ci: declare minimum permissions on PR title workflow

The Lint PR workflow only reads the pull request to validate its title via
amannn/action-semantic-pull-request, so scope GITHUB_TOKEN to
pull-requests: read.

Co-authored-by: Steven <steven@ceriously.com>
Signed-off-by: Arpit Jain <arpitjain099@gmail.com>

Author: arpitjain099

.github/workflows/main.yml

@@ -23,31 +23,28 @@ jobs:
         with:
           node-version: 20.x
 
-      - name: Enable pnpm
-        run: corepack enable pnpm
-
       - name: Install dependencies
-        run: pnpm install --frozen-lockfile
+        run: yarn install --frozen-lockfile
         env:
           CI: true
 
       - name: Build
-        run: pnpm build
+        run: yarn build
         env:
           CI: true
 
       - name: Lint
-        run: pnpm lint
+        run: yarn lint
         env:
           CI: true
 
       - name: Test
-        run: pnpm test
+        run: yarn test
         env:
           CI: true
 
       - name: Test types
-        run: pnpm test-types
+        run: yarn test-types
         env:
           CI: true
 
@@ -56,4 +53,4 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           NPM_TOKEN: ${{ secrets.NPM_TOKEN_ELEVATED }}
-        run: pnpm semantic-release
+        run: yarn semantic-release

.github/workflows/prs.yml

@@ -6,6 +6,9 @@ on:
       - edited
       - synchronize
 
+permissions:
+  pull-requests: read
+
 jobs:
   main:
     runs-on: ubuntu-latest

.npmrc

@@ -1 +1,2 @@
+package-lock=false
 save-exact = true

package.json

@@ -24,14 +24,14 @@
   "typings": "./index.d.ts",
   "scripts": {
     "build-babel": "bunchee src/babel.js -f cjs -e babel-plugin-macros --runtime node -o dist/babel/index.js",
-    "build": "rm -rf dist && rm -rf out && pnpm build-webpack && pnpm build-index && pnpm build-babel",
+    "build": "rm -rf dist && rm -rf out && yarn build-webpack && yarn build-index && yarn build-babel",
     "build-webpack": "bunchee src/webpack.js -f cjs --runtime node -o dist/webpack/index.js",
     "build-index": "bunchee src/index.js -f cjs --runtime node -o dist/index/index.js",
     "test": "ava",
     "test-types": "tsc --project tsconfig.json --noEmit",
     "lint": "eslint ./src",
     "format": "prettier --write \"./{src,test}/**/*.{js,css}\"",
-    "prepublishOnly": "pnpm build && pnpm test && pnpm lint --quiet"
+    "prepublishOnly": "yarn build && yarn test && yarn lint --quiet"
   },
   "husky": {
     "hooks": {
@@ -129,5 +129,5 @@
   "dependencies": {
     "client-only": "0.0.1"
   },
-  "packageManager": "pnpm@10.33.0+sha512.10568bb4a6afb58c9eb3630da90cc9516417abebd3fabbe6739f0ae795728da1491e9db5a544c76ad8eb7570f5c4bb3d6c637b2cb41bfdcdb47fa823c8649319"
+  "packageManager": "yarn@1.22.22"
 }