Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Close #1506: PNPM monorepo with pnpm-lock.yaml files. #1514

Merged
merged 5 commits into from
Feb 24, 2025
Merged

Close #1506: PNPM monorepo with pnpm-lock.yaml files. #1514

merged 5 commits into from
Feb 24, 2025

Conversation

samchon
Copy link
Owner

@samchon samchon commented Feb 24, 2025

This pull request includes significant changes to the typia project, focusing on dependency updates, the switch from npm to pnpm for package management, and the removal of deprecated components. Below are the most important changes:

Dependency Updates:

  • Added @types/body-parser and fp-ts to benchmark/package.json. [1] [2]
  • Updated body-parser to version 1.20.3 in benchmark/package.json.

Package Management:

  • Replaced npm commands with pnpm commands in deploy/index.ts and deploy/internal/DeployRunner.ts. [1] [2] [3] [4]

Removal of Deprecated Components:

  • Removed the ReplicaPublisher and its associated logic from deploy/internal/DeployRunner.ts and deploy/internal/ReplicaPublisher.ts. [1] [2]
  • Deleted the LICENSE and README.md files from the packages/typescript-json directory. [1] [2]

Package Configuration:

  • Updated the version and removed the private field in the root package.json. [1] [2]
  • Removed the typescript-json package configuration from packages/typescript-json/package.json.

These changes streamline the project by updating dependencies, improving package management, and removing deprecated components.

@samchon samchon added the enhancement New feature or request label Feb 24, 2025
@samchon samchon self-assigned this Feb 24, 2025
@pkg-pr-new pkg.pr.new
Copy link

pkg-pr-new bot commented Feb 24, 2025
edited
Loading

Open in Stackblitz

npm i https://pkg.pr.new/typia@1514

commit: 40936b0

@socket-security Socket Security
Copy link

socket-security bot commented Feb 24, 2025
edited
Loading

New, updated, and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@fastify/type-provider-typebox@3.6.0 None 0 25.5 kB matteo.collina
npm/@rollup/plugin-commonjs@26.0.3 filesystem Transitive: environment, shell +42 4.46 MB shellscape
npm/@rollup/plugin-node-resolve@15.3.1 Transitive: environment, filesystem +13 651 kB guybedford, lukastaegert, rich_harris, ...1 more
npm/@rollup/plugin-typescript@11.1.6 environment, filesystem +10 587 kB shellscape
npm/@samchon/openapi@3.0.0-dev.20250224 network 0 1.92 MB samchon
npm/@sinclair/typebox@0.31.28 None 0 536 kB sinclair
npm/@trivago/prettier-plugin-sort-imports@3.4.0 Transitive: environment, eval, filesystem, shell, unsafe +63 21.8 MB ayusharma
npm/@typegoose/typegoose@10.6.0 environment Transitive: eval, filesystem, network +27 11.9 MB hasezoey
npm/@types/autocannon@7.12.6 None 0 21.9 kB types
npm/@types/benchmark@2.1.5 None 0 9.24 kB types
npm/@types/inquirer@8.2.10 None +3 4.66 MB types
npm/@types/physical-cpu-count@2.0.2 None 0 3.23 kB types
npm/@types/uuid@8.3.4 None 0 6.67 kB types
npm/@types/uuid@9.0.8 None 0 6.74 kB types
npm/@typescript-eslint/eslint-plugin@8.24.1 Transitive: environment, eval, filesystem, shell, unsafe +104 16.5 MB bradzacher, jameshenry
npm/@typescript-eslint/parser@8.24.1 Transitive: environment, eval, filesystem, shell, unsafe +102 13.3 MB bradzacher, jameshenry
npm/autocannon@7.15.0 environment, filesystem, network, shell Transitive: eval, unsafe +53 3.25 MB matteo.collina
npm/benchmark@2.1.4 eval +2 1.55 MB jdalton
npm/class-transformer@0.5.1 None 0 776 kB typestack-release-bot
npm/class-validator@0.14.1 None +3 14.3 MB typestack-release-bot
npm/cli@1.0.1 environment Transitive: filesystem +12 253 kB cohara87
npm/commander@10.0.1 🔁 npm/commander@8.3.0, npm/commander@9.2.0 None 0 174 kB abetomo
npm/d3@5.16.0 🔁 npm/d3@7.9.0 Transitive: filesystem, network, shell +35 4.01 MB mbostock
npm/eslint-plugin-deprecation@3.0.0 Transitive: environment, eval, filesystem, shell, unsafe +108 13.6 MB gund
npm/fast-json-stringify@5.16.1 eval +6 687 kB jsumners
npm/fastify@4.29.0 Transitive: environment, eval, filesystem +39 4.99 MB eomm
npm/fp-ts@2.16.9 None 0 4.74 MB gcanti
npm/io-ts@2.2.22 None 0 460 kB gcanti
npm/jsdom@21.1.2 eval, filesystem, network, shell, unsafe Transitive: environment +64 8.45 MB domenic
npm/physical-cpu-count@2.0.0 shell 0 3.14 kB seb
npm/prettier@2.8.8 environment, filesystem, unsafe 0 11.2 MB prettier-bot
npm/protobufjs@7.2.5 filesystem, network +11 3.02 MB google-wombot
npm/reflect-metadata@0.1.14 None 0 295 kB rbuckton
npm/rimraf@3.0.2 filesystem Transitive: environment +11 162 kB isaacs
npm/rollup@4.34.8 None +1 2.72 MB eventualbuddha, lukastaegert, rich_harris, ...2 more
npm/suppress-warnings@1.0.2 None 0 10.3 kB donovan_dmc
npm/tgrid@0.10.3 None +3 572 kB samchon
npm/ts-expose-internals@5.5.4 None 0 1.53 MB nonara
npm/ts-loader@9.5.2 None +2 23.1 MB blakeembrey, jbrantly, johnnyreilly
npm/ts-node@10.9.2 environment, filesystem, unsafe +32 3.48 MB blakeembrey
npm/tstl@3.0.0 None 0 2.58 MB samchon
npm/typedoc-github-theme@0.2.1 filesystem 0 14.7 kB julianwowra
npm/typedoc@0.27.8 None +2 25.4 MB typedoc-bot
npm/typia@7.6.4 Transitive: network +2 28.6 MB samchon
npm/uuid@9.0.1 None 0 123 kB ctavan
npm/write-file-webpack-plugin@4.5.1 filesystem 0 26.4 kB gajus
npm/zod@3.24.2 None 0 699 kB colinhacks

View full report↗︎

@socket-security Socket Security
Copy link

socket-security bot commented Feb 24, 2025
edited
Loading

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package NoteSourceCI
Critical CVE npm/@babel/traverse@7.17.3 ⚠︎

View full report↗︎

Next steps

What is a critical CVE?

Contains a Critical Common Vulnerability and Exposure (CVE).

Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

  • @SocketSecurity ignore npm/@babel/traverse@7.17.3

samchon
samchon commented Feb 24, 2025
View reviewed changes
Copy link
Owner Author

@samchon samchon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ryoppippi Succeeded to restore pnpm-lock.yaml, but bun is not working on pnpm monorepo.

@samchon samchon merged commit a1ccee9 into v8.0 Feb 24, 2025
10 checks passed
@samchon samchon deleted the feat/monorepo branch February 24, 2025 18:14
@ryoppippi
Copy link
Contributor

Oh yes.
Actually if you use pnpm we can ignore bun actually. I'll send a pr to delete bun later.

@ryoppippi
Copy link
Contributor

I'll work for removing Bun and fix rollup.config.js before v8.0
I have a work reaching the deadline rn, so please wait until next week.
BTW, I can't wait for next week!

@samchon

samchon added a commit that referenced this pull request Mar 1, 2025
@samchon @ryoppippi
Publish v8.0 (#1523)
4d82c4e 
* Prepare `@samchon/openapi` v3 update (#1507)

* Prepare next update of TypeScript (#1509)

* No more `typia patch` command required (#1510)

* Upgrade next version depepdency

* Close #1506: PNPM monorepo with `pnpm-lock.yaml` files. (#1514)

* Close #1506: PNPM monorepo with `pnpm-lock.yaml` files.

* Update workflows

* Fix build.yml

* Fix build.yml again

* Disable bun due to it does not support PNPM monorepo

* feat: remvoe bun action (#1520)

* Deprecate `llm.applicationOfValidate()` function. (#1524)

* Publish v8.0

---------

Co-authored-by: ryoppippi <1560508+ryoppippi@users.noreply.github.com>
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees

@samchon samchon

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@samchon @ryoppippi