustPolicyExclude:
# https://github.com/paulmillr/chokidar/issues/1440
- chokidar@4.0.3
# https://github.com/reduxjs/reselect/issues/752
- reselect@5.1.1
# Packages where newer majors have provenance but we're still on an older one.
- rollup@3.30.0
- rxjs@7.8.2
- semver@6.3.1
# Package compromise avoidance: require dep build script approval.
strictDepBuilds: true
verifyDepsBeforeRun: install
allowBuilds:
# Tries to download/install stuff if optional deps weren't installed.
'@swc/core': false
esbuild: false
unrs-resolver: false
# Tries to rebuild its bundled libs if a newer version of libvips-dev is installed, which probably isn't.
sharp: false
# Attempt to show "remember to install other stuff" spam.
svelte-preprocess: false
# Attempt to show "support me" spam.
core-js: false
core-js-pure: false
print-this: false
# Package compromise avoidance: Block odd protocols in subdeps
blockExoticSubdeps: true
# Some optional dependencies we don't actually need.
ignoredOptionalDependencies:
- '@oxc-parser/binding-wasm32-wasi' # https://github.com/oxc-project/oxc/issues/21038
- '@rolldown/binding-wasm32-wasi' # https://github.com/rolldown/rolldown/issues/8974
- sass-embedded-all-unknown # Brings in `sass`; platforms we support should have a binary package instead of this.
- sass-embedded-unknown-all # Brings in `sass`; platforms we support should have a binary package instead of this.
# Dependencies needing patching.
patchedDependencies:
# Vite/esbuild doesn't like the `__esModule` + `exports["default"]` pattern, it winds up double-wrapping the default.
# See also https://github.com/WordPress/gutenberg/issues/39619
react-autosize-textarea: .pnpm-patches/react-autosize-textarea.patch
# uuid up to v11 had CommonJS files with ESM content too.
# No bug report, because it's already fixed in the latest versions.
"uuid@<11": .pnpm-patches/uuid.patch