Перейти к основному содержимому
Версия: 9.x


pnpm позволяет подключаться непосредственно к процессу установки с помощью специальных функций (хуков). Hooks can be declared in a file called .pnpmfile.cjs.

By default, .pnpmfile.cjs should be located in the same directory as the lockfile. For instance, in a workspace with a shared lockfile, .pnpmfile.cjs should be in the root of the monorepo.



hooks.readPackage(pkg, context): pkgCalled after pnpm parses the dependency's package manifestAllows you to mutate a dependency's package.json
hooks.afterAllResolved(lockfile, context): lockfileCalled after the dependencies have been resolved.Allows you to mutate the lockfile.

hooks.readPackage(pkg, context): pkg | Promise<pkg>

Allows you to mutate a dependency's package.json after parsing and prior to resolution. These mutations are not saved to the filesystem, however, they will affect what gets resolved in the lockfile and therefore what gets installed.

Note that you will need to delete the pnpm-lock.yaml if you have already resolved the dependency you want to modify.


If you need changes to package.json saved to the filesystem, you need to use the pnpm patch command and patch the package.json file. This might be useful if you want to remove the bin field of a dependency for instance.


  • pkg - The manifest of the package. Either the response from the registry or the package.json content.
  • context - Context object for the step. Method #log(msg) allows you to use a debug log for the step.


Example .pnpmfile.cjs (changes the dependencies of a dependency):

function readPackage(pkg, context) {
// Override the manifest of foo@1.x after downloading it from the registry
if (pkg.name === 'foo' && pkg.version.startsWith('1.')) {
// Replace bar@x.x.x with bar@2.0.0
pkg.dependencies = {
bar: '^2.0.0'
context.log('bar@1 => bar@2 in dependencies of foo')

// This will change any packages using baz@x.x.x to use baz@1.2.3
if (pkg.dependencies.baz) {
pkg.dependencies.baz = '1.2.3';

return pkg

module.exports = {
hooks: {

Известные ограничения

Removing the scripts field from a dependency's manifest via readPackage will not prevent pnpm from building the dependency. When building a dependency, pnpm reads the package.json of the package from the package's archive, which is not affected by the hook. In order to ignore a package's build, use the pnpm.neverBuiltDependencies field.

hooks.afterAllResolved(lockfile, context): lockfile | Promise<lockfile>

Позволяет изменять вывод локфайла до его сериализации.


  • lockfile - The lockfile resolutions object that is serialized to pnpm-lock.yaml.
  • context - Context object for the step. Method #log(msg) allows you to use a debug log for the step.

Пример использования

function afterAllResolved(lockfile, context) {
// ...
return lockfile

module.exports = {
hooks: {

Известные ограничения

There are none - anything that can be done with the lockfile can be modified via this function, and you can even extend the lockfile's functionality.

Опции конфигурации


  • Default: false
  • Type: Boolean

.pnpmfile.cjs will be ignored. Useful together with --ignore-scripts when you want to make sure that no script gets executed during install.


  • Default: .pnpmfile.cjs
  • Type: path
  • Example: .pnpm/.pnpmfile.cjs

Расположение локального pnpmfile.


  • Default: null
  • Type: path
  • Example: ~/.pnpm/global_pnpmfile.cjs

Расположение глобального pnpmfile. Глобальный pnpm-файл используется всеми проектами во время установки.


Рекомендуется использовать локальные pnpm-файлы. Используйте глобальный pnpm-файл, только если вы используете pnpm в проектах, которые не используют pnpm в качестве основного менеджера пакетов.