Skip to content

build: change from npm to pnpm#198

Merged
tbinna merged 1 commit intomainfrom
migrate-to-pnpm-catalogs
Apr 1, 2026
Merged

build: change from npm to pnpm#198
tbinna merged 1 commit intomainfrom
migrate-to-pnpm-catalogs

Conversation

@tbinna
Copy link
Copy Markdown
Member

@tbinna tbinna commented Mar 31, 2026
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Chores

    • Migrated package management from npm to pnpm across CI/CD, docs build, release and local scripts
    • Added a pnpm workspace with centralized catalog-based dependency versions and updated package manifests
    • Declared pnpm as the project package manager and broadened node_modules ignore rules

  • Documentation

    • Updated developer guides and contributing docs to use pnpm for setup and publishing

  • Tests

    • Aligned test/e2e tooling and workspace creation to use pnpm

@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Mar 31, 2026
edited
Loading

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: fdb8377f-7c2f-40d5-ae8c-2c446152a1e4

📥 Commits

Reviewing files that changed from the base of the PR and between 36c867b and af1e1a7.

⛔ Files ignored due to path filters (3)
  • docs/package-lock.json is excluded by !**/package-lock.json
  • package-lock.json is excluded by !**/package-lock.json
  • pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (16)
  • .github/workflows/build-docs.yml
  • .github/workflows/ci-main.yml
  • .github/workflows/ci-pr.yml
  • .github/workflows/deploy-docs.yml
  • .github/workflows/release.yml
  • .gitignore
  • AGENTS.md
  • CONTRIBUTING.md
  • docs/package.json
  • e2e/nx-forge-e2e/src/utils/test-workspace.ts
  • package.json
  • packages/nx-forge/package.json
  • packages/nx-forge/src/generators/application/generator.spec.ts
  • packages/nx-forge/src/utils/forge/yaml-validator.ts
  • pnpm-workspace.yaml
  • tools/docs/package.json
💤 Files with no reviewable changes (1)
  • packages/nx-forge/src/utils/forge/yaml-validator.ts
✅ Files skipped from review due to trivial changes (8)
  • AGENTS.md
  • tools/docs/package.json
  • .gitignore
  • docs/package.json
  • .github/workflows/build-docs.yml
  • CONTRIBUTING.md
  • pnpm-workspace.yaml
  • .github/workflows/release.yml
🚧 Files skipped from review as they are similar to previous changes (4)
  • e2e/nx-forge-e2e/src/utils/test-workspace.ts
  • .github/workflows/deploy-docs.yml
  • .github/workflows/ci-main.yml
  • packages/nx-forge/package.json
📝 Walkthrough

Walkthrough

Switched repository tooling from npm/npx to pnpm: updated GitHub Actions, package manifests, docs, e2e tooling, and contributor guidance; added a pnpm workspace with catalogs; updated some tests and simplified YAML validator error handling.

Changes

Cohort / File(s) Summary
CI/CD Workflows
/.github/workflows/build-docs.yml, /.github/workflows/ci-main.yml, /.github/workflows/ci-pr.yml, /.github/workflows/deploy-docs.yml, /.github/workflows/release.yml		 Replaced npm/npx commands with pnpm equivalents; added pnpm/action-setup@v4 (run_install: false); switched Node cache to pnpm; use pnpm install --frozen-lockfile and pnpm/pnpm exec/pnpm nx for commands.
Workspace & Package Configuration
pnpm-workspace.yaml, package.json, packages/nx-forge/package.json, tools/docs/package.json, docs/package.json		 Added pnpm-workspace.yaml with catalog/catalogs; set root packageManager: "pnpm@10.32.1"; many deps moved to catalog:/catalog:nx; docs/package.json added name and private.
Docs & Contribution Guidance
AGENTS.md, CONTRIBUTING.md		 Replaced documented npm commands with pnpm equivalents and minor wording/punctuation adjustments.
Gitignore
.gitignore		 Changed /node_modulesnode_modules to ignore node_modules at any depth.
E2E / Test Workspace
e2e/nx-forge-e2e/src/utils/test-workspace.ts		 Switched scaffold and plugin-add commands from npx to pnpm dlx / pnpm exec and set created workspaces to use --packageManager=pnpm.
Generator Tests
packages/nx-forge/src/generators/application/generator.spec.ts		 Added mocks for @nx/eslint and @nx/jest to force addPlugin: false; updated snapshots to include explicit lint and test targets (jest config/outputs).
YAML Validator
packages/nx-forge/src/utils/forge/yaml-validator.ts		 Removed YAMLError-specific parsing; unified catch path that uses the error message and returns line: 0, column: 0 in the constructed InvalidManifest error.
Docs tooling
docs/package.json, tools/docs/package.json		 Adjusted devDependencies and tslib to use catalog: specifiers; changed VitePress devDependency to catalog:.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Suggested labels

released

Poem

🐇 I swapped the carrots — npm — for pnpm's sweet song,
Catalogs lined the burrow, versions neat and strong.
Workflows hop in chorus, installs quick and bright,
Tests and docs all tidy — then I nap through the night.

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title 'build: change from npm to pnpm' directly and accurately summarizes the primary change across all files in this pull request, which switches the entire project's package management from npm to pnpm.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch migrate-to-pnpm-catalogs

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Mar 31, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (3)
.github/workflows/deploy-docs.yml (1)

33-42: ⚠️ Potential issue | 🟠 Major

Same ordering issue: corepack enable should run before actions/setup-node.

For consistency with the fix needed in ci-main.yml, move the corepack enable step before actions/setup-node to ensure pnpm is available for cache key generation.

🔧 Proposed fix 
+      - run: corepack enable
       - name: Setup Node
         uses: actions/setup-node@v4
         with:
           node-version: 20
           cache: pnpm
       - name: Setup Pages
         uses: actions/configure-pages@v4
-      - run: corepack enable
       - name: Install dependencies
         run: pnpm install --frozen-lockfile
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/deploy-docs.yml around lines 33 - 42, Move the "corepack
enable" step to run before the "Setup Node" step so pnpm is available when
actions/setup-node@v4 computes cache keys; specifically, reorder the workflow
steps so the run: corepack enable step appears above the step named "Setup Node"
(which uses actions/setup-node@v4) and ensure the "Install dependencies" step
remains after setup and uses pnpm install --frozen-lockfile.
.github/workflows/build-docs.yml (1)

22-31: ⚠️ Potential issue | 🟠 Major

Same ordering issue: corepack enable should run before actions/setup-node.

For consistency with other workflows, move corepack enable before actions/setup-node to ensure pnpm is available for cache key generation.

🔧 Proposed fix 
+      - run: corepack enable
       - name: Setup Node
         uses: actions/setup-node@v4
         with:
           node-version: 20
           cache: pnpm
       - name: Setup Pages
         uses: actions/configure-pages@v4
-      - run: corepack enable
       - name: Install dependencies
         run: pnpm install --frozen-lockfile
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/build-docs.yml around lines 22 - 31, Move the "corepack
enable" step so it runs before the "actions/setup-node@v4" step; specifically,
reorder the workflow steps so the run: corepack enable action occurs prior to
the uses: actions/setup-node@v4 (and before the pnpm cache/setup) to ensure pnpm
is available for cache key generation and aligns with other workflows.
.github/workflows/release.yml (1)

27-32: ⚠️ Potential issue | 🟡 Minor

Move corepack enable before actions/setup-node to enable pnpm caching.

The actions/setup-node action with cache: pnpm requires the pnpm binary to be available during execution so it can determine the pnpm store directory for caching. Since your package.json specifies "packageManager": "pnpm@10.32.1", pnpm is managed via Corepack. Running corepack enable after setup-node means pnpm won't be available when the cache mechanism needs it, causing cache setup to fail.

Proposed fix 
+      - run: corepack enable
       - uses: actions/setup-node@v4
         name: Setup Node.js
         with:
           node-version: 'lts/-1'
           cache: pnpm
-      - run: corepack enable
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/release.yml around lines 27 - 32, Move the "corepack
enable" step to run before the actions/setup-node@v4 step so pnpm (managed by
Corepack per packageManager: "pnpm@10.32.1") is available when setup-node
attempts to configure pnpm caching; specifically, relocate the `run: corepack
enable` step to precede the `uses: actions/setup-node@v4` step (the block with
name "Setup Node.js" and with `cache: pnpm`) so the cache setup can detect the
pnpm binary and store directory.
🧹 Nitpick comments (1)
packages/nx-forge/src/generators/application/generator.spec.ts (1)

10-36: Consider adding a comment explaining the mock purpose.

The mocks force addPlugin: false to ensure explicit target configurations are generated instead of relying on Nx plugin inference. While this approach is correct for making snapshots testable, the reasoning isn't immediately apparent to future maintainers.

📝 Suggested documentation 
+// Force `addPlugin: false` in lint and jest generators to ensure explicit target
+// configurations are created (rather than inferred by plugins), making snapshots
+// deterministic and testable.
 jest.mock('@nx/eslint', () => {
   const actual = jest.requireActual<typeof import('@nx/eslint')>('@nx/eslint');
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@packages/nx-forge/src/generators/application/generator.spec.ts` around lines
10 - 36, Add an inline comment above the two jest.mock blocks explaining why
these mocks override `@nx/eslint.lintProjectGenerator` and
`@nx/jest.configurationGenerator` to force addPlugin: false (so generated targets
are explicit for deterministic snapshot testing rather than relying on Nx plugin
inference); reference the mocked functions lintProjectGenerator and
configurationGenerator and note that the override ensures predictable outputs in
generator.spec.ts tests.
🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/ci-main.yml:
- Around line 19-24: Move the "corepack enable" step so pnpm is available before
the cache evaluation by actions/setup-node: ensure the workflow runs a step
executing "corepack enable" (or equivalent) before the actions/setup-node@v4
step that uses "cache: pnpm", then keep the actions/setup-node step with
"node-version: 'lts/*' cache: pnpm" and the subsequent "pnpm install
--frozen-lockfile" step unchanged; this guarantees pnpm is enabled when the
setup-node cache key is computed.

In @.github/workflows/ci-pr.yml:
- Around line 18-22: The CI step ordering is wrong: move the "corepack enable"
command to run before the actions/setup-node@v4 step so pnpm is available when
setup-node evaluates "cache: pnpm"; update the workflow so the step that runs
corepack (the run: corepack enable step) appears above the actions/setup-node@v4
step that includes with: cache: pnpm to ensure reliable pnpm caching.

In `@CONTRIBUTING.md`:
- Line 54: Fix the formatting typo in the numbered step by inserting a space
after the period: change the text "5.On the consumer side you can now install
the latest package version by running `pnpm add `@toolsplus/nx-forge`@latest`" to
"5. On the consumer side you can now install the latest package version by
running `pnpm add `@toolsplus/nx-forge`@latest`"; update the occurrence in
CONTRIBUTING.md (look for the exact string "5.On the consumer side...") so it
matches the other steps' formatting.

In `@pnpm-workspace.yaml`:
- Around line 28-31: The dependency versions for Jest are inconsistent: update
the `jest-environment-node` entry (currently `^29.4.1`) in the pnpm workspace
catalog to a 30.x release that matches the other Jest packages (e.g., `30.3.0`
or `30.0.2`) so `jest`, `jest-environment-jsdom`, `jest-util`, and
`jest-environment-node` all use compatible 30.x versions; ensure the
`jest-environment-node` value is changed to the chosen 30.x string.

---

Outside diff comments:
In @.github/workflows/build-docs.yml:
- Around line 22-31: Move the "corepack enable" step so it runs before the
"actions/setup-node@v4" step; specifically, reorder the workflow steps so the
run: corepack enable action occurs prior to the uses: actions/setup-node@v4 (and
before the pnpm cache/setup) to ensure pnpm is available for cache key
generation and aligns with other workflows.

In @.github/workflows/deploy-docs.yml:
- Around line 33-42: Move the "corepack enable" step to run before the "Setup
Node" step so pnpm is available when actions/setup-node@v4 computes cache keys;
specifically, reorder the workflow steps so the run: corepack enable step
appears above the step named "Setup Node" (which uses actions/setup-node@v4) and
ensure the "Install dependencies" step remains after setup and uses pnpm install
--frozen-lockfile.

In @.github/workflows/release.yml:
- Around line 27-32: Move the "corepack enable" step to run before the
actions/setup-node@v4 step so pnpm (managed by Corepack per packageManager:
"pnpm@10.32.1") is available when setup-node attempts to configure pnpm caching;
specifically, relocate the `run: corepack enable` step to precede the `uses:
actions/setup-node@v4` step (the block with name "Setup Node.js" and with
`cache: pnpm`) so the cache setup can detect the pnpm binary and store
directory.

---

Nitpick comments:
In `@packages/nx-forge/src/generators/application/generator.spec.ts`:
- Around line 10-36: Add an inline comment above the two jest.mock blocks
explaining why these mocks override `@nx/eslint.lintProjectGenerator` and
`@nx/jest.configurationGenerator` to force addPlugin: false (so generated targets
are explicit for deterministic snapshot testing rather than relying on Nx plugin
inference); reference the mocked functions lintProjectGenerator and
configurationGenerator and note that the override ensures predictable outputs in
generator.spec.ts tests.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: cf11fe9c-a4aa-4d01-afbe-1b9b1fe4c4f8

📥 Commits

Reviewing files that changed from the base of the PR and between 67d8b40 and aba9c87.

⛔ Files ignored due to path filters (3)
  • docs/package-lock.json is excluded by !**/package-lock.json
  • package-lock.json is excluded by !**/package-lock.json
  • pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (16)
  • .github/workflows/build-docs.yml
  • .github/workflows/ci-main.yml
  • .github/workflows/ci-pr.yml
  • .github/workflows/deploy-docs.yml
  • .github/workflows/release.yml
  • .gitignore
  • AGENTS.md
  • CONTRIBUTING.md
  • docs/package.json
  • e2e/nx-forge-e2e/src/utils/test-workspace.ts
  • package.json
  • packages/nx-forge/package.json
  • packages/nx-forge/src/generators/application/generator.spec.ts
  • packages/nx-forge/src/utils/forge/yaml-validator.ts
  • pnpm-workspace.yaml
  • tools/docs/package.json
💤 Files with no reviewable changes (1)
  • packages/nx-forge/src/utils/forge/yaml-validator.ts

@tbinna tbinna force-pushed the migrate-to-pnpm-catalogs branch 3 times, most recently from 7333c14 to 36c867b Compare April 1, 2026 01:59
@tbinna tbinna force-pushed the migrate-to-pnpm-catalogs branch from 36c867b to af1e1a7 Compare April 1, 2026 02:34
@tbinna tbinna merged commit 466cb1a into main Apr 1, 2026
7 checks passed
@tbinna tbinna deleted the migrate-to-pnpm-catalogs branch April 1, 2026 02:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tbinna