diff --git a/.gitignore b/.gitignore index 353657fb7..52667f6d1 100644 --- a/.gitignore +++ b/.gitignore @@ -33,6 +33,7 @@ npm-debug.log* yarn-debug.log* yarn-error.log* .pnpm-debug.log* +.pnpm-store # local env files .env.local diff --git a/.npmrc b/.npmrc deleted file mode 100644 index e93446513..000000000 --- a/.npmrc +++ /dev/null @@ -1,8 +0,0 @@ -shamefully-hoist=true -auto-install-peers=true -strict-peer-dependencies=false -prefer-workspace-packages=true -enable-pre-post-scripts=true -prefer-frozen-lockfile=true -prefer-offline=true -link-workspace-packages=deep \ No newline at end of file diff --git a/AGENTS.md b/AGENTS.md index 2875bd79b..7237a187d 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -56,7 +56,7 @@ frontends/ - **Framework**: Vue 3, Nuxt 4.1 - **Build**: Vite 7, Turbo, unbuild -- **Package Manager**: pnpm 10.17.0 +- **Package Manager**: pnpm 11.5.2 - **Language**: TypeScript - **Styling**: UnoCSS, Tailwind.css - **Testing**: Vitest (unit), Playwright (e2e) diff --git a/examples/maintenance-allowlisting/.npmrc b/examples/maintenance-allowlisting/.npmrc deleted file mode 100644 index 9cf949503..000000000 --- a/examples/maintenance-allowlisting/.npmrc +++ /dev/null @@ -1 +0,0 @@ -package-lock=false \ No newline at end of file diff --git a/examples/modal-teleport/.npmrc b/examples/modal-teleport/.npmrc deleted file mode 100644 index 0c613763b..000000000 --- a/examples/modal-teleport/.npmrc +++ /dev/null @@ -1,3 +0,0 @@ -shamefully-hoist=true -strict-peer-dependencies=false -package-lock=false \ No newline at end of file diff --git a/examples/mollie-credit-card/.npmrc b/examples/mollie-credit-card/.npmrc deleted file mode 100644 index c483022c0..000000000 --- a/examples/mollie-credit-card/.npmrc +++ /dev/null @@ -1 +0,0 @@ -shamefully-hoist=true \ No newline at end of file diff --git a/package.json b/package.json index f2dca78bd..9ef617ffb 100644 --- a/package.json +++ b/package.json @@ -46,24 +46,5 @@ "engines": { "node": "^20.x || ^22.x || ^24.x" }, - "packageManager": "pnpm@10.23.0", - "pnpm": { - "overrides": { - "axios": "^1.16.1", - "minimatch": "^10.2.5", - "undici": "^6.24.0", - "unbuild": "^3.6.1", - "uuid": "^14.0.0" - }, - "peerDependencyRules": { - "ignoreMissing": [ - "webpack", - "vite", - "react-dom", - "react", - "@types/react", - "@algolia/client-search" - ] - } - } + "packageManager": "pnpm@11.5.2" } diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml index a59c24baa..c51111be3 100644 --- a/pnpm-workspace.yaml +++ b/pnpm-workspace.yaml @@ -10,17 +10,43 @@ templates: # Reduciing the risk of installing fresh compromised packages before detected minimumReleaseAge: 4320 ## 3 days minimumReleaseAgeExclude: -- '@shopware/*' -- '@typescript/native-preview' -- 'happy-dom' -- '@vue/test-utils' -- '@adyen/adyen-web' + - '@shopware/*' + - '@typescript/native-preview' + - 'happy-dom' + - '@vue/test-utils' + - '@adyen/adyen-web' auditConfig: ignoreGhsas: - - GHSA-92fh-27vv-894w # not vulnerable - https://github.com/unjs/nanotar/issues/59 - ignoreCves: - # - CVE-2024-43788 - - CVE-2025-68458 # webpack issue, not affected - - CVE-2025-68157 # webpack issue, not affected - - CVE-2024-43788 # webpack issue, not affected + - CVE-2025-68458 + - CVE-2025-68157 + - CVE-2024-43788 +overrides: + axios: ^1.16.1 + minimatch: ^10.2.5 + undici: ^6.24.0 + unbuild: ^3.6.1 + uuid: ^14.0.0 +peerDependencyRules: + ignoreMissing: + - webpack + - vite + - react-dom + - react + - '@types/react' + - '@algolia/client-search' +shamefullyHoist: true +autoInstallPeers: true +strictPeerDependencies: false +preferWorkspacePackages: true +enablePrePostScripts: true +preferFrozenLockfile: true +preferOffline: true +verifyDepsBeforeRun: false +linkWorkspacePackages: deep +allowBuilds: + '@biomejs/biome': true + '@parcel/watcher': true + esbuild: true + sharp: true + vue-demi: true diff --git a/templates/vue-demo-store/.npmrc b/templates/vue-demo-store/.npmrc deleted file mode 100644 index 4b10cef2a..000000000 --- a/templates/vue-demo-store/.npmrc +++ /dev/null @@ -1,2 +0,0 @@ -auto-install-peers=true -shamefully-hoist=true