Skip to content

fix(ci): pin Dependabot npm registry#18

Merged
vincentkoc merged 1 commit into
mainfrom
fix/dependabot-npm-registry
Jun 27, 2026
Merged

fix(ci): pin Dependabot npm registry#18
vincentkoc merged 1 commit into
mainfrom
fix/dependabot-npm-registry

Conversation

@vincentkoc

Copy link
Copy Markdown
Member

Summary

  • Pin npm automation to the public npm registry in .npmrc.
  • Add an Unreleased changelog note for the automation fix.

Validation

  • pnpm config get registry -> https://registry.npmjs.org/
  • git diff --check

Impact

Prevents Dependabot/pnpm from resolving public scoped packages such as @types/node through GitHub Packages, which caused the dynamic Dependabot update job to fail.

@clawsweeper

clawsweeper Bot commented Jun 27, 2026

Copy link
Copy Markdown

ClawSweeper status: review started.

I am starting a fresh review of this pull request: fix(ci): pin Dependabot npm registry This is item 1/1 in the current shard. Shard 0/1.

This placeholder means the worker is alive and reading the current context. I will edit this same comment with the actual review when the claws are done clicking.

Crustacean status: shell secured, claws on keyboard, evidence pebbles being sorted.

@vincentkoc vincentkoc merged commit 8ffb440 into main Jun 27, 2026
12 checks passed
@vincentkoc vincentkoc deleted the fix/dependabot-npm-registry branch June 27, 2026 15:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant