Skip to content

chore: add trustPolicy #1415

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

chore: add trustPolicy #1415

wants to merge 2 commits into from
+10 −2

Conversation

@yifancong
Copy link
Contributor

@yifancong yifancong commented Nov 20, 2025

Summary

Related Links

Copilot AI review requested due to automatic review settings November 20, 2025 12:00
@github-actions
Copy link
Contributor

github-actions bot commented Nov 20, 2025
edited
Loading

📝 Rsdoctor Ecosystem CI: Open

suite result
rsbuild ❌ failure

@netlify
Copy link

netlify bot commented Nov 20, 2025
edited
Loading

Deploy Preview for rsdoctor ready!

Name Link
🔨 Latest commit 880eb9e
🔍 Latest deploy log https://app.netlify.com/projects/rsdoctor/deploys/691f071d575ebf0008cddf55
😎 Deploy Preview https://deploy-preview-1415--rsdoctor.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

Copilot finished reviewing on behalf of yifancong November 20, 2025 12:01
Copilot AI reviewed Nov 20, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds pnpm trustPolicy configuration to prevent package downgrades and updates UI text in a component. The trustPolicy is set to no-downgrade with an exclusion for ua-parser-js.

Key Changes

  • Added trustPolicy configuration with no-downgrade setting and exclusion for ua-parser-js
  • Simplified the ModuleResolve page title from "Webpack Resolver Analysis" to "Resolver Analysis"

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File Description
pnpm-workspace.yaml Adds trustPolicy configuration to prevent package version downgrades
packages/components/src/pages/ModuleResolve/index.tsx Simplifies page title and reformats component props

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

pnpm-workspace.yaml Outdated

trustPolicy: no-downgrade
trustPolicyExclude:
- [email protected]
Copy link

Copilot AI Nov 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Version mismatch: The trustPolicyExclude specifies [email protected], but the pnpm-lock.yaml shows the project is using [email protected]. The version in the exclusion list should match the actual version being used in the project. Please update this to [email protected].

Suggested change
- [email protected].41
- [email protected].40

Copilot uses AI. Check for mistakes.
pnpm-workspace.yaml Outdated
Comment on lines 6 to 9

trustPolicy: no-downgrade
trustPolicyExclude:
- [email protected]
Copy link

Copilot AI Nov 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The trustPolicy and trustPolicyExclude settings should be configured in .npmrc file, not in pnpm-workspace.yaml. The pnpm-workspace.yaml file is specifically for defining workspace packages, while pnpm configuration options like trustPolicy belong in .npmrc.

These lines should be moved to .npmrc in the following format:

trust-policy=no-downgrade
trust-policy-exclude[][email protected]
Suggested change
trustPolicy: no-downgrade
trustPolicyExclude:
- [email protected]

Copilot uses AI. Check for mistakes.
@github-actions
Copy link
Contributor

github-actions bot commented Nov 20, 2025
edited
Loading

📝 Rsdoctor Ecosystem CI: Open

suite result
rsbuild ❌ failure

@yifancong yifancong closed this Nov 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@yifancong