Conversation
WalkthroughUpdated the development dependency tsdown in package.json from ^0.15.0 to ^0.15.3. No other files or logic were changed. Changes
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~2 minutes Poem
Pre-merge checks and finishing touches❌ Failed checks (1 inconclusive)
✅ Passed checks (2 passed)
✨ Finishing touches🧪 Generate unit tests
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
⛔ Files ignored due to path filters (1)
pnpm-lock.yamlis excluded by!**/pnpm-lock.yaml
📒 Files selected for processing (1)
package.json(1 hunks)
| "husky": "^9.0.5", | ||
| "prettier": "3.6.2", | ||
| "tsdown": "^0.15.0", | ||
| "tsdown": "^0.15.3", |
There was a problem hiding this comment.
Invalid version range: ^0.15.3 isn’t published on npm — installs will fail
The latest npm release of tsdown is 0.14.2 as of September 20, 2025. Either pin to the latest npm version or switch to the JSR package. (npmjs.com)
Apply this fix (npm path):
- "tsdown": "^0.15.3",
+ "tsdown": "^0.14.2",Alternative (JSR path, if you intended 0.15.x+ from JSR): replace the dependency key to use JSR and adjust the version accordingly, e.g. "jsr:@sxzz/tsdown": "^0.15.3". (jsr.io)
📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| "tsdown": "^0.15.3", | |
| "tsdown": "^0.14.2", |
🤖 Prompt for AI Agents
In package.json around line 27, the dependency "tsdown": "^0.15.3" references a
version not published to npm and will fail to install; either change it to the
latest published npm version by replacing the entry with "tsdown": "0.14.2" (pin
to the exact published version) or, if you intended the newer JSR release,
replace the key to the JSR package form and version (e.g. "jsr:@sxzz/tsdown":
"^0.15.3") and update lockfiles/install commands accordingly.
🧩 Analysis chain
Ensure Node >= 20.19 in CI if upgrading tsdown
tsdown requires Node.js 20.19+; add an engines.node constraint and verify workflow Node versions to prevent CI breakage. (tsdown.dev)
Run to verify the registry version and CI Node versions:
🏁 Script executed:
#!/bin/bash
# Check npm dist-tags and latest version for tsdown
curl -s https://registry.npmjs.org/tsdown | jq '.["dist-tags"], .["versions"] | keys | sort | last'
# Inspect GitHub Actions workflows for setup-node versions
fd -H ".github/workflows" -t d | xargs -I{} rg -nP -C2 'uses:\s*actions/setup-node@|node-version:\s*["'\'']?(\d+(\.\d+)*)' .github/workflowsLength of output: 390
🏁 Script executed:
#!/bin/bash
set -euo pipefail
echo "==== package.json (first 200 lines) ===="
nl -ba package.json | sed -n '1,200p' || true
echo
echo "==== tsdown dependency lines ===="
rg -n --hidden -S '"tsdown"\s*:\s*".*"' package.json || true
echo
echo "==== engines field in package.json ===="
jq '.engines' package.json || true
echo
echo "==== repo occurrences of 'tsdown' (excluding node_modules) ===="
rg -n --hidden -S '\btsdown\b' --glob '!node_modules' || true
echo
echo "==== check for node version files (.nvmrc, .node-version, .tool-versions) ===="
[ -f .nvmrc ] && echo ".nvmrc:" && cat .nvmrc || true
[ -f .node-version ] && echo ".node-version:" && cat .node-version || true
[ -f .tool-versions ] && echo ".tool-versions:" && sed -n '1,50p' .tool-versions || true
echo
echo "==== GitHub Actions workflows (if any) and Node setup usage ===="
if [ -d .github/workflows ]; then
ls -la .github/workflows || true
rg -n -C2 'actions/setup-node|node-version' .github/workflows || true
else
echo "No .github/workflows directory found"
rg -n -C2 'actions/setup-node|node-version' || true
fiLength of output: 3983
Add engines.node >=20.19.0 to package.json; confirm tsdown version
- package.json (line 27): add "engines": { "node": ">=20.19.0" } — package.json currently has no engines field.
- CI: .github/workflows/node.js.yml already tests Node 20.19.0 in its matrix; other workflows use node-version: 22 — CI coverage is sufficient.
- package.json lists "tsdown": "^0.15.3" but the npm registry shows latest 0.9.9 — confirm this is intentional (private registry or typo) and fix/pin the dependency if needed.
🤖 Prompt for AI Agents
In package.json around line 27, add an "engines" entry with "node": ">=20.19.0"
to enforce the minimum Node version used in CI; also verify the "tsdown"
dependency version — if it was a typo (npm shows 0.9.9) replace "^0.15.3" with
the intended published version (e.g., "0.9.9") or pin the private-registry
package by adding a comment/registry override in your lockfile or .npmrc; after
updating, run npm install to update lockfile and ensure CI workflows continue to
pass.
1 participant
instead of #2949
Summary by CodeRabbit