Migrate to node from bun and use pnpm for package management.

[Coderx85]

No description provided.

[gitguardian]

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secret in your pull request

GitGuardian id	GitGuardian status	Secret	Commit	Filename
23856161	Triggered	Generic High Entropy Secret	8248b5c	docker-compose.yaml	View secret

🛠 Guidelines to remediate hardcoded secrets

1. Understand the implications of revoking this secret by investigating where it is used in your code.
2. Replace and store your secret safely. Learn here the best practices.
3. Revoke and rotate this secret.
4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

• following these best practices for managing and storing secrets including API keys and other credentials
• install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.

---

^{🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
collaro	Ready	Preview	Dec 28, 2025 1:50pm

[Copilot]

Pull request overview

This PR migrates the project from Bun to Node.js with pnpm as the package manager, updating the build toolchain, containerization setup, and CI/CD workflows.

Key Changes:

• Complete Dockerfile rewrite to use Node.js 23 Alpine with pnpm for multi-stage builds
• New docker-compose.yaml configuration with PostgreSQL database, application, and Neon proxy services
• GitHub Actions workflow updated to use Node.js 22 and pnpm instead of Bun
• Package dependencies updated including drizzle-orm (^0.45.1), framer-motion (12.23.0), and @types/pg (^8.16.0)

Reviewed changes

Copilot reviewed 5 out of 7 changed files in this pull request and generated 9 comments.

Show a summary per file

File	Description
Dockerfile	Complete rewrite transitioning from Bun to Node.js 23 Alpine with pnpm, implementing multi-stage build with deps, builder, and runner stages, and adding security hardening with non-root user
docker-compose.yaml	New file defining development environment with PostgreSQL database, application container, and Neon HTTP proxy for local development
.github/workflows/test.yaml	Updated CI workflow to use Node.js 22 and pnpm instead of Bun, with modified caching strategy for pnpm-lock.yaml
package.json	Added @types/pg dependency, upgraded drizzle-orm to 0.45.1, and pinned framer-motion to exact version 12.23.0
.dockerignore	Removed trailing empty line for cleaner formatting

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.