ci: pin pnpm via packageManager and use frozen lockfile#247
Merged
Conversation
CI pinned pnpm to 8.x.x, which cannot read the lockfileVersion 9.0 lockfile written by the pnpm 10 used locally. It silently ignored the lockfile (`WARN Ignoring not compatible lockfile`) and re-resolved every dependency, pulling a newer KaTeX whose rounded glyph margins broke the exact-HTML assertions in packages/core/test/Parser.test.ts. - Pin pnpm via the `packageManager` field so CI and local agree - Let pnpm/action-setup read that field (e2e: bump v2 -> v4, required) - Use `--frozen-lockfile` so CI fails loudly on lockfile drift instead of silently re-resolving to newer transitive deps
Deploying topology with
|
| Latest commit: |
7e80a67
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://e0822cb0.topology.pages.dev |
| Branch Preview URL: | https://fix-ci-pnpm-pin.topology.pages.dev |
With --frozen-lockfile, CI now resolves the pinned chokidar@3.5.3, whose bundled types declare `class FSWatcher implements fs.FSWatcher` without the ref/unref methods that newer @types/node (22.15.31) added, causing a TS2420 error in `packages/compile` (tsc). chokidar 3.6.0 fixes the type compatibility. This was previously masked: CI ran pnpm 8, which couldn't read the lockfileVersion 9.0 lockfile, ignored it, and re-resolved to versions that happened to type-check. Surfaced now that CI honors the lockfile.
Deploying with
|
| Status | Name | Latest Commit | Preview URL | Updated (UTC) |
|---|---|---|---|---|
| ✅ Deployment successful! View logs |
pi-base-topology | 447b79a | Commit Preview URL Branch Preview URL |
Jun 28 2026, 01:17 AM |
Expand the topology environment's observability config to explicitly persist invocation logs and enable tracing (100% head sampling).
pnpm 10 records build-script execution state in the (cached) store, so on a warm store hit it skips cypress's postinstall and the binary is never fetched into the e2e container, failing with "Cypress binary is missing". The Cypress cache also pointed at /github/home/.cache/Cypress, not the container's CYPRESS_CACHE_FOLDER (/root/.cache/Cypress). - Install the cypress binary explicitly after pnpm install (deterministic) - Point the Cypress cache at /root/.cache/Cypress (bump key v2 -> v3)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
packages/core/test/Parser.test.tswas failing in the Unit tests workflow onmain(e.g. run 28306464955) while passing locally. The failures were KaTeX glyph-margin mismatches like:margin-right:0.13889em→0.1389em(theTglyph)margin-right:0.03588em→0.0359em(theσglyph)Root cause
Not a KaTeX or test bug — a pnpm version mismatch between CI and local:
pnpm-lock.yamlatlockfileVersion: '9.0', pinningkatex@0.16.9(emits the old0.03588emprecision → tests pass).8.x.x, which can't parse a v9 lockfile. The install loggedWARN Ignoring not compatible lockfile, discarded it, and re-resolved all ~1271 deps from scratch — pulling a newer KaTeX 0.16.x that rounds margins, breaking the exact-HTML assertions.Fix
packageManagerfield inpackage.json(pnpm@10.33.0) so CI and local agree.pnpm/action-setupread that field — drop theversion: 8.x.xinput (e2e bumped@v2→@v4, required to readpackageManager).pnpm install --frozen-lockfilein both workflows so CI fails loudly on lockfile drift instead of silently re-resolving.Verification
pnpm install --frozen-lockfile→ "Lockfile is up to date … Already up to date", KaTeX stays0.16.9.pnpm --filter core run test→ all pass (Parser.test.ts: 15 tests, 2 skipped).Note
From now on, changing a dependency without committing the updated
pnpm-lock.yamlwill fail CI at the install step — that's the intended safety net.