pnpm

pnpm

Popular

Node.js package manager with strict dependency resolution. Use when running pnpm specific commands, configuring workspaces via pnpm-workspace.yaml, or managing dependencies with catalogs, patches, overrides, config dependencies, or the global virtual store.

5.4Kstars
304forks
Updated 7/1/2026
SKILL.md
readonlyread-only
name
pnpm
description

Node.js package manager with strict dependency resolution. Use when running pnpm specific commands, configuring workspaces via pnpm-workspace.yaml, or managing dependencies with catalogs, patches, overrides, config dependencies, or the global virtual store.

pnpm is a fast, disk space efficient package manager. It uses a content-addressable store to deduplicate packages across all projects on a machine, and enforces strict dependency resolution by default, preventing phantom dependencies.

Configuration model (important): pnpm settings now live in pnpm-workspace.yaml (and the global config.yaml) using camelCase keys. .npmrc is used only for authentication/registry credentials, and the pnpm field of package.json is no longer read. When working in a pnpm project, check pnpm-workspace.yaml for settings/workspace structure and .npmrc only for auth. Always use --frozen-lockfile (or pnpm ci) in CI.

The skill is based on pnpm 10.x, generated at 2026-06-22. It also covers v11 behavior changes (config split, isolated global packages, allowBuilds, pmOnFail, global virtual store) where current docs describe them.

Core

Topic Description Reference
CLI Commands install/add/remove/update, run, dlx/pnx, workspace, runtime, publishing (version, view, sbom, stage) core-cli
Configuration pnpm-workspace.yaml settings (camelCase), global config.yaml, packageConfigs, .npmrc auth core-config
Workspaces Monorepo support: filtering, workspace protocol, shared lockfile, packageConfigs core-workspaces
Store Content-addressable store, virtual store, node linker modes, frozen/read-only store core-store

Features

Topic Description Reference
Catalogs Centralized dependency versions; catalogMode, catalog: in overrides features-catalogs
Overrides Force versions (incl. transitive & peer deps); packageExtensions features-overrides
Patches Modify third-party packages; patchedDependencies in pnpm-workspace.yaml features-patches
Aliases Install under custom names (npm:) and registry aliases (namedRegistries) features-aliases
Hooks .pnpmfile.mjs hooks (readPackage, updateConfig, beforePacking), finders, resolvers/fetchers features-hooks
Peer Dependencies Auto-install, strict mode, rules, dedupePeers, peers check features-peer-deps
Config Dependencies Share hooks/settings/catalogs/patches across repos via configDependencies features-config-dependencies
Global Virtual Store Shared node_modules, git-worktree multi-agent setups, isolated global packages features-global-virtual-store
Supply-Chain Security Build approval (allowBuilds), minimumReleaseAge, trustPolicy, lockfile integrity features-supply-chain-security

Best Practices

Topic Description Reference
CI/CD Setup GitHub Actions, GitLab, Docker, pnpm ci, store caching, frozen lockfiles best-practices-ci
Migration npm/Yarn → pnpm, phantom deps, and pnpm v10 → v11 config migration best-practices-migration
Performance Install optimizations, allowBuilds, global virtual store, workspace parallelization best-practices-performance