feat(repo): add local Verdaccio workflow for testing packages #7608
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
📝 WalkthroughWalkthroughThe pull request introduces three new npm scripts in package.json that delegate to a new Bash script for managing a local Verdaccio npm registry. The shell script (scripts/local-registry.sh) provides commands to start the registry (up), stop it (down), and publish packages to it (pub). The publish workflow includes building packages, clearing storage, versioning with a snapshot, and publishing with a local tag. Additionally, the Verdaccio configuration file's max_body_size parameter is increased from 20mb to 200mb to accommodate larger request bodies. 🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. 📜 Recent review detailsConfiguration used: Repository YAML (base), Organization UI (inherited) Review profile: CHILL Plan: Pro Disabled knowledge base sources:
📒 Files selected for processing (3)
🚧 Files skipped from review as they are similar to previous changes (2)
🧰 Additional context used📓 Path-based instructions (1)**/*⚙️ CodeRabbit configuration file
Files:
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (25)
🔇 Additional comments (1)
✏️ Tip: You can disable this entire section by setting Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Fix all issues with AI agents
In `@scripts/local-registry.sh`:
- Around line 44-51: Add a cleanup trap that always restores the npm registry
(and auth token) if the script exits or is interrupted: save the original
registry (e.g. ORIGINAL_REGISTRY=$(npm config get registry)) before setting npm
config to $REGISTRY_URL, create a cleanup function that runs on EXIT/ERR to
reset the registry and auth token back to the saved ORIGINAL_REGISTRY and remove
any temporary auth, and register it via trap 'cleanup' EXIT; apply this pattern
around the publish blocks (the pub and pub:pkg sections that call pnpm changeset
publish and npm publish) so failures in pnpm changeset publish or npm publish
still run cleanup and do not leave the global npm config pointing at
$REGISTRY_URL.
📜 Review details
Configuration used: Repository YAML (base), Organization UI (inherited)
Review profile: CHILL
Plan: Pro
Disabled knowledge base sources:
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (2)
package.jsonscripts/local-registry.sh
🧰 Additional context used
📓 Path-based instructions (4)
**/*
⚙️ CodeRabbit configuration file
If there are no tests added or modified as part of the PR, please suggest that tests be added to cover the changes.
**/*: Only comment on issues that would block merging, ignore minor or stylistic concerns.
Restrict feedback to errors, security risks, or functionality-breaking problems.
Do not post comments on code style, formatting, or non-critical improvements.
Keep reviews short: flag only issues that make the PR unsafe to merge.
Group similar issues into a single comment instead of posting multiple notes.
Skip repetition: if a pattern repeats, mention it once at a summary level only.
Do not add general suggestions, focus strictly on merge-blocking concerns.
If there are no critical problems, respond with minimal approval (e.g., 'Looks good'). Do not add additional review.
Avoid line-by-line commentary unless it highlights a critical bug or security hole.
Highlight only issues that could cause runtime errors, data loss, or severe maintainability issues.
Ignore minor optimization opportunities, focus solely on correctness and safety.
Provide a top-level summary of critical blockers rather than detailed per-line notes.
Comment only when the issue must be resolved before merge, otherwise remain silent.
When in doubt, err on the side of fewer comments, brevity and blocking issues only.
Avoid posting any refactoring issues.
Files:
scripts/local-registry.shpackage.json
**/*.{js,jsx,ts,tsx,json,md,yml,yaml}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
Use Prettier for consistent code formatting
Files:
package.json
package.json
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
package.json: Requires Node.js 18.17.0+ and pnpm 9.15.9+
Regularly update dependencies
Files:
package.json
**/*.{js,ts,jsx,tsx,json,md,yml,yaml}
📄 CodeRabbit inference engine (.cursor/rules/monorepo.mdc)
Use Prettier for code formatting across all packages
Files:
package.json
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (25)
- GitHub Check: Integration Tests (custom, chrome)
- GitHub Check: Integration Tests (nextjs, chrome, 16, RQ)
- GitHub Check: Integration Tests (generic, chrome)
- GitHub Check: Integration Tests (vue, chrome)
- GitHub Check: Integration Tests (astro, chrome)
- GitHub Check: Integration Tests (machine, chrome)
- GitHub Check: Integration Tests (localhost, chrome)
- GitHub Check: Integration Tests (tanstack-react-start, chrome)
- GitHub Check: Integration Tests (nuxt, chrome)
- GitHub Check: Integration Tests (sessions, chrome)
- GitHub Check: Integration Tests (nextjs, chrome, 15)
- GitHub Check: Integration Tests (sessions:staging, chrome)
- GitHub Check: Integration Tests (react-router, chrome)
- GitHub Check: Integration Tests (ap-flows, chrome)
- GitHub Check: Integration Tests (billing, chrome, RQ)
- GitHub Check: Integration Tests (handshake, chrome)
- GitHub Check: Integration Tests (nextjs, chrome, 16)
- GitHub Check: Integration Tests (quickstart, chrome, 15)
- GitHub Check: Integration Tests (quickstart, chrome, 16)
- GitHub Check: Integration Tests (machine, chrome, RQ)
- GitHub Check: Integration Tests (billing, chrome)
- GitHub Check: Integration Tests (handshake:staging, chrome)
- GitHub Check: Integration Tests (express, chrome)
- GitHub Check: Analyze (javascript-typescript)
- GitHub Check: semgrep-cloud-platform/scan
🔇 Additional comments (1)
package.json (1)
27-30: Looks good.The new script entries correctly delegate to the shell script with appropriate command arguments.
✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.
scripts/local-registry.sh
Outdated
| npm config set registry $REGISTRY_URL | ||
| npm config set //${REGISTRY_URL#http://}/:_authToken localToken | ||
|
|
||
| # Publish to Verdaccio | ||
| pnpm changeset publish --no-git-tag --tag local | ||
|
|
||
| # Reset npm registry | ||
| npm config set registry https://registry.npmjs.org |
There was a problem hiding this comment.
Missing cleanup handler leaves npm config corrupted on failure.
If pnpm changeset publish (line 48) or npm publish (line 88) fails, set -e exits immediately without resetting npm config. The user's global npm registry will remain pointing to localhost:4873, breaking all subsequent npm/pnpm operations.
Add a trap to ensure cleanup on exit:
Proposed fix
set -e
REGISTRY_URL="http://localhost:4873"
+
+cleanup_npm_config() {
+ npm config set registry https://registry.npmjs.org
+ npm config delete //${REGISTRY_URL#http://}/:_authToken 2>/dev/null || true
+}Then in pub and pub:pkg, wrap the publish section:
# Set npm registry to local Verdaccio
npm config set registry $REGISTRY_URL
npm config set //${REGISTRY_URL#http://}/:_authToken localToken
+ trap cleanup_npm_config EXIT
# Publish to Verdaccio
pnpm changeset publish --no-git-tag --tag local
- # Reset npm registry
- npm config set registry https://registry.npmjs.org
+ # Reset npm registry (also handled by trap)
+ cleanup_npm_config
+ trap - EXITAlso applies to: 84-91
🤖 Prompt for AI Agents
In `@scripts/local-registry.sh` around lines 44 - 51, Add a cleanup trap that
always restores the npm registry (and auth token) if the script exits or is
interrupted: save the original registry (e.g. ORIGINAL_REGISTRY=$(npm config get
registry)) before setting npm config to $REGISTRY_URL, create a cleanup function
that runs on EXIT/ERR to reset the registry and auth token back to the saved
ORIGINAL_REGISTRY and remove any temporary auth, and register it via trap
'cleanup' EXIT; apply this pattern around the publish blocks (the pub and
pub:pkg sections that call pnpm changeset publish and npm publish) so failures
in pnpm changeset publish or npm publish still run cleanup and do not leave the
global npm config pointing at $REGISTRY_URL.
@clerk/agent-toolkit
@clerk/astro
@clerk/backend
@clerk/chrome-extension
@clerk/clerk-js
@clerk/dev-cli
@clerk/expo
@clerk/expo-passkeys
@clerk/express
@clerk/fastify
@clerk/localizations
@clerk/nextjs
@clerk/nuxt
@clerk/react
@clerk/react-router
@clerk/shared
@clerk/tanstack-react-start
@clerk/testing
@clerk/ui
@clerk/upgrade
@clerk/vue
commit: |
nikosdouvlis
force-pushed
the
nikos/local-verdaccio-workflow
branch
from
c427b00 to
d964fa8
Compare
nikosdouvlis
force-pushed
the
nikos/local-verdaccio-workflow
branch
from
d964fa8 to
eb86fcc
Compare
Why: Testing package changes locally has been painful: - npm/pnpm linking doesn't always work and doesn't mimic real published package behavior (symlinks behave differently than installed packages) - YALC is an older solution with the same limitation - it doesn't map 1:1 with how packages behave when published to npm - The common workaround was pushing to a branch and waiting for snapshot releases, which takes 5+ minutes per iteration from push to install Verdaccio solves this by running a local npm registry. Packages are built and published exactly as they would be to npm, then installed normally in test apps. This makes iteration cycles much shorter while testing real package behavior. What changed: - Added `local:registry:up` to start Verdaccio with npm proxy support - Added `local:registry:down` to stop the registry - Added `local:registry:pub` to build, publish with snapshot versions, and auto-reset git changes after publishing Usage: pnpm local:registry:up # Start registry (Terminal 1) pnpm local:registry:pub # Build & publish (Terminal 2) bun install --registry http://localhost:4873 # In test app
nikosdouvlis
force-pushed
the
nikos/local-verdaccio-workflow
branch
from
eb86fcc to
c3df152
Compare
Summary
Testing package changes locally has been painful:
Verdaccio solves this by running a local npm registry. Packages are built and published exactly as they would be to npm, then installed normally in test apps. This makes iteration cycles much shorter while testing real package behavior.
What changed
local:registry:upto start Verdaccio with npm proxy supportlocal:registry:downto stop the registrylocal:registry:pubto build and publish all packagesUsage
In the monorepo:
In your test app:
Test plan
pnpm local:registry:uppnpm local:registry:pubbun install --registry http://localhost:4873Summary by CodeRabbit
local:registry:up(start),local:registry:down(stop), andlocal:registry:pub(publish packages)✏️ Tip: You can customize this high-level summary in your review settings.