chore: add pnpm workspace configuration for backend, rocketadmin-agent, and shared-code packages

[Artuomka]

Summary by CodeRabbit

• Chores
  • Updated package management infrastructure and build toolchain across development and production environments
  • Modified Docker configurations, continuous integration workflows, and deployment scripts to reflect updated tooling
  • Adjusted monorepo workspace configuration and dependency resolution settings

[coderabbitai]

📝 Walkthrough

Walkthrough

The PR implements a comprehensive migration from Yarn to pnpm as the package manager across the entire monorepo. This includes updating CI/CD workflows, removing Yarn-specific configurations, adding pnpm workspace definitions, modifying all Docker builds and deployment scripts, and systematically replacing package manager invocations in documentation and configuration files.

Changes

Cohort / File(s)	Summary
Workspace & Root Configuration package.json, pnpm-workspace.yaml, .npmrc	Migrated packageManager from yarn@3.4.1 to pnpm@10.33.0, replaced Yarn workspaces and resolutions with pnpm overrides and packageExtensions, added onlyBuiltDependencies configuration for native packages, and created pnpm workspace configuration.
Yarn Configuration Removal .yarnrc.yml, lerna.json, .gitignore	Removed Yarn-specific configuration files (.yarnrc.yml with nodeLinker and package extensions, lerna.json workspace config) and Yarn-related .gitignore patterns (.pnp.*, .yarn/*), as native pnpm workspace replaces Lerna.
CI/CD Workflow .github/workflows/code-quality.yml	Updated GitHub Actions workflow to use pnpm/action-setup@v4 for PNPM v10 installation and changed Node.js caching from yarn to pnpm, with dependency installation via pnpm install --frozen-lockfile.
Docker Build Files Dockerfile, Dockerfile.rocketadmin-agent, rocketadmin-agent/Dockerfile, autoadmin-ws-server/Dockerfile	Replaced Yarn installation with global pnpm@10.33.0 setup, updated file copies to include pnpm lock/workspace/config files (.npmrc, pnpm-lock.yaml, pnpm-workspace.yaml), added pnpm store cache mounts, and changed build/install commands from yarn to pnpm.
Container Orchestration docker-compose.yml, docker-compose.tst.yml, backend/docker-compose.yml	Updated all service command directives to invoke package scripts via pnpm instead of yarn across backend, rocketadmin-agent, rocketadmin-private-microservice, and agent services.
Backend Configuration backend/package.json, backend/entrypoint.sh	Updated TypeORM migration scripts to use pnpm instead of yarn/npm for execution, changed entrypoint migration command from yarn run to pnpm run, and removed @types/uuid dev dependency.
Agent Scripts & Configuration rocketadmin-agent/package.json, rocketadmin-agent/wait-for-db2.js, rocketadmin-agent/wait-for-db2.sh	Removed yarn runtime dependency from rocketadmin-agent, updated DB2 wait scripts to invoke startup command via pnpm start:dev instead of yarn start:dev, and reformatted script indentation.
Workspace-Level Configuration autoadmin-ws-server/package.json, autoadmin-ws-server/pnpm-workspace.yaml, autoadmin-ws-server/.gitignore, autoadmin-ws-server/tsconfig.json, shared-code/package.json	Added packageManager: pnpm@10.33.0 pinning and pnpm-specific configuration to autoadmin-ws-server, created workspace definition, removed Yarn patterns from .gitignore, added TypeScript typeRoots compiler option, and removed ibm_db package extension from shared-code.
Documentation CLAUDE.md	Updated all backend development script references from yarn to pnpm (start:dev, build, lint, test commands, migrations), keeping frontend references unchanged.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested reviewers

• lyubov-voloshko

Poem

🐰 From Yarn's red thread we hop away,
To pnpm's swift path, come what may!
Cache mounts gleam, workspaces align,
One workspace.yaml to make all shine ✨
A monorepo bound, no Lerna chain—
Just bundled joy, no Yarn stain!

🚥 Pre-merge checks | ✅ 2 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Security Check	⚠️ Warning	PR introduces security gaps: missing .npmrc in autoadmin-ws-server Dockerfile breaks dependency consistency; rocketadmin-agent lacks USER 1001 directive running as root; wait-for-db2.js uses child_process.exec() causing DoS and unhandled connection leaks.	Add .npmrc to both stages of autoadmin-ws-server Dockerfile; add USER 1001 to rocketadmin-agent Dockerfile; replace exec() with spawn() in wait-for-db2.js with proper connection cleanup.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the primary change: migrating the project from Yarn to pnpm by adding pnpm workspace configuration. The changeset comprehensively switches package management across all files and services.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch backend_pnpm_migration

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 9

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/code-quality.yml:
- Around line 17-20: The workflow currently pins pnpm via the 'version: 10'
input to the pnpm/action-setup@v4 step which conflicts with the exact pnpm
version declared in package.json's packageManager; remove the explicit 'version:
10' input from the pnpm/action-setup@v4 step so the action will read and install
the exact pnpm version from packageManager (pnpm@10.33.0) instead.

In `@autoadmin-ws-server/Dockerfile`:
- Around line 7-8: Add a COPY for .npmrc before the pnpm installs so the pnpm
node-linker setting is applied during Docker builds: update the COPY line that
currently copies package.json, pnpm-lock.yaml, pnpm-workspace.yaml to also
include .npmrc (the COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./
entry) and ensure .npmrc is copied again before the second install step
referenced around the later RUN pnpm install --frozen-lockfile (apply the same
change near the later install at the location noted around line 24) so both pnpm
install steps use the repo .npmrc.

In `@autoadmin-ws-server/package.json`:
- Line 6: The workflow pins pnpm via a hardcoded "version: 10" in the
pnpm/action-setup step while package.json already declares "packageManager":
"pnpm@10.33.0"; remove the "version: 10" key from the pnpm/action-setup step in
the code-quality workflow so the action will derive the pnpm version from the
packageManager field instead, leaving the step otherwise unchanged.

In `@backend/package.json`:
- Around line 20-23: The migration npm scripts currently call "pnpm run typeorm"
which resolves to a non-existent ../node_modules/.bin path in pnpm workspaces;
update each script (migration:generate, migration:create, migration:run,
migration:revert) to invoke the workspace binary via pnpm exec (e.g., use "pnpm
exec typeorm <command> -d dist/src/shared/config/datasource.config.js") so the
TypeORM CLI is resolved from the package dependencies and remove the extra "--"
form used in migration:revert.

In `@CLAUDE.md`:
- Around line 21-26: The docs list a `pnpm lint` script and mark `pnpm test-all`
as serial, but the backend/package.json in this PR doesn't define `lint` and
`test-all` uses `ava --timeout=5m` (no --serial); update CLAUDE.md to mirror
package.json exactly: remove or replace the `pnpm lint` line with the actual
lint script name if one exists in backend/package.json (e.g., `pnpm lint:fix`)
and change the `pnpm test-all` description from "serial" to "Run all AVA tests
(5min timeout)" (or the exact wording used elsewhere), ensuring the entries for
the commands shown (pnpm start:dev, pnpm build, pnpm test, pnpm test-all, pnpm
test-saas) match the script names and flags in backend/package.json.

In `@Dockerfile.rocketadmin-agent`:
- Around line 12-14: The Dockerfile currently runs the TypeScript compile in
shared-code via a brittle relative path to ../node_modules/.bin/tsc; replace
that with pnpm's workspace-aware execution so the build runs in the correct
package context. Update the build steps to use pnpm -C shared-code (or pnpm -C
rocketadmin-agent if running its workspace-aware build) to run tsc in the
shared-code package and then run pnpm -C rocketadmin-agent run build; keep the
initial pnpm install --frozen-lockfile but switch the manual
../node_modules/.bin/tsc invocation to pnpm -C shared-code tsc to ensure proper
workspace dependency resolution and build order.

In `@package.json`:
- Line 4: The workflow currently forces pnpm version via a workflow `version`
field which can conflict with the repository packageManager pin; remove the
`version` key from the code-quality workflow so the action will defer to the
manifest's packageManager ("packageManager": "pnpm@10.33.0") and ensure
consistent pnpm resolution; locate the workflow step that references pnpm and
delete only the `version: 10` (or similar) field, leaving the rest of the action
configuration intact so the action respects the packageManager pin.

In `@rocketadmin-agent/wait-for-db2.js`:
- Around line 16-29: Change connStr to const and ensure the DB connection is
always closed by moving databaseConnection.close() into a finally block: open
the connection with connectionPool.open(connStr), run query/testResult in try,
and in finally call await databaseConnection.close() if databaseConnection was
set. Also make the function return false explicitly when the probe result is not
as expected (i.e., when testResult doesn't match 1) so it never returns
undefined; reference the symbols connStr, connectionPool, databaseConnection,
query, and testResult to locate where to apply these changes.
- Around line 45-65: Replace the exec call that starts "pnpm start:dev" with
spawn to avoid buffering stdout/stderr: stop using exec(..., callback) and
instead call spawn('pnpm', ['start:dev'], { shell: true, stdio: 'pipe' }) to
create child, attach listeners on child.stdout.on('data'),
child.stderr.on('data'), child.on('error'), and child.on('close') to log output
and handle exit, and ensure you call process.exit(1) inside the
child.on('error') or when a non-zero close code is observed; remove the exec
callback usage and keep the existing logging logic but wired to the spawned
child.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 0d768e0a-008d-452a-8be3-78ca379b333d

📥 Commits

Reviewing files that changed from the base of the PR and between 6cac9f9 and 7fd267e.

⛔ Files ignored due to path filters (5)

• .yarn/releases/yarn-3.4.1.cjs is excluded by !**/.yarn/**
• autoadmin-ws-server/pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
• autoadmin-ws-server/yarn.lock is excluded by !**/yarn.lock, !**/*.lock
• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (25)

• .github/workflows/code-quality.yml
• .gitignore
• .npmrc
• .yarnrc.yml
• CLAUDE.md
• Dockerfile
• Dockerfile.rocketadmin-agent
• autoadmin-ws-server/.gitignore
• autoadmin-ws-server/Dockerfile
• autoadmin-ws-server/package.json
• autoadmin-ws-server/pnpm-workspace.yaml
• autoadmin-ws-server/tsconfig.json
• backend/docker-compose.yml
• backend/entrypoint.sh
• backend/package.json
• docker-compose.tst.yml
• docker-compose.yml
• lerna.json
• package.json
• pnpm-workspace.yaml
• rocketadmin-agent/Dockerfile
• rocketadmin-agent/package.json
• rocketadmin-agent/wait-for-db2.js
• rocketadmin-agent/wait-for-db2.sh
• shared-code/package.json

💤 Files with no reviewable changes (5)

• lerna.json
• autoadmin-ws-server/.gitignore
• .gitignore
• shared-code/package.json
• .yarnrc.yml

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

# Check the workflow file
cat -n .github/workflows/code-quality.yml

Repository: rocket-admin/rocketadmin

Length of output: 1671

---

🏁 Script executed:

# Check package.json for packageManager specification
cat -n package.json | head -20

Repository: rocket-admin/rocketadmin

Length of output: 583

---

🏁 Script executed:

# Verify pnpm/action-setup behavior by checking documentation/usage
git log --oneline -20 -- .github/workflows/code-quality.yml

Repository: rocket-admin/rocketadmin

Length of output: 173

---

Remove the conflicting pnpm version specification.

The workflow specifies version: 10 while package.json declares packageManager: pnpm@10.33.0. This mismatch will cause the setup action to install a potentially different 10.x version, triggering a version conflict error. Remove the explicit version constraint to let pnpm/action-setup@v4 read and use the exact version from packageManager.

Proposed fix

      - name: Setup pnpm
        uses: pnpm/action-setup@v4
-       with:
-         version: 10

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- name: Setup pnpm
	uses: pnpm/action-setup@v4
	with:
	version: 10
	- name: Setup pnpm
	uses: pnpm/action-setup@v4

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/code-quality.yml around lines 17 - 20, The workflow
currently pins pnpm via the 'version: 10' input to the pnpm/action-setup@v4 step
which conflicts with the exact pnpm version declared in package.json's
packageManager; remove the explicit 'version: 10' input from the
pnpm/action-setup@v4 step so the action will read and install the exact pnpm
version from packageManager (pnpm@10.33.0) instead.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# First, locate and examine the Dockerfile mentioned
find . -name "Dockerfile" -path "*autoadmin-ws-server*" | head -5

Repository: rocket-admin/rocketadmin

Length of output: 100

---

🏁 Script executed:

# Check if .npmrc exists in the repo root
ls -la | grep -E "\.npmrc|package\.json|pnpm-lock"

Repository: rocket-admin/rocketadmin

Length of output: 258

---

🏁 Script executed:

# Check other Dockerfiles in the repo to see if they copy .npmrc
find . -name "Dockerfile" -type f | xargs grep -l "\.npmrc" 2>/dev/null | head -10

Repository: rocket-admin/rocketadmin

Length of output: 111

---

🏁 Script executed:

# Read the autoadmin-ws-server/Dockerfile
cat -n ./autoadmin-ws-server/Dockerfile

Repository: rocket-admin/rocketadmin

Length of output: 852

---

🏁 Script executed:

# Read .npmrc content
cat .npmrc

Repository: rocket-admin/rocketadmin

Length of output: 87

---

🏁 Script executed:

# Read the other Dockerfiles to compare
cat -n ./Dockerfile

Repository: rocket-admin/rocketadmin

Length of output: 2652

---

🏁 Script executed:

# Also check rocketadmin-agent/Dockerfile
cat -n ./rocketadmin-agent/Dockerfile

Repository: rocket-admin/rocketadmin

Length of output: 1970

---

Copy .npmrc before both pnpm installs.

This Dockerfile does not copy .npmrc while the other migrated Dockerfiles (./Dockerfile and ./rocketadmin-agent/Dockerfile) do. The repo .npmrc specifies node-linker=hoisted, which affects how pnpm resolves dependencies. Without it, Docker builds will use a different node_modules layout than local/CI builds, breaking packages that rely on hoisting.

Proposed fix

-COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./
+COPY package.json pnpm-lock.yaml pnpm-workspace.yaml .npmrc ./
 RUN pnpm install --frozen-lockfile

Also apply at line 24:

-COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./
+COPY package.json pnpm-lock.yaml pnpm-workspace.yaml .npmrc ./
 RUN pnpm install --prod --frozen-lockfile

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./
	RUN pnpm install --frozen-lockfile
	COPY package.json pnpm-lock.yaml pnpm-workspace.yaml .npmrc ./
	RUN pnpm install --frozen-lockfile

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@autoadmin-ws-server/Dockerfile` around lines 7 - 8, Add a COPY for .npmrc
before the pnpm installs so the pnpm node-linker setting is applied during
Docker builds: update the COPY line that currently copies package.json,
pnpm-lock.yaml, pnpm-workspace.yaml to also include .npmrc (the COPY
package.json pnpm-lock.yaml pnpm-workspace.yaml ./ entry) and ensure .npmrc is
copied again before the second install step referenced around the later RUN pnpm
install --frozen-lockfile (apply the same change near the later install at the
location noted around line 24) so both pnpm install steps use the repo .npmrc.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify all pnpm version declarations that can conflict with packageManager.
# Expected: either packageManager pins pnpm, or workflow setup pins pnpm, but not conflicting values.
rg -n -C2 'packageManager"\s*:\s*"pnpm@|pnpm/action-setup|version:\s*"?10' .

Repository: rocket-admin/rocketadmin

Length of output: 9472

---

🏁 Script executed:

# Find GitHub Actions workflow files
find .github/workflows -type f -name "*.yml" -o -name "*.yaml" 2>/dev/null | head -20

Repository: rocket-admin/rocketadmin

Length of output: 401

---

🏁 Script executed:

# Search specifically for pnpm version specifications in workflow files
rg -n 'pnpm.*version|version.*pnpm' .github/workflows/ 2>/dev/null || echo "No matches found or directory doesn't exist"

Repository: rocket-admin/rocketadmin

Length of output: 111

---

🏁 Script executed:

# Check code-quality.yml for pnpm configuration
cat .github/workflows/code-quality.yml | head -100

Repository: rocket-admin/rocketadmin

Length of output: 1363

---

🏁 Script executed:

# Check ws-server.yml for pnpm configuration
cat .github/workflows/ws-server.yml | head -100

Repository: rocket-admin/rocketadmin

Length of output: 3635

---

Unify the pnpm version source by removing the workflow version specification.

The code-quality workflow explicitly pins pnpm 10, while the package.json specifies pnpm@10.33.0. Remove the version: 10 from the pnpm/action-setup step in code-quality.yml to let the packageManager field be the single source of truth. Modern versions of pnpm/action-setup automatically respect the packageManager declaration.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@autoadmin-ws-server/package.json` at line 6, The workflow pins pnpm via a
hardcoded "version: 10" in the pnpm/action-setup step while package.json already
declares "packageManager": "pnpm@10.33.0"; remove the "version: 10" key from the
pnpm/action-setup step in the code-quality workflow so the action will derive
the pnpm version from the packageManager field instead, leaving the step
otherwise unchanged.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# First, let's examine the actual backend/package.json file around the flagged lines
cat -n backend/package.json | head -40

Repository: rocket-admin/rocketadmin

Length of output: 1910

---

🏁 Script executed:

# Check if pnpm workspace configuration exists
find . -name "pnpm-workspace.yaml" -o -name ".pnpmfile.cjs"

Repository: rocket-admin/rocketadmin

Length of output: 131

---

🏁 Script executed:

# Look for root package.json to understand workspace structure
cat -n package.json 2>/dev/null | head -30

Repository: rocket-admin/rocketadmin

Length of output: 828

---

🏁 Script executed:

# Check the backend tsconfig.json to understand the paths configuration
ls -la backend/tsconfig*.json 2>/dev/null && cat -n backend/tsconfig.json | head -50

Repository: rocket-admin/rocketadmin

Length of output: 922

---

🏁 Script executed:

# Check if TypeORM is in backend dependencies
rg "typeorm" backend/package.json -A 2 -B 2

Repository: rocket-admin/rocketadmin

Length of output: 1015

---

🏁 Script executed:

# Check root dependencies too
rg "typeorm" package.json -A 2 -B 2

Repository: rocket-admin/rocketadmin

Length of output: 50

---

🏁 Script executed:

# Look at pnpm-workspace.yaml to understand workspace configuration
cat pnpm-workspace.yaml

Repository: rocket-admin/rocketadmin

Length of output: 127

---

🏁 Script executed:

# Search for tsconfig-paths configuration in backend
rg "tsconfig-paths" backend/ -t json -t ts

Repository: rocket-admin/rocketadmin

Length of output: 219

---

🏁 Script executed:

# Check if there's any git history or comments about migration issues
rg "migration" backend/src -t ts -t js -B 2 -A 2 | head -50

Repository: rocket-admin/rocketadmin

Length of output: 1172

---

🏁 Script executed:

# Let's verify the datasource config that migrations reference
ls -la backend/src/shared/config/datasource.config* 2>/dev/null

Repository: rocket-admin/rocketadmin

Length of output: 162

---

🏁 Script executed:

# Check how datasource.config is structured (TypeScript or compiled)
head -30 backend/src/shared/config/datasource.config.ts 2>/dev/null || cat -n backend/src/shared/config/datasource.config.js 2>/dev/null | head -30

Repository: rocket-admin/rocketadmin

Length of output: 280

---

🏁 Script executed:

# Let's check if there are any other migration command examples or patterns in the codebase
rg "pnpm.*migration" -t json -t md -t txt

Repository: rocket-admin/rocketadmin

Length of output: 778

---

🏁 Script executed:

# Verify if the proposed fix would work - does 'typeorm' binary resolve properly without ts-node wrapper
rg "ESM|module" backend/tsconfig.json backend/package.json -A 1 -B 1

Repository: rocket-admin/rocketadmin

Length of output: 933

---

🏁 Script executed:

# Check if there are TypeScript migrations in the codebase
find backend/src -name "*.migration.ts" -o -name "*migration*.ts" | head -20

Repository: rocket-admin/rocketadmin

Length of output: 50

---

🏁 Script executed:

# Look at the migrations directory structure
ls -la backend/src/migrations/ 2>/dev/null || echo "No migrations directory found"

Repository: rocket-admin/rocketadmin

Length of output: 14583

---

🏁 Script executed:

# Check if ts-node is a dependency
rg "ts-node" backend/package.json -B 1 -A 1

Repository: rocket-admin/rocketadmin

Length of output: 390

---

🏁 Script executed:

# Verify actual pnpm node_modules structure for the workspace
ls -la backend/node_modules/.bin/typeorm 2>/dev/null || echo "Not found in backend/node_modules/.bin"
ls -la node_modules/.bin/typeorm 2>/dev/null || echo "Not found in root node_modules/.bin"

Repository: rocket-admin/rocketadmin

Length of output: 142

---

Replace invalid ../node_modules/.bin/typeorm path with direct pnpm binary resolution.

The migration scripts fail because the typeorm helper references ../node_modules/.bin/typeorm, which does not exist in the pnpm workspace. With pnpm workspaces, backend dependencies are resolved from the workspace package context, not parent directories.

Proposed fix

-		"typeorm": "ts-node -r tsconfig-paths/register ../node_modules/.bin/typeorm",
+		"typeorm": "typeorm",

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@backend/package.json` around lines 20 - 23, The migration npm scripts
currently call "pnpm run typeorm" which resolves to a non-existent
../node_modules/.bin path in pnpm workspaces; update each script
(migration:generate, migration:create, migration:run, migration:revert) to
invoke the workspace binary via pnpm exec (e.g., use "pnpm exec typeorm
<command> -d dist/src/shared/config/datasource.config.js") so the TypeORM CLI is
resolved from the package dependencies and remove the extra "--" form used in
migration:revert.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix the backend command docs to match backend/package.json.

pnpm lint is documented here, but the backend package scripts shown in this PR do not define lint. Also, test-all is documented as serial, while the script is ava --timeout=5m without --serial.

Proposed doc fix

 pnpm start:dev          # Start dev server with hot reload
 pnpm build              # Build for production
-pnpm lint               # ESLint with auto-fix
 pnpm test               # Run non-saas AVA tests (serial)
-pnpm test-all           # Run all AVA tests (5min timeout, serial)
+pnpm test-all           # Run all AVA tests (5min timeout)
 pnpm test-saas          # Run SaaS-specific tests

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	pnpm start:dev # Start dev server with hot reload
	pnpm build # Build for production
	pnpm lint # ESLint with auto-fix
	pnpm test # Run non-saas AVA tests (serial)
	pnpm test-all # Run all AVA tests (5min timeout, serial)
	pnpm test-saas # Run SaaS-specific tests
	pnpm start:dev # Start dev server with hot reload
	pnpm build # Build for production
	pnpm test # Run non-saas AVA tests (serial)
	pnpm test-all # Run all AVA tests (5min timeout)
	pnpm test-saas # Run SaaS-specific tests

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@CLAUDE.md` around lines 21 - 26, The docs list a `pnpm lint` script and mark
`pnpm test-all` as serial, but the backend/package.json in this PR doesn't
define `lint` and `test-all` uses `ava --timeout=5m` (no --serial); update
CLAUDE.md to mirror package.json exactly: remove or replace the `pnpm lint` line
with the actual lint script name if one exists in backend/package.json (e.g.,
`pnpm lint:fix`) and change the `pnpm test-all` description from "serial" to
"Run all AVA tests (5min timeout)" (or the exact wording used elsewhere),
ensuring the entries for the commands shown (pnpm start:dev, pnpm build, pnpm
test, pnpm test-all, pnpm test-saas) match the script names and flags in
backend/package.json.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# First, find the Dockerfile and workspace configuration
find . -name "Dockerfile*" -o -name "pnpm-workspace.yaml" -o -name "package.json" | head -30

Repository: rocket-admin/rocketadmin

Length of output: 418

---

🏁 Script executed:

# Check for workspace configuration in root package.json and pnpm-workspace.yaml
if [ -f pnpm-workspace.yaml ]; then cat pnpm-workspace.yaml; fi
if [ -f package.json ]; then jq '.workspaces // empty' package.json; fi

Repository: rocket-admin/rocketadmin

Length of output: 127

---

🏁 Script executed:

# Locate and examine the Dockerfile.rocketadmin-agent
find . -name "Dockerfile.rocketadmin-agent" -exec cat {} \;

Repository: rocket-admin/rocketadmin

Length of output: 694

---

🏁 Script executed:

# Check if shared-code exists and its package.json
find . -path "*/shared-code/package.json" -exec cat {} \;

Repository: rocket-admin/rocketadmin

Length of output: 1095

---

🏁 Script executed:

# Look for TypeScript dependencies in shared-code
find . -path "*/shared-code/*" -type f -name "package.json" -o -path "*/rocketadmin-agent/*" -type f -name "package.json"

Repository: rocket-admin/rocketadmin

Length of output: 127

---

🏁 Script executed:

# Check if shared-code has a build or tsc script in its package.json
cd shared-code && cat package.json | jq '.scripts // empty'

Repository: rocket-admin/rocketadmin

Length of output: 50

---

🏁 Script executed:

# Check rocketadmin-agent's package.json to see what its build script does
cd rocketadmin-agent && cat package.json | jq '.scripts // empty'

Repository: rocket-admin/rocketadmin

Length of output: 323

---

🏁 Script executed:

# Check if root package.json has typescript or any references
cat package.json | jq '.dependencies // empty, .devDependencies // empty, .workspaces // empty'

Repository: rocket-admin/rocketadmin

Length of output: 181

---

🏁 Script executed:

# Look for tsconfig.json files to understand the build setup
find . -name "tsconfig.json" -type f | xargs ls -la

Repository: rocket-admin/rocketadmin

Length of output: 538

---

🏁 Script executed:

# Check rocketadmin-agent's tsconfig and tsconfig.build.json
cat rocketadmin-agent/tsconfig.json && echo "---" && cat rocketadmin-agent/tsconfig.build.json 2>/dev/null || echo "tsconfig.build.json not found, checking alternative"

Repository: rocket-admin/rocketadmin

Length of output: 687

---

🏁 Script executed:

# Check shared-code's tsconfig.json
cat shared-code/tsconfig.json

Repository: rocket-admin/rocketadmin

Length of output: 590

---

🏁 Script executed:

# Check if there are any references from rocketadmin-agent to shared-code in imports
grep -r "from.*shared-code\|import.*shared-code" rocketadmin-agent/src --include="*.ts" --include="*.tsx" 2>/dev/null | head -5

Repository: rocket-admin/rocketadmin

Length of output: 929

---

🏁 Script executed:

# Verify pnpm -C syntax is valid by checking pnpm documentation or usage patterns
# Check if there are other pnpm -C usages in the repo
grep -r "pnpm -C" . --include="*.sh" --include="Dockerfile*" --include="*.md" 2>/dev/null

Repository: rocket-admin/rocketadmin

Length of output: 50

---

Use pnpm workspace execution for the shared-code TypeScript build.

The current approach using ../node_modules/.bin/tsc from inside shared-code is brittle and doesn't properly leverage pnpm's workspace-aware dependency resolution. Since rocketadmin-agent declares TypeScript project references to shared-code, the build order and context matter. Use pnpm -C to execute commands in the correct workspace package context.

Proposed Dockerfile fix

 RUN pnpm install --frozen-lockfile
-RUN cd shared-code && ../node_modules/.bin/tsc
-RUN cd rocketadmin-agent && pnpm run build
+RUN pnpm -C shared-code exec tsc
+RUN pnpm -C rocketadmin-agent run build

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@Dockerfile.rocketadmin-agent` around lines 12 - 14, The Dockerfile currently
runs the TypeScript compile in shared-code via a brittle relative path to
../node_modules/.bin/tsc; replace that with pnpm's workspace-aware execution so
the build runs in the correct package context. Update the build steps to use
pnpm -C shared-code (or pnpm -C rocketadmin-agent if running its workspace-aware
build) to run tsc in the shared-code package and then run pnpm -C
rocketadmin-agent run build; keep the initial pnpm install --frozen-lockfile but
switch the manual ../node_modules/.bin/tsc invocation to pnpm -C shared-code tsc
to ensure proper workspace dependency resolution and build order.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify all pnpm version declarations that can conflict with packageManager.
# Expected: no workflow-level pnpm version conflicts with packageManager pins.
rg -n -C2 'packageManager"\s*:\s*"pnpm@|pnpm/action-setup|version:\s*"?10' .

Repository: rocket-admin/rocketadmin

Length of output: 9472

---

🏁 Script executed:

#!/bin/bash
# Locate and examine GitHub Actions workflow files for pnpm version declarations
fd -e yml -e yaml '.github/workflows' | head -20

Repository: rocket-admin/rocketadmin

Length of output: 441

---

🏁 Script executed:

#!/bin/bash
# Search workflow files for pnpm version setup
fd -e yml -e yaml '.github/workflows' | xargs -I {} sh -c 'echo "=== {} ===" && cat -n "{}"' 2>/dev/null | grep -A5 -B5 'pnpm\|action'

Repository: rocket-admin/rocketadmin

Length of output: 441

---

🏁 Script executed:

#!/bin/bash
# Find workflow files in .github/workflows directory
fd . '.github/workflows' --type f

Repository: rocket-admin/rocketadmin

Length of output: 401

---

🏁 Script executed:

#!/bin/bash
# Examine the code-quality workflow file mentioned in the review
cat -n '.github/workflows/code-quality.yml'

Repository: rocket-admin/rocketadmin

Length of output: 1671

---

🏁 Script executed:

#!/bin/bash
# Search all workflow files for pnpm version declarations
grep -r -n 'pnpm.*version\|pnpm/action-setup\|uses:.*pnpm' '.github/workflows/'

Repository: rocket-admin/rocketadmin

Length of output: 140

---

Remove the workflow pnpm version to rely on the packageManager pin.

The code-quality workflow specifies pnpm version: 10 while this manifest pins pnpm@10.33.0. The workflow version declaration will resolve to the latest 10.x release available at action execution time, which may not match the locked 10.33.0 version. Remove the workflow version field so the action respects the packageManager pin instead.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@package.json` at line 4, The workflow currently forces pnpm version via a
workflow `version` field which can conflict with the repository packageManager
pin; remove the `version` key from the code-quality workflow so the action will
defer to the manifest's packageManager ("packageManager": "pnpm@10.33.0") and
ensure consistent pnpm resolution; locate the workflow step that references pnpm
and delete only the `version: 10` (or similar) field, leaving the rest of the
action configuration intact so the action respects the packageManager pin.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

find . -name "wait-for-db2.js" -type f

Repository: rocket-admin/rocketadmin

Length of output: 103

---

🏁 Script executed:

cat -n ./rocketadmin-agent/wait-for-db2.js

Repository: rocket-admin/rocketadmin

Length of output: 2743

---

Close DB2 connections on every outcome and use const for unmutated variables.

The connStr variable is never reassigned, so it should be declared with const per the coding guidelines. More critically, if query() throws after open() succeeds (line 21), the databaseConnection.close() call is skipped (line 22) and the connection leaks. In the retry loop (line 36), this causes connection accumulation. Additionally, when the probe query returns an unexpected result, the function implicitly returns undefined instead of an explicit false.

🐛 Proposed fix

 async function testConnectionToDB2() {
-	let connStr = `DATABASE=testdb;HOSTNAME=test-ibm-db2-e2e-testing;UID=db2inst1;PWD=password;PORT=50000;PROTOCOL=TCPIP`;
+	const connStr = `DATABASE=testdb;HOSTNAME=test-ibm-db2-e2e-testing;UID=db2inst1;PWD=password;PORT=50000;PROTOCOL=TCPIP`;
 	const connectionPool = new Pool();
+	let databaseConnection;
 	try {
-		const databaseConnection = await connectionPool.open(connStr);
+		databaseConnection = await connectionPool.open(connStr);
 		const query = `SELECT 1 FROM sysibm.sysdummy1`;
 		const testResult = await databaseConnection.query(query);
-		await databaseConnection.close();
 		if (testResult?.[0] && testResult[0]['1'] === 1) {
 			return true;
 		}
+		return false;
 	} catch (error) {
 		console.error('Error connecting to DB2:', error);
 		return false;
+	} finally {
+		if (databaseConnection) {
+			try {
+				await databaseConnection.close();
+			} catch (closeError) {
+				console.error('Error closing DB2 connection:', closeError);
+			}
+		}
 	}
 }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@rocketadmin-agent/wait-for-db2.js` around lines 16 - 29, Change connStr to
const and ensure the DB connection is always closed by moving
databaseConnection.close() into a finally block: open the connection with
connectionPool.open(connStr), run query/testResult in try, and in finally call
await databaseConnection.close() if databaseConnection was set. Also make the
function return false explicitly when the probe result is not as expected (i.e.,
when testResult doesn't match 1) so it never returns undefined; reference the
symbols connStr, connectionPool, databaseConnection, query, and testResult to
locate where to apply these changes.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

find . -name "wait-for-db2.js" -type f

Repository: rocket-admin/rocketadmin

Length of output: 103

---

🏁 Script executed:

# Check if the file exists and examine it
if [ -f "rocketadmin-agent/wait-for-db2.js" ]; then
  wc -l "rocketadmin-agent/wait-for-db2.js"
  echo "---"
  cat -n "rocketadmin-agent/wait-for-db2.js"
else
  echo "File not found at expected path"
fi

Repository: rocket-admin/rocketadmin

Length of output: 2784

---

🏁 Script executed:

# Search for any JavaScript files containing 'wait-for-db' in their name
fd "wait-for-db" --type f

Repository: rocket-admin/rocketadmin

Length of output: 135

---

🌐 Web query:

Node.js exec vs spawn for long-running processes maxBuffer

💡 Result:

For long-running processes in Node.js, especially those producing large output, use child_process.spawn instead of child_process.exec to avoid maxBuffer limitations. child_process.exec buffers all stdout and stderr output until the process completes, with a default maxBuffer of 1MB (1024 * 1024 bytes). Exceeding this terminates the child process and truncates output, causing errors like "maxBuffer exceeded". This makes exec unsuitable for long-running processes with substantial output, as the entire output must fit in memory. child_process.spawn streams stdout and stderr as data events, with no maxBuffer limit. It handles continuous or large output without blocking or memory issues, making it ideal for long-running processes. Listen to 'data' events on stdout/stderr streams to process output in real-time. Example with spawn: const { spawn } = require('child_process'); const child = spawn('your-long-running-command', ['args']); child.stdout.on('data', (data) => console.log(stdout: ${data})); child.stderr.on('data', (data) => console.error(stderr: ${data})); child.on('close', (code) => console.log(Exited with code ${code})); Official Node.js docs confirm spawn for streaming (non-blocking event loop) and exec's buffering with maxBuffer option. Multiple sources report maxBuffer errors resolved by switching to spawn for verbose or long processes.

Citations:

• 1: maxBuffer exceeded because of using exec instead of spawn lerna/lerna#213
• 2: https://nodejs.org/docs/latest/api/child_process.html
• 3: https://nodejs.org/api/child_process.html
• 4: https://nodejs.org/docs/latest-v18.x/api/child_process.html
• 5: https://stackoverflow.com/questions/48698234/node-js-spawn-vs-execute
• 6: https://gist.github.com/devarajchidambaram/8b3ffe8337a310ee367390cc49419f26

---

🌐 Web query:

Node.js exec child.stdout event listeners buffering behavior

💡 Result:

In Node.js child_process.exec, the child.stdout is a readable stream that emits 'data' events as the child process writes to stdout. These events fire with chunks of data (typically up to ~64KB depending on the stream highWaterMark), allowing streaming access to output. However, exec internally buffers all stdout (and stderr) data up to the maxBuffer limit (default 1MB since Node 10+, previously 200KB) to provide the complete output in the callback as (error, stdout, stderr). If output exceeds maxBuffer, the child is killed, the callback receives an error, and any prior data events contain only the buffered portion up to the limit. This dual behavior enables both streaming via events and complete buffered access via callback. For large outputs without buffering limits, use spawn instead, which streams without internal buffering. Example: const { exec } = require('child_process'); const child = exec('your-command', { maxBuffer: 10 * 1024 * 1024 }); let output = ''; child.stdout.on('data', (chunk) => { output += chunk; console.log('Received chunk:', chunk.length); }); child.on('close', (code) => { console.log('Total output length:', output.length); });

Citations:

• 1: https://stackoverflow.com/questions/36991498/node-exec-not-firing-all-data-events
• 2: https://stackoverflow.com/questions/21188815/stdout-of-node-js-child-process-exec-is-cut-short
• 3: https://stackoverflow.com/questions/23429499/stdout-buffer-issue-using-node-child-process
• 4: https://nodejs.org/api/child_process.html
• 5: https://nodejs.org/download/release/v4.1.2/docs/api/child_process.html

---

Use spawn instead of exec for the long-running start command.

exec buffers all stdout/stderr in memory until the process exits (default 1MB limit). A long-running process like pnpm start:dev will generate verbose logs that exceed this limit, causing the child process to be killed and the entire application startup to fail. Use spawn to stream output without buffering constraints.

Proposed fix

-const { exec } = require('child_process');
+const { spawn } = require('child_process');
@@
-					const child = exec('pnpm start:dev', (err, stdout, stderr) => {
-						if (err) {
-							console.error('Error starting the application:', err);
-							process.exit(1);
-						}
-						console.log('Application stdout:', stdout);
-						console.error('Application stderr:', stderr);
-						console.log('Application started');
-					});
+					const child = spawn('pnpm', ['start:dev'], {
+						stdio: ['ignore', 'pipe', 'pipe'],
+					});
@@
+					child.on('error', (err) => {
+						console.error('Error starting the application:', err);
+						process.exit(1);
+					});
+
 					child.on('close', (code) => {
 						console.log(`child process exited with code ${code}`);
+						if (code !== 0) {
+							process.exit(code ?? 1);
+						}
 					});

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@rocketadmin-agent/wait-for-db2.js` around lines 45 - 65, Replace the exec
call that starts "pnpm start:dev" with spawn to avoid buffering stdout/stderr:
stop using exec(..., callback) and instead call spawn('pnpm', ['start:dev'], {
shell: true, stdio: 'pipe' }) to create child, attach listeners on
child.stdout.on('data'), child.stderr.on('data'), child.on('error'), and
child.on('close') to log output and handle exit, and ensure you call
process.exit(1) inside the child.on('error') or when a non-zero close code is
observed; remove the exec callback usage and keep the existing logging logic but
wired to the spawned child.

[Copilot]

Pull request overview

This PR migrates the repo’s Node.js monorepo setup from Yarn workspaces/Lerna to pnpm workspaces, updating Docker/Compose/CI so backend, rocketadmin-agent, and shared-code build and run under pnpm.

Changes:

• Add pnpm workspace + lockfile configuration at the repo root and migrate workspace-specific settings (overrides/packageExtensions).
• Update Dockerfiles, docker-compose configs, and startup scripts to use pnpm instead of yarn.
• Convert autoadmin-ws-server from Yarn to pnpm (lockfile, workspace config, Dockerfile tweaks).

Reviewed changes

Copilot reviewed 24 out of 30 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
shared-code/package.json	Remove Yarn-specific packageExtensions (moved to root pnpm config).
rocketadmin-agent/wait-for-db2.sh	Switch startup command from yarn to pnpm.
rocketadmin-agent/wait-for-db2.js	Switch spawned dev start command from yarn to pnpm; reformat.
rocketadmin-agent/package.json	Remove yarn dependency now that pnpm is the package manager.
rocketadmin-agent/Dockerfile	Install pnpm and use pnpm install/build; adjust WORKDIR/CMD.
pnpm-workspace.yaml	Add root pnpm workspace definition for backend/agent/shared-code.
package.json	Switch root packageManager to pnpm; move resolutions/packageExtensions into pnpm config and add onlyBuiltDependencies.
lerna.json	Remove Lerna configuration (no longer needed).
docker-compose.yml	Replace yarn commands with pnpm for affected services.
docker-compose.tst.yml	Replace test runner command from yarn to pnpm.
backend/package.json	Update migration scripts to call TypeORM via pnpm; remove @types/uuid.
backend/entrypoint.sh	Run migrations using pnpm.
backend/docker-compose.yml	Replace yarn start:dev with pnpm start:dev.
autoadmin-ws-server/yarn.lock	Remove Yarn lockfile.
autoadmin-ws-server/tsconfig.json	Add explicit typeRoots for TypeScript types resolution.
autoadmin-ws-server/pnpm-workspace.yaml	Add a local pnpm workspace definition for the ws server package.
autoadmin-ws-server/pnpm-lock.yaml	Add pnpm lockfile for ws server.
autoadmin-ws-server/package.json	Pin pnpm version and add pnpm-only built dependency allowlist.
autoadmin-ws-server/Dockerfile	Switch install/build steps from Yarn to pnpm (builder + runtime stages).
autoadmin-ws-server/.gitignore	Remove Yarn-specific ignore patterns.
Dockerfile.rocketadmin-agent	Switch install/build steps from Yarn to pnpm.
Dockerfile	Switch backend/agent install/build steps from Yarn to pnpm (frontend build stage remains Yarn).
CLAUDE.md	Update backend commands/docs to pnpm and note pnpm workspace usage.
.yarnrc.yml	Remove Yarn configuration.
.npmrc	Add pnpm node-linker configuration.
.gitignore	Remove Yarn-specific ignore patterns from repo root.
.github/workflows/code-quality.yml	Update CI to install/cache dependencies using pnpm.

Files not reviewed (1)

• autoadmin-ws-server/pnpm-lock.yaml: Language not supported

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.