Cut monorepo CI time without losing coverage. Affected-only runs, remote caching, package-level thresholds, and merged coverage for Nx and Turborepo workspaces.

Balancing Speed and Coverage in Monorepo Testing

In a shared JavaScript workspace, every package you add tends to make the test suite slower for everyone, and the natural defense — lowering coverage to claw back time — quietly increases the rate of regressions escaping to production. This guide is for platform engineers and tech leads running Nx or Turborepo monorepos on Vitest (Jest patterns noted where they differ) who need to hold coverage steady while keeping pull-request feedback under a few minutes. It assumes Node 22, Vitest 2.x, and a workspace large enough that running every test on every change has stopped being viable. The techniques here implement the budgeting discipline from the parent Cost-Benefit Analysis of Test Layers at workspace scale.

Root Cause Analysis

CI execution time scales non-linearly in a monorepo for two structural reasons, and neither is fixed by buying faster runners. The first is redundant execution: a blanket npm test at the root runs every package’s suite even when a change touched a single leaf, so the cost of a one-line fix is the cost of the entire repository. As the package count grows, the share of work that is genuinely unaffected by any given change approaches 90%, which means the overwhelming majority of CI minutes are spent re-proving things that could not have broken.

The second cause is coverage aggregation that obscures rather than reveals. When partial coverage reports from many packages are merged naively, a well-tested core library can mask an undertested new package — the global number looks healthy while a specific module sits at 30%. Teams then react to the global figure, either by celebrating a meaningless average or by setting a single global threshold that is simultaneously too strict for boilerplate packages and too loose for critical ones. The real defect risk lives at the package level, and a single aggregate number is structurally blind to it.

Compounding both is the dependency graph itself. Without a computed graph, CI cannot know which packages a change actually affects, so it falls back to running everything “to be safe.” Circular or overly broad dependencies widen the affected set unnecessarily, so even impact-aware pipelines run more than they should. The fix is therefore not “run fewer tests” in the abstract — it is to make the pipeline graph-aware so it runs exactly the affected set, and to make coverage package-aware so thresholds match each package’s actual risk. This is the same value-versus-spend tradeoff described in Unit vs Integration vs E2E Mapping, applied across package boundaries instead of test layers.

Reproducible Setup

Start by making the dependency graph explicit, then declare test tasks so the runner can cache and skip them. Visualize the graph first — it almost always reveals an over-broad dependency that is inflating the affected set.

# Nx: render the project graph in the browser
npx nx graph

# Turborepo: prune to a single package and its dependencies to inspect scope
npx turbo prune --scope=@acme/web

Declare the test task with explicit inputs and outputs so the task runner can cache results and replay them when nothing changed.

// turbo.json
{
  "tasks": {
    "test": {
      "dependsOn": ["^build"],
      "outputs": ["coverage/**"],
      "cache": true
    }
  }
}

The dependsOn: ["^build"] directive builds upstream packages before their dependents run tests, eliminating stale-module errors. The cache: true setting replays prior results when inputs are unchanged, cutting re-run cost to near zero for unmodified packages. To remove live-network variance from package tests — a frequent source of non-deterministic timing that defeats caching — pair this with external service simulation so every package’s suite is hermetic.

Implementation

Tiered, package-level thresholds

Apply coverage targets that reflect each package’s risk rather than one global number. Core utilities, where a regression propagates widely, earn the strictest gate; UI and integration bridges earn looser ones.

// packages/core/vitest.config.ts — strictest tier
import { defineConfig } from 'vitest/config';

export default defineConfig({
  test: {
    coverage: {
      provider: 'v8',
      thresholds: { branches: 85, functions: 90, lines: 90, statements: 90, perFile: true },
      exclude: ['**/generated/**', '**/*.d.ts', '**/mocks/**'],
    },
  },
});

The perFile: true flag is what makes this honest: it forbids a single well-covered file from compensating for an undertested sibling within the same package. In Jest the equivalent lives under coverageThreshold with a global block plus per-path globs. Excluding generated code and mocks keeps the value axis tied to behavior you actually wrote, which is the principle behind Defining Coverage Thresholds.

Run only affected packages

Replace blanket invocations with graph-filtered ones so unchanged packages never spin up a runner at all.

# Nx: test only packages affected by changes since main
npx nx affected --target=test --base=main --head=HEAD

# Turborepo: filter to packages changed since the merge base
npx turbo run test --filter='...[origin/main]'

# Vitest standalone: limit to files related to a commit range
npx vitest run --changed origin/main

Shard the affected set across runners

When the affected set is still large, distribute it across CI agents. Sharding splits the work; the gains are multiplicative with affected-only filtering.

# .github/workflows/monorepo-test.yml
jobs:
  test:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        shard: [1, 2, 3]
    steps:
      - uses: actions/checkout@v4
        with: { fetch-depth: 0 }   # full history so the base ref is resolvable
      - uses: actions/setup-node@v4
        with: { node-version: 22, cache: 'npm' }
      - run: npm ci
      - run: npx vitest run --changed origin/main --shard=${{ matrix.shard }}/3 --coverage
      - uses: actions/upload-artifact@v4
        with:
          name: coverage-${{ matrix.shard }}
          path: coverage/

Merge coverage deterministically

Sharded and per-package runs produce partial reports that must be merged before any gate or dashboard sees them, or the global number will be wrong.

# Merge LCOV fragments from all shards into one report
npx nyc merge ./coverage ./coverage/merged.json
npx nyc report --reporter=lcov --reporter=text --temp-dir=./coverage --report-dir=./coverage/final

Verification

Confirm the pipeline actually skips work and that coverage survives the optimization.

  1. Cache hit proof. Re-run the pipeline with no source changes and confirm the task runner reports cache hits for every package (turbo run test prints cache hit, replaying logs). A full re-execution means your inputs/outputs are misconfigured.
  2. Affected scope proof. Touch one leaf package, run the affected command, and confirm only that package and its dependents execute. If unrelated packages run, inspect the graph for an over-broad dependency.
  3. Merged-coverage integrity. Compare the merged total against a one-off full-suite run with coverage. They should match within rounding; a large gap means a shard’s report was dropped during the merge.
  4. Per-package gate fires. Lower a package’s threshold below its real coverage, push, and confirm only that package’s gate fails — not the whole workspace.

Troubleshooting

When the base ref cannot be resolved, affected commands silently fall back to running everything; always check out with full history (fetch-depth: 0) so the merge base exists. When cache hits never occur, the usual cause is a non-deterministic input — a timestamp, a Date.now() call, or a live network response baked into a snapshot — so make package tests hermetic with fake timers and simulated services. When merged coverage looks lower than any individual run, a fragment was overwritten because two shards wrote to the same path; give each shard a distinct output directory before merging. When a flaky suite keeps poisoning the critical path, move it off it rather than retrying blindly; quarantining it preserves both speed and signal, a pattern detailed under the parent Cost-Benefit Analysis of Test Layers.

FAQ

Does affected-only testing risk skipping a real regression?

It can if the dependency graph is incomplete — a runtime dependency that is not declared as a build dependency will not appear in the affected set. Mitigate this by running a full suite nightly on the main branch; the nightly run validates that your impact analysis is accurate and catches any false negatives before they accumulate.

How is this different in Jest versus Vitest?

The orchestration layer (Nx or Turborepo affected commands, caching, sharding) is runner-agnostic and works identically. The differences are local: Jest uses coverageThreshold and --changedSince where Vitest uses coverage.thresholds and --changed, and Jest’s coverage is Istanbul-based while Vitest defaults to native V8. For a deeper comparison of how each runner behaves under CI load, see Vitest vs Jest for CI speed.

What feedback time should I target for pull requests?

Aim for under three minutes on the affected unit and integration set, reserving full E2E for protected branches or nightly runs. If a single package’s suite alone exceeds five minutes, that package is the bottleneck and should be sharded or pruned before you optimize anything else, since serial wait time on one package cannot be cached away.

Should coverage thresholds be global or per-package?

Per-package, with perFile: true. A single global threshold is structurally blind to package-level risk: it lets a well-covered core mask an undertested new package, and it forces the same bar onto boilerplate and critical code alike. Tiering thresholds to each package’s blast radius is the only way to keep the gate both meaningful and non-obstructive.

How do I stop shared fixtures from inflating coverage?

Exclude fixture and generated directories from the coverage glob, and prefer per-test factories over large shared fixtures. Shared fixtures lift line coverage by touching code paths without asserting on them, which raises the number without raising confidence — exactly the false signal that package-level, behavior-focused thresholds are meant to prevent.