Skip to content

fix:Align runtime to Node 20 LTS and enforce version #1183

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix:Align runtime to Node 20 LTS and enforce version #1183

wants to merge 1 commit into from

Conversation

@BMJ-075
Copy link

@BMJ-075 BMJ-075 commented Oct 14, 2025
edited by coderabbitai bot
Loading

Align runtime to Node.js 20 LTS and enforce versions to avoid Corepack/Yarn issues and improve reproducibility.

Changes:

  • Add .nvmrc (20.19.0) and .npmrc (engine-strict=true).
  • Add engines to package.json (node >=20.18 <21, yarn >=4 <5).
  • Update README.md to require Node 20 and add Corepack + nvm setup.
  • Commit Yarn Berry config: .yarnrc.yml and .yarn/install-state.gz.

Testing:

  • With Node 20.19.0 / Yarn 4.9.4:
  • yarn install --immutable OK
  • yarn test → 24/24 passed
  • yarn validate → OK

Note: One peer warning (@cowprotocol/cow-sdk → ethers), non-blocking.

Summary by CodeRabbit

  • Documentation

    • Updated prerequisites to require Node.js 20 LTS (recommended 20.19.0).
    • Added setup steps for enabling corepack, installing Node via nvm, and verifying Yarn.
    • Refreshed installation guidance to align with the new Node 20 setup.

  • Chores

    • Enforced strict engine checks during package operations.
    • Standardized Node.js version to 20.19.0 for local development.
    • Configured Yarn to use the node-modules linker.
    • Declared supported Node and Yarn versions and specified the package manager version.

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Oct 14, 2025
edited
Loading

Walkthrough

Updates project runtime/tooling configuration to Node.js 20 LTS. Adds strict engine enforcement for npm, configures Yarn to node-modules linker, pins Node version via .nvmrc, sets engines and packageManager in package.json, and adjusts README prerequisites and setup steps accordingly.

Changes

Cohort / File(s) Summary
Runtime/Engines Configuration
package.json, .npmrc, .nvmrc, .yarnrc.yml		 Add engines (Node 20, Yarn) and packageManager (Yarn 4.9.4) to package.json; enable npm engine-strict; add .nvmrc with Node 20.19.0; configure Yarn nodeLinker: node-modules.
Documentation
README.md		 Update prerequisites to Node.js 20 LTS (Iron), recommend v20.19.0; add setup steps using corepack and nvm; include Yarn version sanity check.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related issues

Suggested reviewers

  • shoom3301
  • alfetopito

Poem

Little paws tap npm drums, hop-hop—strict and neat,
Yarn rolls out tidy balls, node-modules at my feet.
Iron moons of Node 20 glow, steady as can be,
nvm burrows version snug: 20.19.0 for me.
With corepack carrots cached, I ship—bugs flee! 🥕🐇

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check ✅ Passed The title succinctly captures the core update of aligning the project’s runtime to Node 20 LTS and enforcing version constraints, directly reflecting the main change introduced by the pull request.
Docstring Coverage ✅ Passed No functions found in the changes. Docstring coverage check skipped.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link
Contributor


Thank you for your submission, we really appreciate it. Like many open-source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution. You can sign the CLA by just posting a Pull Request Comment same as the below format.

I have read the CLA Document and I hereby sign the CLA

You can retrigger this bot by commenting recheck in this Pull Request. Posted by the CLA Assistant Lite bot.

@socket-security
Copy link

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Addedunique-slug@​5.0.01001006183100
Addedunique-filename@​4.0.01001006583100
Addedabbrev@​3.0.1100100718480
Addedstrip-ansi@​7.1.21001007281100
Added@​isaacs/​cliui@​8.0.29910010077100
Added@​isaacs/​fs-minipass@​4.0.11001009277100
Addedpackage-json-from-dist@​1.0.110010010077100
Addedminipass-sized@​1.0.31001008177100
Addedminipass-flush@​1.0.51001007777100
Addedeastasianwidth@​0.2.01001007877100
Addedminipass-collect@​2.0.11001008177100
Addedminipass-pipeline@​1.2.41001008977100
Addedtinyglobby@​0.2.151001007784100
Addedencoding@​0.1.131001007977100
Addedisexe@​3.1.1991009277100
Addedenv-paths@​2.2.110010010077100
Added@​pkgjs/​parseargs@​0.11.010010010078100
Addedretry@​0.12.010010010078100
Addedhttp-proxy-agent@​7.0.21001008278100
Addedpath-scurry@​1.11.110010010078100
Addedip-address@​10.0.110010010078100
Addedsmart-buffer@​4.2.010010010078100
Addedp-map@​7.0.310010010079100
Addedhttps-proxy-agent@​7.0.61001009179100
Addedminimatch@​9.0.510010010079100
Addedminipass-fetch@​4.0.1991008084100
Addedsignal-exit@​4.1.01001009380100
Addedagent-base@​7.1.41001009180100
Addedjackspeak@​3.4.310010010080100
Addedglob@​10.4.510010010080100
Addedsocks-proxy-agent@​8.0.5991008481100
Updatedcross-spawn@​7.0.3 ⏵ 7.0.699 +1100 +2297 -281100
Addedsocks@​2.8.710010010081100
See 22 more rows in the dashboard

View full report

@BMJ-075
Copy link
Author

BMJ-075 commented Oct 14, 2025

I have read the CLA Document and I hereby sign the CLA

@BMJ-075
Copy link
Author

BMJ-075 commented Oct 14, 2025

closes #1182

coderabbitai[bot]
coderabbitai bot reviewed Oct 14, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (2)
package.json (1)

67-73: Align engines.node with .nvmrc/README for consistency.

Consider requiring >=20.19.0 to match .nvmrc and docs. engines.yarn is optional given packageManager, but fine to keep.

Apply:

   "engines": {
-    "node": ">=20.18.0 <21",
+    "node": ">=20.19.0 <21",
     "yarn": ">=4.0.0 <5"
   },
README.md (1)

57-68: Minor setup clarity: group nvm command; optionally mention nvm install.

Shell clarity/readability:

- nvm use || nvm install 20.19.0 && nvm use 20.19.0
+ nvm use || (nvm install 20.19.0 && nvm use 20.19.0)

Optionally add a note/link to install nvm if the command is missing, and/or run:

  • corepack use yarn@4.9.4 (not required with packageManager, but makes the step explicit).
📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1603e3d and f0cfba7.

⛔ Files ignored due to path filters (2)
  • .yarn/install-state.gz is excluded by !**/.yarn/**, !**/*.gz
  • yarn.lock is excluded by !**/yarn.lock, !**/*.lock
📒 Files selected for processing (5)
  • .npmrc (1 hunks)
  • .nvmrc (1 hunks)
  • .yarnrc.yml (1 hunks)
  • README.md (1 hunks)
  • package.json (1 hunks)
🔇 Additional comments (3)
.nvmrc (1)

1-2: Pinned Node version looks good.

.npmrc (1)

1-2: No npm usage detected in CI workflows
Verified that GitHub workflows contain no npm install or npm ci invocations; retaining engine-strict=true is safe.

.yarnrc.yml (1)

1-1: LGTM. .gitignore has no .yarn entries, so Yarn metadata won’t be ignored.

@BMJ-075
Copy link
Author

BMJ-075 commented Oct 14, 2025

recheck

@BMJ-075
Copy link
Author

BMJ-075 commented Oct 14, 2025

I have read the CLA Document and I hereby sign the CLA

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@BMJ-075 @Bhavya-ancilar