Skip to content

migrate to pnpm #609

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Andarist merged 17 commits into from
May 14, 2026
Merged

migrate to pnpm #609

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
7f2c5c1
migrate to `pnpm`
marcalexiei May 5, 2026
5a0d8e3
rename `simple-project` fixture packages to remove socket security er…
marcalexiei May 5, 2026
e201252
add pnpm `dedupe` options
marcalexiei May 5, 2026
b892407
update release-pr workflow
marcalexiei May 7, 2026
8cd9f5a
update
marcalexiei May 7, 2026
aa44253
update snashots
marcalexiei May 7, 2026
3b58799
tweaks
Andarist May 14, 2026
8ba6f16
tweak
Andarist May 14, 2026
505d974
tweak
Andarist May 14, 2026
1017292
fix missing ci-setup
Andarist May 14, 2026
1209505
tweak
Andarist May 14, 2026
17a2221
tweak deps
Andarist May 14, 2026
eebb064
update pnpm
Andarist May 14, 2026
975ff6b
ok, Socket, let's rename them
Andarist May 14, 2026
f5dafcb
update snapshots
Andarist May 14, 2026
b412bc1
rename again
Andarist May 14, 2026
39f3dab
fmt
Andarist May 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 7 additions & 4 deletions .github/actions/ci-setup/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,17 @@
name: Setup CI
description: Setup CI

runs:
using: composite
steps:
- name: Setup Node.js
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
- name: Set up pnpm
uses: pnpm/action-setup@8912a9102ac27614460f54aedde9e1e7f9aec20d # v6.0.5

- uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version-file: ".node-version"
cache: yarn
cache: pnpm

- name: Install dependencies
shell: bash
run: yarn install --frozen-lockfile
run: pnpm install --frozen-lockfile
22 changes: 16 additions & 6 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,11 @@ name: CI
on:
pull_request:
push:
branches: [main]
branches:
- main
merge_group:
branches: [main]
branches:
- main

permissions:
contents: read
Expand All @@ -17,23 +19,31 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Check out repo
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false

- uses: ./.github/actions/ci-setup

- name: Test
run: yarn test
run: pnpm test

typecheck:
name: Typecheck
timeout-minutes: 20
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Check out repo
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false

- uses: ./.github/actions/ci-setup

- name: Typecheck
run: yarn typecheck
run: pnpm typecheck

ci-ok:
name: CI OK
Expand Down
18 changes: 12 additions & 6 deletions .github/workflows/publish.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,17 +21,21 @@ jobs:
issues: write # to post issue comments (changesets/action)
pull-requests: write # to create pull request (changesets/action)
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Check out repo
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false

- uses: ./.github/actions/ci-setup

- name: Build
run: yarn build
run: pnpm build
Comment thread
beeequeue marked this conversation as resolved.

- name: Create or update release pull request
id: changesets
uses: ./
with:
version: yarn bump
version: pnpm bump

publish:
name: Publish
Expand All @@ -49,17 +53,19 @@ jobs:
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}

- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Check out repo
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: true
# we need this token to bypass the branch and tag protection rules
token: ${{ steps.app-token.outputs.token }}

- uses: ./.github/actions/ci-setup

- name: Build
run: yarn build
run: pnpm build

- name: Publish to marketplace
uses: ./
with:
publish: yarn release
publish: pnpm release
38 changes: 28 additions & 10 deletions .github/workflows/release-pr.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,14 @@ permissions: {}
jobs:
release_check:
if: github.repository == 'changesets/action' && github.event.issue.pull_request && startsWith(github.event.comment.body, '/release-pr')
timeout-minutes: 5
runs-on: ubuntu-latest

permissions:
contents: read
issues: write
pull-requests: read

steps:
- id: report_in_progress
run: |
Expand Down Expand Up @@ -99,12 +102,18 @@ jobs:
timeout-minutes: 20
runs-on: ubuntu-latest
needs: release_check

permissions:
contents: write
issues: write
pull-requests: write

steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Check out repo
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false

- uses: ./.github/actions/ci-setup

- name: Fetch validated commit from pull request head repository
Expand All @@ -131,30 +140,34 @@ jobs:
if: steps.check_version_packages.outputs.version_packages == 'true'
run: git reset --hard HEAD~1

- run: yarn changeset version --snapshot pr${{ github.event.issue.number }}
- name: Create snapshot version
run: pnpm changeset version --snapshot pr${{ github.event.issue.number }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Build
run: yarn build
run: pnpm build

- name: Setup Git user
run: |
git config --global user.name "github-actions[bot]"
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"

- name: Release snapshot version
run: yarn run release:pr
run: pnpm release:pr

- run: gh api /repos/${{ github.repository }}/issues/comments/${{ github.event.comment.id }}/reactions -f content='rocket'
- name: Add success reaction
run: gh api /repos/${{ github.repository }}/issues/comments/${{ github.event.comment.id }}/reactions -f content='rocket'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- run: gh api -X DELETE /repos/${{ github.repository }}/issues/comments/${{ github.event.comment.id }}/reactions/${{ needs.release_check.outputs.in_progress_reaction_id }}
- name: Remove in-progress reaction
run: gh api -X DELETE /repos/${{ github.repository }}/issues/comments/${{ github.event.comment.id }}/reactions/${{ needs.release_check.outputs.in_progress_reaction_id }}
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- run: |
- name: Comment success
run: |
gh pr comment ${{ github.event.issue.number }} --body "The release for \`${{ needs.release_check.outputs.resolved_sha }}\` triggered by [this comment](${{ github.event.comment.url }}) has [succeeded](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}). Published commit: [${{ github.repository }}@$(git rev-parse HEAD)](https://github.com/${{ github.repository }}/commit/$(git rev-parse HEAD))."
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Expand All @@ -164,19 +177,24 @@ jobs:
timeout-minutes: 2
runs-on: ubuntu-latest
if: failure() && github.repository == 'changesets/action' && (needs.release_check.result == 'failure' || needs.release.result == 'failure')

permissions:
issues: write
pull-requests: write

steps:
- run: gh api /repos/${{ github.repository }}/issues/comments/${{ github.event.comment.id }}/reactions -f content='-1'
- name: Add failure reaction
run: gh api /repos/${{ github.repository }}/issues/comments/${{ github.event.comment.id }}/reactions -f content='-1'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- run: gh api -X DELETE /repos/${{ github.repository }}/issues/comments/${{ github.event.comment.id }}/reactions/${{ needs.release_check.outputs.in_progress_reaction_id }}
- name: Remove in-progress reaction
run: gh api -X DELETE /repos/${{ github.repository }}/issues/comments/${{ github.event.comment.id }}/reactions/${{ needs.release_check.outputs.in_progress_reaction_id }}
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- run: |
- name: Comment failure
run: |
gh pr comment ${{ github.event.issue.number }} --body "The release for \`${{ needs.release_check.outputs.requested_sha }}\` triggered by [this comment](${{ github.event.comment.url }}) has [failed](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})."
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Expand Down
64 changes: 38 additions & 26 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ This action for [Changesets](https://github.com/changesets/changesets) creates a
- published - A boolean value to indicate whether a publishing has happened or not
- publishedPackages - A JSON array to present the published packages. The format is `[{"name": "@xx/xx", "version": "1.2.0"}, {"name": "@xx/xy", "version": "0.8.9"}]`

### Example workflow:
### Example workflow

#### Without Publishing

Expand All @@ -43,15 +43,18 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v3
uses: actions/checkout@v6

- name: Setup Node.js 20
uses: actions/setup-node@v3
- name: Setup pnpm
uses: pnpm/action-setup@v6

- name: Setup Node.js 26
uses: actions/setup-node@v6
with:
node-version: 20
node-version: 26

- name: Install Dependencies
run: yarn
run: pnpm install --frozen-lockfile

- name: Create Release Pull Request
uses: changesets/action@v1
Expand All @@ -77,22 +80,25 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v3
uses: actions/checkout@v6

- name: Setup pnpm
uses: pnpm/action-setup@v6

- name: Setup Node.js 20.x
uses: actions/setup-node@v3
- name: Setup Node.js 26
uses: actions/setup-node@v6
with:
node-version: 20.x
node-version: 26

- name: Install Dependencies
run: yarn
run: pnpm install --frozen-lockfile

- name: Create Release Pull Request or Publish to npm
id: changesets
uses: changesets/action@v1
with:
# This expects you to have a script called release which does a build for your packages and calls changeset publish
publish: yarn release
publish: pnpm release
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

Expand All @@ -104,7 +110,7 @@ jobs:

By default the GitHub Action creates a `.npmrc` file with the following content:

```
```txt
//registry.npmjs.org/:_authToken=${process.env.NPM_TOKEN}
```

Expand Down Expand Up @@ -141,15 +147,18 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v3
uses: actions/checkout@v6

- name: Setup Node.js 20.x
uses: actions/setup-node@v3
- name: Setup pnpm
uses: pnpm/action-setup@v6

- name: Setup Node.js 26
uses: actions/setup-node@v6
with:
node-version: 20.x
node-version: 26

- name: Install Dependencies
run: yarn
run: pnpm install --frozen-lockfile

- name: Create Release Pull Request or Publish to npm
id: changesets
Expand All @@ -158,7 +167,7 @@ jobs:
- name: Publish
if: steps.changesets.outputs.hasChangesets == 'false'
# You can do something when a publish should happen.
run: yarn publish
run: pnpm publish
```

#### With version script
Expand All @@ -183,21 +192,24 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v3
uses: actions/checkout@v6

- name: Setup pnpm
uses: pnpm/action-setup@v6

- name: Setup Node.js 20.x
uses: actions/setup-node@v3
- name: Setup Node.js 26
uses: actions/setup-node@v6
with:
node-version: 20.x
node-version: 26

- name: Install Dependencies
run: yarn
run: pnpm install --frozen-lockfile

- name: Create Release Pull Request
uses: changesets/action@v1
with:
# this expects you to have a npm script called version that runs some logic and then calls `changeset version`.
version: yarn version
version: pnpm version
```

#### With Yarn 2 / Plug'n'Play
Expand All @@ -208,5 +220,5 @@ If you are using [Yarn Plug'n'Play](https://yarnpkg.com/features/pnp), you shoul
- uses: changesets/action@v1
with:
version: yarn changeset version
...
# ...
```
4 changes: 3 additions & 1 deletion __fixtures__/ignored-package/.changeset/config.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
{
"$schema": "https://unpkg.com/@changesets/config@1.3.0/schema.json",
"ignore": ["ignored-package-pkg-a"]
"ignore": [
"changesets-dev-ignored-package-pkg-a"
]
}
4 changes: 2 additions & 2 deletions __fixtures__/ignored-package/packages/pkg-a/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "ignored-package-pkg-a",
"name": "changesets-dev-ignored-package-pkg-a",
"version": "1.0.0",
"dependencies": {
"ignored-package-pkg-b": "1.0.0"
"changesets-dev-ignored-package-pkg-b": "1.0.0"
}
}
2 changes: 1 addition & 1 deletion __fixtures__/ignored-package/packages/pkg-b/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{
"name": "ignored-package-pkg-b",
"name": "changesets-dev-ignored-package-pkg-b",
"version": "1.0.0"
}
Loading