Add lockfile freshness validation to plugin-ci workflow

When pnpm-lock.yaml has overrides section, validate that lockfile is fresh before install. If stale (detected via CONFIG_MISMATCH), fail with clear error message suggesting 'pnpm install' to regenerate. Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-05-12 21:59:56 +00:00
parent 4332b7a489
commit 4f3e3e8d2c
1 changed files with 11 additions and 0 deletions
@@ -79,6 +79,17 @@ jobs:
            echo "has_package_manager=false" >> $GITHUB_OUTPUT
          fi

+      - name: Validate pnpm lockfile freshness
+        if: steps.pkg-manager.outputs.manager == 'pnpm'
+        run: |
+          if [ -f "pnpm-lock.yaml" ] && grep -q '^overrides:' pnpm-lock.yaml 2>/dev/null; then
+            echo "Checking pnpm-lock.yaml freshness (overrides detected)"
+            if pnpm install --frozen-lockfile --dry-run 2>&1 | grep -q "CONFIG_MISMATCH"; then
+              echo "::error::pnpm-lock.yaml is out of sync with package.json overrides. Run 'pnpm install' to regenerate the lockfile."
+              exit 1
+            fi
+          fi
+
      - name: Setup Node
        uses: actions/setup-node@v6
        with: