mono - chore: upgrade TypeScript build tooling#207
Conversation
Upgrade the non-breaking TypeScript execution and bundling tooling to the latest gated releases: - tsx ^4.22.4 → ^4.23.0 - tsdown ^0.22.2 → ^0.22.4 The typescript 6 → 7 major and the @types/node version-source question are handled separately (each needs its own PR / decision). pnpm build and pnpm test pass across all packages. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_014cLAa8HaTokNu5wBM7cM6x
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
Warning Review the following alerts detected in dependencies. According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.
|
There was a problem hiding this comment.
Code Review
This pull request updates dependencies in package.json and pnpm-lock.yaml, bumping tsdown to version 0.22.4 and tsx to 4.23.0. In the lockfile, rolldown is updated to 1.1.5 and rolldown-plugin-dts is updated to 0.27.4. This update transitions the AST toolchain by replacing Babel-related packages with yuku-ast, yuku-codegen, and yuku-parser. I have no feedback to provide as there are no review comments and the dependency updates are standard.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #207 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 12 12
Lines 1659 1659
Branches 288 288
=========================================
Hits 1659 1659 ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 89e0fec872
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| "rimraf": "^6.1.3", | ||
| "tsdown": "^0.22.2", | ||
| "tsx": "^4.22.4", | ||
| "tsdown": "^0.22.4", |
There was a problem hiding this comment.
Raise the Node 24 floor for tsdown
With this upgrade, the lockfile resolves tsdown@0.22.4, whose package metadata now declares engines: {node: ^22.18.0 || >=24.11.0} in pnpm-lock.yaml, but the root package still advertises support for every Node >=24.0.0. Contributors or CI jobs running Node 24.0 through 24.10 can still satisfy the repo engine range but hit unsupported-engine failures in engine-strict installs or when invoking the build tool, so the repo engine should be tightened or the tsdown upgrade held back.
Useful? React with 👍 / 👎.
| tsdown@0.22.2: | ||
| resolution: {integrity: sha512-VX9gsyKXsTnBZjnIM4jsHl9aRv+GfgkE/k1hQslilaBfZMlaw3JuGR+6yhiU0QxWBtOCDnTjwOSoXzgB7Rr50g==} | ||
| engines: {node: ^22.18.0 || >=24.0.0} | ||
| tsdown@0.22.4: |
There was a problem hiding this comment.
Hold tsdown until the release-age window expires
The workspace policy sets minimumReleaseAge: 10080 and minimumReleaseAgeStrict: true in pnpm-workspace.yaml:10-11, but this lockfile pins tsdown@0.22.4 while the npm package metadata currently reports that release as only a few hours old. That contradicts the repo's 7-day supply-chain gate and can force the next policy-enforced re-resolution to roll this upgrade back or require an explicit exception, so this version should wait until it ages in or be excluded deliberately.
Useful? React with 👍 / 👎.
Please check if the PR fulfills these requirements
What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)
Chore — dependency upgrade of the non-breaking TypeScript build/execution tooling. No runtime or source changes.
Versions
tsx^4.22.4→^4.23.0tsdown^0.22.2→^0.22.4Versions are the exact "Latest" from
pnpm outdated(gated by the workspaceminimumReleaseAge); no majors.Two members of the TypeScript/build group are intentionally excluded from this PR:
typescript6 → 7— a breaking major; it gets its own(breaking)PR after breaking-change review.@types/node25 → 26—.nvmrcpins Node24while@types/nodealready sits at25and CI tests Node22/24/26; this version-source mismatch needs a decision rather than a guess.Tests
pnpm buildpasses (tsdown is the bundler for every package)pnpm testpasses — qified 132, nats 80, rabbitmq 114, redis 88, valkey 88, zeromq 8; 100% coverage maintained🤖 Generated with Claude Code
Generated by Claude Code