Build pipelines: audit and harden a real build

Take a real frontend app (your own, or a starter you scaffold with a deliberately CommonJS-heavy dependency) and harden its build: shrink the production bundle by eliminating a tree-shaking regression, stabilise caching with a vendor split, close one dev/prod parity gap, and prove each fix with before/after numbers.

• Set up a Vite (or webpack) build and capture a baseline: production bundle size per chunk, total transferred bytes, and the build wall-clock time (cold and warm). Use a bundle analyzer (rollup-plugin-visualizer / webpack-bundle-analyzer) and save the baseline treemap.
• Introduce or locate a tree-shaking regression: import a utility from a CommonJS package the wide way (e.g. import _ from 'lodash') and confirm from the analyzer that the whole library shipped. Then fix it via the ESM build or deep imports and re-measure.
• Audit the package.json sideEffects field of at least one workspace package: verify CSS-importing or polyfill modules are listed, and show that an over-broad sideEffects: false would drop styling (or that the honest declaration keeps it).
• Configure production correctly: build with production mode so minification and NODE_ENV-gated dead-code-elimination run, and set hidden source maps so traces stay readable in an error tracker without exposing source publicly.
• Split vendor (framework + large stable deps) into its own content-hashed chunk via manualChunks/splitChunks, then make a one-line app change, rebuild, and show the vendor chunk's hash did NOT change while the app chunk's did.
• Reproduce and close one dev/prod parity gap: find a behaviour that differs between the dev server and the built output (or construct one with a circular import), add a CI step that runs the real production build and a smoke test against vite preview, and show the gate fails on the bug before the fix.
• Enable and verify build caching: turn on the filesystem/persistent cache, run cold then warm builds, and record the warm-build speedup. Confirm the cache key includes the tool version so an upgrade invalidates it.

• A before/after table: total bundle bytes, vendor vs app chunk sizes, cold vs warm build time, and the tree-shaking regression's contribution — all measured from the analyzer and build output, not estimated.
• The analyzer treemaps before and after clearly show the CommonJS regression gone and vendor isolated into its own chunk.
• Proof of cache stability: two consecutive builds with only an app-code change, showing the vendor chunk filename (hash) unchanged across both.
• A CI run log showing the production-build smoke test catching the parity bug, then passing after the fix.
• A one-paragraph write-up naming which pipeline stage each fix targeted (resolve/transform/bundle/minify/emit) and why that was the right stage.