yarnからnpmへの切り替え

[sanak]

以下の切り替え手順により、yarnからnpmへの切り替えを行いましたので、お手すきの際に確認をお願いします。

切り替え手順メモ

PR #429 より抜粋

M1 MacBook Pro (arm64), Node v22環境を使用し、以下の手順で切り替えを行っています。

1. 以下のサイトの手順を参考に、 yarn.lock から package-lock.json に変換
   • 🔀yarn.lock と package-lock.json を相互変換する - 辺境のアステリズム

   % git checkout -b 428-yarn-to-npm
   Switched to a new branch '428-yarn-to-npm'
   % npx synp --source-file ./yarn.lock 
   Need to install the following packages:
   synp@1.9.14
   Ok to proceed? (y) y
   
   Created package-lock.json
   % git status
   On branch 428-yarn-to-npm
   Untracked files:
     (use "git add <file>..." to include in what will be committed)
   	package-lock.json
   
   nothing added to commit but untracked files present (use "git add" to track)

2. node_modules フォルダを削除し、 npm i を実行してインストール

   npm warn old lockfile
   npm warn old lockfile The package-lock.json file was created with an old version of npm,
   npm warn old lockfile so supplemental metadata must be fetched from the registry.
   npm warn old lockfile
   npm warn old lockfile This is a one-time fix-up, please be patient...
   npm warn old lockfile
   npm warn deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
   npm warn deprecated @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
   npm warn deprecated @humanwhocodes/config-array@0.11.14: Use @eslint/config-array instead
   npm warn deprecated @humanwhocodes/config-array@0.11.14: Use @eslint/config-array instead
   npm warn deprecated @humanwhocodes/config-array@0.11.14: Use @eslint/config-array instead
   npm warn deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
   npm warn deprecated abab@2.0.6: Use your platform's native atob() and btoa() methods instead
   npm warn deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
   npm warn deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
   npm warn deprecated glob@8.1.0: Glob versions prior to v9 are no longer supported
   npm warn deprecated domexception@4.0.0: Use your platform's native DOMException instead
   npm warn deprecated memfs@3.6.0: this will be v4
   npm warn deprecated eslint@8.47.0: This version is no longer supported. Please see https://eslint.org/version-support for other options.
   npm warn deprecated eslint@8.47.0: This version is no longer supported. Please see https://eslint.org/version-support for other options.
   npm warn deprecated eslint@8.47.0: This version is no longer supported. Please see https://eslint.org/version-support for other options.
   npm warn deprecated eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
   
   added 852 packages, and audited 853 packages in 8s
   
   181 packages are looking for funding
     run `npm fund` for details
   
   14 vulnerabilities (3 low, 4 moderate, 6 high, 1 critical)
   
   To address issues that do not require attention, run:
     npm audit fix
   
   To address all issues (including breaking changes), run:
     npm audit fix --force
   
   Run `npm audit` for details.

3. npm audix fix を実行して脆弱性のある依存パッケージを更新

   added 6 packages, removed 7 packages, changed 20 packages, and audited 852 packages in 2s
   
   181 packages are looking for funding
     run `npm fund` for details
   
   # npm audit report
   
   webpack-dev-server  <=5.2.0
   Severity: moderate
   webpack-dev-server users' source code may be stolen when they access a malicious web site with non-Chromium based browser - https://github.com/advisories/GHSA-9jgg-88mc-972h
   webpack-dev-server users' source code may be stolen when they access a malicious web site - https://github.com/advisories/GHSA-4v9v-hfq4-rm2v
   fix available via `npm audit fix --force`
   Will install webpack-dev-server@5.2.2, which is a breaking change
   node_modules/webpack-dev-server
   
   1 moderate severity vulnerability
   
   To address all issues (including breaking changes), run:
     npm audit fix --force

確認項目

• ローカルでのインストール・テスト動作確認
• README.mdの更新
• CIの更新・動作確認
• レジストリURLの registry.yarnpkg.com => registry.npmjs.org 切り替え後の動作確認

---

Closes #428

[Copilot]

Pull Request Overview

This PR migrates the project's package manager from Yarn to npm. The migration was performed by converting yarn.lock to package-lock.json using the synp tool, reinstalling dependencies with npm, and running npm audit fix to address vulnerabilities.

Key Changes:

• Updated documentation to reflect npm commands instead of Yarn
• Modified CI workflow to use npm for dependency installation and script execution
• Updated dependency cache key to reference package-lock.json instead of yarn.lock

Reviewed Changes

Copilot reviewed 2 out of 4 changed files in this pull request and generated no comments.

File	Description
README.md	Updated installation command from yarn to npm install
.github/workflows/build.yml	Replaced all Yarn commands with npm equivalents and updated cache key

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[niryuu]

• Source code seems sound
• It installed dependencies
• test passed