You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
None. PR queue was empty at the start of the cycle (#3357 merged overnight). One new PR opened by this run: #3371 (see Security below).
Security
Opened chore(deps): move pnpm overrides to pnpm-workspace.yaml #3371 — chore(deps): move pnpm overrides to pnpm-workspace.yaml. pnpm 11.2.0 silently stopped reading the pnpm field from package.json, disabling all eight security-floor overrides (ajv@8, brace-expansion, fast-uri, flatted, minimatch, picomatch, undici, yaml) on fresh installs. The existing lockfile masked the drift; any resolver-driven update would have leaked transitive packages below the floors. Moved the block to pnpm-workspace.yaml per current pnpm docs and refreshed the lockfile.
Daily Autohealing Report — 2026-05-24 (UTC)
Errored PRs
None. PR queue was empty at the start of the cycle (#3357 merged overnight). One new PR opened by this run: #3371 (see Security below).
Security
chore(deps): move pnpm overrides to pnpm-workspace.yaml. pnpm 11.2.0 silently stopped reading thepnpmfield frompackage.json, disabling all eight security-floor overrides (ajv@8,brace-expansion,fast-uri,flatted,minimatch,picomatch,undici,yaml) on fresh installs. The existing lockfile masked the drift; any resolver-driven update would have leaked transitive packages below the floors. Moved the block topnpm-workspace.yamlper current pnpm docs and refreshed the lockfile.peter-murray/workflow-application-token-actionto v2 #7, CII-Best-Practices feat: add Renovate workflow for dependency auto-updates #5, Branch-Protection feat: set default settings #1). Unchanged.Health & Maintenance
None beyond #3371. No outdated majors or unpinned
uses:references detected.Developer Experience
None. Repository validation green both before and after the pnpm-overrides migration:
pnpm run lint— cleanpnpm run check-types— cleanpnpm test— 22 files / 644 passed + 3 todo in ~3sNotable: the pnpm warning that surfaced today is now gone after #3371.
Needs Human Attention
peter-murray/workflow-application-token-actionto v2 #7, CII-Best-Practices feat: add Renovate workflow for dependency auto-updates #5, Branch-Protection feat: set default settings #1) — same three meta-recommendations across many cycles. Implement or dismiss.