pnpm

Read-only store installs landed in 11.7, letting pnpm install run against a Nix store, OCI image layer, or bind mount.¹

Supply-chain hardening deepened across the 11.x cycle. Tarball-integrity mismatches became a hard install failure in 11.4, closing a silent hole where a compromised registry could substitute attacker-controlled content even with a committed lockfile.² pnpm audit signatures (11.1) verifies ECDSA registry signatures against published keys. A separate security fix in 11.5.3 stopped expanding ${ENV_VAR} placeholders in repository-controlled .npmrc files — previously, a malicious cloned repo could exfiltrate secrets from the local environment before any lifecycle script ran.³

Auth and credential handling grew more flexible. 11.6 added file-free registry auth via npm_config_//… and pnpm_config_//… environment variables, eliminating the need for a .npmrc file in CI.⁴ 11.7 added scope-specific auth tokens.⁵ Named registries with a built-in gh: alias for GitHub Packages landed in 11.1.

Publishing workflow expanded. 11.3 added pnpm stage, bringing npm's staged-publishing workflow to pnpm.⁶ 11.7 added --batch to publish an entire workspace in one registry request.⁷ Native pnpm pkg, pnpm repo, and pnpm set-script commands replaced npm CLI delegation.

Install behavior and the Rust backend improved. 11.5 added hoistingLimits for controlling hoist depth in nodeLinker: hoisted installs.⁸ 11.6 raised default network concurrency and skips full re-resolution when only the lockfile is missing. 11.2 introduced pacquet (the Rust port) as an opt-in install backend; 11.7 extended it to handle full resolving installs.⁹

Version 11 raised the baseline. Node.js 22 is required; pnpm ships as pure ESM. The store index moved from JSON files to SQLite.¹⁰ Global installs got isolated directories with their own lockfiles.