yarn

Fixes

• Resolved punycode deprecation warning
• Fixed hoisting bug with transitive dependencies that have aliases as sub-dependencies

[!WARNING] This release is missing a couple of artifacts (the .msi/.rpm/.deb/.asc files); we're working on fixing this.

• Fixes an issue in the v1.22.20 when calling Yarn from a project subfolder, outside of a Corepack context.

• Added a SKIP_YARN_COREPACK_CHECK environment variable to skip the Corepack check.

[!WARNING] This release is missing a couple of artifacts (the .msi/.rpm/.deb/.asc files); we're working on fixing this.

• Important: Punycode is now embed within the bundle, as it has been deprecated by Node.js and will be removed in a future version.

• A message will be displayed when Yarn 1.22 notices that the local project has a package.json file referencing a non-1.x Yarn releas...

• Adds compatibility with WebAuthn on the npm registry

Node 17.7.0 had a regression in url.resolve which broke Yarn, causing network errors. This release fixes that, although the regression also got fixed on the Node side starting from 17.7.1, so as long as you keep your Node up-to-date it'll be fine.

Strangely this released disappeared from GitHub, re-adding it.

Release v1.22.16

• Fixes an issue on Windows where relative scripts would fail to execute

• Fixes false positives that would happen on non-win32 platforms ("Potentially dangerous call to ...")

• Fixes a potential security issue where packages could run scripts even with --ignore-builds set (Windows only)
• Fixes yarn init -y2 w/ Corepack
• yarn set version stable (and canary) will now defer to the stable & canary for upgrading the project