fix(config): default minimumReleaseAgeStrict to true when user sets minimumReleaseAge

[zkochan]

Summary

• When the user explicitly sets minimumReleaseAge (via pnpm-workspace.yaml, the global config.yaml, the CLI, or pnpm_config_* env vars), minimumReleaseAgeStrict now defaults to true so the constraint is actually enforced.
• Previously, an explicitly configured minimumReleaseAge could silently fall back to installing an immature version when no mature version satisfied the requested range, making the setting look like it had no effect.
• The built-in default of minimumReleaseAge (1440) stays non-strict, preserving existing behavior for users who haven't configured it. An explicit minimumReleaseAgeStrict: false is still respected.

Fixes #11433.

Test plan

• Unit tests in config/reader/test/index.ts cover all four cases (workspace yaml, CLI, explicit false override, built-in default)
• End-to-end manual test: minimumReleaseAge set in pnpm-workspace.yaml with no satisfying version → install errors instead of silently picking an immature version
• End-to-end manual test: explicit minimumReleaseAgeStrict: false → silent fallback preserved
• End-to-end manual test: no user config (default 1440) → silent fallback preserved (no behavior change)

Summary by CodeRabbit

• Behavior Changes

  • When a user explicitly configures a minimum release age, strict validation now defaults to true; explicitly setting strictness to false restores prior fallback behavior. The built-in default release age remains non-strict for users who do not configure it.

• Tests

  • Added tests verifying default strictness behavior across config, CLI, and environment variable scenarios.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: d50b767b-e9b0-40bf-82a5-6b573cdf41f3

📥 Commits

Reviewing files that changed from the base of the PR and between 60088b2 and 7e100a1.

📒 Files selected for processing (1)

• config/reader/test/index.ts

✅ Files skipped from review due to trivial changes (1)

• config/reader/test/index.ts

---

📝 Walkthrough

Walkthrough

getConfig now sets minimumReleaseAgeStrict = true when the user explicitly sets minimumReleaseAge and minimumReleaseAgeStrict is unset; a changeset and tests were added to document and verify this behavior.

Changes

Minimum Release Age Strictness Default

Layer / File(s)	Summary
Config Initialization config/reader/src/index.ts	After env parsing, if pnpmConfig.explicitlySetKeys includes minimumReleaseAge and pnpmConfig.minimumReleaseAgeStrict == null, set pnpmConfig.minimumReleaseAgeStrict = true.
Tests / Verification config/reader/test/index.ts	Added describe('minimumReleaseAgeStrict default') with 5 tests validating defaulting for workspace file, CLI (--minimum-release-age), env pnpm_config_minimum_release_age, explicit minimumReleaseAgeStrict: false, and builtin-default-only (1440) case.
Release Notes .changeset/strict-min-release-age-when-user-set.md	Changeset bumps patch versions and documents the new defaulting behavior plus how to opt back into the prior silent fallback by setting minimumReleaseAgeStrict: false.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related issues

• minimumReleaseAge: doesn't fall back to eligible intermediate version when latest is too young #11203 — Affects the same minimumReleaseAgeStrict behavior around resolver fallback; this change directly adjusts that defaulting behavior and is related.

Poem

🐰 I nudged the default to stand up true,
When you set the age, it listens to you.
Flip it back to hush if silence you crave,
Tests hop along to guard each brave save.
Cheers — a firmer rule for the release-wave.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: defaulting minimumReleaseAgeStrict to true when minimumReleaseAge is explicitly set by the user.
Linked Issues check	✅ Passed	The PR addresses the core requirement from #11433 by ensuring minimumReleaseAge is enforced when explicitly set, preventing silent fallback to immature versions.
Out of Scope Changes check	✅ Passed	All changes are directly related to the objective of making minimumReleaseAgeStrict default to true when minimumReleaseAge is explicitly set.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/11433

---

_{Review rate limit: 9/10 reviews remaining, refill in 6 minutes.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@config/reader/src/index.ts`:
- Around line 432-443: The defaulting for pnpmConfig.minimumReleaseAgeStrict
runs before environment variables are parsed, so pnpm_config_minimum_release_age
set via env (which populates pnpmConfig.explicitlySetKeys later) is missed; move
the block that checks pnpmConfig.explicitlySetKeys.has('minimumReleaseAge') and
sets pnpmConfig.minimumReleaseAgeStrict = true to run after the env parsing
logic (the code that populates pnpmConfig.explicitlySetKeys from pnpm_config_*),
or alternatively ensure env-derived keys are merged into
pnpmConfig.explicitlySetKeys before this check; update references to pnpmConfig,
explicitlySetKeys, minimumReleaseAge and minimumReleaseAgeStrict accordingly.

In `@config/reader/test/index.ts`:
- Around line 319-383: Add a test case to cover the env-var path: call getConfig
with env: { pnpm_config_minimum_release_age: '60' } and assert that
config.minimumReleaseAge === 60 and config.minimumReleaseAgeStrict === true
(mirroring the existing tests for CLI and pnpm-workspace.yaml); also add a
complementary case ensuring that when the workspace/yaml is empty and no env var
is set the built-in default (minimumReleaseAge === 1440) still leaves
minimumReleaseAgeStrict undefined. Locate and modify the same describe block
testing minimumReleaseAgeStrict around getConfig, minimumReleaseAge and
minimumReleaseAgeStrict to add these assertions.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: dcce3446-b06c-4a54-8e45-a59ce6ece342

📥 Commits

Reviewing files that changed from the base of the PR and between 192d67b and 535a6b1.

📒 Files selected for processing (3)

• .changeset/strict-min-release-age-when-user-set.md
• config/reader/src/index.ts
• config/reader/test/index.ts

[Copilot]

Pull request overview

This PR updates pnpm’s config reader behavior so that when a user explicitly configures minimumReleaseAge, the related enforcement flag minimumReleaseAgeStrict defaults to true (unless explicitly set), making the constraint reliably enforced while preserving non-strict behavior for the built-in default.

Changes:

• Default minimumReleaseAgeStrict to true when minimumReleaseAge is explicitly set.
• Add unit tests covering workspace YAML, CLI, explicit minimumReleaseAgeStrict: false, and built-in defaults.
• Add a changeset describing the behavioral change for release notes.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File	Description
config/reader/src/index.ts	Adds logic to default minimumReleaseAgeStrict when minimumReleaseAge is explicitly configured.
config/reader/test/index.ts	Adds unit tests validating the new defaulting behavior in key scenarios.
.changeset/strict-min-release-age-when-user-set.md	Documents the behavior change for package releases.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@config/reader/test/index.ts`:
- Around line 368-383: The test "respects an explicit
minimumReleaseAgeStrict=false from pnpm-workspace.yaml" only asserts
config.minimumReleaseAgeStrict; also assert that the parsed minimumReleaseAge is
preserved by adding an expectation like
expect(config.minimumReleaseAge).toBe(60). Update the test in
config/reader/test/index.ts (the test block) so after awaiting getConfig(...)
and before finishing, add an assertion that config.minimumReleaseAge === 60 to
guard against regressions in getConfig's parsing of minimumReleaseAge.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: e1f4f044-bfb2-4bbd-8089-40825ff04e18

📥 Commits

Reviewing files that changed from the base of the PR and between c8bf8dc and 60088b2.

📒 Files selected for processing (2)

• config/reader/src/index.ts
• config/reader/test/index.ts

🚧 Files skipped from review as they are similar to previous changes (1)

• config/reader/src/index.ts

[Copilot]

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated no new comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.