chore(ci): teach package-age check to walk pnpm-lock.yaml #213
Labels
No labels
area:auth
area:ci
area:db
area:infra
area:native
area:pwa
area:service
epic
feature
foundation
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
james/carol#213
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Context
After the pnpm-workspaces restructure (#181),
scripts/ci/check-package-ages.mjsno longer findspackage-lock.jsonat the repo root and silently degrades to "no new packages." The <30-day package-age soft signal (ADR-0022) is effectively off in CI today. The signal is soft so the gap does not block merge, but the gate is no longer doing its documented job.Source
scripts/ci/check-package-ages.mjslines 10-14: "NOTE (ticket #181): after the pnpm-workspaces restructure, this script no longer finds package-lock.json at the repo root and silently degrades to no new packages. Teaching the helper to walk pnpm-lock.yaml is a follow-up ticket; the policy is a soft signal so the gap is recoverable without merging risk."Scope
scripts/lib/package-ages.mjsextractPackagesFromLockfileto parse pnpm-lock.yaml v6/v9 format in addition to npm v3package-lock.json.scripts/ci/check-package-ages.mjsto readpnpm-lock.yamlinstead ofpackage-lock.json, andgit show <baseRef>:pnpm-lock.yamlfor the base.npm:registry by default; private registries / aliases need handling).Acceptance criteria
pnpm -For root-level invocation ofnode scripts/ci/check-package-ages.mjsagainst the workspace produces the same offender set that the pre-#181 npm script did.Composes with