pnpm workspace peerDependencyRules治理（兼容-阻断）最佳实践

实现示例type Rule = { name: string; allowedRange: string }

type Peer = { name: string; required: string; installed: string }

function semverValid(v: string): boolean { return /^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-[0-9A-Za-z-]+(?:\.[0-9A-Za-z-]+)*)?(?:\+[0-9A-Za-z-]+(?:\.[0-9A-Za-z-]+)*)?$/.test(v) }

function matchRange(range: string, v: string): boolean {

const m = /^(\^|~)?(\d+)\.(\d+)\.(\d+)$/.exec(range)

if (!m || !semverValid(v)) return false

const op = m[1] || ''

const R = { M: parseInt(m[2],10), m: parseInt(m[3],10), p: parseInt(m[4],10) }

const V = v.split('.').map(x => parseInt(x,10))

if (op === '^') return V[0] === R.M && (V[1] > R.m || (V[1] === R.m && V[2] >= R.p))

if (op === '~') return V[0] === R.M && V[1] === R.m && V[2] >= R.p

return V[0] === R.M && V[1] === R.m && V[2] === R.p

}

function evaluate(peers: Peer[], rules: Rule[]): { ok: boolean; errors: string[] } {

const map = new Map<string,string>()

for (const r of rules) map.set(r.name, r.allowedRange)

const errors: string[] = []

for (const p of peers) {

const allowed = map.get(p.name) || p.required

if (!matchRange(allowed, p.installed)) errors.push(`${p.name}:${allowed}:${p.installed}`)

}

return { ok: errors.length === 0, errors }

}

审计与CI门禁审计不兼容的 peer 组合并阻断；建议统一到允许范围。规则变更需审批与归档。