Skip to content

Eagerly provision the project's pinned Node + caching/compat fixes#3

Merged
colinhacks merged 1 commit into
mainfrom
eager-provision-dx-fixes
Jun 22, 2026
Merged

Eagerly provision the project's pinned Node + caching/compat fixes#3
colinhacks merged 1 commit into
mainfrom
eager-provision-dx-fixes

Conversation

@colinhacks

Copy link
Copy Markdown
Contributor

Implements a batch of DX fixes from the setup-nub audit. The headline change makes Node provisioning eager by default so build steps run warm.

What changed

  • Eager Node provisioning (B2). The provision step previously only ran when node-version/node-version-file was set; with empty inputs it provisioned nothing and the project's Node downloaded lazily mid-build. It now runs unconditionally:
    • No inputs (common case) → bare nub node install, which resolves the full pin chain (devEngines.runtime.node-version.nvmrcengines.node), resolves ranges against the live Node index, and installs the concrete version up front.
    • A project with no pin is detected from the engine's "no Node pin" message and skipped gracefully (friendly note, exit 0) — it never fails the action. Any other failure emits a ::warning:: and nub falls back to lazy provisioning at runtime.
    • An explicit node-version / node-version-file still wins as a warm-up override; the project-pin mismatch warning and Windows backslash-normalization of nub node which are preserved, and the node-version output still populates.
  • Checkout-first (B2 doc). Eager provisioning reads the project's pin files off disk, so actions/checkout must run before setup-nub. Documented prominently in the README; the step also emits a soft ::warning:: when none of package.json / .node-version / .nvmrc is present (hinting at a missing checkout) — it does not fail.
  • node-version-file JSON reads devEngines.runtime first (S6). For a *.json file it now prefers devEngines.runtime.version, then falls back to engines.node — not just engines.node.
  • cache value-type compat shim (S3). setup-node's cache takes a PM name; setup-nub's is a boolean. A new normalize step treats any non-empty value that isn't false as truthy (so a drop-in cache: npm enables caching) and emits an informational note when a PM name is passed. The three cache steps now gate on this normalized flag.
  • Wording fix (S5). "project-level .npmrc" → "temporary user-level .npmrc (via NPM_CONFIG_USERCONFIG)" in action.yml input descriptions and the README (it writes to $RUNNER_TEMP/.npmrc, not a project file).
  • Example fix (S1). The nub-version description's ^0.0 example → ^0.1.0.

Verification

  • actionlint clean on smoke.yml apart from the pre-existing SC2193/SC2016 style warnings the file already carries (the one new SC2193 is the identical == 20* comparison pattern already used in the pre-provision job).
  • Both new shell scripts (cacheflag, provision) pass shellcheck -s bash with no findings; the set -euo pipefail interactions on the tolerated-failure paths (no-pin skip, empty-out short-circuit, || rc=$? capture) were verified empirically.
  • The "no Node pin" detection string was grounded against the engine source (manage::install_from_pin emits "... no version given and no Node pin (devEngines.runtime, ...").
  • Smoke jobs added:
    • eager-provision — no node-version input on a .node-version-pinned fixture; asserts nub node ls shows the pinned 20.x and the node-version output is populated (proves eager provision fired).
    • no-pin — a pin-less fixture; asserts the action does not fail.

Recommend-only follow-ups (maintainer-owned)

  • S2 — flip the cache default to true. The S3 truthiness shim is included here, but flipping the default from false to true is a user-facing default the maintainer owns; not changed in this PR. Recommended as a follow-up.
  • Release / v0 tag. The README already references @v0; cutting the v0 release/tag is left to the maintainer post-merge.

Provision Node unconditionally so later build steps are warm instead of
paying a lazy Node download mid-build:

- B2: drop the `if:` guard on the provision step. With no inputs (the
  common case) run a bare `nub node install`, which resolves the full pin
  chain (devEngines.runtime -> .node-version -> .nvmrc -> engines.node)
  and installs the concrete version. A no-pin project is detected from the
  "no Node pin" message and skipped gracefully (no failure); any other
  failure is a warning and nub provisions lazily at runtime. An explicit
  node-version / node-version-file still wins as a warm-up override.
- B2 doc: document checkout-first (the provision reads pin files off disk)
  in the README, and add a soft ::warning:: when no package.json /
  .node-version / .nvmrc is present in the working directory.
- S6: when reading a *.json node-version-file, prefer
  devEngines.runtime.version, then fall back to engines.node.
- S3: cache input compat shim — treat any non-empty value that isn't
  `false` as truthy (so a setup-node-style `cache: npm` enables caching),
  and emit an informational note when a PM name is passed.
- S5: correct the "project-level .npmrc" wording to "temporary user-level
  .npmrc (via NPM_CONFIG_USERCONFIG)" in action.yml and README.
- S1: fix the `^0.0` example in the nub-version description to `^0.1.0`.

Smoke: add an eager-provision job (no node-version input on a pinned
fixture, asserts the pin is installed + emitted) and a no-pin job
(asserts the action does not fail without a pin).
Copilot AI review requested due to automatic review settings June 22, 2026 18:00

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot was unable to review this pull request because the user who requested the review has reached their quota limit.

@colinhacks colinhacks merged commit 2883353 into main Jun 22, 2026
24 checks passed
@colinhacks colinhacks deleted the eager-provision-dx-fixes branch June 22, 2026 18:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants