Refactor/package manager

[Producdevity]

Description

refactor: migrate project to pnpm and update related scripts and docs

Type of change

• Bug fix
• New feature
• Breaking change
• Documentation update
• Refactor
• Other (please describe):

How Has This Been Tested?

• Local build
• Lint
• Typecheck
• Unit tests
• Manual testing

Checklist

• My code follows the style guidelines of this project
• I have performed a self-review of my code
• I have made corresponding changes to the documentation
• I have checked that all checks (lint, typecheck, test) pass

Summary by CodeRabbit

• Documentation

  • README and docs rewritten and condensed; developer guides/examples switched to pnpm.

• Chores

  • Migrated tooling to pnpm across CI, Docker, Compose, workspace and project config; build/cache adjustments and Docker ignore update.

• Accessibility

  • Improved Notification Center ARIA attributes for assistive tech.

• Tests

  • Removed some internal test/benchmark helpers; updated tests/E2E to pnpm, added stable test IDs, improved selectors, mocks, and external-service image mocks.

• Config

  • Playwright, test runner, image/unoptimized flags and build settings updated.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
emuready	Ready	Preview, Comment	May 13, 2026 7:42pm

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 6ce696da-99e9-46ae-8d06-ccd87afdf2af

📥 Commits

Reviewing files that changed from the base of the PR and between 5f1a25a and 078941e.

📒 Files selected for processing (1)

• next.config.ts

🚧 Files skipped from review as they are similar to previous changes (1)

• next.config.ts

---

Walkthrough

Repository-wide migration from npm/npx to pnpm: updates package manager, workspace config, CI/E2E workflows, Dockerfiles/compose, scripts, tooling, docs, and ignore rules; adjusts Prisma migration headers; removes a Vitest benchmark and an auth test helper; improves notification accessibility and adapts tests. (50 words)

Changes

Pnpm package manager migration

Layer / File(s)	Summary
Package manager declaration & workspace config package.json, pnpm-workspace.yaml, .gitignore, .dockerignore	Sets packageManager: pnpm@11.1.0, adds pnpm-workspace.yaml with allowBuilds, and ignores .pnpm-store/.
CI & E2E workflows .github/workflows/ci.yml, .github/workflows/e2e-tests.yml	Reworks GitHub Actions: triggers, permissions, concurrency; splits CI into quality, unit-tests, build; moves installs/tests/build to pnpm; updates Node setup to use .nvmrc with pnpm caching; tightens Postgres health checks and path filters.
Docker, build, runtime & compose Dockerfile, docker-compose.yml, scripts/docker-dev.sh	Enables corepack/pnpm in Dockerfile, switches installs and Prisma generation to pnpm/pnpm exec, copies pre-generated Prisma artifacts from builder to production, and updates compose/dev helper commands to pnpm equivalents.
Tooling, pre-commit & runner wiring lint-staged.config.mjs, playwright.config.ts, vitest.config.mts, next.config.ts, package.json	Updates lint-staged to stage pnpm-lock.yaml; Playwright webServer fallback and CI video policy use pnpm/CI-aware video; Vitest fileParallelism/reporters changes; Next config adds images.unoptimized toggle and transpilePackages; package scripts converted to pnpm and several deps bumped.
Prisma migration headers & SQL prisma/migrations/.../migration.sql	Updates migration usage docs to reference pnpm db:migrate:deploy; maintains SQL including unique index on WebhookEvent (source, eventId).
Docs & contributor guidance README.md, CONTRIBUTING.md, RELEASE_NOTES.md, docs/*	Replaces npm/npx examples with pnpm commands across docs; README content condensed and restructured; release notes and contributing updated for pnpm workflows.
Helper scripts & CLI changes scripts/shadcn.ts, scripts/migrate-normalized-titles.ts, scripts/*	Replaces npx/execSync with pnpm dlx/pnpm exec and spawnSync; adds CLI input validation and explicit child-process error/status handling; updates usage/help text to pnpm.
Workspace/build allowances pnpm-workspace.yaml	Adds allowBuilds entries to permit/deny builds for specific packages/tools used during pnpm installs.

Notifications accessibility and tests (plus removed tests)

Layer / File(s)	Summary
Notification component accessibility & test IDs src/components/notifications/NotificationCenter.tsx, src/components/notifications/NotificationList.tsx	Adds conditional aria-label with unread count to bell button; desktop dropdown role="region" + aria-label="Notifications"; mobile sheet role="dialog", aria-modal="true"; adds data-testid="notification-empty-state" and data-testid="notification-item".
Playwright tests updated to role/test-id locators & external mocks tests/notification-system.spec.ts, tests/helpers/external-services.ts	Tests refactored to use bell-button and Notifications region helpers, scoped queries using roles/test-ids; adds external image request interception returning a 1x1 PNG.
Test internals, mocks, and observers src/test/setup.ts, src/server/notifications/service.test.ts, various *.test.ts files	Standardizes vi.mock factories to named function implementations, replaces observer globals with class-style mocks, introduces NotificationServiceInternals and listing builders for tests, and updates tests to call internals/helpers rather than accessing private members with TS suppressions.
Removed test artifacts tests/helpers/auth.ts, src/server/api/routers/mobile/games.benchmark.test.ts	Removes the AuthHelpers test helper and deletes the Vitest benchmark suite for mobile games.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• Producdevity/EmuReady#348: Overlapping changes to Playwright CI/server command behavior and environment loading that may interact with this pnpm/Playwright migration.

Poem

🐇 I hopped through scripts and docs with cheer,

Swapped npm for pnpm so installs run clear.
CI, Docker, tests hum a brand-new tune,
Docs and seeds adjusted by the moon.
A rabbit twitches — faster installs soon!

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 34.78% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The title is vague and overly generic. 'Refactor/package manager' uses a non-descriptive term that doesn't convey the main change clearly.	Revise the title to be more specific, such as 'Migrate project to pnpm package manager' or 'Switch package manager from npm to pnpm'.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description check	✅ Passed	The description is mostly complete, with the primary summary clearly stating the migration to pnpm. Type of change, testing sections, and checklist items are appropriately filled out.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch refactor/package-manager

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

next.config.ts

Oops! Something went wrong! :(

ESLint: 9.29.0

ESLint couldn't find the plugin "eslint-plugin-react-hooks".

(The package "eslint-plugin-react-hooks" was not found when loaded as a Node module from the directory "".)

It's likely that the plugin isn't installed correctly. Try reinstalling by running the following:

npm install eslint-plugin-react-hooks@latest --save-dev

The plugin "eslint-plugin-react-hooks" was referenced from the config file in " » eslint-config-next/core-web-vitals » /node_modules/.pnpm/eslint-config-next@15.5.18_eslint@9.29.0_jiti@2.4.2__typescript@5.8.3/node_modules/eslint-config-next/index.js".

If you still can't figure out the problem, please see https://eslint.org/docs/latest/use/troubleshooting.

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

package.json (1)

55-55: 💤 Low value

Dependency updates appear unrelated to pnpm migration.

The updates to @clerk/backend (line 55) and addition of @clerk/types (line 117) seem unrelated to the package manager migration. While not necessarily problematic, consider whether these should be in a separate commit or PR for clearer change tracking.

Also applies to: 117-117

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@package.json` at line 55, The package.json change mixes package manager
migration with unrelated dependency bumps for "@clerk/backend" and the new
"@clerk/types"; split these into separate changes by reverting the dependency
version bump/addition in package.json (remove or restore the previous
"@clerk/backend" version line and remove the "@clerk/types" entry) in this PR
and create a follow-up commit/PR that explicitly updates "@clerk/backend" to
"2.33.3" and adds "@clerk/types" with a clear changelog/commit message, so the
pnpm migration PR only includes pnpm-related edits and the dependency updates
are tracked separately.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@scripts/shadcn.ts`:
- Line 16: The execSync call using a templated shell string in scripts/shadcn.ts
is vulnerable to command injection via componentName; replace it with
child_process.spawnSync and pass the command and arguments as an array (e.g.,
'pnpm', ['dlx', 'shadcn@latest', 'add', componentName]) and ensure shell is not
used so arguments are not interpreted by a shell. Update the import from
child_process to use spawnSync (remove/replace execSync) and preserve the stdio:
'inherit' behavior; this prevents shell interpolation and fixes the injection
vulnerability.

---

Nitpick comments:
In `@package.json`:
- Line 55: The package.json change mixes package manager migration with
unrelated dependency bumps for "@clerk/backend" and the new "@clerk/types";
split these into separate changes by reverting the dependency version
bump/addition in package.json (remove or restore the previous "@clerk/backend"
version line and remove the "@clerk/types" entry) in this PR and create a
follow-up commit/PR that explicitly updates "@clerk/backend" to "2.33.3" and
adds "@clerk/types" with a clear changelog/commit message, so the pnpm migration
PR only includes pnpm-related edits and the dependency updates are tracked
separately.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 703b7b46-8912-4cc3-bf14-456115a84678

📥 Commits

Reviewing files that changed from the base of the PR and between aeecf27 and fa27df1.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (27)

• .dockerignore
• .github/workflows/ci.yml
• .github/workflows/e2e-tests.yml
• .gitignore
• CONTRIBUTING.md
• Dockerfile
• README.md
• RELEASE_NOTES.md
• docker-compose.yml
• docs/AUTHENTICATION_SETUP.md
• docs/DEVELOPMENT_SETUP.md
• docs/DOCKER.md
• docs/E2E_TESTING_SETUP.md
• docs/WEBHOOK_TROUBLESHOOTING.md
• lint-staged.config.mjs
• package.json
• playwright.config.ts
• pnpm-workspace.yaml
• prisma/migrations/20250928_android_entitlements/migration.sql
• scripts/docker-dev.sh
• scripts/migrate-normalized-titles.ts
• scripts/shadcn.ts
• src/app/admin/monitoring/components/BundleSizeMonitor.tsx
• src/app/api/docs/mobile/openapi/route.ts
• src/server/api/routers/mobile/games.benchmark.test.ts
• src/server/api/trpc.ts
• tests/helpers/auth.ts

💤 Files with no reviewable changes (2)

• src/server/api/routers/mobile/games.benchmark.test.ts
• tests/helpers/auth.ts

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@tests/notification-system.spec.ts`:
- Around line 8-10: The region lookup in function notificationDropdown uses a
case-sensitive regex /^Notifications$/; make it case-insensitive by switching to
a regex with the i flag (e.g., /^Notifications$/i) so getByRole('region', {
name: ... }) will match "Notifications", "notifications", or "NOTIFICATIONS"
while preserving the exact anchors; update the pattern in notificationDropdown
to the case-insensitive form.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 57c459ce-4c24-4605-8323-1562d187abfa

📥 Commits

Reviewing files that changed from the base of the PR and between 22f4760 and eac7fbd.

📒 Files selected for processing (3)

• src/components/notifications/NotificationCenter.tsx
• src/components/notifications/NotificationList.tsx
• tests/notification-system.spec.ts

✅ Files skipped from review due to trivial changes (2)

• src/components/notifications/NotificationList.tsx
• src/components/notifications/NotificationCenter.tsx

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/ci.yml:
- Around line 167-170: Remove the unnecessary database seeding step from the
production build job by deleting the step that runs "pnpm exec prisma db seed"
(the "Seed test database" job) in the CI workflow; the build script ("pnpm
build" which runs "pnpm db:generate && next build") does not require seeded
data, so either remove that step entirely or move the "pnpm exec prisma db seed"
command into a separate integration/test job where seeding is actually required.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: b5fd2a01-ba0d-4b5e-b686-f9c615016e3d

📥 Commits

Reviewing files that changed from the base of the PR and between eac7fbd and 52617db.

📒 Files selected for processing (2)

• .github/workflows/ci.yml
• .github/workflows/e2e-tests.yml

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/workflows/e2e-tests.yml

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

.github/workflows/ci.yml (1)

175-176: 🛠️ Refactor suggestion | 🟠 Major | ⚡ Quick win

Remove unnecessary database seeding from the production build job.

The build job seeds the test database before building, but pnpm build (which runs pnpm db:generate && next build) doesn't require seeded data. Next.js build processes don't query the database at build time in this codebase.

This step wastes CI time and should be removed from the build job. If seeding is needed for other jobs (like E2E tests), keep it there.

⚡ Proposed change to remove seeding step

       - name: Generate Prisma client
         run: pnpm db:generate
 
-      - name: Seed test database
-        run: pnpm exec prisma db seed
-
       - name: Build
         run: pnpm build

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ci.yml around lines 175 - 176, The CI build job includes
an unnecessary "Seed test database" step that runs "pnpm exec prisma db seed"
before running the build; remove that step from the build job so the job no
longer executes the "pnpm exec prisma db seed" command (leave seeding steps in
E2E or test jobs if present). Locate the step labeled "Seed test database" in
the build job and delete it so the build runs only the required "pnpm build"
(which calls "pnpm db:generate && next build") without performing database
seeding.

🧹 Nitpick comments (1)

.github/workflows/ci.yml (1)

73-74: ⚡ Quick win

Consider whether database migrations are necessary for the lint/type-check job.

The quality job runs prisma migrate deploy before linting and type-checking. Typically, pnpm db:generate (line 77) is sufficient to generate Prisma types for type-checking. The migration step requires a running database and adds time to the job, but lint and type-check don't execute queries.

If migrations are not required for static analysis, removing this step would speed up the workflow.

⚡ Proposed change to remove unnecessary migration

       - name: Install dependencies
         run: pnpm install --frozen-lockfile
 
-      - name: Run database migrations
-        run: pnpm exec prisma migrate deploy
-
       - name: Generate Prisma client
         run: pnpm db:generate

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ci.yml around lines 73 - 74, The workflow currently runs
the "Run database migrations" step which executes "pnpm exec prisma migrate
deploy" before lint/type-check; remove that step (or gate it behind a job that
requires a DB) and rely on the existing "pnpm db:generate" step to produce
Prisma types for static analysis (so keep "pnpm db:generate" and remove or
comment out the "Run database migrations" step that runs "pnpm exec prisma
migrate deploy").

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@next.config.ts`:
- Line 8: Add documentation for the NEXT_IMAGE_UNOPTIMIZED environment variable
by updating the environment template files so it's visible to deployers: in
.env.example and .env.docker.example add a line like
NEXT_IMAGE_UNOPTIMIZED=false with a short comment explaining that setting it to
"true" disables Next.js image optimization (used to control the unoptimized prop
referenced in next.config.ts), ensuring teams know the default and how to enable
the behavior.

---

Duplicate comments:
In @.github/workflows/ci.yml:
- Around line 175-176: The CI build job includes an unnecessary "Seed test
database" step that runs "pnpm exec prisma db seed" before running the build;
remove that step from the build job so the job no longer executes the "pnpm exec
prisma db seed" command (leave seeding steps in E2E or test jobs if present).
Locate the step labeled "Seed test database" in the build job and delete it so
the build runs only the required "pnpm build" (which calls "pnpm db:generate &&
next build") without performing database seeding.

---

Nitpick comments:
In @.github/workflows/ci.yml:
- Around line 73-74: The workflow currently runs the "Run database migrations"
step which executes "pnpm exec prisma migrate deploy" before lint/type-check;
remove that step (or gate it behind a job that requires a DB) and rely on the
existing "pnpm db:generate" step to produce Prisma types for static analysis (so
keep "pnpm db:generate" and remove or comment out the "Run database migrations"
step that runs "pnpm exec prisma migrate deploy").

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: dd8fb2c1-4f3e-432a-b073-fefae6ff1344

📥 Commits

Reviewing files that changed from the base of the PR and between 52617db and f733995.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (6)

• .github/workflows/ci.yml
• .github/workflows/e2e-tests.yml
• next.config.ts
• package.json
• playwright.config.ts
• vitest.config.mts

🚧 Files skipped from review as they are similar to previous changes (2)

• playwright.config.ts
• package.json

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@next.config.ts`:
- Line 119: The comment "trpc endpoints are dynamic; prevent intermediary/proxy
caching" is misplaced before the '/service-worker.js' route; remove it from the
block that defines the '/service-worker.js' header configuration and either
delete it or move it to the header config that applies to the tRPC route (the
entry with the source '/trpc/:path*' or the tRPC endpoints in the headers()
export). Update the comment location so it directly precedes the tRPC header
configuration (not the '/service-worker.js' route) to accurately describe the
code.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 1129ccfb-9963-44d6-a0ce-614ac25ebf59

📥 Commits

Reviewing files that changed from the base of the PR and between 6b4d222 and 5f1a25a.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (4)

• next.config.ts
• package.json
• src/components/app/AppPhoneMockup.tsx
• src/server/notifications/service.test.ts