Vercel Community

[▲ Vercel Community](/) · [Categories](/categories) · [Latest](/latest) · [Top](/top) · [Live](/live)

[Help](/c/help/9)

# Ignored build scripts: sharp

3735 views · 10 likes · 4 posts


BSZ (@behrangsa) · 2025-03-03 · ♥ 2

<!-- Questions that get answered the fastest are the ones with relevant info included in the original post. Be sure to include all detail needed to let others see and understand the problem! -->

Today I deployed a barebones Next.js 15.2.0 app to Vercel and found this warning message in the logs:

```
Ignored build scripts: sharp.                                              
Run "pnpm approve-builds" to pick which dependencies should be allowed     
to run scripts.                                                            
```

<!-- Current versus Expected behavior -->

Ideally I don't want to get any warning messages during build and deployment.

And from memory, I wasn't getting this warning message in the past.

Apparently, "this warning is related to Vercel's security feature that prevents potentially risky build scripts from running automatically during deployment."

How do you deal with this warning message in your builds? How can I make it go away?

Thanks.

<!-- Code, configuration, and steps that reproduce this issue -->



<!-- Project information (URL, framework, environment, project settings) -->


Anshuman Bhardwaj (@anshumanb) · 2025-03-03 · ♥ 2

Hi @behrangsa, welcome to the Vercel Community!

Sorry that you're facing this issue it seems to be a `pnpm` security feature. Can you try this solution suggested by v0:

https://v0.dev/chat/ignored-build-scripts-P86ILSN3H1E

I hope this helps.


BestCodes (@bestcodes) · 2025-03-03 · ♥ 2

@behrangsa If you have access to the terminal environment for your project (locally), do what the log suggests and run `pnpm approve-builds`.
Doing so should update your `pnpm-lock.yaml` file (make sure you are committing this) to tell pnpm to allow builds for the dependencies you approve automatically. Commit the changed lock file and it should work remotely too.


BSZ (@behrangsa) · 2025-03-04 · ♥ 4

@anshumanb @bestcodes thanks all! running `pnpm approve-builds` locally fixed the problem.

It adds a block of code to package.json that takes care of it...

```
  "pnpm": {
    "onlyBuiltDependencies": [
      "sharp"
    ]
  }
```