Switch package manager from yarn to pnpm#77
Merged
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Co-authored-by: jiangtj <15902347+jiangtj@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Update dependencies to latest version
Update dependencies to latest versions
Mar 13, 2026
Co-authored-by: jiangtj <15902347+jiangtj@users.noreply.github.com>
Copilot
AI
changed the title
Update dependencies to latest versions
Replace yarn with pnpm
Mar 18, 2026
Co-authored-by: jiangtj <15902347+jiangtj@users.noreply.github.com>
Copilot
AI
changed the title
Replace yarn with pnpm
Switch package manager from yarn to pnpm
Mar 18, 2026
删除不再使用的hexo-newd.js和install.json文件 更新package.json中的依赖版本 优化markdown文档格式和内容展示
Review Summary by QodoMigrate to pnpm, update dependencies, and adopt ESLint flat config
WalkthroughsDescription• Migrate package manager from yarn to pnpm with updated configuration • Update dependencies to latest versions including Hexo 8.1.1 • Migrate ESLint to flat config format with new eslint.config.js • Remove unused files (hexo-newd.js, install.json) and clean up documentation • Update CI/CD workflows and Docker configuration for pnpm compatibility Diagramflowchart LR
A["Package Manager<br/>yarn → pnpm"] --> B["Configuration<br/>Updates"]
C["Dependency<br/>Updates"] --> D["ESLint Flat<br/>Config"]
E["File Cleanup<br/>Remove unused files"] --> F["CI/CD &<br/>Docker Updates"]
B --> G["Updated Project"]
D --> G
F --> G
File ChangesView more (11)7. .github/workflows/pages.yml
|
Code Review by Qodo
1. No committed pnpm lockfile
|
![qodo-code-review[bot]](https://avatars.githubusercontent.com/in/484649?s=60&v=4){kind=small}
Comment on lines
+31
to
+32
| pnpm add -g hexo-cli | ||
| pnpm install |
There was a problem hiding this comment.
1. No committed pnpm lockfile 🐞 Bug ⛯ Reliability
CI and Docker run pnpm install while pnpm-lock.yaml is excluded from the repo, so installs will resolve potentially different dependency versions over time (due to ^ ranges), leading to non-reproducible builds/deployments. This can cause “works yesterday, fails today” CI and production site differences without any code changes.
Agent Prompt
## Issue description
`pnpm install` is executed in CI and Docker, but `pnpm-lock.yaml` is not present/committed (it is gitignored). With `^` dependency ranges, this makes dependency resolution drift over time and breaks build reproducibility.
## Issue Context
- CI (`pages.yml`) runs `pnpm install`.
- Docker build runs `pnpm install`.
- The repository ignores `pnpm-lock.yaml`.
## Fix Focus Areas
- .gitignore[4-9]
- .github/workflows/pages.yml[24-34]
- Dockerfile[3-10]
- package.json[17-40]
## Suggested fix
1. Remove `pnpm-lock.yaml` from `.gitignore` and add/commit the generated `pnpm-lock.yaml`.
2. In CI, change to `pnpm install --frozen-lockfile` (or pnpm’s equivalent strict mode) to ensure the lockfile is honored.
3. Consider doing the same in Docker builds (e.g., `pnpm install --frozen-lockfile`) for deterministic container builds.
ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Replaces yarn with pnpm across all tooling and configuration. Drops
pnpm-lock.yamlfrom version control and removes the Gitpod config file.Package manager migration
package.json—packageManagerupdated topnpm@10.32.1; proxy scripts (p,pg) updated to pnpm flag syntaxyarn.lock→ removed;pnpm-lock.yamlgenerated but added to.gitignore.yarnrc→ replaced with.npmrc(registry config +shamefully-hoist=trueto preserve transitive dep access for Hexo scripts)CI / tooling
.github/workflows/pages.yml— addedpnpm/action-setup@v4, switchedcache: yarn→cache: pnpm, bumped Node.js 14 → 20, replaced allyarninvocations withpnpmDockerfile—yarn global add hexo-cli+yarn install→npm install -g pnpm hexo-cli+pnpm install.gitpod.yml— removedMinor
.gitignore— addedpnpm-lock.yaml_config.yml— updated inline comment fromyarn add→pnpm add📍 Connect Copilot coding agent with Jira, Azure Boards or Linear to delegate work to Copilot in one click without leaving your project management tool.