Conversation
RobinTail
added
dependencies
WalkthroughThis update restructures the migration logic for Express Zod API into a dedicated npm package, adjusts build and lint configurations accordingly, and updates documentation and workflows to reference the new migration package. It also introduces compatibility tests, refines package exports, and enhances workflow flexibility for multi-workspace operations. Changes
Sequence Diagram(s)sequenceDiagram
participant Dev as Developer
participant GH as GitHub Actions
participant WS as Workspace (express-zod-api / migration)
participant NPM as npm Registry
Dev->>GH: Trigger workflow_dispatch (select workspace)
GH->>WS: Run version bump or publish commands (using selected workspace)
WS-->>GH: Build/package/test selected workspace
GH->>NPM: Publish selected workspace (if applicable)
NPM-->>GH: Confirm publish
Suggested labels
Poem
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
This reverts commit c5bbe93.
…ing its hoisting.
Replacement for: 225c323 Config can be validating this way: ```shell npx --yes --package renovate -- renovate-config-validator --strict ./renovate.json ``` Instead of pnpm catalog attempted in #2736 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **Chores** - Updated Renovate configuration to include new package rules for managing updates to TypeScript ESLint and Vitest packages. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
Addition to #2428 It turned out that required peer dependencies are installed automatically unless opted out: https://pnpm.io/next/settings#autoinstallpeers This might be a better solution since I want to absorb the validation workflow into the existing integration tests without hoisting Discovered while working on #2736 and might be needed to solve in advance <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **Chores** - Updated dependencies across multiple packages to use a centralized peer dependency catalog. - Added a new peer dependency catalog to the workspace configuration, listing key runtime and type definition packages. - Adjusted package dependencies to reference the new peer catalog, removing direct versioned dependencies where applicable. - Added or updated peer dependencies for packages such as zod and http-errors in relevant projects. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
…nd testing it in the usual workflow.
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (1)
compat-test/package.json (1)
10-17: Review dependency version constraints
Locking tocatalog:minwithout a major range may pull in incompatible future releases. Consider using a caret range for external libs orworkspace:*for shared versions:"dependencies": { "@express-zod-api/migration": "workspace:*", "express-zod-api": "workspace:*", "express": "catalog:min", "typescript": "catalog:min", "http-errors": "catalog:min", - "zod": "3.25.35" + "zod": "^3.25.0" }
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
⛔ Files ignored due to path filters (1)
pnpm-lock.yamlis excluded by!**/pnpm-lock.yaml
📒 Files selected for processing (5)
.github/workflows/node.js.yml(1 hunks)compat-test/package.json(1 hunks)compat-test/sample.ts(0 hunks)package.json(1 hunks)pnpm-workspace.yaml(1 hunks)
💤 Files with no reviewable changes (1)
- compat-test/sample.ts
✅ Files skipped from review due to trivial changes (1)
- .github/workflows/node.js.yml
🚧 Files skipped from review as they are similar to previous changes (2)
- pnpm-workspace.yaml
- package.json
⏰ Context from checks skipped due to timeout of 90000ms (1)
- GitHub Check: report
🔇 Additional comments (1)
compat-test/package.json (1)
2-2: Confirm package naming consistency
The"name": "compat-test"field correctly identifies this workspace package as the compatibility test suite.
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (1)
migration/package.json (1)
48-50: Add required linting devDependencies.
YourprepublishOnlyscript invokeseslint, so explicitly declareeslintand core TS-ESLint packages underdevDependencies, referencing yourdevcatalog for consistency.Example diff:
"devDependencies": { - "@typescript-eslint/rule-tester": "^8.34.0" + "eslint": "catalog:dev", + "@typescript-eslint/parser": "catalog:dev", + "@typescript-eslint/eslint-plugin": "catalog:dev", + "@typescript-eslint/rule-tester": "catalog:dev" }
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
⛔ Files ignored due to path filters (1)
pnpm-lock.yamlis excluded by!**/pnpm-lock.yaml
📒 Files selected for processing (2)
migration/package.json(1 hunks)pnpm-workspace.yaml(2 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
- pnpm-workspace.yaml
🧰 Additional context used
🧠 Learnings (1)
migration/package.json (1)
Learnt from: RobinTail
PR: RobinTail/express-zod-api#2428
File: express-zod-api/package.json:20-25
Timestamp: 2025-05-28T18:52:18.375Z
Learning: The `attw` command is the executable provided by the `@arethetypeswrong/cli` npm package. When `attw` is used in scripts, check for `@arethetypeswrong/cli` in dependencies rather than looking for an `attw` package.
🔇 Additional comments (5)
migration/package.json (5)
1-9: Metadata looks correct.
Name, version, license, description, repository, and author fields are well-defined.
3-3: Confirm version tagging strategy.
Ensure24.0.0-beta.3and itsbetapre-release identifier align with your chosen unified or per-package versioning approach.
24-39: Export mappings are properly configured.
Dual support for both ESM and CommonJS consumers with matching type declarations is correctly set up.
17-23:Details
✅ Verification successful
Validate build and publish scripts.
Thepostbuildscript callsattw --packfrom the root@arethetypeswrong/clipackage, andprepublishOnlyrunseslint && pnpm test && pnpm build. Verify that the CLI is hoisted correctly in your monorepo and that this sequence fits your CI/CD flow.
🏁 Script executed:
#!/bin/bash # Check that @arethetypeswrong/cli is present and hoisted grep -R "\"@arethetypeswrong/cli\"" -n .Length of output: 98
Confirm CLI Hoisting and Script Order
The root
package.jsonincludes"@arethetypeswrong/cli": "^0.18.2", soattw --packwill be available in your monorepo after build. TheprepublishOnlyhook already runs ESLint, tests, and the build in the correct order for your CI/CD flow. No further changes needed.
44-47:Details
✅ Verification successful
Verify the
catalog:peeralias.
Make sure apeercatalog alias exists inpnpm-workspace.yaml. If your catalogs are named differently (e.g.,min), update these entries to match the actual alias.
🏁 Script executed:
grep -R "catalogs" -n pnpm-workspace.yamlLength of output: 54
🏁 Script executed:
#!/bin/bash # Display the catalogs block to verify the defined aliases sed -n '20,40p' pnpm-workspace.yamlLength of output: 576
Peer catalog alias verified
The
peeralias is defined in pnpm-workspace.yaml under thecatalogssection, so thecatalog:peerentries in migration/package.json are correct and require no changes.
Related to #2736 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **Chores** - Updated the version bump workflow with more flexible versioning options and improved input descriptions. - Removed separate workflows for minor and patch version bumps, consolidating version management into a single workflow. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
1 participant
This is the first step I towards the idea of code splitting into several smaller packages that could be pluggable and reusable, e.g. by Zod Sockets.
Decisions to make:
unified tagging with canonical version:pnpm dlx bumpp -r preminor --preid betapnpm -F [workspace] exec pnpm dlx bumpp preminor --preid beta --tag=[package]-%spnpm catalogsSummary by CodeRabbit
New Features
Improvements
Bug Fixes
Chores