build(deps-dev): Bump pnpm from 10.25.0 to 10.26.0 (#2967)

[KATO-Hiro]

close #2967

Summary by CodeRabbit

• Chores
  • Updated pnpm package manager to v10.26.0 for improved performance and stability.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Bumps the pnpm package manager from version 10.25.0 to 10.26.0 in devDependencies and updates the root packageManager field accordingly. Includes a comprehensive upgrade plan document detailing investigated changes, new features, impact analysis, testing procedures, and execution results.

Changes

Cohort / File(s)	Summary
Documentation docs/dev-notes/2025-12-17/bump-pnpm-from-v10.25-to-v10.26/plan.md	Adds comprehensive upgrade plan document with change investigation (two semi-breaking items), new features (three items), impact analysis, step-by-step update procedures, testing matrix, Prisma schema checks, PR references, and final execution results.
Package Configuration package.json	Bumps pnpm devDependency from 10.25.0 to 10.26.0 and updates packageManager field from pnpm@10.22.0 to pnpm@10.26.0.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

• Straightforward dependency version bump with no functional code changes
• Documentation is planning/verification guidance without code logic
• Updates are isolated to configuration fields and new documentation file

Poem

🐰 With whiskers twitched and paws held high,
We've bumped the pnpm to the sky,
From .25 to .26 we go,
With plans and notes to help us grow!
No breaking changes block our way,
Just smoother sailing, hip hooray! 🎉

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title clearly and specifically describes the main change: bumping pnpm from version 10.25.0 to 10.26.0 in devDependencies, which aligns with the actual changes made to package.json.
Linked Issues check	✅ Passed	The PR successfully closes issue #2967 by implementing the pnpm version bump from 10.25.0 to 10.26.0 as specified, with comprehensive planning documentation included.
Out of Scope Changes check	✅ Passed	All changes are in scope: package.json version bump, packageManager field update, and planning documentation are directly related to the stated pnpm upgrade objective.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch #2967

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

docs/dev-notes/2025-12-17/bump-pnpm-from-v10.25-to-v10.26/plan.md (1)

184-184: Optional: Consider using a heading for the conclusion.

The line uses bold emphasis for what appears to be a conclusion statement. If this is meant to be a section heading, consider using markdown heading syntax instead.

Apply this diff to use a heading:

-**✅ アップデート完了・動作確認OK**
+### ✅ アップデート完了・動作確認OK

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between fd1a7e1 and 57e4f29.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (2)

• docs/dev-notes/2025-12-17/bump-pnpm-from-v10.25-to-v10.26/plan.md (1 hunks)
• package.json (2 hunks)

🧰 Additional context used

🪛 markdownlint-cli2 (0.18.1)

docs/dev-notes/2025-12-17/bump-pnpm-from-v10.25-to-v10.26/plan.md

184-184: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: preview

🔇 Additional comments (1)

package.json (1)

56-56: LGTM. Version updates are consistent.

pnpm 10.26.0 is the latest version and the updates are properly synchronized between devDependencies and packageManager fields. This release introduces stricter security defaults for git-hosted dependencies, adds allowBuilds for granular script permissions, and includes a new setting to block exotic transitive dependencies. No known security issues affect this version.

Also applies to: 99-99

[KATO-Hiro]

LGTM