chore: migrate to utoo CI and fix circular dependencies#5830
chore: migrate to utoo CI and fix circular dependencies#5830
Conversation
|
Important Review skippedDraft detected. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request refactors the project's dependency and workspace management. It transitions from using Highlights
Changelog
Ignored Files
Activity
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
Warning Review the following alerts detected in dependencies. According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request refactors the project's dependency and workspace management by migrating configuration from pnpm-workspace.yaml to a new .utoo.toml file and package.json. My review focuses on the maintainability of the new configuration and the potential impact on the developer workflow. I've suggested sorting the new dependency catalog for better readability and pointed out a potential issue with the removal of the packageManager enforcement that could be addressed with documentation.
.utoo.toml
Outdated
| [catalog] | ||
| "@clack/prompts" = "^0.11.0" | ||
| "@eggjs/compressible" = "^3.0.0" | ||
| "@eggjs/cookies" = "^3.1.0" | ||
| "@eggjs/ip" = "^2.1.0" | ||
| "@eggjs/rds" = "^1.5.0" | ||
| "@eggjs/redis" = "^3.0.0" | ||
| "@eggjs/scripts" = "^4.0.0" | ||
| "@fengmk2/ps-tree" = "^2.0.1" | ||
| "@oclif/core" = "^4.2.0" | ||
| "@oxc-node/core" = "^0.0.35" | ||
| typebox = "^1.0.65" | ||
| "@swc-node/register" = "^1.11.1" | ||
| "@swc/core" = "^1.15.1" | ||
| "@types/accepts" = "^1.3.7" | ||
| "@types/body-parser" = "^1.19.5" | ||
| "@types/bytes" = "^3.1.5" | ||
| "@types/common-tags" = "^1.8.4" | ||
| "@types/content-disposition" = "^0.5.8" | ||
| "@types/content-type" = "^1.1.8" | ||
| "@types/cookie-parser" = "^1.4.8" | ||
| "@types/cookies" = "^0.9.0" | ||
| "@types/cross-spawn" = "^6.0.6" | ||
| "@types/destroy" = "^1.0.3" | ||
| "@types/encodeurl" = "^1.0.2" | ||
| "@types/escape-html" = "^1.0.4" | ||
| "@types/express" = "^5.0.0" | ||
| "@types/extend" = "^3.0.4" | ||
| "@types/fresh" = "^0.5.2" | ||
| "@types/fs-readdir-recursive" = "^1.1.3" | ||
| "@types/http-errors" = "^2.0.4" | ||
| "@types/ini" = "^4.1.1" | ||
| "@types/js-beautify" = "^1.14.3" | ||
| "@types/js-yaml" = "^4.0.9" | ||
| "@types/koa-bodyparser" = "^4.3.12" | ||
| "@types/koa-compose" = "^3.2.8" | ||
| "@types/koa-range" = "^0.3.5" | ||
| "@types/lodash" = "^4.17.20" | ||
| "@types/lodash.snakecase" = "^4.1.9" | ||
| "@types/methods" = "^1.1.4" | ||
| "@types/mime-types" = "^3.0.0" | ||
| "@types/mocha" = "^10.0.10" | ||
| "@types/mustache" = "^4.2.5" | ||
| "@types/node" = "^24.10.2" | ||
| "@types/nunjucks" = "^3.2.6" | ||
| "@types/on-finished" = "^2.3.4" | ||
| "@types/parseurl" = "^1.3.3" | ||
| "@types/pluralize" = "^0.0.33" | ||
| "@types/safe-timers" = "^1.1.2" | ||
| "@types/sqlstring" = "^2.3.2" | ||
| "@types/stack-trace" = "^0.0.33" | ||
| "@types/statuses" = "^2.0.5" | ||
| "@types/superagent" = "^8.1.9" | ||
| "@types/type-is" = "^1.6.6" | ||
| "@types/urijs" = "^1.19.25" | ||
| "@types/vary" = "^1.1.3" | ||
| "@typescript/native-preview" = "7.0.0-dev.20260117.1" | ||
| "@vitest/coverage-v8" = "^4.0.15" | ||
| "@vitest/ui" = "^4.0.15" | ||
| accepts = "^1.3.8" | ||
| address = "2" | ||
| ajv = "^8.8.2" | ||
| ajv-formats = "^2.1.1" | ||
| ajv-keywords = "^5.1.0" | ||
| assert-file = "1" | ||
| await-event = "2" | ||
| await-first = "^1.0.0" | ||
| beautify-benchmark = "^0.2.4" | ||
| benchmark = "^2.1.4" | ||
| body-parser = "^2.0.0" | ||
| bytes = "^3.1.2" | ||
| c8 = "^10.1.3" | ||
| cache-content-type = "^2.0.0" | ||
| camelcase = "^9.0.0" | ||
| cfork = "^2.0.0" | ||
| chalk = "^5.4.1" | ||
| cheerio = "^1.0.0" | ||
| ci-parallel-vars = "^1.0.1" | ||
| circular-json-for-egg = "^1.0.0" | ||
| cluster-client = "^3.7.0" | ||
| cluster-reload = "^2.0.0" | ||
| co-busboy = "^2.0.1" | ||
| coffee = "5" | ||
| common-tags = "^1.8.2" | ||
| content-disposition = "~1.0.0" | ||
| content-type = "^1.0.5" | ||
| cookie = "^1.0.2" | ||
| cookie-parser = "^1.4.6" | ||
| cookies = "^0.9.1" | ||
| cpy = "^12.0.0" | ||
| cpy-cli = "^6.0.0" | ||
| cron-parser = "^4.9.0" | ||
| cross-env = "^10.0.0" | ||
| cross-spawn = "^7.0.6" | ||
| csrf = "^3.1.0" | ||
| dayjs = "^1.11.13" | ||
| debounce = "^3.0.0" | ||
| destroy = "^1.0.4" | ||
| detect-port = "^2.1.0" | ||
| egg-errors = "^2.3.0" | ||
| egg-logger = "^3.5.0" | ||
| egg-plugin-puml = "^2.4.0" | ||
| egg-view-nunjucks = "^2.3.0" | ||
| encodeurl = "^2.0.0" | ||
| esbuild = "^0.27.0" | ||
| esbuild-register = "^3.6.0" | ||
| escape-html = "^1.0.3" | ||
| execa = "^9.6.0" | ||
| express = "^4.21.2" | ||
| extend = "^3.0.2" | ||
| extend2 = "^4.0.0" | ||
| formstream = "^1.5.1" | ||
| fresh = "~0.5.2" | ||
| fs-readdir-recursive = "^1.1.0" | ||
| gals = "1" | ||
| get-ready = "^3.1.0" | ||
| glob = "^11.0.0" | ||
| globby = "^11.0.2" | ||
| graceful = "^2.0.0" | ||
| graceful-process = "^2.0.0" | ||
| http-errors = "^2.0.0" | ||
| humanize-ms = "^2.0.0" | ||
| husky = "^9.1.7" | ||
| inflection = "^3.0.0" | ||
| ini = "^6.0.0" | ||
| iconv-lite = "^0.6.3" | ||
| ioredis = "^5.4.2" | ||
| ioredis-mock = "^8.13.1" | ||
| is-type-of = "^2.2.0" | ||
| jest-changed-files = "^30.0.0" | ||
| js-beautify = "^1.15.3" | ||
| js-yaml = "^4.1.1" | ||
| jsonp-body = "^2.0.0" | ||
| keygrip = "^1.0.2" | ||
| koa-bodyparser = "^4.4.1" | ||
| koa-compose = "^4.1.0" | ||
| koa-onerror = "^5.0.1" | ||
| koa-override = "^4.0.0" | ||
| koa-range = "^0.3.0" | ||
| koa-session = "^7.0.2" | ||
| koa-static = "^5.0.0" | ||
| leoric = "^2.12.2" | ||
| lint-staged = "^16.2.7" | ||
| lodash = "^4.17.21" | ||
| "lodash.snakecase" = "^4.1.1" | ||
| marked = "^17.0.0" | ||
| matcher = "^4.0.0" | ||
| merge-descriptors = "^2.0.0" | ||
| methods = "^1.1.2" | ||
| mime-types = "^3.0.0" | ||
| mm = "^4.0.2" | ||
| mocha = "^11.7.5" | ||
| moment = "^2.30.1" | ||
| mri = "^1.2.0" | ||
| multimatch = "^7.0.0" | ||
| mustache = "^4.2.0" | ||
| mysql2 = "^3.12.0" | ||
| mz = "^2.7.0" | ||
| mz-modules = "^2.1.0" | ||
| nanoid = "^5.0.0" | ||
| node-homedir = "^2.0.0" | ||
| npminstall = "^7.12.0" | ||
| nunjucks = "^3.2.4" | ||
| nunjucks-markdown = "^2.0.1" | ||
| on-finished = "^2.4.1" | ||
| onelogger = "^1.0.1" | ||
| oss-client = "^2.5.1" | ||
| oxc-minify = "^0.105.0" | ||
| oxfmt = "^0.20.0" | ||
| oxlint = "^1.32.0" | ||
| oxlint-tsgolint = "^0.11.0" | ||
| parseurl = "^1.3.3" | ||
| path-to-regexp = "^6.3.0" | ||
| performance-ms = "^1.1.0" | ||
| picocolors = "^1.1.1" | ||
| pluralize = "^8.0.0" | ||
| publint = "^0.3.16" | ||
| ready-callback = "^4.0.0" | ||
| reflect-metadata = "^0.2.2" | ||
| rimraf = "^6.1.2" | ||
| runscript = "^2.0.1" | ||
| safe-timers = "^1.1.0" | ||
| sdk-base = "^5.0.1" | ||
| semver = "^7.7.3" | ||
| sendmessage = "^3.0.1" | ||
| should-send-same-site-none = "^2.0.5" | ||
| source-map-support = "^0.5.21" | ||
| spy = "^1.0.0" | ||
| sqlstring = "^2.3.3" | ||
| stack-trace = "^0.0.10" | ||
| statuses = "^2.0.1" | ||
| stream-wormhole = "^2.0.1" | ||
| superagent = "^10.0.0" | ||
| terminal-link = "^5.0.0" | ||
| ts-node = "^10.9.2" | ||
| tsconfig-paths = "^4.2.0" | ||
| tsdown = "^0.18.2" | ||
| tsx = "4.20.6" | ||
| type-fest = "^5.0.1" | ||
| type-is = "^2.0.0" | ||
| typescript = "^5.9.3" | ||
| unplugin-unused = "^0.5.4" | ||
| urijs = "^1.19.11" | ||
| urllib = "^4.8.2" | ||
| utility = "^2.5.0" | ||
| vary = "^1.1.2" | ||
| vitepress = "2.0.0-alpha.15" | ||
| vitepress-plugin-llms = "^1.10.0" | ||
| vitest = "^4.0.15" | ||
| xss = "^1.0.15" | ||
| ylru = "^2.0.0" | ||
| zod = "^3.24.1" |
There was a problem hiding this comment.
To improve the maintainability of this large catalog file, it's recommended to sort all entries alphabetically by package name. The current ordering has several inconsistencies. For example:
typeboxon line 12 is placed between scoped packages like@oxc-node/coreand@swc-node/register.iconv-liteon line 126 comes afterinion line 125.
A consistent alphabetical order makes the file easier to read, navigate, and manage, especially when adding or updating dependencies. Consider using a script to sort the entries.
| "engines": { | ||
| "node": ">=22.18.0" | ||
| }, | ||
| "packageManager": "pnpm@10.28.0" |
There was a problem hiding this comment.
Removing the packageManager field disables the enforcement of a specific pnpm version for this project. However, the devDependencies still use the pnpm-specific catalog: protocol. This could lead to confusion and issues for developers who might try to use other package managers like npm or yarn, or different versions of pnpm. If the project is intended to be managed exclusively by the utoo tool, it would be helpful to document this requirement in the CONTRIBUTING.md or README.md to ensure a smooth developer experience.
Deploying egg-v3 with
|
| Latest commit: |
9e89ed2
|
| Status: | 🚫 Build failed. |
Deploying egg with
|
| Latest commit: |
9e89ed2
|
| Status: | 🚫 Build failed. |
elrrrrrrr
changed the title
Codecov Report✅ All modified and coverable lines are covered by tests.
Additional details and impacted files@@ Coverage Diff @@
## next #5830 +/- ##
===========================================
- Coverage 85.63% 65.21% -20.42%
===========================================
Files 665 1 -664
Lines 13004 23 -12981
Branches 1495 9 -1486
===========================================
- Hits 11136 15 -11121
+ Misses 1744 7 -1737
+ Partials 124 1 -123 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
- Replace pnpm/action-setup with setup-utoo in all CI jobs - Use ut install --from pnpm for dependency installation - Replace pnpm run/filter commands with ut run equivalents - Use --workspaces --if-present for topological workspace execution - Use --workspace <pkg> for targeted package execution - Use -- passthrough for tsdown args (ut run build -- --workspace) - Remove pnpm dedupe --check step (no longer needed) - Fix tools/scripts ci script to use ut run cov
ut does not install optional peer deps automatically, so unplugin-unused (required by tsdown's unused.level feature) must be declared explicitly. Also includes workspaces/overrides fields auto-resolved from pnpm config by ut install.
publint auto-detects pnpm via pnpm-lock.yaml and calls pnpm pack, but pnpm is not on PATH when using setup-utoo. Set pack: 'npm' explicitly so pnpm binary is not required for publint checks.
- Replace pnpm/action-setup with setup-utoo - Use ut install --from pnpm for dependency installation - Use ut run build for building all packages - Replace pnpm -r pack with npm pack --workspaces - Sync pnpm-lock.yaml to include unplugin-unused
npm pack --workspaces fails on packages without version (e.g. site). Also, pnpm -r pack places tarballs in workspace root, while npm pack places them in each package's own directory. pack-all.mjs replicates pnpm -r pack behavior: - reads workspace patterns from pnpm-workspace.yaml - skips private/unnamed/unversioned packages - packs each with --pack-destination to workspace root
oxfmt reordered imports and placed execSync import inside the JSDoc comment block, making it unavailable at runtime. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
npm does not understand catalog: protocol; ut install handles it correctly. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…pack npm pack does not resolve pnpm catalog: or workspace: protocol entries, leaving them raw in the tgz package.json. Downstream npm install then fails with EUNSUPPORTEDPROTOCOL. Pre-resolve these to actual semver versions before packing, then restore the originals. Also revert downstream test commands back to npm install/run since cnpmcore/examples use plain semver and npm can install the cleaned tgzs. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
npm pack does not apply publishConfig.exports automatically. Packages use devExports (src/) in exports and dist/ in publishConfig.exports. Without merging publishConfig first, the tgz contains src/ exports and downstream npm install fails to find the source files. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
utoo does not recognize workspace paths with ./ prefix. Change ./tools/egg-bin and ./tools/scripts to tools/egg-bin and tools/scripts respectively. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1 participant
Summary
eggfromdevDependenciestopeerDependenciesacross 34+ packages to break workspace-internal dependency cycles detected by utoopnpmcommands withutequivalents in rootpackage.jsonscriptsunplugin-unused: Required peer dependency oftsdownfor theunusedcheck feature-w @eggjs/bin) instead of dir paths (--workspace ./tools/egg-bin) for utoo workspace flag; setNO_COLOR=1to avoid ANSI escape codes in test stdoutApplicationinterface in tegg-plugin types; remove stale@ts-expect-errordirectives[master]/[app_worker]/[agent_worker]and subsequent textKnown issues (pre-existing, not introduced by this PR)
@eggjs/orm-plugintest usesdescribe()insideit()which vitest disallows — skipped@eggjs/developmentfastReadytest is flaky in CI (stdout match intermittently fails) — skippedcnpmcore,examples) fail becausepnpm-workspace.yamldoes not exist on this branch — not addressed (branch-level issue)ut pretest --workspacestriggers@eggjs/orm-pluginpretest which requires MySQL (no MySQL in that CI job)Test plan
ut deps --workspace-onlypasses (no cycles)typecheckCI job passesoxlint --type-awarepasses locallyut pretest --workspacespasses locally🤖 Generated with Claude Code