Add automated pnpm-lock.yaml conflict resolution workflow

.github/WORKFLOWS.md

@@ -240,6 +240,51 @@ Generates and updates CHANGELOG.md from git history.
 
 **Note**: Requires `cliff.toml` configuration file for customization.
 
+### 13. Auto-fix pnpm-lock.yaml Conflicts
+
+**File**: `pnpm-lock-autofix.yml`  
+**Triggers**: Pull Requests (when pnpm-lock.yaml or package.json files change)
+
+Automatically detects and resolves `pnpm-lock.yaml` merge conflicts.
+
+**What It Does**:
+1. Detects when a PR has merge conflicts with the base branch
+2. Checks if the conflict is only in `pnpm-lock.yaml`
+3. Automatically regenerates the lockfile by running `pnpm install`
+4. Commits and pushes the resolved lockfile back to the PR
+5. Notifies the PR author with a comment
+
+**When It Runs**:
+- When a PR is opened, synchronized, or reopened
+- Only if `pnpm-lock.yaml` or any `package.json` files are modified
+- Only for PRs from the same repository (not forks, for security)
+
+**Behavior**:
+
+```mermaid
+graph TD
+    A[PR Updated] --> B{Has merge conflicts?}
+    B -->|No| C[Skip - No action needed]
+    B -->|Yes| D{Only pnpm-lock.yaml?}
+    D -->|Yes| E[Regenerate lockfile]
+    E --> F[Commit & Push]
+    F --> G[Comment: Success]
+    D -->|No| H[Comment: Manual resolution needed]
+```
+
+**Benefits**:
+- Eliminates manual resolution of lockfile conflicts
+- Reduces merge friction in monorepo environments
+- Saves developer time on routine lockfile conflicts
+- Ensures lockfile consistency across branches
+
+**When Manual Resolution Is Needed**:
+- If conflicts exist in files other than `pnpm-lock.yaml`
+- If the PR is from a fork (security restriction)
+- If `pnpm install` fails for any reason
+
+**Security**: Only runs on PRs from the same repository to prevent malicious code execution from forks.
+
 ## Security Features
 
 ### CodeQL Analysis
@@ -316,6 +361,10 @@ Add these badges to show workflow status:
 **Problem**: CodeQL analysis fails
 - **Solution**: Check for syntax errors, review CodeQL logs
 
+**Problem**: pnpm-lock.yaml merge conflicts
+- **Solution**: The `pnpm-lock-autofix.yml` workflow automatically resolves these conflicts
+- **Manual Fix**: Run `pnpm install --no-frozen-lockfile` and commit the updated lockfile
+
 ### Getting Help
 
 - Check [GitHub Actions documentation](https://docs.github.com/en/actions)
@@ -347,6 +396,7 @@ Potential workflow additions:
 - [ ] Integration tests with examples
 - [ ] Automated component documentation generation
 - [ ] npm package publishing automation
+- [x] Automatic pnpm-lock.yaml conflict resolution (implemented)
 
 ## Resources
 

.github/workflows/pnpm-lock-autofix.yml

@@ -0,0 +1,185 @@
+name: Auto-fix pnpm-lock.yaml Conflicts
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+    paths:
+      - 'pnpm-lock.yaml'
+      - 'package.json'
+      - '**/package.json'
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  autofix-lockfile:
+    name: Auto-fix pnpm-lock.yaml
+    runs-on: ubuntu-latest
+
+    # Only run on PRs from the same repository (not forks) for security
+    if: github.event.pull_request.head.repo.full_name == github.repository
+
+    steps:
+      - name: Checkout PR branch
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+          fetch-depth: 0
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Configure Git
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+
+      - name: Check for merge conflicts
+        id: check_conflicts
+        run: |
+          # Fetch the base branch
+          git fetch origin ${{ github.event.pull_request.base.ref }}
+
+          # Try to merge base into current branch
+          if git merge --no-commit --no-ff origin/${{ github.event.pull_request.base.ref }} 2>&1 | tee merge_output.txt; then
+            echo "has_conflicts=false" >> $GITHUB_OUTPUT
+            git merge --abort 2>/dev/null || true
+          else
+            # Check if conflicts exist
+            if grep -q "CONFLICT" merge_output.txt; then
+              echo "has_conflicts=true" >> $GITHUB_OUTPUT
+
+              # Check if pnpm-lock.yaml has conflicts
+              if git status | grep -q "pnpm-lock.yaml"; then
+                echo "lockfile_conflict=true" >> $GITHUB_OUTPUT
+              else
+                echo "lockfile_conflict=false" >> $GITHUB_OUTPUT
+              fi
+
+              git merge --abort 2>/dev/null || true
+            else
+              echo "has_conflicts=false" >> $GITHUB_OUTPUT
+            fi
+          fi
+
+      - name: Setup pnpm
+        if: steps.check_conflicts.outputs.lockfile_conflict == 'true'
+        uses: pnpm/action-setup@v4
+        with:
+          version: 10
+
+      - name: Setup Node.js
+        if: steps.check_conflicts.outputs.lockfile_conflict == 'true'
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20.x'
+          cache: 'pnpm'
+
+      - name: Resolve lockfile conflicts
+        if: steps.check_conflicts.outputs.lockfile_conflict == 'true'
+        id: resolve
+        run: |
+          echo "🔧 Attempting to resolve pnpm-lock.yaml conflicts..."
+
+          # Merge the base branch
+          git merge origin/${{ github.event.pull_request.base.ref }} || true
+
+          # Check if only pnpm-lock.yaml has conflicts
+          CONFLICT_FILES=$(git diff --name-only --diff-filter=U)
+          echo "Conflicted files: $CONFLICT_FILES"
+
+          # Only proceed if pnpm-lock.yaml is the only conflicted file
+          if [ "$CONFLICT_FILES" = "pnpm-lock.yaml" ]; then
+            echo "Only pnpm-lock.yaml has conflicts. Regenerating lockfile..."
+
+            # Remove the conflicted lockfile
+            # We remove it completely to let pnpm regenerate from package.json files
+            # This ensures both branches' dependency changes are merged correctly
+            rm -f pnpm-lock.yaml
+
+            # Regenerate the lockfile
+            pnpm install --no-frozen-lockfile
+
+            # Check if lockfile was modified
+            if git diff --quiet pnpm-lock.yaml; then
+              echo "resolved=false" >> $GITHUB_OUTPUT
+              echo "reason=no_changes" >> $GITHUB_OUTPUT
+            else
+              # Stage and commit the resolved lockfile
+              git add pnpm-lock.yaml
+              git commit -m "chore: auto-resolve pnpm-lock.yaml conflicts" \
+                         -m "" \
+                         -m "Automatically regenerated pnpm-lock.yaml to resolve merge conflicts." \
+                         -m "" \
+                         -m "Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>"
+
+              git push origin ${{ github.event.pull_request.head.ref }}
+
+              echo "resolved=true" >> $GITHUB_OUTPUT
+              echo "✅ Successfully resolved and pushed pnpm-lock.yaml"
+            fi
+          else
+            echo "⚠️ Multiple files have conflicts. Manual resolution required."
+            echo "Conflicted files:"
+            echo "$CONFLICT_FILES"
+            echo "resolved=false" >> $GITHUB_OUTPUT
+            echo "reason=multiple_conflicts" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Comment on PR - Success
+        if: steps.resolve.outputs.resolved == 'true'
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const message = `🤖 **Auto-fix Applied**
+
+            ✅ Successfully resolved \`pnpm-lock.yaml\` merge conflicts!
+
+            The lockfile has been automatically regenerated and committed to this PR. 
+            Please review the changes and re-run any necessary checks.
+
+            <details>
+            <summary>What happened?</summary>
+
+            When merging branches, \`pnpm-lock.yaml\` conflicts are common because multiple branches may have updated dependencies independently. This automation detected the conflict and regenerated the lockfile by running \`pnpm install\`, which merges the dependency changes from both branches.
+
+            </details>`;
+
+            await github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: message
+            });
+
+      - name: Comment on PR - Multiple Conflicts
+        if: steps.resolve.outputs.reason == 'multiple_conflicts'
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const message = `🤖 **Auto-fix Skipped**
+
+            ⚠️ This PR has merge conflicts in multiple files, not just \`pnpm-lock.yaml\`.
+
+            **Action Required**: Please resolve the conflicts manually:
+
+            \`\`\`bash
+            # Merge the base branch into your branch
+            git fetch origin
+            git merge origin/${{ github.event.pull_request.base.ref }}
+
+            # Resolve conflicts in other files first
+            # Then regenerate pnpm-lock.yaml
+            pnpm install --no-frozen-lockfile
+
+            # Commit and push
+            git add .
+            git commit -m "chore: resolve merge conflicts"
+            git push
+            \`\`\``;
+
+            await github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: message
+            });

CONTRIBUTING.md

@@ -14,6 +14,7 @@ Thank you for your interest in contributing to Object UI! This document provides
 - [Pull Request Process](#pull-request-process)
 - [Documentation](#documentation)
 - [Adding Components](#adding-components)
+- [Troubleshooting](#troubleshooting)
 - [Questions & Support](#questions--support)
 
 ## Getting Started
@@ -368,6 +369,24 @@ Our repository includes several automated GitHub workflows that will run when yo
 - **Auto-labeling**: Automatically labels PRs based on changed files
 - **Bundle Size**: Reports bundle size changes in PR comments
 - **PR Checks**: Validates PR requirements and posts status
+- **Lockfile Auto-fix**: Automatically resolves `pnpm-lock.yaml` merge conflicts
+
+#### Lockfile Conflict Resolution
+
+When you create a PR that has merge conflicts in `pnpm-lock.yaml`, our automation will:
+
+1. **Detect the conflict** automatically
+2. **Regenerate the lockfile** by running `pnpm install`
+3. **Commit the fix** back to your PR branch
+4. **Notify you** with a comment explaining what happened
+
+**What this means for you:**
+- No need to manually resolve `pnpm-lock.yaml` conflicts
+- Your PR will be automatically updated with the resolved lockfile
+- You can focus on code changes, not dependency conflicts
+
+**When manual resolution is needed:**
+If your PR has conflicts in files **other than** `pnpm-lock.yaml`, the automation will notify you with instructions for manual resolution.
 
 #### What to Expect
 1. All checks must pass before merging
@@ -569,6 +588,62 @@ git push origin feat/add-date-picker
 
 5. **Add documentation** in `docs/components/my-component.md`
 
+## Troubleshooting
+
+### pnpm-lock.yaml Conflicts
+
+**Problem**: You have merge conflicts in `pnpm-lock.yaml`
+
+**Solution**: Our automated workflow will resolve this for you! Just wait for the bot to regenerate and commit the lockfile.
+
+**Manual Resolution** (if needed):
+```bash
+# Update your branch with the latest changes from main
+git fetch origin
+git merge origin/main
+
+# If only pnpm-lock.yaml has conflicts, regenerate it
+pnpm install --no-frozen-lockfile
+
+# Commit and push
+git add pnpm-lock.yaml
+git commit -m "chore: resolve pnpm-lock.yaml conflicts"
+git push
+```
+
+### Dependency Issues
+
+**Problem**: `pnpm install` fails or dependencies are missing
+
+**Solution**:
+```bash
+# Clear cache and reinstall
+rm -rf node_modules
+rm -rf .pnpm-store
+pnpm store prune
+pnpm install
+```
+
+### Build Failures
+
+**Problem**: `pnpm build` fails with errors
+
+**Solution**:
+1. Check TypeScript errors: Run `pnpm build` in the specific package
+2. Ensure dependencies are installed: `pnpm install`
+3. Clear build artifacts: `rm -rf dist` in the package directory
+4. Rebuild: `pnpm build`
+
+### Test Failures
+
+**Problem**: Tests are failing locally but pass in CI
+
+**Solution**:
+1. Ensure you're on the correct Node.js version (18.x or 20.x)
+2. Clear test cache: `pnpm test --clearCache` (if using Jest)
+3. Update snapshots if needed: `pnpm test -u`
+4. Ensure all dependencies are installed: `pnpm install`
+
 ## Questions & Support
 
 ### Where to Ask Questions