chore: Move to pnpm 10 #2836

dominic-clerk · 2025-11-26T11:32:29Z

🔎 Previews:

What does this solve?

Safer defaults for increased supply chain security

Related to https://linear.app/clerk/issue/SEC-210/add-minimumreleaseage-to-all-projects-using-npm

Related to https://linear.app/clerk/issue/SEC-209/enforce-pnpm-10-in-vercel-environments

What changed?

Move to pnpm 10 and delay package updates

Checklist

I have clicked on "Files changed" and performed a thorough self-review
All existing checks pass

vercel · 2025-11-26T11:32:34Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
clerk-docs	Ready	Preview	Dec 18, 2025 6:28pm

NWylynko · 2025-12-05T15:54:15Z

The preview is broken

The site can't load the redirects

The output folder is looking completely off from what it should be

Typical PR	This PR

dominic-clerk · 2025-12-05T16:15:41Z

Oh wow ok thanks I'll have a look

dominic-clerk · 2025-12-10T14:13:15Z

I was thinking that maybe some of the lifecycle scripts were necessary so I allow-listed them but Vercel still refuses to see any of the settings I added to the workspace file and/or the package.json

╭ Warning ─────────────────────────────────────────────────────────────────────╮
│                                                                              │
│   Ignored build scripts: bun, esbuild.                                       │
│   Run "pnpm approve-builds" to pick which dependencies should be allowed     │
│   to run scripts.                                                            │
│                                                                              │
╰──────────────────────────────────────────────────────────────────────────────╯

I don't understand what's the problem and it all works fine locally. I'll give it another debugging round later.

NWylynko · 2025-12-10T20:01:00Z

If buns causing issues can just use tsx which should work, thou it does mean slower builds.

dominic-clerk · 2025-12-18T18:11:56Z

So it's really because Vercel is completely ignoring the fact that we allow-listed the bun lifecycle scripts.

I made this use tsx for now and I'll follow-up with Vercel support and try to figure out what's wrong here.

dominic-clerk · 2025-12-18T18:12:19Z

@NWylynko ready for your review again 🙇

NWylynko · 2025-12-18T18:15:26Z

pnpm-workspace.yaml

+onlyBuiltDependencies:
+  - bun


is this still needed?

It makes it so that pnpm run build actually works locally and I'd like to have it to show Vercel support the configuration that should work.

NWylynko · 2025-12-18T18:16:30Z

It would be good to also update the contributing.md anywhere it says to use npm when working on the docs to instead use pnpm

dominic-clerk · 2025-12-18T18:28:17Z

Good catch for the contributing ! I will modify this as well once this merges https://github.com/clerk/clerk?tab=readme-ov-file#5-optional-set-up-local-docs

dominic-clerk · 2025-12-18T18:34:24Z

Ok now the test fails even though the last commit was unrelated :(

dominic-clerk requested a review from a team as a code owner November 26, 2025 11:32

vercel bot deployed to Preview November 26, 2025 11:32 View deployment

dominic-clerk marked this pull request as draft November 26, 2025 11:34

vercel bot had a problem deploying to Preview November 26, 2025 11:42 Failure

vercel bot deployed to Preview November 26, 2025 12:00 View deployment

dominic-clerk force-pushed the dc-pnpm-10 branch from 72b4d62 to 16af8d7 Compare December 4, 2025 18:19

vercel bot had a problem deploying to Preview December 4, 2025 18:23 Failure

dominic-clerk force-pushed the dc-pnpm-10 branch from 16af8d7 to dc1de6e Compare December 5, 2025 05:27

vercel bot had a problem deploying to Preview December 5, 2025 05:30 Failure

dominic-clerk force-pushed the dc-pnpm-10 branch from dc1de6e to 79614d0 Compare December 5, 2025 06:11

vercel bot had a problem deploying to Preview December 5, 2025 06:15 Failure

dominic-clerk force-pushed the dc-pnpm-10 branch from 79614d0 to efbcfdc Compare December 5, 2025 06:20

vercel bot had a problem deploying to Preview December 5, 2025 06:24 Failure

dominic-clerk force-pushed the dc-pnpm-10 branch from efbcfdc to 0212425 Compare December 5, 2025 06:27

vercel bot deployed to Preview December 5, 2025 06:28 View deployment

dominic-clerk marked this pull request as ready for review December 5, 2025 06:29

NWylynko self-requested a review December 5, 2025 16:01

SarahSoutoul assigned SarahSoutoul and unassigned SarahSoutoul Dec 5, 2025

dominic-clerk force-pushed the dc-pnpm-10 branch from 0212425 to af65ce6 Compare December 9, 2025 16:39

vercel bot deployed to Preview December 9, 2025 16:39 View deployment

dominic-clerk force-pushed the dc-pnpm-10 branch from af65ce6 to eea429e Compare December 10, 2025 10:57

vercel bot deployed to Preview December 10, 2025 10:58 View deployment

vercel bot deployed to Preview December 10, 2025 11:06 View deployment

dominic-clerk force-pushed the dc-pnpm-10 branch from bcb5571 to f5a0bfd Compare December 10, 2025 11:10

vercel bot deployed to Preview December 10, 2025 11:11 View deployment

dominic-clerk force-pushed the dc-pnpm-10 branch from f5a0bfd to 7849ef6 Compare December 10, 2025 11:15

vercel bot deployed to Preview December 10, 2025 11:15 View deployment

vercel bot deployed to Preview December 10, 2025 11:48 View deployment

vercel bot deployed to Preview December 10, 2025 12:31 View deployment

vercel bot deployed to Preview December 10, 2025 14:11 View deployment

dominic-clerk force-pushed the dc-pnpm-10 branch from 62580ba to bf81aa0 Compare December 18, 2025 17:18

vercel bot had a problem deploying to Preview December 18, 2025 17:19 Failure

dominic-clerk force-pushed the dc-pnpm-10 branch from bf81aa0 to 2e14c6c Compare December 18, 2025 17:25

vercel bot had a problem deploying to Preview December 18, 2025 17:25 Failure

dominic-clerk force-pushed the dc-pnpm-10 branch from 2e14c6c to 6345fcb Compare December 18, 2025 17:26

vercel bot deployed to Preview December 18, 2025 17:27 View deployment

vercel bot deployed to Preview December 18, 2025 17:35 View deployment

vercel bot had a problem deploying to Preview December 18, 2025 17:40 Failure

vercel bot deployed to Preview December 18, 2025 17:44 View deployment

vercel bot deployed to Preview December 18, 2025 17:56 View deployment

vercel bot deployed to Preview December 18, 2025 18:00 View deployment

vercel bot deployed to Preview December 18, 2025 18:02 View deployment

chore: Move to pnpm 10

7acdd0e

dominic-clerk force-pushed the dc-pnpm-10 branch from 28c9c24 to 7acdd0e Compare December 18, 2025 18:06

vercel bot deployed to Preview December 18, 2025 18:07 View deployment

NWylynko reviewed Dec 18, 2025

View reviewed changes

Change references to npm

cfa85dd

vercel bot deployed to Preview December 18, 2025 18:28 View deployment

		onlyBuiltDependencies:
		- bun

chore: Move to pnpm 10 #2836

Are you sure you want to change the base?

chore: Move to pnpm 10 #2836

Uh oh!

Conversation

dominic-clerk commented Nov 26, 2025

🔎 Previews:

What does this solve?

What changed?

Checklist

Uh oh!

vercel bot commented Nov 26, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

NWylynko commented Dec 5, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

dominic-clerk commented Dec 5, 2025

Uh oh!

dominic-clerk commented Dec 10, 2025

Uh oh!

NWylynko commented Dec 10, 2025

Uh oh!

dominic-clerk commented Dec 18, 2025

Uh oh!

dominic-clerk commented Dec 18, 2025

Uh oh!

NWylynko Dec 18, 2025

Choose a reason for hiding this comment

Uh oh!

dominic-clerk Dec 18, 2025

Choose a reason for hiding this comment

Uh oh!

NWylynko commented Dec 18, 2025

Uh oh!

dominic-clerk commented Dec 18, 2025

Uh oh!

dominic-clerk commented Dec 18, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

vercel bot commented Nov 26, 2025 •

edited

Loading

NWylynko commented Dec 5, 2025 •

edited

Loading