Added support for pnpm package manager

check.js

@@ -11,6 +11,9 @@ function auditOk(issues) {
 if (argv.yarn) {
     pkgFacade.addImplementation('yarn', require('./src/pkgmanagers/yarn'))
     pkgFacade.setActiveImplementation('yarn')
+} else if (argv.pnpm) {
+    pkgFacade.addImplementation('pnpm', require('./src/pkgmanagers/pnpm'))
+    pkgFacade.setActiveImplementation('pnpm')
 } else {
     pkgFacade.addImplementation('npm', require('./src/pkgmanagers/npm'))
     pkgFacade.setActiveImplementation('npm')

resolve.js

@@ -7,6 +7,9 @@ const auditResolver = require('./src/resolve/auditResolver')
 if (argv.yarn) {
     pkgFacade.addImplementation('yarn', require('./src/pkgmanagers/yarn'))
     pkgFacade.setActiveImplementation('yarn')
+} else if (argv.pnpm) {
+    pkgFacade.addImplementation('pnpm', require('./src/pkgmanagers/pnpm'))
+    pkgFacade.setActiveImplementation('pnpm')
 } else {
     pkgFacade.addImplementation('npm', require('./src/pkgmanagers/npm'))
     pkgFacade.setActiveImplementation('npm')

src/pkgmanagers/pnpm.js

@@ -0,0 +1,47 @@
+const unparse = require('../unparse')
+const skipArgs = require('../skipArgs')
+
+function getCommand(action) {
+  // Derived from pnpm-audit-report
+  // TODO: share the code
+  if (action.action === 'install') {
+    const isDev = action.resolves[0].dev
+    return `pnpm install ${isDev ? '--save-dev ' : ''}${action.module}@${action.target}`
+  } else {
+    return `pnpm update ${action.module} --depth ${action.depth}`
+  }
+}
+
+module.exports = {
+  version: 1,
+  getAudit({ promiseCommand, argv, shellOptions }) {
+    const unparsed = unparse(argv, skipArgs)
+
+    return promiseCommand(`pnpm audit --json ${unparsed}`, shellOptions)
+      .then(output => {
+        try {
+          return JSON.parse(output)
+        } catch (e) {
+          console.error('failed to parse output')
+          console.error(output)
+          throw e;
+        }
+      })
+      .then(parsed => {
+        if (parsed.error) {
+          throw Error(`'pnpm audit' failed with ${parsed.error.code}. Check the log above for more details.`);
+        }
+        return parsed
+      })
+    //TODO: retries on ENOAUDIT
+  },
+  fix({ promiseCommand, argv, shellOptions, action }) {
+
+    return promiseCommand(getCommand(action), shellOptions)
+  },
+  remove({ promiseCommand, argv, shellOptions, names }) {
+    //TODO: include the fact that some of them are dev dependencies and we don't know which, because we shouldn't have to at this point
+    //FIXME: this command might not delete everything as expected
+    return promiseCommand(`pnpm rm ${names.join(' ')}`, shellOptions)
+  }
+}

src/skipArgs.js

@@ -1 +1 @@
-module.exports = ['json', 'migrate', 'yarn', 'mock', 'fix']
+module.exports = ['json', 'migrate', 'yarn', 'pnpm', 'mock', 'fix']