chore(repo): migrate from npm + semantic-release to pnpm + Changesets

.changeset/README.md

@@ -0,0 +1,22 @@
+# Changesets
+
+This folder contains [changesets](https://github.com/changesets/changesets) — files that record what changes will go into the next release of each package.
+
+## Adding a changeset
+
+When you make a change worth releasing, run:
+
+```sh
+pnpm changeset
+```
+
+Pick the affected packages, choose `patch` / `minor` / `major`, and write a short summary. Commit the generated `.changeset/*.md` file with your PR.
+
+## Releasing
+
+When PRs with changesets land on `main`, the release workflow opens (or updates) a "Version Packages" PR that:
+- bumps each affected package's `version` in its `package.json`
+- updates each package's `CHANGELOG.md`
+- consumes the `.changeset/*.md` files
+
+Merging that PR triggers the same workflow to publish the new versions to npm and create git tags (`@tigrisdata/<pkg>@<version>`).

.changeset/config.json

@@ -0,0 +1,14 @@
+{
+  "$schema": "https://unpkg.com/@changesets/config@3.0.0/schema.json",
+  "changelog": [
+    "@changesets/changelog-github",
+    { "repo": "tigrisdata/storage" }
+  ],
+  "commit": false,
+  "fixed": [],
+  "linked": [],
+  "access": "public",
+  "baseBranch": "main",
+  "updateInternalDependencies": "patch",
+  "ignore": []
+}

.changeset/dx-pnpm-and-changeset.md

@@ -0,0 +1,4 @@
+---
+---
+
+chore: migrate from npm + semantic-release to pnpm + Changesets. No package version changes.

.github/workflows/pr.yaml

@@ -4,7 +4,6 @@ on:
   pull_request:
     branches:
       - main
-      - next
 
 jobs:
   checks:
@@ -13,29 +12,46 @@ jobs:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-          ref: ${{ github.head_ref }} # Checkout actual PR branch, not merge commit
+          ref: ${{ github.head_ref }}
+
+      - uses: pnpm/action-setup@v4
+        with:
+          version: 10.33.4
 
-      # Set up Node.js
       - uses: actions/setup-node@v4
         with:
-          node-version: 'latest'
+          node-version: '24'
+          cache: 'pnpm'
 
-      - name: Install Dependencies
-        run: npm ci
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Lint
+        run: pnpm run lint
 
       - name: Build packages
-        run: |
-          npm run build
+        run: pnpm -r --if-present run build
 
-      - name: Test Release (dry-run)
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: npm run release:dry-run
+      - name: Publint
+        run: pnpm -r --if-present run publint
 
-      - name: Run integration tests
+      - name: Run tests
         env:
           TIGRIS_STORAGE_BUCKET: ${{ secrets.TIGRIS_STORAGE_BUCKET }}
           TIGRIS_STORAGE_ACCESS_KEY_ID: ${{ secrets.TIGRIS_STORAGE_ACCESS_KEY_ID }}
           TIGRIS_STORAGE_SECRET_ACCESS_KEY: ${{ secrets.TIGRIS_STORAGE_SECRET_ACCESS_KEY }}
           TIGRIS_STORAGE_ENDPOINT: ${{ secrets.TIGRIS_STORAGE_ENDPOINT }}
-        run: npm run test
+        run: pnpm -r --if-present run test
+
+      - name: Detect package changes
+        id: pkg-changed
+        run: |
+          if git diff --name-only origin/main...HEAD | grep -qE '^(packages/|shared/)'; then
+            echo "changed=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "changed=false" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Verify changeset present
+        if: steps.pkg-changed.outputs.changed == 'true'
+        run: pnpm changeset status --since=origin/main

.github/workflows/release.yaml

@@ -4,7 +4,6 @@ on:
   push:
     branches:
       - main
-      - next
 
 permissions:
   id-token: write
@@ -15,40 +14,49 @@ permissions:
 jobs:
   release:
     runs-on: ubuntu-latest
+    env:
+      NPM_CONFIG_PROVENANCE: 'true'
 
     steps:
-      # Checkout code with full history to get tags
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
-      # Set up Node.js with npm provenance
+      - uses: pnpm/action-setup@v4
+        with:
+          version: 10.33.4
+
       - uses: actions/setup-node@v4
         with:
-          node-version: '22'
+          node-version: '24'
+          cache: 'pnpm'
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
 
-      # Install dependencies and build Node.js project
-      - run: npm ci
-      - run: npm run lint
+      - name: Lint
+        run: pnpm run lint
 
       - name: Build packages
-        run: npm run build
+        run: pnpm -r --if-present run build
 
-      - name: Lint packages
-        run: npm run publint
+      - name: Publint
+        run: pnpm -r --if-present run publint
 
       - name: Test packages
         env:
           TIGRIS_STORAGE_BUCKET: ${{ secrets.TIGRIS_STORAGE_BUCKET }}
           TIGRIS_STORAGE_ACCESS_KEY_ID: ${{ secrets.TIGRIS_STORAGE_ACCESS_KEY_ID }}
           TIGRIS_STORAGE_SECRET_ACCESS_KEY: ${{ secrets.TIGRIS_STORAGE_SECRET_ACCESS_KEY }}
           TIGRIS_STORAGE_ENDPOINT: ${{ secrets.TIGRIS_STORAGE_ENDPOINT }}
-        run: npm run test
+        run: pnpm -r --if-present run test
 
-      - run: npm audit signatures
-
-      # Release packages in dependency order
-      - name: Release
+      - name: Create release PR or publish
+        uses: changesets/action@v1
+        with:
+          version: pnpm changeset version
+          publish: pnpm changeset publish
+          commit: 'chore(release): bump versions and update changelogs'
+          title: 'chore(release): bump versions and update changelogs'
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: ./scripts/release.sh

.husky/commit-msg

@@ -1 +1 @@
-npx --no-install commitlint --edit "$1"
+pnpm exec commitlint --edit "$1"

.husky/pre-commit

@@ -1 +1 @@
-npm run check
+pnpm check

.npmrc

@@ -1 +1 @@
-workspaces-update=false
+auto-install-peers=true

AGENTS.md

@@ -16,6 +16,7 @@ Commit messages follow **Conventional Commits** format:
 
 - Add `!` after type/scope for breaking changes or include `BREAKING CHANGE:` in the footer
 - Keep descriptions concise, imperative, lowercase, and without a trailing period
+- A scope is required (commitlint enforces this); use the package name (`storage`, `iam`, `agent-kit`, `keyv-tigris`, `react`) or `shared` / `repo` for cross-cutting changes
 - Reference issues/PRs in the footer when applicable
 
 ### Attribution Requirements
@@ -36,50 +37,52 @@ Assisted-by: GLM 4.6 via Claude Code
 
 - Include a clear description of changes
 - Reference any related issues
-- Pass CI (`npm test` for JavaScript)
+- Pass CI (`pnpm test` for JavaScript)
+- Add a changeset for any change that should ship to npm: `pnpm changeset`
 - Optionally add screenshots for UI changes
 
 ### Security Best Practices
 
 - Secrets never belong in the repo; use environment variables or the `secrets` directory (ignored by Git)
-- Run `npm audit` periodically for JavaScript packages and address reported vulnerabilities
+- Run `pnpm audit` periodically for JavaScript packages and address reported vulnerabilities
 
 ## Project Structure
 
 This is a monorepo for Tigris object storage SDKs, containing:
 
 ### JavaScript/TypeScript Packages
 
-Located in the root `packages/` directory as npm workspaces:
+Located in the root `packages/` directory as a pnpm workspace (`pnpm-workspace.yaml`):
 
-- **`@tigrisdata/storage`** ([packages/storage](packages/storage)) - Tigris Storage SDK
-  - Built with TypeScript
-  - Uses AWS SDK v3 for S3 compatibility
+- **`@tigrisdata/storage`** ([packages/storage](packages/storage)) — Tigris Storage SDK
+  - Built with TypeScript, uses AWS SDK v3 for S3 compatibility
   - Exports both server and client modules
-  - Build: `npm run build:storage`
-  - Test: `npm run test --workspace=@tigrisdata/storage`
+- **`@tigrisdata/iam`** ([packages/iam](packages/iam)) — IAM SDK
+- **`@tigrisdata/agent-kit`** ([packages/agent-kit](packages/agent-kit)) — Composition library for AI agents (depends on `@tigrisdata/storage` and `@tigrisdata/iam`)
+- **`@tigrisdata/keyv-tigris`** ([packages/keyv-tigris](packages/keyv-tigris)) — Keyv adapter (depends on `@tigrisdata/storage`)
+- **`@tigrisdata/react`** ([packages/react](packages/react)) — React components (depends on `@tigrisdata/storage`)
 
-- **`@tigrisdata/cli`** ([packages/cli](packages/cli)) - Command-line interface
-  - Built with TypeScript using Commander.js
-  - Depends on `@tigrisdata/storage`
-  - Build: `npm run build:cli`
+Cross-package deps use the `workspace:^` protocol; pnpm rewrites them to real ranges at publish time.
 
-Root-level npm scripts:
-- `npm run build` - Build all packages
-- `npm test` - Run all tests
-- `npm run lint` - Lint all packages
-- `npm run format` - Format all packages with Prettier
-- `npm run clean` - Clean build artifacts
+Shared code lives in [`shared/`](shared) and is imported via the `@shared/*` TS path alias and the matching tsup esbuild alias. It is bundled into each package at build time and is not published as its own package.
+
+Root-level scripts:
+
+- `pnpm build` — build all packages (`pnpm -r run build`)
+- `pnpm test` — run all tests
+- `pnpm lint` — lint with Biome
+- `pnpm format` — format with Biome
+- `pnpm clean` — clean build artifacts
 
 ## Development Workflow
 
 ### JavaScript/TypeScript Development
 
-1. Install dependencies: `npm install`
-2. Build packages: `npm run build` or `npm run build:storage` / `npm run build:cli`
-3. Run tests: `npm test`
-4. Format code: `npm run format`
-5. Lint code: `npm run lint`
+1. Install dependencies: `pnpm install`
+2. Build packages: `pnpm build` (or `pnpm --filter @tigrisdata/storage build` for one)
+3. Run tests: `pnpm test`
+4. Format code: `pnpm format`
+5. Lint code: `pnpm lint`
 
 ## Testing
 
@@ -89,13 +92,14 @@ Root-level npm scripts:
 
 ## Release Process
 
-- Releases are automated using semantic-release
-- Commits to `main` trigger automatic releases
-- Pre-releases are done on the `next` branch
-- JavaScript packages follow semantic versioning
+- Releases are managed with [Changesets](https://github.com/changesets/changesets).
+- For any change that should ship to npm, run `pnpm changeset`, choose the affected packages and bump levels, write a short summary, and commit the resulting `.changeset/*.md` file with your PR.
+- When PRs land on `main`, the release workflow opens (or updates) a "Version Packages" PR that bumps each package's `version` and updates its `CHANGELOG.md`.
+- Merging that PR publishes the affected packages to npm (using GitHub OIDC trusted publishing with provenance) and creates git tags of the form `@tigrisdata/<pkg>@<version>`.
+- All work happens on `main`. Pre-release flows use `pnpm changeset pre enter <tag>` on the same branch when needed.
 
 ## Additional Notes
 
-- The project uses Husky for Git hooks (commitlint, etc.)
-- Commitizen is configured for conventional commits
-- ESLint and Prettier are used for JavaScript/TypeScript code quality
+- The project uses Husky for Git hooks (commitlint via `commit-msg`, Biome `check` via `pre-commit`).
+- Commitizen is configured for Conventional Commits (`pnpm commit`).
+- Biome handles linting and formatting (replaced ESLint and Prettier).