chore(upgrade): drop unused execa and temp-dir runtime deps

[7188ce06]

Orphaned by: ff335a0
("feat(upgrade): Update upgrade CLI structure to support multiple
releases (#7385)", Bryce Kalow, 2025-12-08)

That commit removed the last source references — both import { execa } from 'execa' lines (the refactor moved away from the shell-out pattern entirely) and the import tempDir from 'temp-dir' (replaced with native fs.mkdtempSync(path.join(os.tmpdir(), ...)) in the new test fixture helpers) — but did not update @clerk/upgrade's package.json.

The deps have been declared-but-not-imported since 2025-12-08. Customer surface for zero benefit: every install of @clerk/upgrade fetches both from npm, plus the transitive tree under execa (12 unique packages removed from the lockfile by this commit).

Verification:

• Source grep: $ grep -rE "from\s+'\"['\"]|require\('\"['\"]\)" \ packages/upgrade --include='*.{ts,tsx,js,jsx,mjs,cjs}' \ --exclude-dir=node_modules --exclude-dir=dist (no matches)

• Lockfile self-consistency: $ pnpm install --frozen-lockfile Done in 10.9s.

• Build: $ pnpm turbo run build --filter @clerk/upgrade Tasks: 1 successful, 1 total.

• Specific transitive removals (each was reachable only via execa@9.4.1 or temp-dir@3.0.0; other versions of the same package names remain in the lockfile because they're pulled by unrelated deps like cypress, archiver, etc.): @sec-ant/readable-stream@0.4.1 execa@9.4.1 figures@6.1.0 get-stream@9.0.1 human-signals@8.0.1 is-stream@4.0.1 is-unicode-supported@2.1.0 parse-ms@4.0.0 pretty-ms@9.3.0 strip-final-newline@4.0.0 temp-dir@3.0.0 yoctocolors@2.1.2

No source changes.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 21183f1

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
clerk-js-sandbox	Skipped		May 17, 2026 10:36pm

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: 01eb2672-09e6-41a1-a079-f152e50f4d8f

📥 Commits

Reviewing files that changed from the base of the PR and between 097ad4a and 21183f1.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (1)

• packages/upgrade/package.json

💤 Files with no reviewable changes (1)

• packages/upgrade/package.json

---

📝 Walkthrough

Walkthrough

The @clerk/upgrade package's package.json file is updated to modify the dependencies section. The temp-dir dependency is removed, while the existing dependencies (gray-matter, index-to-position, jscodeshift, marked, meow, read-pkg, and semver-regex) are retained or ensured at their specified versions. No other package metadata, scripts, build configuration, or Node engine requirements change.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: removing unused execa and temp-dir dependencies from the @clerk/upgrade package.
Description check	✅ Passed	The description provides thorough context about why the dependencies are being removed, including the orphaning commit, verification steps, and lockfile impact.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}