activeadmin · tagliala · Apr 1, 2026 · javierjulio · Apr 1, 2026 · javierjulio
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -8,6 +8,8 @@ updates:
       github_actions:
         patterns:
           - "*"
+    cooldown:
+      default-days: 5
   - package-ecosystem: bundler
     directory: /
     schedule:
@@ -17,6 +19,8 @@ updates:
       bundler:
         patterns:
           - "*"
+    cooldown:
+      default-days: 5
   - package-ecosystem: npm
     directory: /
     schedule:
@@ -26,6 +30,5 @@ updates:
       npm:
         patterns:
           - "*"
-    ignore:
-      - dependency-name: "tailwindcss"
-        versions: ">= 4.0"
+    cooldown:
+      default-days: 5
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -23,6 +23,10 @@ jobs:
         with:
           ruby-version: .ruby-version
           bundler-cache: true
+      - uses: actions/setup-node@v6
+        with:
+          node-version-file: .node-version
+          cache: npm
       - name: Run tests
         env:
           COVERAGE: true

diff --git a/.node-version b/.node-version
@@ -0,0 +1 @@
+lts/krypton
-lts/krypton
+24.14.1
-lts/krypton
+24.14.1
diff --git a/.npmrc b/.npmrc
@@ -0,0 +1 @@
+ignore-scripts=true
diff --git a/Procfile.dev b/Procfile.dev
@@ -1,2 +1,2 @@
 web: env RUBY_DEBUG_OPEN=true bin/rails server
-css: yarn build:css --watch
+css: npm run build:css -- --watch
diff --git a/README.md b/README.md
@@ -7,11 +7,10 @@ https://activeadmin-demo.onrender.com
 ## Development Setup
 
 - Clone this repository
-- Install Ruby 4.0 with [rbenv](https://github.com/rbenv/rbenv)
-- Install Node 24 with [nodenv](https://github.com/nodenv/nodenv)
-- `corepack enable`
+- Install Ruby with [rbenv](https://github.com/rbenv/rbenv) or [mise](https://mise.jdx.dev/) (see `.ruby-version` for the required version)
+- Install Node with [nodenv](https://github.com/nodenv/nodenv) or [mise](https://mise.jdx.dev/) (see `.node-version` for the required version)
 - `bundle install`
-- `yarn install`
+- `npm install`
 - `bin/rails db:seed`
 - `bin/dev`
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		ignore-scripts=true
tagliala marked this conversation as resolved. Show resolved Hide resolved Copy link Copy Markdown Member javierjulio Apr 1, 2026 Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Is it necessary to include this? I don't want to break to watch commands for local development for this app. I understand the concern with security but I don't think it's worth it for a demo app. Is there an alternative without breaking the watch commands? Copy link Copy Markdown Contributor Author tagliala Apr 2, 2026 Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. The solution would be pnpm with explicit post-install allowance, but then I guess that the supply chain attacks will be directed to such packages Copy link Copy Markdown Contributor Author tagliala Apr 3, 2026 Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. How can I test that watch does not work without post-install?