Monorepo build command scoping
`createAnaJson` scopes the test command to the primary package in monorepos but takes build and lint raw from the root package.json. Monorepo customers get `pnpm run build` which triggers `turbo run build` across all packages (30-60s), when agents only need the primary package build (3s). The test scoping has been proven across 110+ pipeline runs. Build and lint should follow the same principle.
verdict PASSscore 12 / 12findings 5 (1 risk · 2 debt · 2 obs)duration 26mrejection cycles 0shipped May 16, 2026surface cli
Pipeline timeline
Intent to proven code in 26m across Think, Plan, Build, and Verify.
Think5m
Plan4m
Build7m
Verify4m
Assertion ledger
12 claims, each independently verified. Showing 8 — show all →
| ID | Says | Matcher | |
|---|---|---|---|
| A001 | Monorepo build command targets only the primary package, not the whole workspace | verified | ok |
| A002 | Monorepo lint command targets only the primary package, not the whole workspace | verified | ok |
| A003 | Build command falls back to root when primary package has no build script | verified | ok |
| A004 | Lint command falls back to root when primary package has no lint script | verified | ok |
| A005 | Single-package repos are unaffected by monorepo scoping | verified | ok |
| A006 | Dev command is never scoped regardless of monorepo status | verified | ok |
| A007 | Build scoping recognizes alternate script names like compile and tsc | verified | ok |
| A008 | Lint scoping recognizes alternate script names like eslint and biome | verified | ok |
Findings 5 total
debtpackages/cli/tests/commands/init/monorepoCommandScoping.test.ts→ closed
No test for 'tsc' build key or 'eslint' lint key variants individually
obspackages/cli/src/commands/init/state.ts→ monitor
Build/lint scoping silently degrades when cwd is omitted — no warning that scoping was skipped
obspackages/cli/src/commands/init/state.ts→ closed
Empty catch block swallows all errors including unexpected ones (permission denied, disk full)
debtpackages/cli/tests/commands/init/monorepoCommandScoping.test.ts→ accept
Repeated tmpDir/cwdDir setup+teardown boilerplate in every test — no shared beforeEach/afterEach
riskpackages/cli/src/commands/init/state.ts→ closed
pkg.path injected into shell command without sanitization — path with spaces or special chars would produce broken subshell
Integrity seal
scopesha256:3a7512bb8cca8...
contractsha256:9fd6f9b5807a9...
plansha256:7e4b8314873c4...
specsha256:cf8482afb3ac4...
build-reportsha256:c507b740a5e7e...
build-datasha256:eedbc774d5164...
verify-reportsha256:83d61ee46dde0...
verify-datasha256:e6cf742b2bf29...
audit cmd$ ana proof audit monorepo-build-scoping → all hashes match