chore: replace .npmrc with pnpm-workspace.yaml

2026-03-02 16:26:44 -08:00
4 changed files with 32 additions and 45 deletions
@@ -1,25 +0,0 @@
 # Package Manager Configuration
 # Force pnpm usage - breaks npm/yarn intentionally
 node-linker=pnpm
 # Security: Disable all lifecycle scripts
 ignore-scripts=true
 enable-pre-post-scripts=false
 # Security: Require packages to be 10+ days old before installation
 minimum-release-age=14400
 # Security: Verify package integrity hashes
 verify-store-integrity=true
 # Security: Enforce strict trust policies
 trust-policy=strict
 # Security: Strict peer dependency resolution
 strict-peer-dependencies=true
 # Performance: Use symlinks for node_modules
 symlink=true
 # Lockfile: Ensure lockfile is not modified during install
 frozen-lockfile=false
@@ -16,7 +16,7 @@
  "author": "",
  "license": "ISC",
  "devDependencies": {
-    "@fastify/pre-commit": "2.2.1",
+    "@fastify/pre-commit": "2.1.0",
    "@nhcarrigan/eslint-config": "5.0.0-rc2",
    "@nhcarrigan/typescript-config": "4.0.0",
    "@types/node": "22.7.4",
@@ -16,8 +16,8 @@ importers:
        version: 14.16.2
    devDependencies:
      '@fastify/pre-commit':
-        specifier: 2.2.1
+        specifier: 2.1.0
-        version: 2.2.1
+        version: 2.1.0
      '@nhcarrigan/eslint-config':
        specifier: 5.0.0-rc2
        version: 5.0.0-rc2(@typescript-eslint/utils@8.7.0(eslint@9.11.1)(typescript@5.6.2))(eslint@9.11.1)(playwright@1.47.2)(prettier@3.3.3)(react@18.3.1)(typescript@5.6.2)(vitest@2.1.1(@types/node@22.7.4))
@@ -328,8 +328,8 @@ packages:
    resolution: {integrity: sha512-vH9PiIMMwvhCx31Af3HiGzsVNULDbyVkHXwlemn/B0TFj/00ho3y55efXrUZTfQipxoHC5u4xq6zblww1zm1Ig==}
    engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0}
-  '@fastify/pre-commit@2.2.1':
+  '@fastify/pre-commit@2.1.0':
-    resolution: {integrity: sha512-EluAZU4mFnCJfb6RyWFpWvEIAwdchipoiWMSRkQEaQ6ubbf6UVzYuXKSSZJR36SgtgZmKV5oRMxxwMNta5hskg==}
+    resolution: {integrity: sha512-UM1Fv4NJ+SErNJzCaR6LBk+4GE4wYtv+/R4ePY7Utx+0PktLVxHsLYnnJWgOfyHqtKCjSchZrn3H8tOPuhCfYA==}
  '@humanwhocodes/module-importer@1.0.1':
    resolution: {integrity: sha512-bxveV4V8v5Yb4ncFTT3rPSgZBOpCkjfK0y4oVVVJwIuDVBRMDXrPyXRL988i5ap9m9bnyEEjWfm5WkBmtffLfA==}
@@ -449,55 +449,46 @@ packages:
    resolution: {integrity: sha512-PNqXYmdNFyWNg0ma5LdY8wP+eQfdvyaBAojAXgO7/gs0Q/6TQJVXAXe8gwW9URjbS0YAammur0fynYGiWsKlXw==}
    cpu: [arm]
    os: [linux]
    libc: [glibc]
  '@rollup/rollup-linux-arm-musleabihf@4.22.5':
    resolution: {integrity: sha512-kSSCZOKz3HqlrEuwKd9TYv7vxPYD77vHSUvM2y0YaTGnFc8AdI5TTQRrM1yIp3tXCKrSL9A7JLoILjtad5t8pQ==}
    cpu: [arm]
    os: [linux]
    libc: [musl]
  '@rollup/rollup-linux-arm64-gnu@4.22.5':
    resolution: {integrity: sha512-oTXQeJHRbOnwRnRffb6bmqmUugz0glXaPyspp4gbQOPVApdpRrY/j7KP3lr7M8kTfQTyrBUzFjj5EuHAhqH4/w==}
    cpu: [arm64]
    os: [linux]
    libc: [glibc]
  '@rollup/rollup-linux-arm64-musl@4.22.5':
    resolution: {integrity: sha512-qnOTIIs6tIGFKCHdhYitgC2XQ2X25InIbZFor5wh+mALH84qnFHvc+vmWUpyX97B0hNvwNUL4B+MB8vJvH65Fw==}
    cpu: [arm64]
    os: [linux]
    libc: [musl]
  '@rollup/rollup-linux-powerpc64le-gnu@4.22.5':
    resolution: {integrity: sha512-TMYu+DUdNlgBXING13rHSfUc3Ky5nLPbWs4bFnT+R6Vu3OvXkTkixvvBKk8uO4MT5Ab6lC3U7x8S8El2q5o56w==}
    cpu: [ppc64]
    os: [linux]
    libc: [glibc]
  '@rollup/rollup-linux-riscv64-gnu@4.22.5':
    resolution: {integrity: sha512-PTQq1Kz22ZRvuhr3uURH+U/Q/a0pbxJoICGSprNLAoBEkyD3Sh9qP5I0Asn0y0wejXQBbsVMRZRxlbGFD9OK4A==}
    cpu: [riscv64]
    os: [linux]
    libc: [glibc]
  '@rollup/rollup-linux-s390x-gnu@4.22.5':
    resolution: {integrity: sha512-bR5nCojtpuMss6TDEmf/jnBnzlo+6n1UhgwqUvRoe4VIotC7FG1IKkyJbwsT7JDsF2jxR+NTnuOwiGv0hLyDoQ==}
    cpu: [s390x]
    os: [linux]
    libc: [glibc]
  '@rollup/rollup-linux-x64-gnu@4.22.5':
    resolution: {integrity: sha512-N0jPPhHjGShcB9/XXZQWuWBKZQnC1F36Ce3sDqWpujsGjDz/CQtOL9LgTrJ+rJC8MJeesMWrMWVLKKNR/tMOCA==}
    cpu: [x64]
    os: [linux]
    libc: [glibc]
  '@rollup/rollup-linux-x64-musl@4.22.5':
    resolution: {integrity: sha512-uBa2e28ohzNNwjr6Uxm4XyaA1M/8aTgfF2T7UIlElLaeXkgpmIJ2EitVNQxjO9xLLLy60YqAgKn/AqSpCUkE9g==}
    cpu: [x64]
    os: [linux]
    libc: [musl]
  '@rollup/rollup-win32-arm64-msvc@4.22.5':
    resolution: {integrity: sha512-RXT8S1HP8AFN/Kr3tg4fuYrNxZ/pZf1HemC5Tsddc6HzgGnJm0+Lh5rAHJkDuW3StI0ynNXukidROMXYl6ew8w==}
@@ -2167,9 +2158,9 @@ packages:
    engines: {node: '>= 8'}
    hasBin: true
-  which@5.0.0:
+  which@4.0.0:
-    resolution: {integrity: sha512-JEdGzHwwkrbWoGOlIHqQ5gtprKGOenpDHpxE9zVR1bWbOtYRyPPHMe9FaP6x61CmNaTThSkb0DAJte5jD+DmzQ==}
+    resolution: {integrity: sha512-GlaYyEb07DPxYCKhKzplCWBJtvxZcZMrL+4UkrTSJHHPyZU4mYYTv3qaOe77H7EODLSSopAUFAc6W8U4yqvscg==}
-    engines: {node: ^18.17.0 || >=20.5.0}
+    engines: {node: ^16.13.0 || >=18.0.0}
    hasBin: true
  why-is-node-running@2.3.0:
@@ -2490,10 +2481,10 @@ snapshots:
    dependencies:
      levn: 0.4.1
-  '@fastify/pre-commit@2.2.1':
+  '@fastify/pre-commit@2.1.0':
    dependencies:
      cross-spawn: 7.0.3
-      which: 5.0.0
+      which: 4.0.0
  '@humanwhocodes/module-importer@1.0.1': {}
@@ -4576,7 +4567,7 @@ snapshots:
    dependencies:
      isexe: 2.0.0
-  which@5.0.0:
+  which@4.0.0:
    dependencies:
      isexe: 3.1.1
@@ -0,0 +1,21 @@
 # Security
 # Do not execute any scripts of installed packages (project scripts still run)
 ignoreDepScripts: true
 # Do not automatically run pre/post scripts (e.g. preinstall, postbuild)
 enablePrePostScripts: false
 # Only allow packages published at least 10 days ago (reduces risk of compromised packages)
 minimumReleaseAge: 14400
 # Fail if a package's trust level has decreased compared to previous releases
 trustPolicy: no-downgrade
 # Ignore trust policy for packages published more than 1 year ago (predates provenance signing)
 trustPolicyIgnoreAfter: 525960
 # Fail if there are missing or invalid peer dependencies
 strictPeerDependencies: true
 # Prevent transitive dependencies from using exotic sources (git repos, direct tarball URLs)
 blockExoticSubdeps: true
 # Lockfile
 # Allow the lockfile to be updated during install (set to true in CI for stricter reproducibility)
 preferFrozenLockfile: false