Back to Daily Feed 
pnpm 11.15 Improves Peer Deps & Patches Security Vulnerability
Worth Reading
Originally published on pnpm Releases
View Original Article
Share this article:
Summary & Key Takeaways
- Optional peer dependencies declared via
peerDependenciesMetanow resolve more effectively. - The resolution mechanism now prioritizes satisfying versions already in the dependency graph.
adm-ziphas been updated to prevent excessive memory allocation from malicious ZIP archives.- Fixed an issue where
pnpm version -rcould write invalid versioning-ledger entries.
Our Commentary
Another pnpm release, and this one has a security fix, which is always good to see. The peer dependency resolution improvement is a recurring theme across these pnpm updates, suggesting it's a focus area. It's a solid minor release, nothing groundbreaking, but important for stability and security.
View Original Article
Share this article: