Chore: Corepack set, permissions updates

[black7375]

Description

Attempt to fix it for changeset again

Related Issue

• Changeset Versioning PR #118

Summary by CodeRabbit

• Chores
  • Updated default cache paths to include both root and recursive .cache directories for improved caching.
  • Enhanced Yarn cache directory setup to ensure Corepack is enabled before querying Yarn configuration.
  • Refined workflow permissions for the release process to use more granular access controls.
  • Updated and streamlined package scripts for building, versioning, and publishing, and removed an unused script.

Additional context

Checklist

[changeset-bot]

⚠️ No Changeset found

Latest commit: 16e5b31

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

This set of changes updates several workflow and configuration files. The .github/actions/cache-dir/action.yml action now caches both the root .cache directory and all nested .cache directories by default. The .github/actions/node-setup/action.yml action explicitly enables Corepack before retrieving the Yarn cache directory. The fast-forward.yml workflow's permissions are refined from a broad write-all to explicit write permissions for specific resources. In package.json, multiple script commands are updated for consistency, efficiency, and explicit Yarn usage, with some scripts consolidated or removed.

Changes

File(s)	Change Summary
.github/actions/cache-dir/action.yml	Default cache paths updated from a single string to a multi-line string including both .cache and **/.cache; the cache step now uses a multi-line literal for path.
.github/actions/node-setup/action.yml	Added an explicit corepack enable step before retrieving Yarn's cache folder; command changed to a multi-line shell script.
.github/workflows/fast-forward.yml	Permissions for the release job changed from write-all to explicit write permissions for contents, issues, pull-requests, packages, and statuses.
package.json	Updated several scripts: "task" now explicitly uses Yarn, "build:release" is consolidated and sets an environment variable, "changeset" script removed, "changeset:version" now uses Yarn.

Sequence Diagram(s)

sequenceDiagram
    participant Workflow
    participant CacheDirAction
    participant NodeSetupAction
    participant Yarn
    participant Corepack

    Workflow->>CacheDirAction: Run with default paths (.cache, **/.cache)
    CacheDirAction->>CacheDirAction: Cache both root and nested .cache dirs

    Workflow->>NodeSetupAction: Setup Node and Yarn
    NodeSetupAction->>Corepack: Enable Corepack
    NodeSetupAction->>Yarn: Get cacheFolder

    Workflow->>package.json: Run scripts (task, build:release, changeset:version)
    package.json->>Yarn: Execute turbo, build, pack, etc.

Loading

Possibly related PRs

• Fix: Changeset - More permissions #169: Both PRs modify the permissions in .github/workflows/fast-forward.yml, focusing on refining and specifying workflow permissions for the release job.

Poem

In the warren of code where the caches reside,
Now both root and the wildest .cache can't hide.
With Corepack enabled, Yarn finds its way,
Permissions are tidy—just what workflows say.
Scripts hop along, more nimble and neat,
This rabbit approves—what a streamlined feat!
🐇✨

Tip

⚡💬 Agentic Chat (Pro Plan, General Availability)

• We're introducing multi-step agentic chat in review comments and issue comments, within and outside of PR's. This feature enhances review and issue discussions with the CodeRabbit agentic chat by enabling advanced interactions, including the ability to create pull requests directly from comments and add commits to existing pull requests.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

Triggered from #187 by @​black7375.

Checking if we can fast forward main (d840ee2) to build-system (16e5b31).

Target branch (main):

commit d840ee2979fe23a0ddd97b9e182638b94ccf0d98 (HEAD -> main, origin/main)
Author: alstjr7375 <alstjr7375@daum.net>
Date:   Sun Apr 20 02:13:21 2025 +0900

    Chore: Internal resolution error at node16 packages #184

Pull request (build-system):

commit 16e5b31d559fa2e00733e846de02c9bb3a62093a (pull_request/build-system)
Author: alstjr7375 <alstjr7375@daum.net>
Date:   Sun Apr 20 04:15:16 2025 +0900

    Chore: Corepack set, permissions updates

It is possible to fast forward main (d840ee2) to build-system (16e5b31). If you have write access to the target repository, you can add a comment with /fast-forward to fast forward main to build-system.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

package.json (1)

29-29: Refactor the build:release script for maintainability.
The current one-liner is hard to read and prone to quoting issues. Consider breaking it into smaller scripts or an external shell file to improve clarity and cross‑platform support.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d840ee2 and 16e5b31.

📒 Files selected for processing (4)

• .github/actions/cache-dir/action.yml (2 hunks)
• .github/actions/node-setup/action.yml (1 hunks)
• .github/workflows/fast-forward.yml (1 hunks)
• package.json (2 hunks)

🔇 Additional comments (6)

.github/workflows/fast-forward.yml (1)

108-113: Scope down permissions to principle of least privilege.
Replacing write-all with explicit write permissions for contents, issues, pull‑requests, packages, and statuses reduces risk by only granting what's needed. Verify if any additional scopes (e.g., id-token for OIDC or deployment permissions) are required by downstream steps.

.github/actions/node-setup/action.yml (1)

17-19: Enable Corepack before querying Yarn cache.
Adding corepack enable ensures the subsequent yarn config get cacheFolder call succeeds across environments.

.github/actions/cache-dir/action.yml (2)

11-13: Expand default cache paths for root and nested .cache.
Switching the paths default to a multi-line literal with both .cache and **/.cache improves cache hit rates by covering all common locations.

---

26-27: Align the path input with multi-line defaults.
Using a YAML literal block for ${{ inputs.paths }} correctly propagates all specified cache directories to the actions/cache step.

package.json (2)

12-12: Explicit Yarn invocation for the task script.
Prefixing turbo run with yarn ensures consistent use of the repository’s package manager and uses the configured cache directory.

---

30-30: Update the changeset version script.
Switching to yarn changeset version aligns with other Yarn‑prefixed scripts. Please confirm there are no references to the removed standalone changeset script elsewhere.

[black7375]

/fast-forward

[github-actions]

Triggered from #187 (comment) by @​black7375.

Trying to fast forward main (d840ee2) to build-system (16e5b31).

Target branch (main):

commit d840ee2979fe23a0ddd97b9e182638b94ccf0d98 (HEAD -> main, origin/main)
Author: alstjr7375 <alstjr7375@daum.net>
Date:   Sun Apr 20 02:13:21 2025 +0900

    Chore: Internal resolution error at node16 packages #184

Pull request (build-system):

commit 16e5b31d559fa2e00733e846de02c9bb3a62093a (pull_request/build-system)
Author: alstjr7375 <alstjr7375@daum.net>
Date:   Sun Apr 20 04:15:16 2025 +0900

    Chore: Corepack set, permissions updates

Fast forwarding main (d840ee2) to build-system (16e5b31).

$ git push origin 16e5b31d559fa2e00733e846de02c9bb3a62093a:main
To https://github.com/mincho-js/mincho.git
   d840ee2..16e5b31  16e5b31d559fa2e00733e846de02c9bb3a62093a -> main