
pnpm
โ 5,482by antfu ยท part of antfu/skills
Node.js package manager with strict dependency resolution. Use when running pnpm specific commands, configuring workspaces via pnpm-workspace.yaml, or managing dependencies with catalogs, patches, overrides, config dependencies, or the global virtual store.
This is the playbook your agent receives when the skill activates โ you don't need to read it to use the skill, but it's here to audit before installing.
pnpm is a fast, disk space efficient package manager. It uses a content-addressable store to deduplicate packages across all projects on a machine, and enforces strict dependency resolution by default, preventing phantom dependencies.
Configuration model (important): pnpm settings now live in pnpm-workspace.yaml (and the global config.yaml) using camelCase keys. .npmrc is used only for authentication/registry credentials, and the pnpm field of package.json is no longer read. When working in a pnpm project, check pnpm-workspace.yaml for settings/workspace structure and .npmrc only for auth. Always use --frozen-lockfile (or pnpm ci) in CI.
The skill is based on pnpm 10.x, generated at 2026-06-22. It also covers v11 behavior changes (config split, isolated global packages,
allowBuilds,pmOnFail, global virtual store) where current docs describe them.
Core
| Topic | Description | Reference |
|---|---|---|
| CLI Commands | install/add/remove/update, run, dlx/pnx, workspace, runtime, publishing (version, view, sbom, stage) | core-cli |
| Configuration | pnpm-workspace.yaml settings (camelCase), global config.yaml, packageConfigs, .npmrc auth | core-config |
| Workspaces | Monorepo support: filtering, workspace protocol, shared lockfile, packageConfigs | core-workspaces |
| Store | Content-addressable store, virtual store, node linker modes, frozen/read-only store | core-store |
Features
| Topic | Description | Reference |
|---|---|---|
| Catalogs | Centralized dependency versions; catalogMode, catalog: in overrides | features-catalogs |
| Overrides | Force versions (incl. transitive & peer deps); packageExtensions | features-overrides |
| Patches | Modify third-party packages; patchedDependencies in pnpm-workspace.yaml | features-patches |
| Aliases | Install under custom names (npm:) and registry aliases (namedRegistries) | features-aliases |
| Hooks | .pnpmfile.mjs hooks (readPackage, updateConfig, beforePacking), finders, resolvers/fetchers | features-hooks |
| Peer Dependencies | Auto-install, strict mode, rules, dedupePeers, peers check | features-peer-deps |
| Config Dependencies | Share hooks/settings/catalogs/patches across repos via configDependencies | features-config-dependencies |
| Global Virtual Store | Shared node_modules, git-worktree multi-agent setups, isolated global packages | features-global-virtual-store |
| Supply-Chain Security | Build approval (allowBuilds), minimumReleaseAge, trustPolicy, lockfile integrity | features-supply-chain-security |
Best Practices
| Topic | Description | Reference |
|---|---|---|
| CI/CD Setup | GitHub Actions, GitLab, Docker, pnpm ci, store caching, frozen lockfiles | best-practices-ci |
| Migration | npm/Yarn โ pnpm, phantom deps, and pnpm v10 โ v11 config migration | best-practices-migration |
| Performance | Install optimizations, allowBuilds, global virtual store, workspace parallelization | best-practices-performance |
npx skills add https://github.com/antfu/skills --skill pnpmRun this in your project โ your agent picks the skill up automatically.
No common issues documented yet. If you hit a problem, the repository's GitHub Issues page is the best place to look.
Licensed under MITโ you can use, modify, and redistribute it under that license's terms.
View the full license file on GitHub โ