-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathpnpm-workspace.yaml
More file actions
41 lines (33 loc) · 1.51 KB
/
pnpm-workspace.yaml
File metadata and controls
41 lines (33 loc) · 1.51 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# Edit this file by hand. Using `pnpm config` reformats the file and removes all comments.
packages:
- 'components/**'
- 'packages/*'
- 'proprietary/*'
# Configure pnpm so peer dependencies must be explicitly added instead of being automatically installed.
autoInstallPeers: false
# Configure pnpm so that it will not install any package that claims to not be compatible with the current Node.js
# version.
engineStrict: true
# Configure pnpm so it only installs package versions that have been published on the npm registry for at least 24 hours
# (1440 minutes). This helps mitigate the risk of supply chain attacks by avoiding newly published, potentially
# malicious versions. Keep this in sync with npm-check-updates's `cooldown` configuration.
minimumReleaseAge: 1440
# Make an exception for trusted packages, notably our own
minimumReleaseAgeExclude:
- '@amsterdam/*'
- '@gemeente-denhaag/*'
- '@gemeente-rotterdam/*'
- '@nl-design-system/*'
- '@nl-design-system-candidate/*'
- '@nl-design-system-community/*'
- '@nl-design-system-unstable/*'
- '@nl-rvo/*'
- '@rijkshuisstijl-community/*'
- '@utrecht/*'
- '@projectwallace/*'
# Configure pnpm to save exact version numbers (not including ^ or ~) in package.json. Lock dependencies to specific
# versions to ensure reproducible installs and prevent automatic upgrades to newer minor or patch releases.
saveExact: true
savePrefix: ''
# Configure pnpm to not fail when there are missing or invalid peer dependencies in the tree.
strictPeerDependencies: false