Introducing pnpm support in Socket

We're happy to announce that Socket now supports the pnpm package manager!

Developers can now take advantage of the benefits of pnpm while ensuring their dependencies are managed securely with Socket.

Developers love pnpm + Socket

Developers choose pnpm because of it's ability to store package files in a shared cache which reduces disk usage and speeds up installations.

This release of Socket includes support for pnpm lockfiles (pnpm-lock.yaml), pnpm workspaces, package overrides/resolutions, file: dependencies, shrinkwrap dependencies, and bundled dependencies.

If you already have Socket for GitHub installed, then there's nothing you need to do to get pnpm support—Socket will automatically start analyzing your pnpm dependencies. Just ensure that your pnpm-lock.yaml is checked into your GitHub repository, and you're good to go!

If you want to try out Socket with pnpm support, you can install the GitHub App in less than 2 minutes.

More ecosystems and languages are coming soon

If you have any questions or feedback, please don't hesitate to reach out to our dedicated support and engineering team. If you would like to chat with someone on our team, you should schedule a demo with a technical expert.

We're here to help you keep your apps secure, no matter what language or package manager you're using. Stay tuned for more ecosystem support soon, and vote for the language or package manager you would like to see next!

Happy hacking!