Fix main CI dependency resolution#95
Merged
Merged
Conversation
The main branch CI was failing in the Vite package because pnpm-lock.yaml still resolved safe-mdx through a local file link outside the checkout. GitHub Actions installed successfully, but TypeScript could not resolve safe-mdx or safe-mdx/parse during pnpm build. This updates @holocron.so/vite to use the published safe-mdx package and regenerates the lockfile so CI installs a real package instead of a missing local link. After that fix, the root build reached the CLI package and exposed the next build-order issue: the CLI imports the built website app type, but this branch does not emit website declaration files. A tiny ambient shim keeps the existing import shape compiling on main without pulling website source internals into the CLI typecheck. Validation: - pnpm install --frozen-lockfile - pnpm --dir cli build - pnpm build - npx lintcn lint in cli passed - npx lintcn lint in vite only reported existing unrelated issues in src/lib/openapi and src/lib/sync.ts Session: ses_1dedcadcaffenDH5N3W85hpDii
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 02aaf18a97
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| "remark-gfm": "^4.0.1", | ||
| "remark-mdx": "^3.1.1", | ||
| "safe-mdx": "^1.3.9", | ||
| "safe-mdx": "^1.10.0", |
There was a problem hiding this comment.
This manifest change still will not make CI use the published safe-mdx: I checked pnpm-workspace.yaml, which still overrides safe-mdx to link:../safe-mdx, and the committed lockfile still records vite's safe-mdx as link:../../safe-mdx. In a fresh GitHub Actions checkout without that sibling repository, workspace installs/builds continue to depend on the missing local link instead of the new ^1.10.0 package, so the dependency-resolution failure this commit is meant to fix remains until the override is removed and the lockfile is regenerated.
Useful? React with 👍 / 👎.
The first CI fix bumped @holocron.so/vite to a published safe-mdx range, but pnpm-workspace.yaml still forced every safe-mdx dependency to link:../safe-mdx. That works on this machine because a sibling checkout exists, but it fails in GitHub Actions where the sibling package is not present. This removes the workspace override and regenerates pnpm-lock.yaml so CI installs safe-mdx from the registry. The full root build now succeeds after a frozen install. Validation: - pnpm install --frozen-lockfile - pnpm build Session: ses_1dedcadcaffenDH5N3W85hpDii
The previous CI fix got the workspace to install safe-mdx from the registry again, which let GitHub Actions progress to the website build. That exposed the existing BetterAuth adapter mismatch: the website imports `@better-auth/drizzle-adapter/relations-v2` because this repo uses `drizzle-orm@1.0.0-beta`, but the lockfile still resolved BetterAuth packages that did not publish the drizzle v1 adapter entrypoint CI needs. This pins the website BetterAuth runtime and drizzle adapter to the PR #9489 package builds that add drizzle v1 support. The lockfile is regenerated from those package URLs so a frozen CI install gets the same dependency graph that passed locally. Validation: - pnpm install --frozen-lockfile - pnpm build Session: ses_1dedcadcaffenDH5N3W85hpDii
The safe-mdx update made the realworld Polar fixture expose a stale `.mdx` snippet import. Holocron only supports local JS and TS component imports from MDX, so the import resolver now ignores exact `.mdx` and `.md` component paths instead of handing them to Vite's JS/RSC scanner. This also refreshes brittle integration assertions that were still pinned to old fixture details: Chromium may serialize `#ff00ff` as `#f0f`, the sidebar width tokens are now 230/396/1200, single-heading pages intentionally do not render an inline TOC, and Polar's real docs headings can include extra page-level sections. Validation: - pnpm build (vite) - pnpm --filter integration-tests test-e2e-start --project=fields - pnpm --filter integration-tests test-e2e-start --project=realworld-polar - E2E_PORT_BASE_PATH=61001 ... E2E_PORT_VERSIONS=61020 pnpm --filter integration-tests test-e2e-start - npx lintcn lint (integration-tests) - npx lintcn lint (vite; still reports pre-existing sync/openapi lint issues) Session: ses_1dedcadcaffenDH5N3W85hpDii
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
safe-mdxlockfile link with the published package so GitHub Actions can resolvesafe-mdx/parseduringpnpm build.website/dist/src/server.d.tsbecause this main-branch build does not emit website declarations.Validation
pnpm install --frozen-lockfilepnpm --dir cli buildpnpm buildnpx lintcn lintinclinpx lintcn lintinvitestill reports pre-existing unrelated issues insrc/lib/openapi/*andsrc/lib/sync.ts; none are in the changed files.