Overview

7 days30 days

Latest CI Pipeline Executions

Fuzzy

Succeeded
36016
e7a32b31 fix(js): preserve npm allowScripts allowlist in pruned package.json The @nx/js:prune-lockfile executor built its output package.json from only the project package.json, so the npm `allowScripts` install-script allowlist (which `npm approve-scripts` writes to the workspace root) was dropped from the pruned output. `npm ci` in the deployed artifact then ran install scripts the allowlist was meant to gate, and under npm's upcoming strict mode an approved script would instead be blocked. Carry the root `allowScripts` into the pruned package.json, with any project-level entries preserved and winning on conflict. This mirrors the existing `pnpm.allowBuilds` handling in createPackageJson.
by Leosvel Pé...
Failed
36016
Generating fix→
ed219dcb fix(js): preserve npm allowScripts allowlist in pruned package.json The @nx/js:prune-lockfile executor built its output package.json from only the project package.json, so the npm `allowScripts` install-script allowlist (which `npm approve-scripts` writes to the workspace root) was dropped from the pruned output. `npm ci` in the deployed artifact then ran install scripts the allowlist was meant to gate, and under npm's upcoming strict mode an approved script would instead be blocked. Carry the root `allowScripts` into the pruned package.json, keeping only entries whose package survives the prune and merging any project-level entries (project wins). Git, file, and url specs are kept verbatim since they cannot be matched against resolved package names. When the dependency closure cannot be computed, every root entry is copied rather than risk dropping an approval or denial.
by Leosvel Pé...