pnpm .pnpm symlink store breaks bcrypt (and other native-dep packages) in Next.js Docker standalone runtime — auxiliary scripts outside the Next server (DB migrator, seed scripts) cannot resolve native bindings at runtime.
Diagnosis
pnpm creates node_modules/bcrypt as a symlink into node_modules/.pnpm/bcrypt@.../node_modules/bcrypt. That nested dir’s transitive deps expect flat npm-style hoisting. Next.js output: 'standalone' trace copies only what the Next server itself needs — auxiliary scripts using the same node_modules hit unresolved native bindings. Hit during R-TaskFlow M1.T2 (2026-04-17) when adding an entrypoint wrapper (db/run-migrations-then-seed.ts) that uses bcrypt to hash the admin password.
Fix
Don’t share node_modules between the Next standalone runtime and auxiliary scripts. Two options: (a) bundle the aux script with esbuild (pnpm exec esbuild db/run-migrations-then-seed.ts --bundle --platform=node --external:bcrypt --external:postgres --outfile=dist/migrate.cjs) + copy a dedicated node_modules-migrator produced by npm install (flat layout) + set NODE_PATH=/app/node_modules-migrator in the runtime CMD. (b) Keep everything inside the Next process lifecycle (call migrations from instrumentation.ts). Option (a) is cleaner when migrations must run BEFORE the server starts (blocking). Verify by docker run --rm <img> node migrate.cjs after build — issue doesn’t surface in dev where full node_modules is present.