chore: pnpm migration[KHCP-21042]#890
Conversation
| pkg=$(pnpm publish --no-git-checks --access public --report-summary --tag "${tag}" | grep "+ "| sed 's/+ //') | ||
| pnpm publish --no-git-checks --access public --tag "${tag}" | ||
|
|
||
| if [[ -z "${pkg}" ]]; then | ||
| if [ $? -ne 0 ]; then |
There was a problem hiding this comment.
yes, pnpm v11 changed the publish output format. the CI would fail with Error publishing package without this change.
There was a problem hiding this comment.
Can you leave some more context on the pull request; otherwise, we're just assuming what the changes are.
Please leave some context in the areas that were changed
| npm_instructions="@$(echo ${pkg}|cut -d'@' -f2)@${tag}" | ||
| package_name=$(jq -r ".name" package.json) | ||
| npm_instructions="${package_name}@${tag}" |
There was a problem hiding this comment.
yes, pkg is removed in the above pnpm publish step and its simpler to read package name from package.json just like we read version on line 80.
| yaml@>=2.0.0 <2.8.3: '>=2.8.4' | ||
| vite@>=7.0.0 <=7.3.1: '>=7.3.3' | ||
| strictPeerDependencies: false | ||
| autoInstallPeers: false |
There was a problem hiding this comment.
issue: why are we not auto-installing peerDependencies?
There was a problem hiding this comment.
this is migrated as is from .npmrc via pnpm codemod - https://github.com/Kong/spec-renderer/pull/890/changes#diff-e813096d69c49812e40e00be9ac8fa14d77f0ec1f97ab4c45cb096b3bedd35deL2. i see that in our case vue is listed in peer dependencies as well as dev dependencies. should i be changing it in this PR or is it fine as is?
There was a problem hiding this comment.
I don't see why we would not want to auto-install peers in most cases
There was a problem hiding this comment.
Pull request overview
This PR migrates the repository’s package-manager setup from pnpm v10 to v11, moving pnpm configuration into pnpm-workspace.yaml, updating the pinned pnpm version, and adjusting CI publishing steps to align with the newer pnpm behavior.
Changes:
- Moved pnpm overrides/build-allowlist and peer settings out of
package.json/.npmrcintopnpm-workspace.yaml. - Updated Volta’s pinned pnpm version to 11.5.3.
- Simplified CI preview publishing logic for pnpm v11 (version bump + publish flow).
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
pnpm-workspace.yaml |
Centralizes pnpm v11 workspace config (overrides, peer settings, build approvals). |
package.json |
Removes embedded pnpm config and bumps Volta pnpm version to v11. |
.npmrc |
Drops settings now represented in the workspace config. |
.github/workflows/CI.yaml |
Updates preview publish steps to match pnpm v11 behavior/output. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # Use yarn to bump the version for the prerelease | ||
| pnpm version prerelease --preid ${preid} --no-git-tag-version --yes --amend | ||
| pnpm version prerelease --preid ${preid} --no-git-tag-version --yes |
| pnpm publish --no-git-checks --access public --tag "${tag}" | ||
|
|
||
| if [[ -z "${pkg}" ]]; then | ||
| if [ $? -ne 0 ]; then | ||
| echo "Error publishing package" | ||
| exit -1 |
64f190d to
ccaad7d
Compare
2f56f08 to
b181bda
Compare
Install the preview package from this PR@kong/spec-renderer@pr-890 |
| # Use yarn to bump the version for the prerelease | ||
| pnpm version prerelease --preid ${preid} --no-git-tag-version --yes --amend | ||
| # Use pnpm to bump the version for the prerelease | ||
| pnpm version prerelease --preid ${preid} --no-git-tag-version --yes |
There was a problem hiding this comment.
amend flag was droppend in pnpm v11. was leading to ERROR: Unknown option: 'amend'. no-git-tag-version already helps ensure no git commit or tag is created here.
There was a problem hiding this comment.
seems like amend wasn't there in previous versions either. v11 has a native publish flow as mentioned in the highlights section point 6 here - https://pnpm.io/blog/releases/11.0. earlier it used to delegate to the npm CLI where passing extra flags was not erroring.
There was a problem hiding this comment.
reference to the above comment - https://pnpm.io/pnpm-cli#differences-vs-npm. "Unlike npm, pnpm validates all options"
🔴 PR audit failed. 🔴🔥 Renovate Security PRs detected.There are 1 open renovate security PRs older than 3 days. This PR cannot be merged until all renovate security PRs created more than 3 days ago are resolved. |
Summary
This PR aims to address pnpm migration from v10 to v11 by following the migration guide here - https://pnpm.io/migration.
pnpm v11 compatibility fixes in CI
Error publishing package. Now we check the exit code for failure detection instead.Jira - https://konghq.atlassian.net/browse/KHCP-21042
Consuming app PR - https://github.com/kong-konnect/portal/pull/2582