pnpm

pnpm is a Node.js package manager for dependency installs, lockfile-driven updates, and workspace orchestration in JavaScript and TypeScript repos. It covers the core repo lifecycle from adding packages and running scripts to auditing and inspecting dependency state.

• Install, add, remove, update, fetch, and dedupe packages while keeping package.json and pnpm-lock.yaml aligned.
• Run package scripts, one-off package binaries, and recursive workspace commands across selected projects with filters.
• Inspect dependency trees, outdated versions, vulnerabilities, licenses, and why a package is present before changing or releasing a repo.

• Recursive filters, stable command names, and script-oriented subcommands make it effective inside CI and repo automation loops.
• Structured output exists but is not uniform: review commands such as list, outdated, audit, and licenses expose JSON modes, and --reporter ndjson can stream logs.
• Best fit when an agent is already operating inside a Node repo and needs to manage dependencies or run project tasks defined by that repo.

• Install and update flows mutate package.json, pnpm-lock.yaml, and node_modules, and dependency lifecycle scripts may run unless policy blocks them.
• Behavior depends on repo manifests, lockfiles, workspace config, and registry auth, so unattended runs need project context and credentials.