pnpm v9 requires the packages field in pnpm-workspace.yaml.
Without it, `pnpm --version` fails with "packages field missing or empty".
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
pnpm v11 moved global binaries from PNPM_HOME to PNPM_HOME/bin.
Add the new bin subdirectory to PATH so that pnpm's global bin
directory check passes. This is backwards compatible — the extra
PATH entry is harmless for older pnpm versions.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
npm ci sometimes doesn't create the .bin/pnpm symlink for
@pnpm/exe (observed on Linux CI). Manually create the symlink
if it's missing after npm ci completes.
This fixes the case where standalone=true with no explicit version
(relying on packageManager field) — pnpm self-update wouldn't run,
leaving .bin empty and pnpm not found on PATH.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Log .bin directory contents after npm ci to understand why
pnpm binary is not found in subsequent CI steps.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- When standalone=true, bootstrap with @pnpm/exe via npm ci
- When standalone=false, bootstrap with pnpm via npm ci
- Both use pnpm self-update to reach the target version
- Remove --ignore-scripts from npm ci so @pnpm/exe install scripts run
- Add standalone test back to CI
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Bootstrap pnpm via npm ci (verified by lockfile)
- Use `pnpm self-update <version>` for explicit version
- Let pnpm handle packageManager field automatically
- Remove standalone/exe-specific install logic (pnpm handles this)
- Update tests to not run pnpm install against the action repo itself
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Use `node .../pnpm/bin/pnpm.cjs` to run the bootstrap pnpm, matching
the approach used by the old bundled pnpm.cjs. This avoids issues with
the .bin symlink on different platforms.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
--lockfile-dir pointing to GITHUB_WORKSPACE causes the bootstrap pnpm
to use the project's pnpm-lock.yaml (which tracks project deps, not
pnpm itself), corrupting the install. Revert to --no-lockfile for now.
Lockfile-based integrity verification can be added when pnpm v11 has
proper support for verifying the pnpm package itself.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The bootstrap only needs regular pnpm to install the target package.
@pnpm/exe requires install scripts which we skip with --ignore-scripts.
Also regenerate pnpm-lock.yaml to match current package.json.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Remove packageManager from package.json to avoid version conflict
when the action tests against itself (uses: ./)
- Use shell: true on Windows so spawn can find npm.cmd
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Node.js treats dist/index.js as ESM due to "type": "module",
but the bundle uses CJS require() calls. Remove the field so
Node.js defaults to CJS for .js files.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The @actions/* packages use CJS require() for Node.js builtins,
which fails with "Dynamic require of 'os' is not supported" when
bundled as ESM. Switch esbuild output to CJS format.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Remove the 9MB bundled pnpm.cjs/worker.js and instead use npm ci with
committed package-lock.json files (~5KB) to install a bootstrap pnpm,
which then installs the target version with integrity verification via
the project's pnpm-lock.yaml.
Also switch from ncc to esbuild and modernize to ESM.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* add pnpm store caching
* style: format
* no semicolons
* no star imports
* import order
* style: no star imports
---------
Co-authored-by: khai96_ <hvksmr1996@gmail.com>
* Clarify that package_json_file is relative to GITHUB_WORKSPACE
Clarify the description for package_json_file parameter to specify that the path must be relative to the repository root.
* Apply suggestion from @zkochan
---------
Co-authored-by: Zoltan Kochan <z@kochan.io>
When a project has both npm and pnpm, using pnpm/action-setup will result in an error: `Multiple versions of pnpm specified`.
The previous implementation was only meant to avoid the "ERR_PNPM_BAD_PM_VERSION" error, but it did not take into account the situation of multiple different package managers.
Signed-off-by: Kevin Cui <bh@bugs.cc>
