From 21f6bcdd6f4e36df5766e0c9c5e707732a20ef3c Mon Sep 17 00:00:00 2001 From: Aviv Keller Date: Fri, 9 Jan 2026 16:49:11 -0500 Subject: [PATCH 1/4] feat(ci): pnpm updater --- .github/workflows/pnpm-updater.yml | 60 ++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 .github/workflows/pnpm-updater.yml diff --git a/.github/workflows/pnpm-updater.yml b/.github/workflows/pnpm-updater.yml new file mode 100644 index 0000000000000..730c1feac500c --- /dev/null +++ b/.github/workflows/pnpm-updater.yml @@ -0,0 +1,60 @@ +# Security Notes +# Only selected Actions are allowed within this repository. Please refer to (https://github.com/nodejs/nodejs.org/settings/actions) +# for the full list of available actions. If you want to add a new one, please reach out a maintainer with Admin permissions. +# REVIEWERS, please always double-check security practices before merging a PR that contains Workflow changes!! +# AUTHORS, please only use actions with explicit SHA references, and avoid using `@master` or `@main` references or `@version` tags. + +name: PNPM updater + +on: + schedule: + - cron: "0 0 1 * *" + +permissions: + contents: write + pull-requests: write + +jobs: + update-pnpm: + runs-on: ubuntu-latest + + steps: + - name: Harden Runner + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + with: + egress-policy: audit + + - name: Git Checkout + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + + - name: Setup pnpm + uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 + + - name: Update pnpm and package.json + id: update-pnpm + run: | + echo "old=$(pnpm --version)" >> $GITHUB_OUTPUT + pnpm self-update + echo "new=$(pnpm --version)" >> $GITHUB_OUTPUT + cat <<< $(jq '.devEngines.packageManager.version = (.packageManager | split("@")[1])' package.json) > package.json + + - name: Open pull request + if: steps.update-pnpm.outputs.old != steps.update-pnpm.outputs.new + uses: gr2m/create-or-update-pull-request-action@b65137ca591da0b9f43bad7b24df13050ea45d1b # v1.10.1 + # Creates a PR or update the Action's existing PR, or + # no-op if the base branch is already up-to-date. + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + update-pull-request-title-and-body: true + branch: chore/update-pnpm + body: | + Updates pnpm from ${{ steps.update-pnpm.outputs.old }} to version ${{ steps.update-pnpm.outputs.new }} + + cc @nodejs/web-infra + + Check this workflow's logs at ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}. + commit-message: "chore: update pnpm to ${{ steps.update-pnpm.outputs.new }}" + labels: fast-track + title: "chore: update pnpm to ${{ steps.update-pnpm.outputs.new }}" + draft: true From eae06b13d47a8982e2baf83c88b64c5ffaa4ac45 Mon Sep 17 00:00:00 2001 From: Aviv Keller Date: Fri, 9 Jan 2026 16:53:40 -0500 Subject: [PATCH 2/4] Update .github/workflows/pnpm-updater.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: Aviv Keller --- .github/workflows/pnpm-updater.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/pnpm-updater.yml b/.github/workflows/pnpm-updater.yml index 730c1feac500c..9366a9d3329e7 100644 --- a/.github/workflows/pnpm-updater.yml +++ b/.github/workflows/pnpm-updater.yml @@ -7,6 +7,7 @@ name: PNPM updater on: + workflow_dispatch: schedule: - cron: "0 0 1 * *" From 1d0c65644b66556377bf4df21ad24ceb173b725e Mon Sep 17 00:00:00 2001 From: Aviv Keller Date: Fri, 9 Jan 2026 16:55:14 -0500 Subject: [PATCH 3/4] feat(ci): pnpm updater --- .github/workflows/pnpm-updater.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pnpm-updater.yml b/.github/workflows/pnpm-updater.yml index 9366a9d3329e7..338d7a0a50bc9 100644 --- a/.github/workflows/pnpm-updater.yml +++ b/.github/workflows/pnpm-updater.yml @@ -9,7 +9,7 @@ name: PNPM updater on: workflow_dispatch: schedule: - - cron: "0 0 1 * *" + - cron: '0 0 1 * *' permissions: contents: write @@ -55,7 +55,7 @@ jobs: cc @nodejs/web-infra Check this workflow's logs at ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}. - commit-message: "chore: update pnpm to ${{ steps.update-pnpm.outputs.new }}" + commit-message: 'chore: update pnpm to ${{ steps.update-pnpm.outputs.new }}' labels: fast-track - title: "chore: update pnpm to ${{ steps.update-pnpm.outputs.new }}" + title: 'chore: update pnpm to ${{ steps.update-pnpm.outputs.new }}' draft: true From 5de1fad0827e6ba511a476e8b4dd28c511be8aed Mon Sep 17 00:00:00 2001 From: Aviv Keller Date: Fri, 9 Jan 2026 17:10:58 -0500 Subject: [PATCH 4/4] feat(ci): pnpm updater --- .github/workflows/pnpm-updater.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/pnpm-updater.yml b/.github/workflows/pnpm-updater.yml index 338d7a0a50bc9..129500ad1e2b7 100644 --- a/.github/workflows/pnpm-updater.yml +++ b/.github/workflows/pnpm-updater.yml @@ -50,12 +50,11 @@ jobs: update-pull-request-title-and-body: true branch: chore/update-pnpm body: | - Updates pnpm from ${{ steps.update-pnpm.outputs.old }} to version ${{ steps.update-pnpm.outputs.new }} + Updates pnpm from ${{ steps.update-pnpm.outputs.old }} to ${{ steps.update-pnpm.outputs.new }} cc @nodejs/web-infra Check this workflow's logs at ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}. - commit-message: 'chore: update pnpm to ${{ steps.update-pnpm.outputs.new }}' - labels: fast-track - title: 'chore: update pnpm to ${{ steps.update-pnpm.outputs.new }}' + commit-message: 'meta: update pnpm from ${{ steps.update-pnpm.outputs.old }} to ${{ steps.update-pnpm.outputs.new }}' + title: 'meta: update pnpm from ${{ steps.update-pnpm.outputs.old }} to ${{ steps.update-pnpm.outputs.new }}' draft: true