From 0d1d3b944984c3dc2037488c716c4f183e22815b Mon Sep 17 00:00:00 2001 From: Till JS Date: Wed, 8 Apr 2026 15:50:14 +0200 Subject: [PATCH] fix(mana-auth): declare missing nanoid dependency MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit mana-auth has been crash-looping in production with: error: Cannot find package 'nanoid' from '/app/src/services/encryption-vault/index.ts' The encryption-vault service imports nanoid for audit row IDs (line 27, used at line 547 in the audit log writer), but nanoid was never added to services/mana-auth/package.json. The import was introduced in commit e9915428c (phase 2 — server-side master key custody) and slipped past because nanoid happens to exist transitively in the workspace via postcss → nanoid@3.3.11. Local pnpm store lookups would resolve it just fine; a strict isolated container build can't. Fix: - Add "nanoid": "^5.0.0" to services/mana-auth/package.json deps - pnpm install pulled nanoid@5.1.7 into services/mana-auth/node_modules Verified the import resolves locally: bun -e 'import { nanoid } from "nanoid"; console.log(nanoid())' → ok: 6TLuTWlenhC0KnSESn5Ex The Mac Mini still needs to redeploy mana-auth (rebuild image with the new lockfile, restart container) to pick this up — production is currently 502ing on auth.mana.how. --- pnpm-lock.yaml | 14 ++++++++++++-- services/mana-auth/package.json | 1 + 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index ac4eebd3e..0629809cf 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -3626,6 +3626,9 @@ importers: jose: specifier: ^6.1.2 version: 6.2.2 + nanoid: + specifier: ^5.0.0 + version: 5.1.7 postgres: specifier: ^3.4.5 version: 3.4.9 @@ -14578,6 +14581,11 @@ packages: engines: {node: ^10 || ^12 || ^13.7 || ^14 || >=15.0.1} hasBin: true + nanoid@5.1.7: + resolution: {integrity: sha512-ua3NDgISf6jdwezAheMOk4mbE1LXjm1DfMUDMuJf4AqxLFK3ccGpgWizwa5YV7Yz9EpXwEaWoRXSb/BnV0t5dQ==} + engines: {node: ^18 || >=20} + hasBin: true + nanostores@1.2.0: resolution: {integrity: sha512-F0wCzbsH80G7XXo0Jd9/AVQC7ouWY6idUCTnMwW5t/Rv9W8qmO6endavDwg7TNp5GbugwSukFMVZqzPSrSMndg==} engines: {node: ^20.0.0 || >=22.0.0} @@ -26090,7 +26098,7 @@ snapshots: obug: 2.1.1 std-env: 4.0.0 tinyrainbow: 3.1.0 - vitest: 4.1.3(@opentelemetry/api@1.9.1)(@types/node@22.19.17)(@vitest/coverage-v8@4.1.3)(@vitest/ui@4.1.3)(jsdom@29.0.2(@noble/hashes@2.0.1))(vite@6.4.2(@types/node@22.19.17)(jiti@2.6.1)(lightningcss@1.32.0)(terser@5.46.1)(tsx@4.21.0)(yaml@2.8.3)) + vitest: 4.1.3(@opentelemetry/api@1.9.1)(@types/node@24.12.2)(@vitest/coverage-v8@4.1.3)(@vitest/ui@4.1.3)(jsdom@29.0.2(@noble/hashes@2.0.1))(vite@6.4.2(@types/node@24.12.2)(jiti@2.6.1)(lightningcss@1.32.0)(terser@5.46.1)(tsx@4.21.0)(yaml@2.8.3)) '@vitest/expect@4.1.3': dependencies: @@ -26152,7 +26160,7 @@ snapshots: sirv: 3.0.2 tinyglobby: 0.2.15 tinyrainbow: 3.1.0 - vitest: 4.1.3(@opentelemetry/api@1.9.1)(@types/node@22.19.17)(@vitest/coverage-v8@4.1.3)(@vitest/ui@4.1.3)(jsdom@29.0.2(@noble/hashes@2.0.1))(vite@6.4.2(@types/node@22.19.17)(jiti@2.6.1)(lightningcss@1.32.0)(terser@5.46.1)(tsx@4.21.0)(yaml@2.8.3)) + vitest: 4.1.3(@opentelemetry/api@1.9.1)(@types/node@24.12.2)(@vitest/coverage-v8@4.1.3)(@vitest/ui@4.1.3)(jsdom@29.0.2(@noble/hashes@2.0.1))(vite@6.4.2(@types/node@24.12.2)(jiti@2.6.1)(lightningcss@1.32.0)(terser@5.46.1)(tsx@4.21.0)(yaml@2.8.3)) '@vitest/utils@4.1.3': dependencies: @@ -33981,6 +33989,8 @@ snapshots: nanoid@3.3.11: {} + nanoid@5.1.7: {} + nanostores@1.2.0: {} napi-postinstall@0.3.4: {} diff --git a/services/mana-auth/package.json b/services/mana-auth/package.json index d3621ce96..f77248638 100644 --- a/services/mana-auth/package.json +++ b/services/mana-auth/package.json @@ -18,6 +18,7 @@ "postgres": "^3.4.5", "jose": "^6.1.2", "bcryptjs": "^3.0.2", + "nanoid": "^5.0.0", "zod": "^3.24.0" }, "devDependencies": {