ci: add peer dependency check

2026-01-18 23:40:55 +00:00 · 2026-01-18 23:40:55 +00:00 · 2f6f11af3f
commit 2f6f11af3f
parent c90f92dbc7
4 changed files with 66 additions and 8 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -15,10 +15,12 @@ jobs:

      - uses: oven-sh/setup-bun@v2
        with:
-          bun-version: 1.3.5
+          bun-version: 1.3.6

      - name: Install
        run: bun install --frozen-lockfile
+      - name: Peer deps
+        run: bun run check:peers

      - name: Lint
        run: bun run lint
@ -36,4 +38,3 @@ jobs:

      - name: Build
        run: bun run build
-
--- a/bun.lock
+++ b/bun.lock
@ -5,7 +5,7 @@
    "": {
      "name": "clawdhub",
      "dependencies": {
-        "@auth/core": "^0.41.1",
+        "@auth/core": "^0.37.4",
        "@convex-dev/auth": "^0.0.90",
        "@fontsource/bricolage-grotesque": "^5.2.10",
        "@fontsource/ibm-plex-mono": "^5.2.7",
@ -106,7 +106,7 @@

    "@asamuzakjp/nwsapi": ["@asamuzakjp/nwsapi@2.3.9", "", {}, "sha512-n8GuYSrI9bF7FFZ/SjhwevlHc8xaVlb/7HmHelnc/PZXBD2ZR49NnN9sMMuDdEGPeeRQ5d0hqlSlEpgCX3Wl0Q=="],

-    "@auth/core": ["@auth/core@0.41.1", "", { "dependencies": { "@panva/hkdf": "^1.2.1", "jose": "^6.0.6", "oauth4webapi": "^3.3.0", "preact": "10.24.3", "preact-render-to-string": "6.5.11" }, "peerDependencies": { "@simplewebauthn/browser": "^9.0.1", "@simplewebauthn/server": "^9.0.2", "nodemailer": "^7.0.7" }, "optionalPeers": ["@simplewebauthn/browser", "@simplewebauthn/server", "nodemailer"] }, "sha512-t9cJ2zNYAdWMacGRMT6+r4xr1uybIdmYa49calBPeTqwgAFPV/88ac9TEvCR85pvATiSPt8VaNf+Gt24JIT/uw=="],
+    "@auth/core": ["@auth/core@0.37.4", "", { "dependencies": { "@panva/hkdf": "^1.2.1", "jose": "^5.9.6", "oauth4webapi": "^3.1.1", "preact": "10.24.3", "preact-render-to-string": "6.5.11" }, "peerDependencies": { "@simplewebauthn/browser": "^9.0.1", "@simplewebauthn/server": "^9.0.2", "nodemailer": "^6.8.0" }, "optionalPeers": ["@simplewebauthn/browser", "@simplewebauthn/server", "nodemailer"] }, "sha512-HOXJwXWXQRhbBDHlMU0K/6FT1v+wjtzdKhsNg0ZN7/gne6XPsIrjZ4daMcFnbq0Z/vsAbYBinQhhua0d77v7qw=="],

    "@babel/code-frame": ["@babel/code-frame@7.27.1", "", { "dependencies": { "@babel/helper-validator-identifier": "^7.27.1", "js-tokens": "^4.0.0", "picocolors": "^1.1.1" } }, "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg=="],

@ -904,7 +904,7 @@

    "jiti": ["jiti@2.6.1", "", { "bin": { "jiti": "lib/jiti-cli.mjs" } }, "sha512-ekilCSN1jwRvIbgeg/57YFh8qQDNbwDb9xT/qu2DAHbFFZUicIl4ygVaAvzveMhMVr3LnpSKTNnwt8PoOfmKhQ=="],

-    "jose": ["jose@6.1.3", "", {}, "sha512-0TpaTfihd4QMNwrz/ob2Bp7X04yuxJkjRGi4aKmOqwhov54i6u79oCv7T+C7lo70MKH6BesI3vscD1yb/yzKXQ=="],
+    "jose": ["jose@5.10.0", "", {}, "sha512-s+3Al/p9g32Iq+oqXxkW//7jk2Vig6FF1CFqzVXoTUXt2qz89YWbL+OwS17NFYEvxC35n0FKeGO2LGYSxeM2Gg=="],

    "js-tokens": ["js-tokens@4.0.0", "", {}, "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ=="],

@ -1344,8 +1344,6 @@

    "@babel/helper-compilation-targets/semver": ["semver@6.3.1", "", { "bin": { "semver": "bin/semver.js" } }, "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA=="],

-    "@convex-dev/auth/jose": ["jose@5.10.0", "", {}, "sha512-s+3Al/p9g32Iq+oqXxkW//7jk2Vig6FF1CFqzVXoTUXt2qz89YWbL+OwS17NFYEvxC35n0FKeGO2LGYSxeM2Gg=="],
-
    "@tailwindcss/oxide-wasm32-wasi/@emnapi/core": ["@emnapi/core@1.8.0", "", { "dependencies": { "@emnapi/wasi-threads": "1.1.0", "tslib": "^2.4.0" }, "bundled": true }, "sha512-ryJnSmj4UhrGLZZPJ6PKVb4wNPAIkW6iyLy+0TRwazd3L1u0wzMe8RfqevAh2HbcSkoeLiSYnOVDOys4JSGYyg=="],

    "@tailwindcss/oxide-wasm32-wasi/@emnapi/runtime": ["@emnapi/runtime@1.8.0", "", { "dependencies": { "tslib": "^2.4.0" }, "bundled": true }, "sha512-Z82FDl1ByxqPEPrAYYeTQVlx2FSHPe1qwX465c+96IRS3fTdSYRoJcRxg3g2fEG5I69z1dSEWQlNRRr0/677mg=="],
--- a/package.json
+++ b/package.json
@ -10,6 +10,7 @@
    "build": "bun --bun vite build",
    "preview": "bun --bun vite preview",
    "docs:list": "bun scripts/docs-list.ts",
+    "check:peers": "bun scripts/check-peer-deps.ts",
    "test": "vitest run",
    "test:watch": "vitest",
    "test:e2e": "vitest run -c vitest.e2e.config.ts",
@ -23,7 +24,7 @@
    "format": "biome format --write ."
  },
  "dependencies": {
-    "@auth/core": "^0.41.1",
+    "@auth/core": "^0.37.4",
    "@convex-dev/auth": "^0.0.90",
    "@fontsource/bricolage-grotesque": "^5.2.10",
    "@fontsource/ibm-plex-mono": "^5.2.7",
--- a/scripts/check-peer-deps.ts
+++ b/scripts/check-peer-deps.ts
@ -0,0 +1,58 @@
+import { readFile } from 'node:fs/promises'
+import { join } from 'node:path'
+import semver from 'semver'
+
+type PackageJson = {
+  name?: string
+  version?: string
+  dependencies?: Record<string, string>
+  peerDependencies?: Record<string, string>
+}
+
+async function readJson(path: string): Promise<PackageJson> {
+  const raw = await readFile(path, 'utf8')
+  return JSON.parse(raw) as PackageJson
+}
+
+async function main() {
+  const root = process.cwd()
+  const rootPkgPath = join(root, 'package.json')
+  const authPkgPath = join(root, 'node_modules', '@convex-dev', 'auth', 'package.json')
+  const corePkgPath = join(root, 'node_modules', '@auth', 'core', 'package.json')
+
+  const rootPkg = await readJson(rootPkgPath)
+  const authPkg = await readJson(authPkgPath)
+  const corePkg = await readJson(corePkgPath)
+
+  const peerRange = authPkg.peerDependencies?.['@auth/core']
+  const declaredRange = rootPkg.dependencies?.['@auth/core']
+  const installedVersion = corePkg.version
+
+  if (!peerRange) {
+    throw new Error('Missing @auth/core peer range in @convex-dev/auth package.json')
+  }
+  if (!declaredRange) {
+    throw new Error('Missing @auth/core dependency in root package.json')
+  }
+  if (!installedVersion) {
+    throw new Error('Missing @auth/core version in node_modules')
+  }
+
+  if (!semver.intersects(declaredRange, peerRange, { includePrerelease: true })) {
+    throw new Error(
+      `@auth/core range mismatch: package.json declares "${declaredRange}" but @convex-dev/auth requires "${peerRange}"`,
+    )
+  }
+
+  if (!semver.satisfies(installedVersion, peerRange, { includePrerelease: true })) {
+    throw new Error(
+      `@auth/core version mismatch: installed "${installedVersion}" does not satisfy @convex-dev/auth peer "${peerRange}"`,
+    )
+  }
+
+  console.log(
+    `peer ok: @auth/core ${installedVersion} satisfies @convex-dev/auth (${peerRange})`,
+  )
+}
+
+await main()