chore: migrate to pnpm#1730
Conversation
|
Warning Review the following alerts detected in dependencies. According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.
|
There was a problem hiding this comment.
Pull request overview
Migrates the workspace from Yarn Classic to pnpm (Corepack-managed). Updates root package.json (engines, packageManager, scripts), introduces pnpm-workspace.yaml and a preinstall package-manager guard, switches CI workflows, Dockerfiles, release configs and docs from yarn/npx to pnpm/corepack pnpm, removes obsolete library package.json shims and Yarn resolutions, and tweaks the Electron build pipeline to stage a pnpm-compatible target package.json. Also bundles a couple of unrelated runtime fallbacks for missing IP addresses.
Changes:
- Replace Yarn with pnpm everywhere (root scripts, CI, Docker, docs, release hooks, Electron build) and add a
preinstallguard. - Add
pnpm-workspace.yamlwith pnpmoverrides(migrated from Yarnresolutions) and a planning doc. - Promote previously-implicit transitive deps to direct dependencies in root
package.json, and remove now-unused per-libpackage.jsonshims.
Reviewed changes
Copilot reviewed 38 out of 43 changed files in this pull request and generated 15 comments.
Show a summary per file
| File | Description |
|---|---|
| package.json | Switch packageManager, engines, scripts; add several direct deps |
| pnpm-workspace.yaml | New workspace + overrides + allowBuilds config |
| PNPM_MIGRATION_PLAN.md | Temporary migration planning doc |
| scripts/check-package-manager.mjs | New preinstall guard enforcing pnpm |
| scripts/build-electron.mjs | Convert yarn add/remove to pnpm; new prepareTargetPackageJson |
| scripts/create-hotfix.mjs | Update help text to pnpm |
| Dockerfile / Dockerfile.e2e / docker-compose.yml | Use Corepack + pnpm install/run |
| .github/workflows/{ci,release,docs}.yml | Add pnpm/action-setup, switch cache and commands |
| .release-it-web-ext.json / .release-it-desktop.json | Switch release hooks to pnpm |
| electron-builder.config.js | Exclude pnpm-lock.yaml instead of yarn.lock |
| apps/jetstream-e2e/project.json, apps/jetstream-desktop-client-e2e/playwright.config.ts, apps/jetstream-web-extension-e2e/playwright.config.ts | pnpm command updates |
| apps/jetstream/vite.config.ts, apps/cron-tasks/src/cloudflare-analytics-archiver.ts, apps/api/Dockerfile, mock-idp/docker-compose.yml | Comment/docs updates from yarn to pnpm |
| apps/docs/{README.md,package.json,.gitignore} | pnpm docs commands; drop redundant resolutions |
| apps-sfdx/{package.json,.gitignore} | Drop redundant resolutions; add pnpm log ignore |
| README.md, CLAUDE.md, .claude/settings.json | Doc/tooling updates for pnpm |
| .dockerignore, .gitignore | Track pnpm lockfile/store, ignore pnpm logs |
| libs/{salesforce-api,connected/connected-ui,shared/ui-db,shared/ui-record-form}/package.json | Remove obsolete per-lib package.json stubs |
| libs/shared/data/src/lib/client-socket-data.ts | Convert to import type (pnpm strictness) |
| libs/auth/server/src/lib/auth.utils.ts | Behavior change: fall back IP to unknown-<ts> |
| apps/api/src/app/utils/route.utils.ts | Behavior change: default req.ip to 'unknown' |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
paustint
force-pushed
the
chore/migrate-to-pnpm
branch
from
953e4c1 to
7c6b0dd
Compare
paustint
force-pushed
the
chore/migrate-to-pnpm
branch
from
7c6b0dd to
3c6b87d
Compare
| # so release-it can push as the App (which is on the ruleset bypass list). | ||
| persist-credentials: false | ||
|
|
||
| - uses: pnpm/action-setup@v4 |
| "unzipper": "^0.12.3", | ||
| "update-electron-app": "^3.1.2", | ||
| "uuid": "^9.0.1", | ||
| "uuid": "^14.0.0", |
| { | ||
| "cli": "nx", | ||
| "version": "22.6.0-beta.11", | ||
| "description": "Prompts to enable usage analytics", | ||
| "implementation": "./src/migrations/update-22-6-0/enable-analytics-prompt", | ||
| "package": "nx", | ||
| "name": "22-6-0-enable-analytics-prompt" | ||
| }, | ||
| { | ||
| "version": "22.6.0-beta.11", | ||
| "description": "Prefix reportsDirectory with {projectRoot} to maintain correct resolution after workspace-root-relative behavior change.", | ||
| "implementation": "./src/migrations/update-22-6-0/prefix-reports-directory-with-project-root", | ||
| "package": "@nx/vitest", | ||
| "name": "update-22-6-0-prefix-reports-directory" | ||
| "version": "22.7.0-beta.12", | ||
| "description": "Add missing inputs to @nx/eslint:lint executor target defaults", | ||
| "implementation": "./src/migrations/update-21-6-0/update-executor-lint-inputs", | ||
| "package": "@nx/eslint", | ||
| "name": "update-executor-lint-inputs" |
| COPY --link package.json pnpm-lock.yaml pnpm-workspace.yaml ./ | ||
| RUN pnpm install --frozen-lockfile --prod=false |
| COPY ./pnpm-lock.yaml . | ||
| COPY ./pnpm-workspace.yaml . | ||
| COPY ./.env . | ||
| COPY ./ecosystem.config.js . | ||
| COPY ./prisma ./prisma/ | ||
|
|
||
| # Install core dependencies | ||
| RUN yarn | ||
| RUN pnpm install --prod --no-frozen-lockfile |
| allowBuilds: | ||
| "@parcel/watcher": true | ||
| "@prisma/engines": true | ||
| "@sentry/cli": false | ||
| "@swc/core": true | ||
| core-js: false | ||
| electron: true | ||
| electron-winstaller: true | ||
| esbuild: true | ||
| less: false | ||
| nx: true | ||
| prisma: true | ||
| sharp: true | ||
| spawn-sync: false | ||
| unrs-resolver: true |
| # syntax = docker/dockerfile:1 | ||
|
|
||
| ARG NODE_VERSION=20.10.0 | ||
| ARG NODE_VERSION=22 |
| **Pre-req** | ||
|
|
||
| 1. Make sure you have node 20 installed. | ||
| 1. Make sure you have node 22 installed. |
|
|
||
| WORKDIR /usr/src/app | ||
|
|
||
| ARG PNPM_VERSION=11.1.2 | ||
| RUN corepack enable && corepack prepare pnpm@${PNPM_VERSION} --activate | ||
|
|
| return ipAddress[ipAddress.length - 1]; | ||
| } | ||
| return ipAddress; | ||
| return ipAddress || `unknown-${new Date().getTime()}`; |
No description provided.