chore(deps): change pinning by avivkeller · Pull Request #654 · nodejs/doc-kit

avivkeller · 2026-03-07T19:23:46Z

Changes the dependency pinning per our docs. Rolldown was changed to be an exact dependency, as each release candidate may contain breaking changes.

vercel · 2026-03-07T19:23:50Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
api-docs-tooling	Ready	Preview	Apr 22, 2026 1:54am

codecov · 2026-03-07T19:24:34Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 77.95%. Comparing base (364fad2) to head (85a7baf).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #654   +/-   ##
=======================================
  Coverage   77.95%   77.95%           
=======================================
  Files         159      159           
  Lines       14055    14055           
  Branches     1152     1152           
=======================================
  Hits        10957    10957           
  Misses       3093     3093           
  Partials        5        5

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

github-actions · 2026-03-07T19:25:33Z

`orama-db` Generator

File	Base	Head	Diff
`orama-db.json`	8.37 MB	8.37 MB	-1.00 B (-0.00%)

Copilot

Pull request overview

Updates dependency version pinning to align with the project’s desired semver strategy, with a specific focus on making rolldown an exact version to avoid RC breakage leaking in via ranges.

Changes:

Convert several devDependencies from caret ranges (^) to pinned versions (exact and ~ patch ranges).
Pin rolldown to an exact release-candidate version (1.0.0-rc.6) in both manifest and shrinkwrap.
Regenerate npm-shrinkwrap.json to reflect the updated specifiers.

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File	Description
package.json	Updates dev dependency ranges (mostly pinned) and pins `rolldown` exactly.
npm-shrinkwrap.json	Keeps shrinkwrap aligned with `package.json` changes and updates lock metadata accordingly.

Files not reviewed (1)

npm-shrinkwrap.json: Language not supported

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

MattIPv4

Not sure I totally agree with this approach of exact pinning, given this repo has demonstrated up until this point that it isn't really needed, but happy to approve, given this is what our current policy states. I agree with pinning rolldown specifically though.

ovflowd

SGTM although I feel some runtime dependencies could be more stricter.

avivkeller · 2026-03-08T13:42:04Z

I'm going to open a dedicated issue to discuss how/what pinning rules should apply to this repo, since there's not 100% consensus here.

ovflowd · 2026-03-08T17:54:12Z

I'm going to open a dedicated issue to discuss how/what pinning rules should apply to this repo, since there's not 100% consensus here.

While there's no consensus or we don't reach consensus the previously agreed rules apply fyi.

avivkeller · 2026-03-08T19:25:16Z

Not necessarily, no. Those pinning guides are for the website, which this is not, so they don't really apply here, unless we make them, hence a dedicated issue.

ovflowd · 2026-04-16T10:53:32Z

@avivkeller feel free to rebase, please. Remember the current dependency pinning agreement stands.

cursor · 2026-04-22T01:40:58Z

PR Summary

Low Risk
Low risk because changes are limited to dependency version ranges/lockfile updates, with no runtime logic changes; main impact is altered install/upgrade behavior.

Overview
Updates package.json dependency version ranges to follow the project’s pinning guidance, including switching rolldown to an exact 1.0.0-rc.12 to avoid accidental breaking changes between release candidates.

Regenerates package-lock.json to reflect the new constraints.

^{Reviewed by Cursor Bugbot for commit 85a7baf. Bugbot is set up for automated code reviews on this repo. Configure here.}

cursor

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 1bfc4b6. Configure here.}

bmuenzenmeyer · 2026-04-22T01:55:14Z

did the rebase - think the pinning stands as-is for now.

bmuenzenmeyer · 2026-04-22T01:55:40Z

i'm going to merge so we dont drift again - @avivkeller please cut another issue if you like or havent yet

Copilot AI review requested due to automatic review settings March 7, 2026 19:23

avivkeller requested a review from a team as a code owner March 7, 2026 19:23

vercel Bot deployed to Preview March 7, 2026 19:24 View deployment

Copilot started reviewing on behalf of avivkeller March 7, 2026 19:24 View session

Copilot AI reviewed Mar 7, 2026

View reviewed changes

MattIPv4 approved these changes Mar 7, 2026

View reviewed changes

AugustinMauroy approved these changes Mar 7, 2026

View reviewed changes

ovflowd reviewed Mar 8, 2026

View reviewed changes

Comment thread package.json

ovflowd approved these changes Mar 8, 2026

View reviewed changes

chore(deps): change pinning

1bfc4b6

bmuenzenmeyer force-pushed the pinning! branch from 363c90c to 1bfc4b6 Compare April 22, 2026 01:40

vercel Bot deployed to Preview April 22, 2026 01:41 View deployment

cursor Bot reviewed Apr 22, 2026

View reviewed changes

Comment thread package-lock.json

Comment thread package-lock.json

regenerate lockfile manually after the rebase

85a7baf

vercel Bot deployed to Preview April 22, 2026 01:54 View deployment

bmuenzenmeyer merged commit f1c1c9c into main Apr 22, 2026
23 checks passed

bmuenzenmeyer deleted the pinning! branch April 22, 2026 01:56

Conversation

avivkeller commented Mar 7, 2026

Uh oh!

vercel Bot commented Mar 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

codecov Bot commented Mar 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

github-actions Bot commented Mar 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

orama-db Generator

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Reviewed changes

Uh oh!

MattIPv4 left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

ovflowd left a comment

Choose a reason for hiding this comment

Uh oh!

avivkeller commented Mar 8, 2026

Uh oh!

ovflowd commented Mar 8, 2026

Uh oh!

avivkeller commented Mar 8, 2026

Uh oh!

ovflowd commented Apr 16, 2026

Uh oh!

cursor Bot commented Apr 22, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

PR Summary

Uh oh!

cursor Bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

bmuenzenmeyer commented Apr 22, 2026

Uh oh!

bmuenzenmeyer commented Apr 22, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

vercel Bot commented Mar 7, 2026 •

edited

Loading

codecov Bot commented Mar 7, 2026 •

edited

Loading

github-actions Bot commented Mar 7, 2026 •

edited

Loading

`orama-db` Generator

cursor Bot commented Apr 22, 2026 •

edited

Loading