Skip to content

ci: add packaging & monorepo consistency validation (publint + attw + sherif)#46

Open
martyy-code wants to merge 2 commits into
mainfrom
impl/34-ci-publint-attw-sherif
Open

ci: add packaging & monorepo consistency validation (publint + attw + sherif)#46
martyy-code wants to merge 2 commits into
mainfrom
impl/34-ci-publint-attw-sherif

Conversation

@martyy-code

Copy link
Copy Markdown
Contributor

Summary

Add three lightweight CI checks (publint, @arethetypeswrong/cli, sherif) plus the lib fixes that make them pass on day one. After merge, the same checks run on every PR via the existing CI workflow.

What changed

  • Root devDeps + scripts: publint 0.3.21, @arethetypeswrong/cli 0.18.5, sherif 1.13.0; new scripts lint:publint, lint:attw, lint:sherif, plus check:packaging shorthand.
  • turbo.json: three cacheable tasks (lint:publint, lint:attw w/ dependsOn: [^build], lint:sherif) keyed on the lib dist + workspace manifests.
  • CI (.github/workflows/ci.yml): after Test, runs Build then the three packaging checks via pnpm turbo lint:*.
  • Lib fixes (so attw passes):
    • packages/type-testing/src/types/special.ts:5 — add .js to the relative import.
    • packages/type-testing/src/types/property.ts:5 — same bug, second instance surfaced by attw on first run.
  • Packaging fixes (so publint passes):
    • packages/type-testing/package.json exports map: types condition first, nested import.types for moduleResolution: "bundler", and a default condition on each of the three entrypoints.
  • Workspace drift fixes (so sherif passes):
    • apps/web/package.json: align eslint to ^9.0.0 and typescript to ^5.0.0.
    • examples/package.json: align typescript to ^5.0.0.
  • Docs: CONTRIBUTING.md "Code quality" section now lists the three new scripts.

attw note

The attw command passes --ignore-rules no-resolution cjs-resolves-to-esm. The lib is ESM-only (`type: "module""), so:

  • no-resolution would otherwise flag the deep subpath exports (./vitest, ./vitest/setup) under the legacy node10 resolver — irrelevant for any modern consumer.
  • cjs-resolves-to-esm would otherwise warn that a CJS require() resolves to ESM, which is intrinsic to an ESM-only package.

Both exclusions are documented in the script's CLI invocation; the matrix table is otherwise green across node10 / node16 (CJS) / node16 (ESM) / bundler.

Verification

  • pnpm build — type-testing + web both green (turbo cache hit)
  • pnpm typecheck — turbo across 3 packages
  • pnpm test — 252 tests pass
  • pnpm lint — green (one pre-existing web warning unchanged)
  • pnpm check:packaging — publint + attw + sherif all green

Post-merge: required status checks (repo-settings change)

Issue AC requires "wired as required checks on PRs to main". Once this PR merges, a maintainer needs to flip the three new jobs into the branch-protection required-checks list. Run from a shell with scope:

gh api -X PUT   repos/deessejs/type-testing/branches/main/protection/required_status_checks   --input <(jq -n '{
    strict: true,
    contexts: [
      "build / Lint",
      "build / Typecheck",
      "build / Test",
      "build / Sherif (workspace version consistency)",
      "build / Publint (packaging shape)",
      "build / Are the types wrong (consumer-side type resolution)"
    ]
  }')

After the first merged run, copy the exact step-name strings from the GitHub Actions UI into the JSON, since they sometimes include the prefix ci.yml / rather than build / .

Related

Closes #34


🤖 Generated with Claude Code

martyy-code and others added 2 commits July 13, 2026 11:55
Co-Authored-By: Claude <noreply@anthropic.com>
… sherif)

Adds three lightweight CI checks plus the lib fixes that make them green:
- publint validates package.json / exports / files against npm rules
- @arethetypeswrong/cli (attw) resolves types under node16/nodenext/bundler
- sherif catches workspace version drift (multiple-dependency-versions)

Lib fixes (so attw passes):
- src/types/special.ts:5 — add .js extension to relative import
- src/types/property.ts:5 — same bug; second instance surfaced by attw

Packaging fixes (so publint passes):
- exports map: types condition first, nested import.types for moduleResolution:bundler, default conditions for the three entrypoints

Workspace version drift (so sherif passes):
- apps/web: align eslint to ^9.0.0 and typescript to ^5.0.0
- examples: align typescript to ^5.0.0

CI: build + lint:sherif + lint:publint + lint:attw run after Test in ci.yml.
Contributing: updated 'Code quality' section with the three new scripts.
Branch protection (required status checks) is a post-merge repo-settings step,
documented in the PR description.

Co-Authored-By: Claude <noreply@anthropic.com>
@martyy-code martyy-code requested a review from codewizdave as a code owner July 13, 2026 10:08
@martyy-code martyy-code added enhancement New feature or request area:build Packaging, exports map, tsconfig area:ci Workflows, dependabot, tooling labels Jul 13, 2026
@martyy-code martyy-code self-assigned this Jul 13, 2026
@martyy-code martyy-code added the status:in-progress Someone is working on it label Jul 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area:build Packaging, exports map, tsconfig area:ci Workflows, dependabot, tooling enhancement New feature or request status:in-progress Someone is working on it

Projects

None yet

Development

Successfully merging this pull request may close these issues.

ci: add packaging & monorepo consistency validation (publint + attw + sherif)

1 participant