Set pnpm catalogMode to strict

[9larsons]

Summary

Sets catalogMode: strict in pnpm-workspace.yaml so that pnpm add cannot silently introduce versions that conflict with the catalog.

Behavior

• pnpm add foo (no version) — resolves to the catalog entry when one exists, otherwise normal install. Unchanged for the common case.
• pnpm add foo@x.y.z where the range falls outside the catalog entry — fails with ERR_PNPM_CATALOG_VERSION_MISMATCH, forcing either a deliberate catalog update or a catalog: reference.
• pnpm install on the existing tree — unaffected; verified locally, completes in <2s with no lockfile churn.

Why

Default catalogMode is manual, which means the catalog only takes effect when a package.json explicitly says "foo": "catalog:". Anything added via pnpm add bypasses the catalog entirely, which is how the duplication we've been unwinding crept in.

strict enforces the policy at the point of entry without changing anything about the existing tree.

Test plan

• CI install passes
• CI build passes

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 50defc86-0351-4154-9950-a7e147577010

📥 Commits

Reviewing files that changed from the base of the PR and between 394ee4d and 7c8ea00.

📒 Files selected for processing (1)

• pnpm-workspace.yaml

---

Walkthrough

This PR adds catalogMode: strict to the pnpm workspace configuration file. The change enforces strict validation of the dependency catalog in the workspace, working alongside the existing strictDepBuilds: true setting to tighten dependency management.

Possibly related PRs

• TryGhost/Ghost#27889: Adds @types/node entry to the pnpm catalog that will be governed by the strict catalog mode enabled in this PR.
• TryGhost/Ghost#27886: Expands the pnpm catalog entries to leverage and enforce strict dependency catalog validation.

Suggested reviewers

• EvanHahn

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Set pnpm catalogMode to strict' directly and clearly summarizes the single, focused change in the pull request.
Description check	✅ Passed	The description is detailed and directly related to the changeset, explaining both the configuration change and its behavioral implications.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch catalog-mode-strict

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 73.84%. Comparing base (394ee4d) to head (7c8ea00).

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #27902   +/-   ##
=======================================
  Coverage   73.84%   73.84%           
=======================================
  Files        1520     1520           
  Lines      128308   128308           
  Branches    15383    15383           
=======================================
  Hits        94748    94748           
  Misses      32603    32603           
  Partials      957      957           

Flag	Coverage Δ
admin-tests	53.52% <ø> (ø)
e2e-tests	73.84% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.