feat: add Bun support to project

[sujitaw]

What

• added changes to use bun alternative to pnpm

Summary by CodeRabbit

• Chores
  • Updated minimum Node.js version requirement to 24
  • Added monorepo/workspaces support with a top-level package catalog
  • Marked repository as private
  • Added Bun development typing support
  • Simplified migration and code-generation command scripts

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Updated package.json: removed npx from scripts and added explicit Prisma schema flag, raised Node engine to >=24, added @types/bun devDependency, and introduced a monorepo workspaces layout with private: true and a large catalog of NestJS-related package versions.

Changes

Cohort / File(s)	Summary
Scripts & Node engine package.json	Removed npx from start script (now runs prisma migrate deploy --schema=...); updated prisma:generate to include explicit --schema flag; changed engines.node from >=18 to >=24.
Monorepo / Workspaces & Catalog package.json	Added top-level private: true; added workspaces with packages globs (apps/*, libs/*); added a catalog object listing version mappings for many NestJS packages and related tooling.
Bun types (devDependency) package.json	Added @types/bun as a devDependency pinned to 1.3.3.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Check that workspace packages globs (apps/*, libs/*) match repo layout.
• Verify Prisma schema paths referenced in scripts are correct.
• Review catalog entries for intended versions and any overrides that may conflict with workspace package.json files.

Poem

🐇 I hopped through JSON, tidy and bright,

scripts trimmed of npx took flight.
Workspaces folded into a neat nest,
Bun types added — now we're dressed.
Node twenty-four, we leap with delight.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat: add Bun support to project' accurately reflects the main change in the changeset, which adds Bun-related configuration including @types/bun dependency and updates to scripts for Bun compatibility.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/replace_pnpm_with_bun

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5e6a2c3 and 89b5d55.

📒 Files selected for processing (1)

• package.json (4 hunks)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: sujitaw
Repo: credebl/platform PR: 1531
File: package.json:209-209
Timestamp: 2025-12-04T07:15:05.237Z
Learning: In the credebl/platform repository, the team prefers to support both pnpm and Bun package managers simultaneously, with pnpm as the primary package manager (specified in the packageManager field) and Bun as an alternative option.

📚 Learning: 2025-12-04T07:15:05.237Z

Learnt from: sujitaw
Repo: credebl/platform PR: 1531
File: package.json:209-209
Timestamp: 2025-12-04T07:15:05.237Z
Learning: In the credebl/platform repository, the team prefers to support both pnpm and Bun package managers simultaneously, with pnpm as the primary package manager (specified in the packageManager field) and Bun as an alternative option.

Applied to files:

• package.json

🔇 Additional comments (3)

package.json (3)

160-161: @types/bun now properly pinned to concrete version.

The @types/bun dependency is now pinned to 1.3.3 instead of "latest", which fixes the reproducibility and breakage risk flagged in the previous review. This aligns with the reproducible build practices used throughout the rest of the dependency tree.

---

213-243: Workspaces and catalog structure supports dual package manager approach.

The addition of "private": true, "workspaces" with packages array, and the catalog field provides proper monorepo scaffolding compatible with both pnpm and Bun. This aligns well with the dual-manager support strategy (pnpm as primary, Bun as alternative). The catalog feature ensures consistent dependency versions across workspaces for both package managers.

---

12-12: No action needed—npx removal is safe and correct for pnpm workspaces.

Prisma is available as a devDependency at root (line 154), and pnpm automatically adds bin scripts to PATH when running npm scripts. Removing npx is the recommended approach in pnpm workspaces and poses no version mismatch or PATH resolution risks. Both pnpm and Bun handle bin script resolution correctly in this monorepo setup.

Likely an incorrect or invalid review comment.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (1)

package.json (1)

213-242: Verify monorepo workspace catalog compatibility and completeness.

The workspaces and catalog structure is well-designed, but confirm:

• Bun correctly resolves catalog: entries (pnpm has native support; Bun's behavior may differ)
• All 17 cataloged packages are actually used across apps/* and libs/* (redundant entries waste cognitive load and maintenance)
• The ^ version ranges align with your stability/velocity trade-offs

Consider verifying this works end-to-end with Bun in CI/CD before merging.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5137cc8 and 5e6a2c3.

⛔ Files ignored due to path filters (1)

• bun.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• package.json (4 hunks)

🔇 Additional comments (1)

package.json (1)

12-12: Scripts using prisma and nest directly are compatible with npm, pnpm, and Bun.

Both prisma (^5.1.1) and @nestjs/cli (^11.0.10) are installed as dependencies and will be available in node_modules/.bin. Package managers automatically link these CLIs, so the removal of npx is not a breaking change—the scripts work identically with npm, pnpm, and Bun. This is a minor optimization rather than a compatibility issue.

If this is a Bun migration, consider updating packageManager on line 209 from pnpm to Bun for clarity. Also review the @types/bun version on line 161—using "latest" instead of a pinned version introduces non-deterministic builds.

Likely an incorrect or invalid review comment.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

# Check the package.json file around line 209 to see the packageManager field
cat -n package.json | sed -n '200,220p'

Repository: credebl/platform

Length of output: 1030

---

🏁 Script executed:

# Look for any Bun-related changes or configuration in the repository
fd -t f "bun\|tsconfig\|package.json" | head -20
rg -i "bun" --type json package.json

Repository: credebl/platform

Length of output: 86

---

🏁 Script executed:

# Check git log or status for changes to packageManager field
git diff HEAD package.json | grep -A 5 -B 5 "packageManager" || echo "No packageManager changes in diff"
git log --oneline -n 20

Repository: credebl/platform

Length of output: 120

---

🏁 Script executed:

# Check the scripts section in package.json to understand which package manager is being used
cat -n package.json | sed -n '1,60p'

Repository: credebl/platform

Length of output: 2955

---

🏁 Script executed:

# Look for any CI/CD configuration that might indicate package manager usage
fd -t f "\\.github\|Dockerfile\|\.circleci\|\.gitlab-ci" | head -20

Repository: credebl/platform

Length of output: 42

---

🏁 Script executed:

# Check what Bun-related changes were made in this PR
rg -i "bun" package.json -A 2 -B 2

Repository: credebl/platform

Length of output: 170

---

Clarify the package manager policy—packageManager field still specifies pnpm despite Bun additions.

The PR adds @types/bun as a devDependency, but line 209 still declares [email protected] as the package manager. The scripts in package.json remain pnpm/npm-compatible with no Bun-specific tooling.

Clarify whether:

• Bun is being added as a gradual migration (pnpm remains the declared manager for now)
• Bun is intended as an alternative/optional tool alongside pnpm
• This is preparatory work, with packageManager to be updated in a follow-up PR

If the intent is to transition to Bun as the primary manager, update line 209 accordingly.

🤖 Prompt for AI Agents

In package.json around line 209, the packageManager field still pins [email protected]
even though @types/bun was added; clarify the intended policy by either (A)
leaving packageManager as pnpm and adding a short comment in the PR description
that Bun is being added only for types/optional use or gradual migration, (B)
explicitly state Bun is an alternative/optional tool in the PR, or (C) if Bun
should become the primary manager, update the packageManager value to
bun@<version> (or bun@latest) in this file and adjust any lockfiles/scripts
accordingly; implement the chosen option and update the PR description to make
the intent explicit.

[sujitaw]

@coderabbitai i would like to keep both and use both

[coderabbitai]

@sujitaw, thank you for the clarification! Using both package managers is absolutely feasible. Since the packageManager field specifies pnpm, it will remain the default manager enforced by tools like Corepack, while Bun can be used as an alternative runtime and package manager.

To ensure smooth collaboration across your team, I recommend:

1. Document the usage policy in your README or CONTRIBUTING guide:

   • When to use pnpm (e.g., for CI/CD, standard development workflows)
   • When to use Bun (e.g., for faster local development, specific scripts)

2. Consider adding Bun-specific scripts if needed, such as:

   "start:bun": "bun run start",
   "dev:bun": "bun --watch ..."

3. Maintain both lock files if your team uses both managers to avoid conflicts

This dual-manager approach gives your team flexibility while maintaining pnpm as the standard.

---

✏️ Learnings added

Learnt from: sujitaw
Repo: credebl/platform PR: 1531
File: package.json:209-209
Timestamp: 2025-12-04T07:15:05.237Z
Learning: In the credebl/platform repository, the team prefers to support both pnpm and Bun package managers simultaneously, with pnpm as the primary package manager (specified in the packageManager field) and Bun as an alternative option.

Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# First, confirm the current package.json Node requirement
cat -n package.json | grep -A 2 -B 2 '"node"'

Repository: credebl/platform

Length of output: 478

---

🏁 Script executed:

# Check git history for this specific change
git log -p --all -- package.json | grep -A 5 -B 5 '"node"' | head -50

Repository: credebl/platform

Length of output: 42

---

🏁 Script executed:

# Search for Node 24-specific APIs or features in the codebase
rg "node.*24|Node.*24|version.*24" -i

Repository: credebl/platform

Length of output: 33655

---

🏁 Script executed:

# Check CHANGELOG or migration guides
fd -e md -e txt | xargs grep -l "node\|Node\|migration" 2>/dev/null | head -10

Repository: credebl/platform

Length of output: 92

---

🏁 Script executed:

# Look for comments about Node version requirements
rg "node.*version|requires.*node|minimum.*node" -i -A 2

Repository: credebl/platform

Length of output: 50372

---

🏁 Script executed:

# Check CHANGELOG for Node version context
find . -iname "CHANGELOG*" -o -iname "HISTORY*" | head -5

Repository: credebl/platform

Length of output: 42

---

🏁 Script executed:

# Search CHANGELOG for Node/version references
fd -e md -e MD | xargs grep -i "node.*24\|v24\|version.*require" 2>/dev/null | head -20

Repository: credebl/platform

Length of output: 42

---

🏁 Script executed:

# Check if there's documentation about the upgrade
fd -i -e md README | xargs grep -i "node\|upgrade\|migration" 2>/dev/null | head -15

Repository: credebl/platform

Length of output: 217

---

🏁 Script executed:

# Look for any CI/deployment configs that might reference Node 24
fd -name ".github" -o -name ".gitlab-ci*" -o -name "Jenkinsfile" -o -name ".travis.yml" | xargs grep -l "node\|24" 2>/dev/null

Repository: credebl/platform

Length of output: 292

---

🏁 Script executed:

# Try the CI config search with corrected syntax
find . -path "*/.github" -o -path "*/.gitlab-ci.yml" -o -path "*/Jenkinsfile" -o -path "*/.travis.yml" 2>/dev/null | xargs grep -h "node\|24" 2>/dev/null | head -20

Repository: credebl/platform

Length of output: 42

---

🏁 Script executed:

# Search for any docs about dependencies or requirements
fd -type f -name "*.md" | xargs grep -l "dependency\|require" 2>/dev/null | head -10

Repository: credebl/platform

Length of output: 230

---

Document the rationale for Node >=24 requirement in CHANGELOG or migration guide.

Bumping from Node >=18 to >=24 is a major breaking change (+6 major versions) with no documented justification. No Node 24-specific features or dependencies are evident in the codebase. Add a CHANGELOG entry explaining the requirement and provide migration guidance for users currently on Node 18–23.

🤖 Prompt for AI Agents

In package.json at line 211, the Node engine requirement was bumped to ">=24"
without explanation; add a CHANGELOG entry (or a dedicated migration guide)
documenting the rationale and migration steps: state why Node 24 is required
(language/runtime features, V8 behavior, dependency minimums, security fixes, or
performance improvements), list any package or native dependency that mandates
v24 and the exact features used, provide step-by-step migration guidance for
users on Node 18–23 (how to upgrade Node, test matrix, recommended
pins/workarounds, and CI changes), include expected timelines or deprecation
notices and sample commands to verify the app on Node 24, and reference tests or
CI badges proving compatibility; commit the new CHANGELOG/migration markdown and
link it from README or upgrade notes.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud