make pnpm catalog the primary dependency list #3096
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ding cdk package contents
# Conflicts: # handlers/alarms-handler/package.json # handlers/mparticle-api/package.json # handlers/product-switch-api/package.json # handlers/salesforce-disaster-recovery-health-check/package.json # modules/supporter-product-data/package.json # package.json # pnpm-lock.yaml
# Conflicts: # handlers/alarms-handler/package.json
# Conflicts: # handlers/discount-api/lambda/package.json # pnpm-lock.yaml
…enerator-pnpm-primary # Conflicts: # handlers/alarms-handler/lambda/package.json # pnpm-lock.yaml
johnduffell
force-pushed
the
jd/split-cdk-build-generator
branch
from
66f63f6 to
e1df36d
Compare
…enerator-pnpm-primary # Conflicts: # handlers/alarms-handler/package.json
johnduffell
force-pushed
the
jd/split-cdk-build-generator
branch
from
e1df36d to
692c394
Compare
…enerator-pnpm-primary # Conflicts: # handlers/alarms-handler/package.json # pnpm-lock.yaml
johnduffell
commented
Sep 24, 2025
Comment on lines
14
to
28
| // the code won't type check if a disallowed library is present | ||
| type DisallowedLibs = readonly ['aws-sdk']; | ||
|
|
||
| const DISALLOWED_LIBRARY_IN_PNPM_CATALOG = Symbol('Error'); | ||
| type DisallowedLibsType = { | ||
| [Key in DisallowedLibs[number]]?: unknown; | ||
| }; | ||
|
|
||
| export function getPnpmCatalog<K extends string>( | ||
| catalog: Record<K, string> extends DisallowedLibsType | ||
| ? Record<K, string> & { | ||
| // the following line is the compiler error reported when you try to add aws-sdk v2 | ||
| [DISALLOWED_LIBRARY_IN_PNPM_CATALOG]: `${keyof DisallowedLibsType & keyof Record<K, string>}`; | ||
| } | ||
| : Record<K, string>, |
Member
Author
There was a problem hiding this comment.
not sure the benefit of making it a compile error, given that we always run it when we compile it. The error is reported in a strange way
johnduffell
commented
Sep 24, 2025
Comment on lines
+15
to
+30
| // check that all the aws sdk v3 versions are identical | ||
| const awsVersions = new Set( | ||
| Object.entries(catalog) | ||
| .filter(([dep]) => dep.startsWith('@aws-sdk/')) | ||
| .map(([, version]) => version), | ||
| ); | ||
| if (awsVersions.size !== 1) { | ||
| throw new Error( | ||
| 'mismatched AWS versions in pnpm catalog: ' + | ||
| [...awsVersions].sort().join(', '), | ||
| ); | ||
| } | ||
| // aws sdk v2 is not allowed | ||
| if ((catalog as Record<string, string>)['aws-sdk']) { | ||
| throw new Error('AWS SDK v2 is not allowed in the pnpm catalog'); | ||
| } |
Member
Author
There was a problem hiding this comment.
even though the pnpm catalog is not a managed file (so we can't update the content), we can still validate it when we read it in
…enerator-pnpm-primary
…enerator-pnpm-primary
Reettaphant
added
maintenance
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
branched off #2907
There was feedback suggesting to use the pnpm catalog rather than writing the dependencies into the individual files.
This is a further enhancement not related to the above PR, but I thought I would produce followup PRs to show how it might be done.
Option 1 (this PR)
Rather than programmatically defining the dependencies in dependencies.ts this makes the pnpm catalog the source of truth for recommended dependencies.
buildcheck will read and validate the pnpm catalog and encourage the package.jsons to use the catalog (or include a deviation in the build.ts.)
Option 2 ( #3098 ) will instead make the pnpm-workspace.yaml file a managed file, and the dependency versions will be written there instead of the package.jsons