profiles: Extend node stack support for pnpm (#6063)

* nodejs-common: add pnpm support * disable-programs.inc: add pnpm support * Create pnpm.profile * Create pnpx.profile
netblue30 · Oct 24, 2023 · 30c30f5 · 30c30f5
1 parent d343628
commit 30c30f5
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 1 deletion.
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc
@@ -1014,6 +1014,7 @@ blacklist ${HOME}/.local/share/orage
 blacklist ${HOME}/.local/share/org.kde.gwenview
 blacklist ${HOME}/.local/share/pix
 blacklist ${HOME}/.local/share/plasma_notes
+blacklist ${HOME}/.local/share/pnpm
 blacklist ${HOME}/.local/share/profanity
 blacklist ${HOME}/.local/share/psi
 blacklist ${HOME}/.local/share/psi+

diff --git a/etc/profile-m-z/nodejs-common.profile b/etc/profile-m-z/nodejs-common.profile
@@ -7,7 +7,7 @@ include nodejs-common.local
 # added by caller profile
 #include globals.local
 
-# Note: gulp, node-gyp, npm, npx, semver and yarn are all node scripts
+# Note: gulp, node-gyp, npm, npx, pnpm, pnpx, semver and yarn are all node scripts
 # using the `#!/usr/bin/env node` shebang. By sandboxing node the full
 # node.js stack will be firejailed. The only exception is nvm, which is implemented
 # as a sourced shell function, not an executable binary. Hence it is not
@@ -22,6 +22,7 @@ ignore read-only ${HOME}/.npmrc
 ignore read-only ${HOME}/.nvm
 ignore read-only ${HOME}/.yarnrc
 
+noblacklist ${HOME}/.local/share/pnpm
 noblacklist ${HOME}/.node-gyp
 noblacklist ${HOME}/.npm
 noblacklist ${HOME}/.npmrc
@@ -43,6 +44,7 @@ include disable-xdg.inc
 
 # If you want whitelisting, change ${HOME}/Projects below to your node projects directory
 # and add the next lines to your nodejs-common.local.
+#mkdir ${HOME}/.local/share/pnpm
 #mkdir ${HOME}/.node-gyp
 #mkdir ${HOME}/.npm
 #mkdir ${HOME}/.npm-packages
@@ -52,6 +54,7 @@ include disable-xdg.inc
 #mkdir ${HOME}/.yarn-config
 #mkdir ${HOME}/.yarncache
 #mkfile ${HOME}/.yarnrc
+#whitelist ${HOME}/.local/share/pnpm
 #whitelist ${HOME}/.node-gyp
 #whitelist ${HOME}/.npm
 #whitelist ${HOME}/.npm-packages

diff --git a/etc/profile-m-z/pnpm.profile b/etc/profile-m-z/pnpm.profile
@@ -0,0 +1,11 @@
+# Firejail profile for pnpm
+# Description: Fast, disk space efficient package manager
+quiet
+# This file is overwritten after every install/update
+# Persistent local customizations
+include pnpm.local
+# Persistent global definitions
+include globals.local
+
+# Redirect
+include nodejs-common.profile
diff --git a/etc/profile-m-z/pnpx.profile b/etc/profile-m-z/pnpx.profile
@@ -0,0 +1,11 @@
+# Firejail profile for pnpx
+# Description: Part of the Node.js stack
+quiet
+# This file is overwritten after every install/update
+# Persistent local customizations
+include pnpx.local
+# Persistent global definitions
+include globals.local
+
+# Redirect
+include nodejs-common.profile