Package org.openrewrite.javascript.internal

Class PnpmLockAdapter

java.lang.Object

org.openrewrite.javascript.internal.PnpmLockAdapter

public final class PnpmLockAdapter
extends Object

Converts a pnpm-lock.yaml into the npm v3 shape consumed by LockFileParser.

Three on-disk formats are supported:

• lockfileVersion 5.x (pnpm 7.x and earlier) lists top-level deps at the root and keys packages with a leading slash but a slash separating name and version (/lodash/4.17.21), with the peer-dep suffix introduced by _.
• lockfileVersion 6.0 (pnpm 8.x) lists top-level deps at the root and keys packages with a leading slash, with dependencies inlined:

     dependencies:
       lodash:
         specifier: ^4.17.21
         version: 4.17.21
     packages:
       /[email protected]:
         resolution: {...}
     

• lockfileVersion 9.0 (pnpm 9.x/10.x) moves top-level deps under importers and splits package metadata (in packages, keyed without a leading slash) from the dependency graph (in snapshots):

     importers:
       .:
         dependencies:
           lodash: {specifier: ^4.17.21, version: 4.17.21}
     packages:
       [email protected]:
         resolution: {...}
     snapshots:
       [email protected]: {}
     

Top-level packages (those listed at the root or under importers) get node_modules/<name> paths; everything else in the packages map goes to a synthetic nested path so it's preserved in all but not in topLevel.

pnpm encodes peer-dep variants in its package keys: /[email protected]([email protected]). The peer-dep suffix is stripped during name/version extraction.

Method Summary

Modifier and Type	Method	Description
static String	toNpmV3(String pnpmLockYaml)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

toNpmV3

public static String toNpmV3(String pnpmLockYaml)