Latest Results
chore: enable more clippy restriction lints
Enable `allow_attributes` + `allow_attributes_without_reason` so every
suppressed lint is an `#[expect(..., reason = "...")]` that errors when it
goes stale, plus `assertions_on_result_states`, `cfg_not_test`,
`format_push_string`, `infinite_loop`, `multiple_unsafe_ops_per_block`,
`mutex_atomic`, `pathbuf_init_then_push`, `renamed_function_params`,
`return_and_then`, `unnecessary_self_imports`, `unused_result_ok`,
`unused_trait_names`, and `verbose_file_reads`.
Cleanups driven by the new lints:
- Import traits used only for their methods as `use Trait as _`.
- Convert every `#[allow]` to `#[expect]` with a reason; two turned out
to be stale (`MemoryFS::new`/`add_file` `dead_code`) and are removed,
and `shares_cache_with` is now gated `cfg(all(test, feature =
"yarn_pnp"))` instead of allowing `dead_code`.
- Replace `assert!(r.is_err())` with `r.unwrap_err()` in tests so
failures print the unexpected `Ok` value.
- Flatten `.and_then` chains in return position with `?`.
- `cached_path.to_path_buf()` + `push("")` -> `path().join("")`.
- BOM replacement writes `s[..3].fill(b' ')` instead of three indexed
stores.
- Match std trait parameter names in `IdentityHasher`. ci: publish with pnpm so workspace catalog: specifiers are resolved (#1293)
Fixes #1292
Since the Vite+ migration, the repo-root `package.json` (which is the
published `oxc-resolver` manifest) contains `"vite-plus": "catalog:"` in
`devDependencies`. The publish step copies it to `napi/` and publishes
with `npm publish`, which does not understand pnpm's workspace-only
`catalog:` protocol, so the raw specifier shipped verbatim in 11.20.0,
11.21.2, 11.21.3, 11.22.0, and 11.23.0. Consumers whose pnpm resolves
manifests without a lockfile (e.g. legacy `pnpm deploy`) then fail with
`ERR_PNPM_CATALOG_ENTRY_NOT_FOUND_FOR_SPEC`.
Changes to the publish job, mirroring oxc's `reusable_release_napi.yml`:
- Publish the root package with `pnpm publish` instead of `npm publish`.
pnpm replaces `catalog:`/`workspace:` specifiers with concrete versions
at pack time (verified locally: the packed manifest contains
`"vite-plus": "^0.2.0"`). `--no-git-checks` is needed because the tree
is dirty at publish time (copied `napi/package.json`, downloaded
artifacts).
- Add a guard that packs the package and fails the job if any
`catalog:`/`workspace:` specifier remains in the packed `package.json`,
so this class of bug can't ship silently again (it went unnoticed for 5
releases).
Side effect: `pnpm pack` includes the workspace-root `LICENSE` in the
tarball, which the npm package currently lacks.
The platform sub-packages (`@oxc-resolver/binding-*`) are unaffected โ
their manifests are generated by the napi CLI with concrete versions,
and `napi pre-publish` is unchanged.
The already-published affected versions are immutable; the fix takes
effect with the next release. Latest Branches
-3%
+5%
ci/drop-npm-latest-install -6%
release-plz-2026-07-03T16-00-13Z ยฉ 2026 CodSpeed Technology