Skip to content

feat: pnpm #210

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat: pnpm #210

wants to merge 3 commits into from

Conversation

@joshuarli
Copy link
Member

@joshuarli joshuarli commented Nov 7, 2025

https://linear.app/getsentry/issue/DI-1012/devenv-install-pnpm

this adds pnpm support and drops yarn v1! after this, as noted in the updated readme the new sync.py for installing node + pnpm is this:

from devenv import constants
from devenv.lib import config, node, proc

def main(context: dict[str, str]) -> int:
    reporoot = context["reporoot"]
    cfg = config.get_repo(reporoot)

    node.install(
        cfg["node"]["version"],
        cfg["node"][constants.SYSTEM_MACHINE],
        cfg["node"][f"{constants.SYSTEM_MACHINE}_sha256"],
        reporoot,
    )

    node.install_pnpm(reporoot)

    print("installing node dependencies...")
    proc.run(
        (
            f"{reporoot}/.devenv/bin/pnpm",
            "install",
            "--frozen-lockfile",
            "--reporter=append-only",
        ),
    )

    return 0

This was referenced Nov 7, 2025
Closed
Open
@joshuarli joshuarli requested a review from a team November 7, 2025 22:51
sentry[bot]
sentry bot reviewed Nov 7, 2025
View reviewed changes
devenv/lib/node.py
Comment on lines +91 to +93
with open(f"{reporoot}/package.json") as f:
package_json = json.load(f)
pnpm = package_json["packageManager"]
Copy link

@sentry sentry bot Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Direct access to package_json["packageManager"] without existence check can cause KeyError.
Severity: CRITICAL | Confidence: 1.00

🔍 Detailed Analysis

If install_pnpm() is called on a repository without a packageManager field in its package.json, the code will raise an unhandled KeyError when attempting to access package_json["packageManager"]. This occurs because the field is optional according to npm documentation, and the current implementation directly accesses it without checking for its existence. This will crash the setup process.

💡 Suggested Fix

Add a check for the existence of the packageManager key in package_json before accessing it. Provide a default value or raise a more informative error if missing.

🤖 Prompt for AI Agent 
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location: devenv/lib/node.py#L91-L93

Potential issue: If `install_pnpm()` is called on a repository without a
`packageManager` field in its `package.json`, the code will raise an unhandled
`KeyError` when attempting to access `package_json["packageManager"]`. This occurs
because the field is optional according to npm documentation, and the current
implementation directly accesses it without checking for its existence. This will crash
the setup process.

Did we get this right? 👍 / 👎 to inform future reviews.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@sentry sentry[bot] sentry[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@joshuarli