Grahamc/switch to npm

[grahamc]

Description

Absorbs #120.

Checklist

• Tested changes against a test repository
• Added or updated relevant documentation (leave unchecked if not applicable)
• (If this PR is for a release) Updated README to point to the new tag (leave unchecked if not applicable)

Summary by CodeRabbit

• Chores
  • Updated package manager commands in CI/CD workflows and build configuration.
  • Updated build step commands for deployment consistency.
  • Bumped development dependency versions for TypeScript, ESLint, Prettier, testing framework, and type utilities.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[netlify]

✅ Deploy Preview for detsys-ts-docs ready!

Name	Link
🔨 Latest commit	78af77d
🔍 Latest deploy log	https://app.netlify.com/projects/detsys-ts-docs/deploys/6939bae8d1eb8d0008b163f5
😎 Deploy Preview	https://deploy-preview-121--detsys-ts-docs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

Walkthrough

This pull request migrates the project's package manager from pnpm to npm. Changes include replacing pnpm commands in CI workflows and build configurations with npm equivalents, adding conditional package manager detection in the update-downstream workflow, updating dependencies, and removing pnpm-specific configuration entries.

Changes

Cohort / File(s)	Summary
CI workflow migration .github/workflows/ci.yml, .github/workflows/update-downstream.yml	Replaced pnpm install with npm ci and pnpm run with npm run across lint, test, build, and docs steps. Added conditional package manager logic in update-downstream to detect and use either pnpm or npm based on pnpm-lock.yaml presence.
Build configuration netlify.toml	Changed build command from pnpm run docs to npm run docs.
Package management package.json	Updated "all" script to use npm run instead of pnpm. Bumped dependencies: type-fest to ^5.3.1, and devDependencies: @types/node to ^24.10.2, @typescript-eslint/eslint-plugin and typescript-eslint to ^8.49.0, prettier to ^3.7.4, tsdown to ^0.17.2, and vitest to ^4.0.15.
Workspace configuration pnpm-workspace.yaml	Removed esbuild and unrs-resolver from onlyBuiltDependencies section.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

• Verify package manager compatibility across all workflows and configurations
• Ensure conditional logic in update-downstream.yml handles both pnpm and npm correctly
• Confirm dependency version bumps don't introduce breaking changes or security issues
• Check that removal of entries from pnpm-workspace.yaml doesn't affect build or dependency resolution

Suggested reviewers

• gustavderdrache
• RossComputerGuy

Poem

🐰 From pnpm hops to npm's swift stride,
Dependencies dance, workflows unified,
Workspace configs trimmed with care,
Package manager magic fills the air! ✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Grahamc/switch to npm' directly reflects the main change: migrating the project from pnpm to npm across CI workflows, build configs, and package scripts.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch grahamc/switch-to-npm

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 437297e and 78af77d.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (5)

• .github/workflows/ci.yml (2 hunks)
• .github/workflows/update-downstream.yml (1 hunks)
• netlify.toml (1 hunks)
• package.json (2 hunks)
• pnpm-workspace.yaml (0 hunks)

💤 Files with no reviewable changes (1)

• pnpm-workspace.yaml

🔇 Additional comments (5)

netlify.toml (1)

2-2: Straightforward package manager migration. The build command correctly switches from pnpm to npm.

.github/workflows/update-downstream.yml (1)

82-88: Backward-compatible conditional logic for package manager detection. This pragmatically handles downstream repos that may still use pnpm, but creates technical debt if not systematically migrated. Ensure downstream repos have a migration timeline.

Please verify that:

1. The conditional logic works correctly for both pnpm and npm contexts in downstream repos.
2. The npm run all and pnpm run all scripts produce equivalent results.
3. There's a documented plan/timeline for migrating downstream repos to npm (if applicable).

package.json (1)

16-16: Script correctly migrated from pnpm to npm. The "all" script now uses npm equivalents and explicitly clears the dist directory, maintaining the original behavior.

.github/workflows/ci.yml (2)

21-22: Correct use of npm ci for CI environment. This is the right choice for deterministic builds using the lock file.

Verify that package-lock.json is committed to the repository and up-to-date. If not, this will cause the CI to fail.

---

25-25: CI commands correctly migrated from pnpm to npm. All script invocations are straightforward equivalents, and the nix develop wrapping is preserved for environment consistency.

Also applies to: 28-28, 31-31, 43-43

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

cat -n package.json | sed -n '30,55p'

Repository: DeterminateSystems/detsys-ts

Length of output: 938

---

🌐 Web query:

tsdown 0.17.2 breaking changes 0.16.8

💡 Result:

Summary of breaking changes introduced after v0.16.8 (i.e., in the v0.17.x line):

• v0.17.0 — Breaking changes:

  • Rolldown native watcher added (watcher behavior changed).
  • Enable failOnWarn by default in CI (can be reverted by setting failOnWarn: false).
  • Remove unconfig from configLoader.
  • Support exports, publint, attw for multi-configs.
  • attw.profile value renamed from "esmOnly" → "esm-only".
    (v0.17.0 also added other features; see notes.) [1]

• v0.17.1 / v0.17.2 — bugfixes only (v0.17.2: "Empty clean array" fix). No additional breaking changes after v0.17.0. [1][2]

If you want, I can extract the exact commit/PR links for each breaking item or show the minimal config changes to migrate (e.g., rename attw.profile value).

Sources: GitHub releases for tsdown v0.17.0 and v0.16.8 / v0.17.2. [1] [2]

References
[1] rolldown/tsdown — v0.17.0 release notes (breaking changes).
[2] rolldown/tsdown — v0.16.8 and v0.17.2 release entries.

---

tsdown 0.17.2 includes breaking changes compared to 0.16.8; verify configuration compatibility. The v0.17.0 upgrade introduced:

• Rolldown native watcher behavior change
• failOnWarn now defaults to true in CI (requires explicit failOnWarn: false if the old behavior is needed)
• Removal of unconfig from configLoader
• Config schema change: attw.profile: "esmOnly" renamed to "esm-only"

Confirm that project configuration and CI setup accommodate these breaking changes. v0.17.1 and v0.17.2 contain only bugfixes.