Conversation
Extends the project-tags plugin so every package under domain/, shared/, and features/ carries the tags that LIVE-29780's upcoming module-boundary validator will rely on: - domain/entity/* -> scope:domain + type:domain-entity - domain/api/* -> scope:domain + type:domain-api - shared/* -> scope:shared - features/* -> scope:features (unchanged) Legacy libs/, apps/, e2e/, and tools/ inference is untouched. 8 node:test assertions lock both the new branches and the legacy regression paths. Refs: LIVE-29780
Adds a linter-agnostic validator that walks the Nx project graph and verifies every workspace -> workspace edge against the new-arch layering rules. Runs via @nx/devkit's createProjectGraphAsync, no ESLint involved (the repo is migrating to oxlint; 143/149 packages already use it). Rules (DEP_CONSTRAINTS, defined in tools/nx-plugins/enforce-boundaries/ constraints.js): - scope:shared can depend on scope:shared only (leaf layer) - scope:domain can depend on scope:domain + scope:shared - scope:features can depend on scope:features + scope:domain + scope:shared - type:domain-entity can depend on type:domain-entity + scope:shared - type:domain-api can depend on type:domain-entity + type:domain-api + scope:shared
…heck workflow inferTags: drop the duplicate domain/ and shared/ blocks. The type-tag-aware blocks higher up already emit scope:domain / scope:shared (alongside type:domain-entity / type:domain-api), so behavior is preserved — just clearer to read. CI: extract the boundary check into its own reusable workflow at .github/workflows/test-boundaries-reusable.yml and call it from build-and-test-pr.yml as a dedicated enforce-boundaries job, gated on PRs touching domain/, shared/, or features/. Removes the now- redundant step from test-libs-reusable.yml. The new workflow is temporarily called via @ci/nx-enforce-module-boundaries-new-arch so this PR can prove it runs end-to-end. MUST be flipped back to @develop before merge. Refs: LIVE-29780
A source project can match multiple depConstraints (e.g. a type:domain-api project also has scope:domain). Before this fix findViolations emitted one violation per matching rule, so the same forbidden edge could surface twice in CI output and inflate the violation count. Now keyed by (sourceName, target): one entry per offending edge with the failing source tags accumulated. Output formatting joins the source tags with a comma. Adds a node:test case covering the multi- tag dedup; existing single-tag tests adjusted from sourceTag (string) to sourceTags (array). Refs: LIVE-29780
lewisd5
approved these changes
Apr 30, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
✅ Checklist
npx changesetwas attached. (intentionally dropped — same as the develop PR feat(nx-plugin): enforce module boundaries on new arch #16803; tooling-only change with no published-package behavior delta)node --testassertions (8 project-tags + 15 boundary validator). Validator green on the release tree (no pre-existing violations).enforce-boundariesjob in.github/workflows/build-and-test-pr.ymlcalling the new.github/workflows/test-boundaries-reusable.yml, gated on PRs touchingdomain/,shared/, orfeatures/.pnpm lint:boundariesscript for local verification.📝 Description
Backport of #16803 (LIVE-29780) to
release. Same six commits cherry-picked in order:feat(nx-plugin): infer boundary tags for new-arch packagesfeat(nx-plugin): enforce module boundaries via project graphchore: address PR review — de-dup tag inference, dedicated boundary check workflowfix(nx-plugin): dedupe boundary violations per source/target edgechore: restore workflow pin version to developchore: delete unecessary changesetConflicts resolved during cherry-pick (release lags develop by ~540 commits):
.github/workflows/test-libs-reusable.yml— release does not yet have theCheck export rulesstep (dcb1947f75on develop). Kept only the boundary-related lines from this PR; leftCheck export rulesfor a future cherry-pick if needed..github/workflows/build-and-test-pr.yml— release does not yet have thetest-shared/test-domainjobs. Inserted the newenforce-boundariesjob betweentest-featuresandtest-design-systemon the existing release shape.Tag taxonomy, dependency constraints, enforcement strategy, and forward-compat path are identical to the develop PR — see #16803 and the Jira ticket for the full plan and research notes.
❓ Context
CI note:
enforce-boundariesjob callstest-boundaries-reusable.yml@develop. That workflow file does not yet exist ondevelop(still in #16803). Until #16803 merges, this job will fail to resolve the workflow. After #16803 lands, retrigger CI here.