rolldown-pnpm-config 0.1.0

package/descriptors/index.js

@@ -0,0 +1,38 @@
+import { build } from "./build.js";
+import { hoisting } from "./hoisting.js";
+import { lockfile } from "./lockfile.js";
+import { misc } from "./misc.js";
+import { network } from "./network.js";
+import { resolution } from "./resolution.js";
+import { runtimeCfg } from "./runtime-cfg.js";
+import { workspace } from "./workspace.js";
+
+//#region src/descriptors/index.ts
+const DESCRIPTORS = {
+	...resolution,
+	...hoisting,
+	...lockfile,
+	...build,
+	...runtimeCfg,
+	...workspace,
+	...misc,
+	...network
+};
+/** Derive the per-field validation schemas consumed by freeze(). @internal */
+function deriveSchemas(d) {
+	const out = {};
+	for (const [field, desc] of Object.entries(d)) out[field] = desc.schema;
+	return out;
+}
+/** Derive the strategy + enforcement registry consumed by freeze(). @internal */
+function deriveRegistry(d) {
+	const out = {};
+	for (const [field, desc] of Object.entries(d)) out[field] = {
+		strategy: desc.strategy,
+		enforcement: desc.enforcement
+	};
+	return out;
+}
+
+//#endregion
+export { DESCRIPTORS, deriveRegistry, deriveSchemas };

package/descriptors/lockfile.js

@@ -0,0 +1,117 @@
+import { Bool, Num, StringArray } from "./schemas.js";
+
+//#region src/descriptors/lockfile.ts
+/** The 12 lockfile + peers fields. @internal */
+const lockfile = {
+	lockfile: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether a lockfile is used and generated when running commands that install packages.",
+		workspaceYaml: true,
+		anchor: "lockfile"
+	},
+	preferFrozenLockfile: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "If true, pnpm does not generate a lockfile and fails if the lockfile is out of date.",
+		workspaceYaml: true,
+		anchor: "preferfrozenlockfile"
+	},
+	lockfileIncludeTarballUrl: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether the lockfile includes the full tarball URL for each resolved dependency.",
+		workspaceYaml: true,
+		anchor: "lockfileincludetarballurl"
+	},
+	gitBranchLockfile: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "When enabled, the generated lockfile name is based on the current branch name.",
+		workspaceYaml: true,
+		anchor: "gitbranchlockfile"
+	},
+	mergeGitBranchLockfilesBranchPattern: {
+		schema: StringArray,
+		kind: "stringArray",
+		strategy: "arrayUnion",
+		enforcement: "absent",
+		doc: "Branch name patterns whose lockfiles are merged into the main lockfile on install.",
+		workspaceYaml: true,
+		anchor: "mergegitbranchlockfilesbranchpattern"
+	},
+	peersSuffixMaxLength: {
+		schema: Num,
+		kind: "number",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Maximum length of the peers suffix appended to dependency directory names in the virtual store.",
+		workspaceYaml: true,
+		anchor: "peerssuffixmaxlength"
+	},
+	sharedWorkspaceLockfile: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether a single shared lockfile is used for all projects in the workspace.",
+		workspaceYaml: true,
+		anchor: "sharedworkspacelockfile"
+	},
+	autoInstallPeers: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether missing peer dependencies are installed automatically.",
+		workspaceYaml: true,
+		anchor: "autoinstallpeers"
+	},
+	dedupePeerDependents: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether packages with peer dependencies are deduplicated after peers are resolved.",
+		workspaceYaml: true,
+		anchor: "dedupepeerdependents"
+	},
+	dedupePeers: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether peer dependencies are deduplicated during resolution.",
+		workspaceYaml: true,
+		anchor: "dedupepeers"
+	},
+	strictPeerDependencies: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "If true, commands fail when there are missing or invalid peer dependencies.",
+		workspaceYaml: true,
+		anchor: "strictpeerdependencies"
+	},
+	resolvePeersFromWorkspaceRoot: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether peer dependencies are resolved using packages installed in the workspace root.",
+		workspaceYaml: true,
+		anchor: "resolvepeersfromworkspaceroot"
+	}
+};
+
+//#endregion
+export { lockfile };

package/descriptors/misc.js

@@ -0,0 +1,144 @@
+import { Bool, Str } from "./schemas.js";
+import { Schema } from "effect";
+
+//#region src/descriptors/misc.ts
+/** The 14 resolution/misc preference fields. @internal */
+const misc = {
+	resolutionMode: {
+		schema: Schema.Literal("highest", "time-based", "lowest-direct"),
+		kind: "enum",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Algorithm used to resolve dependencies from the registry.",
+		workspaceYaml: true,
+		anchor: "resolutionmode",
+		samples: {
+			valid: ["highest"],
+			invalid: ["x"]
+		}
+	},
+	savePrefix: {
+		schema: Schema.Literal("^", "~", ""),
+		kind: "enum",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Version prefix prepended to package versions saved in package.json.",
+		workspaceYaml: true,
+		anchor: "saveprefix",
+		samples: {
+			valid: ["^"],
+			invalid: ["x"]
+		}
+	},
+	saveExact: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether packages are saved with an exact version instead of a semver range.",
+		workspaceYaml: true,
+		anchor: "saveexact"
+	},
+	tag: {
+		schema: Str,
+		kind: "string",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "The default tag used when adding packages without a specified version.",
+		workspaceYaml: true,
+		anchor: "tag"
+	},
+	preferOffline: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether cached data is used without network requests, failing only if data is missing.",
+		workspaceYaml: true,
+		anchor: "preferoffline"
+	},
+	dedupeDirectDeps: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether direct dependencies are deduplicated when they can be satisfied by an existing dependency.",
+		workspaceYaml: true,
+		anchor: "dedupedirectdeps"
+	},
+	deployAllFiles: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether all files of a deployed package are copied including those in node_modules.",
+		workspaceYaml: true,
+		anchor: "deployallfiles"
+	},
+	forceLegacyDeploy: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether the legacy deployment algorithm (copying files) is used instead of the default.",
+		workspaceYaml: true,
+		anchor: "forcelegacydeploy"
+	},
+	extendNodePath: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether the NODE_PATH environment variable is set when running scripts.",
+		workspaceYaml: true,
+		anchor: "extendnodepath"
+	},
+	preferSymlinkedExecutables: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether symlinks to executables are created instead of shell shims on non-Windows systems.",
+		workspaceYaml: true,
+		anchor: "prefersymlinkedexecutables"
+	},
+	ignoreCompatibilityDb: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether the built-in compatibility database of lifecycle script overrides is ignored.",
+		workspaceYaml: true,
+		anchor: "ignorecompatibilitydb"
+	},
+	optimisticRepeatInstall: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether pnpm skips integrity checks when the lockfile is up to date to speed up repeat installs.",
+		workspaceYaml: true,
+		anchor: "optimisticrepeatinstall"
+	},
+	recursiveInstall: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether pnpm installs all projects in the workspace when running install in a workspace.",
+		workspaceYaml: true,
+		anchor: "recursiveinstall"
+	},
+	engineStrict: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether pnpm fails if a dependency's engines field is incompatible with the current Node.js version.",
+		workspaceYaml: true,
+		anchor: "enginestrict"
+	}
+};
+
+//#endregion
+export { misc };

package/descriptors/network.js

@@ -0,0 +1,108 @@
+import { Bool, Num, Str, StringArray } from "./schemas.js";
+
+//#region src/descriptors/network.ts
+/** The 11 network tuning + publish fields. @internal */
+const network = {
+	networkConcurrency: {
+		schema: Num,
+		kind: "number",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Maximum number of concurrent network requests pnpm is allowed to make.",
+		workspaceYaml: true,
+		anchor: "networkconcurrency"
+	},
+	fetchRetries: {
+		schema: Num,
+		kind: "number",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Number of times pnpm retries fetching a package from the registry on failure.",
+		workspaceYaml: true,
+		anchor: "fetchretries"
+	},
+	fetchRetryFactor: {
+		schema: Num,
+		kind: "number",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Exponential factor used when calculating retry delays for failed fetches.",
+		workspaceYaml: true,
+		anchor: "fetchretryfactor"
+	},
+	fetchRetryMintimeout: {
+		schema: Num,
+		kind: "number",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Minimum timeout (ms) for a single fetch retry attempt.",
+		workspaceYaml: true,
+		anchor: "fetchretrymintimeout"
+	},
+	fetchRetryMaxtimeout: {
+		schema: Num,
+		kind: "number",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Maximum timeout (ms) for a single fetch retry attempt.",
+		workspaceYaml: true,
+		anchor: "fetchretrymaxtimeout"
+	},
+	fetchTimeout: {
+		schema: Num,
+		kind: "number",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Maximum amount of time (ms) to wait for an HTTP response from the registry.",
+		workspaceYaml: true,
+		anchor: "fetchtimeout"
+	},
+	gitShallowHosts: {
+		schema: StringArray,
+		kind: "stringArray",
+		strategy: "arrayUnion",
+		enforcement: "absent",
+		doc: "Hosts from which git-protocol dependencies are cloned using a shallow fetch.",
+		workspaceYaml: true,
+		anchor: "gitshallowhosts"
+	},
+	provenance: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether packages are published with provenance attestation when supported by the registry.",
+		workspaceYaml: true,
+		anchor: "provenance"
+	},
+	gitChecks: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether pnpm checks that the repository is clean before publishing.",
+		workspaceYaml: true,
+		anchor: "gitchecks"
+	},
+	embedReadme: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether the README file is embedded in the package tarball on publish.",
+		workspaceYaml: true,
+		anchor: "embedreadme"
+	},
+	publishBranch: {
+		schema: Str,
+		kind: "string",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Branch that is allowed to publish packages; publishing from other branches is blocked.",
+		workspaceYaml: true,
+		anchor: "publishbranch"
+	}
+};
+
+//#endregion
+export { network };

package/descriptors/resolution.js

@@ -0,0 +1,250 @@
+import { Bool, BooleanRecord, Num, Str, StringArray, StringArrayRecord, StringRecord, UnknownRecord } from "./schemas.js";
+import { Schema } from "effect";
+
+//#region src/descriptors/resolution.ts
+const PeerRulesSchema = Schema.Struct({
+	allowedVersions: Schema.optional(StringRecord),
+	ignoreMissing: Schema.optional(StringArray),
+	allowAny: Schema.optional(StringArray)
+});
+/**
+* Dependency-resolution category fields. Includes the parity-locked fields
+* migrated from registry.ts + freeze.ts (catalogs, overrides, packageExtensions,
+* allowedDeprecatedVersions, publicHoistPattern, minimumReleaseAgeExclude,
+* supportedArchitectures, auditConfig, peerDependencyRules, strictDepBuilds,
+* blockExoticSubdeps, minimumReleaseAge, allowBuilds, confirmModulesPurge) plus
+* net-new resolution/trust/catalog fields.
+*
+* @internal
+*/
+const resolution = {
+	catalogs: {
+		schema: Schema.Record({
+			key: Str,
+			value: StringRecord
+		}),
+		kind: "object",
+		strategy: "catalogs",
+		enforcement: "warn",
+		doc: "Named version catalogs injected into pnpm config.",
+		workspaceYaml: true,
+		anchor: "catalogs",
+		samples: {
+			valid: [{ default: { lodash: "^4" } }],
+			invalid: ["x"]
+		}
+	},
+	confirmModulesPurge: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "absent",
+		doc: "Whether pnpm prompts before purging node_modules (undocumented upstream).",
+		workspaceYaml: false
+	},
+	packageExtensions: {
+		schema: UnknownRecord,
+		kind: "unknownRecord",
+		strategy: "mapChildWins",
+		enforcement: "absent",
+		doc: "Per-package manifest overrides merged into the dependency graph.",
+		workspaceYaml: true,
+		anchor: "packageextensions"
+	},
+	allowedDeprecatedVersions: {
+		schema: StringRecord,
+		kind: "stringRecord",
+		strategy: "mapChildWins",
+		enforcement: "absent",
+		doc: "Deprecated versions explicitly allowed, keyed by package.",
+		workspaceYaml: true,
+		anchor: "alloweddeprecatedversions"
+	},
+	publicHoistPattern: {
+		schema: StringArray,
+		kind: "stringArray",
+		strategy: "arrayUnion",
+		enforcement: "absent",
+		doc: "Glob patterns hoisted to the root node_modules.",
+		workspaceYaml: true,
+		anchor: "publichoistpattern",
+		options: { excludeByRepo: true }
+	},
+	minimumReleaseAgeExclude: {
+		schema: StringArray,
+		kind: "stringArray",
+		strategy: "arrayUnion",
+		enforcement: "absent",
+		doc: "Packages excluded from the minimum-release-age quarantine.",
+		workspaceYaml: true,
+		anchor: "minimumreleaseageexclude"
+	},
+	supportedArchitectures: {
+		schema: StringArrayRecord,
+		kind: "stringArrayRecord",
+		strategy: "arrayRecordUnion",
+		enforcement: "absent",
+		doc: "Supported architectures, keyed by axis (os/cpu/libc).",
+		workspaceYaml: true,
+		anchor: "supportedarchitectures"
+	},
+	auditConfig: {
+		schema: StringArrayRecord,
+		kind: "stringArrayRecord",
+		strategy: "arrayRecordUnion",
+		enforcement: "absent",
+		doc: "Audit config exclusions, keyed by axis.",
+		workspaceYaml: true,
+		anchor: "auditconfig"
+	},
+	overrides: {
+		schema: StringRecord,
+		kind: "stringRecord",
+		strategy: "overrides",
+		enforcement: "warn",
+		doc: "Security version overrides, keyed by package selector.",
+		workspaceYaml: true,
+		anchor: "overrides"
+	},
+	peerDependencyRules: {
+		schema: PeerRulesSchema,
+		kind: "object",
+		strategy: "peerDependencyRules",
+		enforcement: "warn",
+		doc: "Peer dependency rules: allowed versions plus ignore/allow-any lists.",
+		workspaceYaml: true,
+		anchor: "peerdependencyrules",
+		samples: {
+			valid: [{ allowedVersions: { react: "18" } }, {}],
+			invalid: ["x"]
+		}
+	},
+	strictDepBuilds: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "securityFlag",
+		enforcement: "warn",
+		doc: "Whether dependency build scripts are blocked unless explicitly allowed.",
+		workspaceYaml: true,
+		anchor: "strictdepbuilds"
+	},
+	blockExoticSubdeps: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "securityFlag",
+		enforcement: "warn",
+		doc: "Whether exotic (non-registry) subdependencies are blocked.",
+		workspaceYaml: true,
+		anchor: "blockexoticsubdeps"
+	},
+	minimumReleaseAge: {
+		schema: Num,
+		kind: "number",
+		strategy: "securityMin",
+		enforcement: "warn",
+		doc: "Minimum age (minutes) a release must reach before it is installable.",
+		workspaceYaml: true,
+		anchor: "minimumreleaseage"
+	},
+	allowBuilds: {
+		schema: BooleanRecord,
+		kind: "booleanRecord",
+		strategy: "allowBuilds",
+		enforcement: "warn",
+		doc: "Packages whose build scripts are explicitly allowed to run.",
+		workspaceYaml: true,
+		anchor: "allowbuilds"
+	},
+	ignoredOptionalDependencies: {
+		schema: StringArray,
+		kind: "stringArray",
+		strategy: "arrayUnion",
+		enforcement: "absent",
+		doc: "Optional dependencies excluded from installation entirely.",
+		workspaceYaml: true,
+		anchor: "ignoredoptionaldependencies"
+	},
+	updateConfig: {
+		schema: Schema.Struct({ ignoreDependencies: Schema.optional(StringArray) }),
+		kind: "object",
+		strategy: "mapChildWins",
+		enforcement: "absent",
+		doc: "Per-dependency update behavior: which packages to ignore during updates.",
+		workspaceYaml: true,
+		anchor: "updateconfig",
+		samples: {
+			valid: [{}, { ignoreDependencies: ["a"] }],
+			invalid: ["x"]
+		}
+	},
+	catalog: {
+		schema: StringRecord,
+		kind: "stringRecord",
+		strategy: "mapChildWins",
+		enforcement: "warn",
+		doc: "Default version catalog entries merged as a single `default` catalog.",
+		workspaceYaml: true,
+		anchor: "catalog"
+	},
+	minimumReleaseAgeStrict: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "warn",
+		doc: "Whether any resolution fails when a package violates minimum-release-age.",
+		workspaceYaml: true,
+		anchor: "minimumreleaseagestrict"
+	},
+	minimumReleaseAgeIgnoreMissingTime: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "warn",
+		doc: "Whether to skip the release-age check when publish-time metadata is absent.",
+		workspaceYaml: true,
+		anchor: "minimumreleaseageignoremissingtime"
+	},
+	trustPolicy: {
+		schema: Schema.Literal("off", "no-downgrade"),
+		kind: "enum",
+		strategy: "scalar",
+		enforcement: "warn",
+		doc: "Defines what package integrity verification is enforced on installs.",
+		workspaceYaml: true,
+		anchor: "trustpolicy",
+		samples: {
+			valid: ["off"],
+			invalid: ["x"]
+		}
+	},
+	trustPolicyExclude: {
+		schema: StringArray,
+		kind: "stringArray",
+		strategy: "arrayUnion",
+		enforcement: "warn",
+		doc: "Packages excluded from trust-policy enforcement.",
+		workspaceYaml: true,
+		anchor: "trustpolicyexclude"
+	},
+	trustPolicyIgnoreAfter: {
+		schema: Num,
+		kind: "number",
+		strategy: "scalar",
+		enforcement: "warn",
+		doc: "Minutes after installation after which the trust check is skipped.",
+		workspaceYaml: true,
+		anchor: "trustpolicyignoreafter"
+	},
+	trustLockfile: {
+		schema: Bool,
+		kind: "boolean",
+		strategy: "scalar",
+		enforcement: "warn",
+		doc: "Whether the lockfile alone is trusted without re-verifying each package's integrity.",
+		workspaceYaml: true,
+		anchor: "trustlockfile"
+	}
+};
+
+//#endregion
+export { resolution };