Skip to content

build: switch the dev workflow from npm to pnpm#5

Merged
jamoy merged 1 commit into
claude/gifted-cannon-gfy802-dxfrom
claude/gifted-cannon-gfy802-pnpm
Jun 22, 2026
Merged

build: switch the dev workflow from npm to pnpm#5
jamoy merged 1 commit into
claude/gifted-cannon-gfy802-dxfrom
claude/gifted-cannon-gfy802-pnpm

Conversation

@jamoy

@jamoy jamoy commented Jun 22, 2026

Copy link
Copy Markdown
Owner

Stacked on #4 (which is stacked on #3) — review/merge those first; this PR's diff is only the pnpm migration on top.

Switches the repo's development workflow from npm to pnpm, with no change to the published package contents or its public API.

What changed

  • Package manager pinned via the packageManager field (Corepack): pnpm@10.33.0.
  • Lockfile: package-lock.jsonpnpm-lock.yaml (committed for reproducible installs).
  • Overrides moved from npm's top-level overrides to pnpm.overrides (pnpm ignores the former). The underscore/js-yaml pins still apply, so pnpm audit reports 0 vulnerabilities.
  • Lean install: added .npmrc with auto-install-peers=false so pnpm doesn't pull the optional serverless peer (and its large tree) — matching npm's behavior.
  • Native resolver: acknowledged jest's optional unrs-resolver as an ignored build dependency. Jest uses its JS fallback, so installs stay robust on brand-new Node releases (no native build required).
  • CI: installs pnpm via pnpm/action-setup@v4, caches the pnpm store through actions/setup-node (cache: pnpm), and runs pnpm install --frozen-lockfile + pnpm lint / pnpm test / pnpm test:smoke.
  • husky pre-commit now runs pnpm exec lint-staged.
  • README documents pnpm install/usage.

Verified locally with pnpm 10.33.0

  • pnpm install --frozen-lockfile
  • pnpm test → 88 passing, 5 skipped ✓
  • pnpm lint (ESLint + Prettier) ✓
  • pnpm test:smoke (dual ESM/CJS) ✓
  • pnpm audit → no known vulnerabilities ✓

🤖 Generated with Claude Code

https://claude.ai/code/session_01QznGWnSQuwvNRAcYinsZiG


Generated by Claude Code

- pin pnpm via the `packageManager` field (Corepack) and commit pnpm-lock.yaml
  (replacing package-lock.json)
- move the dependency `overrides` to `pnpm.overrides` (pnpm doesn't read npm's
  top-level overrides), keeping `npm audit` / `pnpm audit` at 0 advisories
- add .npmrc `auto-install-peers=false` so the optional `serverless` peer (and
  its large tree) is not pulled into the dev install, matching npm's behavior
- acknowledge jest's optional native resolver (unrs-resolver) as an ignored
  build dependency; jest uses its JS fallback, which keeps installs robust on
  brand-new Node releases
- CI: install pnpm via pnpm/action-setup, cache the pnpm store, and run
  `pnpm install --frozen-lockfile` + pnpm lint/test/test:smoke
- husky pre-commit now runs `pnpm exec lint-staged`
- README: document pnpm install/usage

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01QznGWnSQuwvNRAcYinsZiG
@jamoy jamoy merged commit 8387012 into claude/gifted-cannon-gfy802-dx Jun 22, 2026
3 checks passed
jamoy added a commit that referenced this pull request Jun 22, 2026
Reconcile master: bring DX (#4) and pnpm (#5) changes onto master
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant