chore(ui): pin packageManager to npm@11.6.2#2245
Closed
cjlg-soloio wants to merge 15 commits into
Closed
Conversation
Node 24.13.0 (ui/.nvmrc) bundles npm 11.6.2. Pinning packageManager keeps npm installs reproducible and prevents package-lock.json metadata churn across npm versions. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: Carlos Logroño Guerrero <carlos.logrono@solo.io>
Regenerated with the pinned npm (11.6.2) so the lockfile matches the packageManager field. Diff is metadata-only (peer/optional flags); no dependency version changes. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: Carlos Logroño Guerrero <carlos.logrono@solo.io>
Signed-off-by: Carlos Logroño Guerrero <carlos.logrono@solo.io>
Signed-off-by: Carlos Logroño Guerrero <carlos.logrono@solo.io>
…re(ui)--package-manager Signed-off-by: Carlos Logroño Guerrero <carlos.logrono@solo.io>
Signed-off-by: Carlos Logroño Guerrero <carlos.logrono@solo.io>
Contributor
There was a problem hiding this comment.
Pull request overview
Pins the UI workspace’s npm version via packageManager to reduce lockfile churn across npm versions and make npm install/npm ci more reproducible in the ui/ project.
Changes:
- Add
"packageManager": "npm@11.6.2"toui/package.json. - Regenerate
ui/package-lock.jsonunder npm 11.6.2 (lockfile metadata/structure updates consistent with the new npm version).
Reviewed changes
Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| ui/package.json | Adds packageManager pin to npm 11.6.2 for reproducible installs. |
| ui/package-lock.json | Lockfile regenerated under npm 11.6.2 (numerous metadata/structure changes). |
Files not reviewed (1)
- ui/package-lock.json: Generated file
Comments suppressed due to low confidence (1)
ui/package-lock.json:985
- The PR description calls this lockfile update “metadata-only” with “no dependency version changes”, but this regen drops entire package entries (e.g.
node_modules/@emnapi/core/node_modules/@emnapi/runtimeare no longer present) and removes the nested@emnapi/wasi-threads@1.2.2entry (only@emnapi/wasi-threads@1.2.1remains). Please update the PR description to reflect that the lockfile’s package set changed, or re-generate the lockfile in a way that preserves those optional/transitive entries if that was the intent.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Signed-off-by: Carlos Logroño Guerrero <carlos.logrono@solo.io>
Charlesthebird
approved these changes
Jul 15, 2026
EItanya
previously approved these changes
Jul 15, 2026
The ui-tests job ran npm ci with the latest npm bundled in node 24.x (11.8.0), but the lock file was regenerated with the pinned npm@11.6.2, so the @emnapi optional-dep tree resolved differently and npm ci failed as out of sync. Pin Node via ui/.nvmrc and enable corepack so npm ci uses the packageManager version that generated the lock file. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: Nicholas Bucher <behappy54321@gmail.com>
ci: honor pinned npm via corepack for UI jobs
peterj
approved these changes
Jul 16, 2026
Charlesthebird
approved these changes
Jul 16, 2026
Charlesthebird
approved these changes
Jul 16, 2026
Contributor
Author
|
Closing in favor of #2271 (identical change, branch renamed to remove parentheses). |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
🤖 written by Claude (start)
Follow-up to a review comment on #2180: pins the npm version via the
packageManagerfield sonpm installis reproducible andui/package-lock.jsonstops picking up metadata churn across npm versions.ui/.nvmrcpins Node 24.13.0, which bundles npm 11.6.2 — so the field is set tonpm@11.6.2, consistent with the Node version CI already reads from.nvmrc.Files
Modified
ui/package.json— adds top-level"packageManager": "npm@11.6.2"ui/package-lock.json— regenerated under npm 11.6.2 to match the pin; metadata-only diff (peer/optionalflags), no dependency version changesTesting
Change type
chore / cleanup — dev tooling only. No product or runtime code changed.
Changelog
NONE🤖 written by Claude (end)