fix(init-stack): use correct package add commands for bun and pnpm#886
fix(init-stack): use correct package add commands for bun and pnpm#886N2D4 merged 2 commits intostack-auth:devfrom rsvedant:fix/init-stack-bun-add
Conversation
Previously, the init wizard incorrectly used 'bun install' and 'pnpm install' when adding dependencies, which doesn't work. These package managers require 'bun add' and 'pnpm add' for adding new packages. - npm: npm install (unchanged) - yarn: yarn add (unchanged) - pnpm: pnpm add (fixed) - bun: bun add (fixed)
|
@rsvedant is attempting to deploy a commit to the Stack Team on Vercel. A member of the Team first needs to authorize it. |
|
|
WalkthroughReplaced inline package-manager logic with an Changes
Sequence Diagram(s)sequenceDiagram
autonumber
actor User
participant CLI as Init CLI
participant Resolver as InstallCommandResolver (Map)
participant Shell
User->>CLI: Run init command
CLI->>Resolver: Lookup install command for packageManager
Resolver-->>CLI: installCommand (e.g., "pnpm add")
CLI->>CLI: JSON.stringify package names -> safePackages
CLI->>Shell: Execute installCommand + safePackages (shell: true, cwd: projectPath)
Shell-->>CLI: Exit code / result
CLI-->>User: Completion status
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Poem
Warning Review ran into problems🔥 ProblemsGit: Failed to clone repository. Please run the 📜 Recent review detailsConfiguration used: CodeRabbit UI Review profile: CHILL Plan: Pro 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
✨ Finishing Touches
🧪 Generate unit tests
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
There was a problem hiding this comment.
Greptile Summary
This PR fixes a critical bug in the Stack Auth initialization wizard (@stackframe/init-stack) where incorrect package manager commands were being used for Bun and pnpm. The issue was in the command generation logic that determines how to install the @stackframe/stack dependency.
The original code used a simple ternary operator that only handled yarn correctly, defaulting to <manager> install for other package managers. However, both Bun and pnpm require the add subcommand to install new packages, not just install. This caused the wizard to fail when users selected these package managers.
The fix replaces the ternary operator with a proper mapping object (installCommandMap) that explicitly defines the correct command for each supported package manager:
- npm:
npm install(unchanged) - yarn:
yarn add(unchanged) - pnpm:
pnpm add(fixed frompnpm install) - bun:
bun add(fixed frombun install)
This change is located in packages/init-stack/src/index.ts at lines 237-243 and ensures the initialization wizard works correctly across all supported package managers. The mapping approach is more maintainable and explicit about the intent for each package manager.
Confidence score: 5/5
- This PR is safe to merge with minimal risk as it fixes a straightforward bug with correct package manager commands
- Score reflects a simple, well-tested fix that addresses a clear functional issue without introducing complexity
- No files require special attention as this is a single-file change with clear intent and proper testing
1 file reviewed, no comments
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
packages/init-stack/src/index.ts (1)
244-247: Eliminate shell-based command construction to remove injection risk.Build args and use spawn/execFile with shell: false. Keeps behavior, improves Windows compatibility, and closes injection class.
// Suggested API (outside this hunk): allow args array. async function shellNicelyFormatted(cmd: string, args: string[] = [], { quiet, ...options }: ShellOptions): Promise<void> { // ... const child = child_process.spawn(cmd, args, { shell: false, ...options }); // ... } // Call site change (paired with Map suggestion above): const [bin, ...binArgs] = installCommand.split(" "); await shellNicelyFormatted(bin, [...binArgs, ...packagesToInstall], { cwd: projectPath });
🧹 Nitpick comments (1)
packages/init-stack/src/index.ts (1)
243-244: Avoid fallback to " install" for unknown package managers.Safer to fail fast than run a non-add command (e.g., bun install).
- const installCommand = installCommandMap.get(packageManager) ?? `${packageManager} install`; + const installCommand = installCommandMap.get(packageManager); + if (!installCommand) { + throw new UserError(`Unsupported package manager: ${packageManager}`); + }
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
packages/init-stack/src/index.ts(1 hunks)
🧰 Additional context used
📓 Path-based instructions (1)
**/*.{ts,tsx,js,jsx}
📄 CodeRabbit inference engine (AGENTS.md)
Prefer ES6 Map over Record when representing key–value collections
Files:
packages/init-stack/src/index.ts
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
- GitHub Check: Security Check
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
3 participants
Description
This PR fixes an issue where the Stack Auth init wizard incorrectly uses
bun installandpnpm installwhen adding dependencies to a project. These commands don't work for adding new packages - they should usebun addandpnpm addrespectively.Problem
When running
npx @stackframe/init-stackand selecting Bun or pnpm as the package manager, the wizard would fail to add the Stack Auth dependencies because:bun install @stackframe/stackis invalid (should bebun add @stackframe/stack)pnpm install @stackframe/stackis invalid (should bepnpm add @stackframe/stack)Solution
Updated the package manager command mapping to use the correct "add" commands:
npm install(unchanged)yarn add(unchanged)pnpm add(fixed)bun add(fixed)Testing
✅ Tested locally by:
@stackframe/stackwas successfully added to package.jsonChecklist
pnpm run linton init-stack package)Related Issues
This fixes issues reported by users trying to use Bun or pnpm with the Stack Auth init wizard.
Note: This is a draft PR pending internal review before submitting to Stack Auth maintainers.
Review by RecurseML
🔍 Review performed on 9318e2b..5cc5706
✨ No bugs found, your code is sparkling clean
✅ Files analyzed, no issues (1)
•
packages/init-stack/src/index.tsImportant
Fixes incorrect package manager commands in
index.tsforbunandpnpmby usingaddinstead ofinstall.index.tsforbunandpnpm.bun installtobun addandpnpm installtopnpm add.@stackframe/stacktopackage.json.This description was created by
for 5cc5706. You can customize this summary. It will automatically update as commits are pushed.
Summary by CodeRabbit