chore: upgrade pnpm to v9 to fix lockfileVersion mismatch #658
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
peterj
added a commit
to kagent-dev/kagent
that referenced
this pull request
Aug 18, 2025
 <h3>Snyk has created this PR to upgrade sonner from 2.0.5 to 2.0.6.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/> - The recommended version is **1 version** ahead of your current version. - The recommended version was released **a month ago**. <details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>sonner</b></summary> <ul> <li> <b>2.0.6</b> - <a href="https://redirect.github.com/emilkowalski/sonner/releases/tag/v2.0.6">2025-07-03</a></br><h2>What's Changed</h2> <ul> <li>chore: upgrade pnpm to v9 to fix lockfileVersion mismatch by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/metacode22/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/metacode22">@ metacode22</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3186249934" data-permission-text="Title is private" data-url="emilkowalski/sonner#658" data-hovercard-type="pull_request" data-hovercard-url="/emilkowalski/sonner/pull/658/hovercard" href="https://redirect.github.com/emilkowalski/sonner/pull/658">#658</a></li> <li>fix: right click event swallowing by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/emilkowalski/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/emilkowalski">@ emilkowalski</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3199850684" data-permission-text="Title is private" data-url="emilkowalski/sonner#661" data-hovercard-type="pull_request" data-hovercard-url="/emilkowalski/sonner/pull/661/hovercard" href="https://redirect.github.com/emilkowalski/sonner/pull/661">#661</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/metacode22/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/metacode22">@ metacode22</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3186249934" data-permission-text="Title is private" data-url="emilkowalski/sonner#658" data-hovercard-type="pull_request" data-hovercard-url="/emilkowalski/sonner/pull/658/hovercard" href="https://redirect.github.com/emilkowalski/sonner/pull/658">#658</a></li> </ul> <p><strong>Full Changelog</strong>: <a class="commit-link" href="https://redirect.github.com/emilkowalski/sonner/compare/v2.0.5...v2.0.6"><tt>v2.0.5...v2.0.6</tt></a></p> </li> <li> <b>2.0.5</b> - <a href="https://redirect.github.com/emilkowalski/sonner/releases/tag/v2.0.5">2025-06-02</a></br><p>Main goal of this update is to fix css import.</p> <h2>What's Changed</h2> <ul> <li>update bunchee by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/emilkowalski/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/emilkowalski">@ emilkowalski</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3110402804" data-permission-text="Title is private" data-url="emilkowalski/sonner#650" data-hovercard-type="pull_request" data-hovercard-url="/emilkowalski/sonner/pull/650/hovercard" href="https://redirect.github.com/emilkowalski/sonner/pull/650">#650</a></li> </ul> <p><strong>Full Changelog</strong>: <a class="commit-link" href="https://redirect.github.com/emilkowalski/sonner/compare/v2.0.4...v2.0.5"><tt>v2.0.4...v2.0.5</tt></a></p> </li> </ul> from <a href="https://redirect.github.com/emilkowalski/sonner/releases">sonner GitHub release notes</a> </details> </details> --- > [!IMPORTANT] > > - Check the changes in this PR to ensure they won't cause issues with your project. > - This PR was automatically created by Snyk using the credentials of a real user. --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs._ **For more information:** <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI0YzYyZDg2Ni0yZmM5LTRlOTgtYTAwMC0zMmU5MDAzOTY4MjUiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjRjNjJkODY2LTJmYzktNGU5OC1hMDAwLTMyZTkwMDM5NjgyNSJ9fQ==" width="0" height="0"/> > - 🧐 [View latest project report](https://app.snyk.io/org/kagent/project/3a1ab099-8f8f-43a5-81e6-e07ff34c96dc?utm_source=github&utm_medium=referral&page=upgrade-pr) > - 📜 [Customise PR templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates?utm_source=&utm_content=fix-pr-template) > - 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/kagent/project/3a1ab099-8f8f-43a5-81e6-e07ff34c96dc/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) > - 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/kagent/project/3a1ab099-8f8f-43a5-81e6-e07ff34c96dc/settings/integration?pkg=sonner&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades) [//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"sonner","from":"2.0.5","to":"2.0.6"}],"env":"prod","hasFixes":false,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[],"prId":"4c62d866-2fc9-4e98-a000-32e900396825","prPublicId":"4c62d866-2fc9-4e98-a000-32e900396825","packageManager":"npm","priorityScoreList":[],"projectPublicId":"3a1ab099-8f8f-43a5-81e6-e07ff34c96dc","projectUrl":"https://app.snyk.io/org/kagent/project/3a1ab099-8f8f-43a5-81e6-e07ff34c96dc?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":[],"type":"auto","upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2025-07-03T15:56:35.993Z"},"vulns":[]}' Signed-off-by: Peter Jausovec <peter.jausovec@solo.io> Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue
Current
package.jsonspecifiespnpm@8.12.1butpnpm-lock.yamlhaslockfileVersion: '9.0'. This version mismatch causes unintended lockfile changes when developers runpnpm installafter cloning the repository.6.09.0was adopted in pnpm v9.0.0+reference: pnpm v9.0.0 release
What has been done
packageManagerfrompnpm@8.12.1topnpm@9.15.99.15.9as a latest release in the v9 seriesScreenshots/Videos
Unintended changes in
pnpm-lock.yamlafter runningpnpm installon a git clone.