Target: pnpm/pnpm
Issue: pnpm/pnpm#12222
PR: pnpm/pnpm#12327
Field Lab: https://github.com/scarab-systems/scarab-field-lab
This is the upstream-accepted update for Scarab Diagnostic Field Test #024.
The original field test targeted a pnpm install failure where a long pnpm-created TMPDIR path could cause lifecycle tooling to exceed the Unix-domain socket path length limit during git-hosted dependency preparation.
That repair has now been accepted upstream.
pnpm/pnpm#12327 was approved and merged into pnpm:main on June 16, 2026.
The Field Lab record for pnpm/pnpm#12222 has been updated from:
upstream-pr-recorded
to:
upstream-accepted
That changes the status of this field test.
It is no longer only a repair candidate.
It is now a human-reviewed upstream acceptance.
Original failure shape
The original issue shape was deceptively simple:
- pnpm install runs as root, commonly inside a container
- pnpm sets TMPDIR inside the pnpm store
- a git-hosted dependency runs lifecycle tooling during package preparation
- that tooling creates an IPC socket path under TMPDIR
- the full socket path becomes too long
- Node reports listen EINVAL
The visible error makes the failure look like it belongs to Node, tsx, the lifecycle script, or the package being prepared.
But the bounded pnpm-side repair lived somewhere smaller.
The failure was a path-budget problem.
pnpm did not own Nodeβs socket limit.
It did not own tsx.
It did not own every lifecycle script.
It did not own every file or socket a package tool may create under TMPDIR.
But pnpm did own the temporary directory path it handed to that tooling.
That was the repair surface.
Accepted repair
The accepted repair shortened pnpmβs CAFS temporary package directory names.
The patch replaced the longer path-temp naming path with Nodeβs native fs.mkdtemp() using a compact tmp prefix under the existing store tmp directory.
That keeps the temp directory inside pnpmβs store temp area while reducing the basename length pnpm controls.
The point was not cosmetic.
The point was to preserve Unix-domain socket path budget before lifecycle tooling entered the picture.
Lifecycle tooling may reasonably create IPC sockets under TMPDIR.
If pnpm gives that tooling a long TMPDIR path, the tool has less room before it hits the socket path limit.
The accepted repair gives downstream tooling more room by shortening the pnpm-owned segment of the path.
That is the repair lane:
- keep the pnpm-controlled temp root
- shorten the pnpm-controlled generated basename
- leave more path budget for lifecycle tools below TMPDIR
- avoid pretending pnpm owns the lifecycle toolβs socket construction
That is a narrow repair.
Boundary
The boundary here is the same boundary identified in the original field test:
pnpm-owned CAFS temporary package directory naming versus lifecycle tooling IPC socket paths created under TMPDIR
pnpm does not own every lifecycle tool.
It does not own the Unix socket path limit.
It does not own the full downstream IPC path.
But it does own how much avoidable path length it spends before handing TMPDIR to lifecycle tooling.
The accepted patch stays on that side of the line.
It does not special-case one package.
It does not patch tsx.
It does not redesign lifecycle execution.
It does not change lifecycle privilege behavior.
It does not change unsafe-perm defaults.
It does not change pacquet.
It fixes the pnpm-owned part of the path budget.
That is why this acceptance matters.
The maintainer-reviewed repair preserved the boundary instead of expanding into a broader lifecycle behavior change.
Review result
The public review included observations about test scope and temporary-directory permissions.
The final accepted shape kept the repair focused.
The maintainer accepted the invariant test and kept the fs.mkdtemp() behavior.
That means the merged change protects the actual boundary that mattered:
CAFS temp directory basenames used during git package preparation should stay short enough to preserve downstream path budget
That is the right kind of regression coverage for this bug.
The test does not need to prove that every possible lifecycle tool can never create a path that is too long.
That would be the wrong claim.
The useful invariant is narrower:
pnpm should not spend unnecessary path budget in the CAFS temp basename before handing TMPDIR to downstream tooling.
Why this was not a lifecycle-script fix
It would be easy to frame this as a lifecycle tool failure because the crash happens when lifecycle tooling tries to create an IPC socket.
But that puts the repair pressure in the wrong place.
The lifecycle tool needs a socket path.
It creates that path under TMPDIR.
That behavior may be entirely reasonable.
The Unix socket path limit is also not something pnpm can remove.
So the correct question was:
Can pnpm reduce avoidable path length before lifecycle tools enter the picture?
Yes.
That is why shortening the CAFS temp basename was the right class of repair.
It does not make assumptions about one package.
It does not depend on one lifecycle tool.
It does not require pnpm to understand every downstream socket path.
It simply gives the downstream process more path budget.
That is the semantic repair.
The bug was not:
a tool used a socket
The bug was:
pnpm consumed too much path budget before handing off to tools that reasonably create paths under TMPDIR
Why the upstream acceptance matters
The original #024 report was a boundary claim.
It said the owned pnpm-side repair was not the lifecycle tool, not Node, not tsx, and not the Unix socket limit.
It was the CAFS temp directory naming path.
The merge confirms that this was a valid upstream repair surface.
That matters for Scarab/SDS because this is the exact kind of field result the system is meant to support:
- find the owned surface
- avoid chasing the loudest symptom
- keep the patch small
- preserve project behavior outside the boundary
- validate the invariant
- submit cleanly for maintainer review
The accepted result does not mean SDS βreplacedβ review.
It means the field-test boundary survived review.
That is the receipt.
Field Lab status
The Field Lab now records this case as:
upstream-accepted
The public record includes the issue, PR, validation summary, review status, acceptance status, and claim boundary.
It does not publish internal SDS machinery.
It does not publish local workflow details.
It does not expose proprietary diagnostic logic.
The Field Lab record is there for the public evidence trail.
Field test result
This is now an upstream-accepted path-budget boundary repair.
The issue reduced to:
- pnpm creates a temporary package directory under its store
- that directory becomes part of TMPDIR
- lifecycle tools create additional paths below TMPDIR
- Unix-domain socket paths have a strict length limit
- pnpm can shorten the part of the path it owns
- shortening that basename leaves more room for lifecycle tools
- the accepted patch uses fs.mkdtemp() with a compact tmp prefix
- the repair was approved and merged upstream
That is the whole repair lane.
The patch does not claim to fix every possible IPC path failure.
It does not claim to change Unix socket limits.
It does not claim to fix tsx.
It does not redesign pnpm lifecycle execution.
It does not change lifecycle privilege behavior.
It fixes the pnpm-owned part of the path budget.
That is the kind of boundary Scarab/SDS is designed to surface.
Public claim
The correct claim for this accepted field test is:
Scarab/SDS helped drive an upstream-accepted boundary repair for pnpm/pnpm#12222, where long pnpm-created TMPDIR paths could cause lifecycle tooling IPC socket paths to exceed the Unix-domain socket path limit during git-hosted dependency preparation. The merged pnpm PR shortens CAFS temporary package directory names using fs.mkdtemp() with a compact tmp prefix under the existing store temp directory, preserving more path budget for downstream lifecycle tooling without changing lifecycle privilege behavior, unsafe-perm defaults, or pacquet. This does not claim to fix every IPC path failure, change Unix socket limits, or redesign pnpm lifecycle execution. It fixes the pnpm-owned part of the path budget.
Disclosure: This field report was prepared with AI-assisted editing from my own field-test notes, public issue and PR records, validation summary, review status, merge record, and Field Lab update. The technical claims and final wording were reviewed before publication.
Top comments (0)