Skip to content

fix: packaging exports resolution + lint, Node 22, security#2

Merged
asachs01 merged 2 commits into
mainfrom
fix/packaging-exports
May 20, 2026
Merged

fix: packaging exports resolution + lint, Node 22, security#2
asachs01 merged 2 commits into
mainfrom
fix/packaging-exports

Conversation

@asachs01
Copy link
Copy Markdown
Member

@asachs01 asachs01 commented May 20, 2026

Summary

Fixes a critical packaging defect plus housekeeping for the node-spanning SDK.

Critical: .cjs/.d.cts exports now resolve

package.json declares index.cjs and index.d.cts in its exports map, but without "type": "module" the tooling never emitted those extensions correctly — CommonJS and TypeScript consumers got broken/missing resolution. Adding "type": "module" makes tsup emit the package.json-declared file extensions so all four export targets (index.js, index.cjs, index.d.ts, index.d.cts) build and resolve correctly.

Other changes

  • Lint: resolved 15 lint errors. Open string unions (... | string) replaced with the (string & {}) idiom so literal autocomplete is preserved; intentional polling loop annotated with a scoped eslint-disable.
  • Node 22: standardized on Node 22 (@types/node ^22, tsup target: node22).
  • Security: npm audit fix applied.
  • Docs: added CODE_OF_CONDUCT.md; updated CHANGELOG.md.

Verification

  • npm run build — green; dist/ contains index.js, index.cjs, index.d.ts, index.d.cts
  • npm test — 43/43 pass
  • npm run lint — 0 errors (11 pre-existing warnings)

asachs01 added 2 commits May 20, 2026 14:19
@asachs01
fix: add type:module so tsup emits package.json-declared file extensions
07dc0dc 
The package.json main/exports point to ./dist/index.cjs and
./dist/index.d.cts, but without "type": "module" tsup emitted
index.js (CJS) / index.mjs (ESM), so require() of the published
package failed to resolve. Adding "type": "module" makes tsup emit
index.js (ESM), index.cjs (CJS), index.d.ts, index.d.cts to match the
existing exports map.

Also fixes 15 no-redundant-type-constituents lint errors: bare string
constituents in BackupStatus, RestoreStatus and SpanningServiceName
collapsed the unions to string. Changed to (string & {}) to preserve
literal autocomplete, with a scoped ban-types eslint-disable for the
idiom.
@asachs01
chore: standardize on Node 22, add CODE_OF_CONDUCT, audit review
54f29d0 
- Bump @types/node to ^22 and tsup target to node22 (aligns with
  engines.node >=22 and CI matrix already on Node 22)
- Add CODE_OF_CONDUCT.md (Contributor Covenant)
- npm audit fix produced no changes; remaining 8 advisories
  (7 moderate, 1 high) all require --force breaking upgrades
@asachs01 asachs01 force-pushed the fix/packaging-exports branch from c05e688 to 54f29d0 Compare May 20, 2026 18:19
@asachs01 asachs01 merged commit 42580e8 into main May 20, 2026
@asachs01 asachs01 deleted the fix/packaging-exports branch May 20, 2026 18:20
github-actions Bot pushed a commit that referenced this pull request May 20, 2026
@semantic-release-bot
chore(release): 1.0.2 [skip ci]
281ad5f 
## [1.0.2](v1.0.1...v1.0.2) (2026-05-20)

### Bug Fixes

* packaging exports resolution + lint, Node 22, security ([#2](#2)) ([42580e8](42580e8))
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 20, 2026

🎉 This PR is included in version 1.0.2 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@asachs01