fix(app): pin React and stabilize E2E builds#386
Conversation
Adding .gitkeep for PR creation (default mode). This file will be removed when the task is complete. Issue: ProverCoderAI#385
📝 WalkthroughWalkthroughPR закрепляет React и React-DOM версии 19.2.4 в корневых overrides и workspace-пакетах для совместимости с Gridland-рендерером. Обновлена Docker-инфраструктура с ретраями для надежной установки controller-tooling. Добавлены тесты валидации версии React во всех пакетах. ChangesReact версия и совместимость Gridland
Estimated code review effort🎯 2 (Simple) | ⏱️ ~12 minutes Suggested reviewers
Important Pre-merge checks failedPlease resolve all errors before merging. Addressing warnings is optional. ❌ Failed checks (1 error, 1 warning)
✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.gitkeep:
- Line 1: Файл .gitkeep содержит динамические метаданные
(timestamp/branch/issue) which cause noisy diffs; remove that dynamic line and
make .gitkeep either empty or contain a static comment (e.g., "Keep directory in
VCS") so it remains stable and does not change per PR/CI; ensure no
autogenerated timestamps/branch/issue strings are committed in .gitkeep going
forward.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro Plus
Run ID: b9dfb51b-6670-4812-a36b-f149f9574cbf
📒 Files selected for processing (1)
.gitkeep
📜 Review details
⏰ Context from checks skipped due to timeout of 900000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)
- GitHub Check: E2E (Runtime volumes + SSH)
- GitHub Check: E2E (Login context)
- GitHub Check: E2E (Clone auto-open SSH)
- GitHub Check: E2E (Clone cache)
- GitHub Check: E2E (Browser command)
- GitHub Check: Test
- GitHub Check: E2E (OpenCode)
- GitHub Check: Lint
- GitHub Check: Final build (windows-latest)
🧰 Additional context used
🧠 Learnings (2)
📓 Common learnings
Learnt from: ezocomp118-source
Repo: ProverCoderAI/docker-git PR: 366
File: packages/api/src/services/skiller.ts:366-369
Timestamp: 2026-06-03T17:35:55.293Z
Learning: In ProverCoderAI/docker-git, launching Electron via `setpriv --reuid/--regid` in the controller container causes a `Trace/breakpoint trap` crash even with `--no-sandbox`. The confirmed workaround is to launch Skiller as the controller user (bash -lc) and enforce project scope at the software level via SkillerContainerScope env vars (HOME, XDG_*, DOCKER_GIT_SKILLER_CONTAINER_HOME_PATH) and the add_project tRPC call. A future fix should use gosu/su-exec or a Chromium-sandbox-compatible credential-drop mechanism instead of setpriv. See PR `#366` for full context.
📚 Learning: 2026-05-13T07:09:47.992Z
Learnt from: CR
Repo: ProverCoderAI/docker-git PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-05-13T07:09:47.992Z
Learning: Applies to **/*.{ts,tsx} : Use functional comment markers for code clarity: CHANGE (brief description), WHY (mathematical/architectural justification), QUOTE(ТЗ) (requirement citation), REF (RTM or message ID), SOURCE (external source with quote), FORMAT THEOREM (∀x ∈ Domain: P(x) → Q(f(x))), PURITY (CORE|SHELL), EFFECT (Effect type signature), INVARIANT (mathematical invariant), COMPLEXITY (time/space).
Applied to files:
.gitkeep
konard
changed the title
|
CI note for head
Run: https://github.com/ProverCoderAI/docker-git/actions/runs/27123087130/job/80044695521 |
🤖 Solution Draft LogThis log file contains the complete execution trace of the AI solution draft process. 💰 Cost estimation:
📊 Context and tokens usage:
Total: (552.9K + 12.4M cached) input tokens, 44.3K output tokens, $19.969548 cost 🤖 Models used:
📎 Log file uploaded as Repository (58069KB)Now working session is ended, feel free to review and add any feedback on the solution draft. |
🔄 Auto-restart triggered (iteration 1)Reason: CI failures detected Starting new session to address the issues. Auto-restart-until-mergeable mode is active. This run will stop after 5 restart iterations. |
konard
changed the title
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@packages/api/Dockerfile`:
- Line 56: Pin the node-gyp package to an explicit version in the global
installs to make builds deterministic: change the command that currently reads
"npm install -g --prefix /opt/bun --no-audit --no-fund bun@1.3.11 node-gyp" to
include a fixed node-gyp version (e.g., node-gyp@X.Y.Z) and likewise update the
root Dockerfile's "npm i -g node-gyp" to the same pinned version; ensure both
locations use the identical explicit version string so the controller tooling
install is reproducible.
In `@packages/app/tests/docker-git/controller-resource-limits.test.ts`:
- Around line 112-121: The test "retries network-bound controller tooling
downloads" doesn't assert the explicit retry-range invariant; update the test
(inside the it.effect block using readComposeFile) to also assert that the retry
loop upper bound is fixed to 5 by checking for the exact loop/range token used
in the Dockerfile (e.g., assert contents contains "1..5" or the concrete loop
string your script emits such as "for i in 1..5" or "seq 1 5"), so the
max-attempts invariant is anchored alongside the existing checks for "--retry 5"
and the failure message.
In `@packages/app/tests/docker-git/gridland-react-singleton.test.ts`:
- Line 30: Тест проверяет неверное поле: вместо проверять
terminalPackage.devDependencies["react-dom"] надо проверять
terminalPackage.dependencies["react-dom"]; исправьте ожидание в тесте (используя
уже применённую stripCaret и gridlandRendererReactVersion) так, чтобы оно
проверяло наличие и версию react-dom в dependencies, а не в devDependencies,
сохранив остальную логику и переменные (terminalPackage, stripCaret,
gridlandRendererReactVersion, "react-dom").
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro Plus
Run ID: fbbf9dcc-0f82-461d-8660-473a2785d9a4
⛔ Files ignored due to path filters (1)
bun.lockis excluded by!**/*.lock
📒 Files selected for processing (7)
.changeset/fix-gridland-react-singleton.mdpackage.jsonpackages/api/Dockerfilepackages/app/package.jsonpackages/app/tests/docker-git/controller-resource-limits.test.tspackages/app/tests/docker-git/gridland-react-singleton.test.tspackages/terminal/package.json
📜 Review details
⏰ Context from checks skipped due to timeout of 900000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)
- GitHub Check: E2E (OpenCode)
- GitHub Check: E2E (Runtime volumes + SSH)
- GitHub Check: E2E (Clone auto-open SSH)
- GitHub Check: E2E (Login context)
- GitHub Check: E2E (Clone cache)
- GitHub Check: Test
- GitHub Check: E2E (Browser command)
- GitHub Check: Lint
- GitHub Check: Final build (windows-latest)
🧰 Additional context used
📓 Path-based instructions (12)
**/*.{js,ts,jsx,tsx,py,java,go,rb,php,sh,bash,yml,yaml,json,env*,toml,cfg,config,dockerfile,dockerignore}
📄 CodeRabbit inference engine (Custom checks)
Fail if changed files expose credentials, tokens, private-keys, or PII in source, generated config, logs, or CI output
Files:
packages/app/package.jsonpackages/terminal/package.jsonpackages/app/tests/docker-git/controller-resource-limits.test.tspackage.jsonpackages/app/tests/docker-git/gridland-react-singleton.test.ts
**/{package*.json,requirements*.txt,setup.py,setup.cfg,Pipfile,Pipfile.lock,pyproject.toml,pom.xml,build.gradle,Gemfile,Gemfile.lock,go.mod,go.sum,composer.json,Cargo.toml,Cargo.lock}
📄 CodeRabbit inference engine (Custom checks)
Fail if dependency or package-manager changes materially increase supply-chain risk without justification
Files:
packages/app/package.jsonpackages/terminal/package.jsonpackage.json
**/*
⚙️ CodeRabbit configuration file
**/*: Ты строгий ревьюер SPEC DRIVEN DEVELOPMENT.Перед выводами изучи README.md, другие *.md файлы, linked issues,
PR description, PR comments/discussion и релевантную кодовую базу.Сверь изменения с исходным ТЗ/спекой и обсуждением. Флагай любой уход
от спеки, недокументированное изменение поведения, отсутствие тестов
для заявленного поведения и security-риск. Если спека не видна,
попроси автора добавить ее в issue или PR description.Проверь решение с точки зрения формальной верификации: какие инварианты,
предусловия и постусловия можно доказать математически, а где доказуемость
слабая. Оцени решение с точки зрения теории игр: устойчивы ли стимулы,
нет ли выгодного обхода правил, и какое решение было бы сильнее.
Files:
packages/app/package.jsonpackages/terminal/package.jsonpackages/app/tests/docker-git/controller-resource-limits.test.tspackage.jsonpackages/app/tests/docker-git/gridland-react-singleton.test.tspackages/api/Dockerfile
**
⚙️ CodeRabbit configuration file
**: РОЛЬ: Математик-программист, специализирующийся на формально верифицируемой функциональной архитектуре.ЦЕЛЬ: Создавать математически доказуемые решения через функциональную парадигму с полным разделением чистых вычислений и контролируемых эффектов.
МОДЕЛЬ РАССУЖДЕНИЯ:
- Не выдавать “личные мнения”. Формировать вывод как результат симуляции профессионального обсуждения релевантных ролей
(архитектор Effect/FP, ревьюер типов, страж CORE↔SHELL, тест-инженер).- Если запрос сформулирован как “что думаешь”, отвечать в терминах аргументов ролей и выбирать решение
по критериям инвариантов, типовой безопасности и тестируемости (если пользователь явно просит выбор — выбрать и обосновать).ПРАВИЛО ПРОЦЕССА (НЕ ФОРМАТ ОТВЕТА):
В начале работы (внутренне) формулировать Deep Research вопрос:
"I am looking for code that does , is there existing code that can do this?"
Далее:
- если доступен проект/код — сперва искать и переиспользовать существующие паттерны (минимальный корректный diff),
- если проект недоступен — опираться на предоставленный контекст и явно фиксировать допущения,
- код писать только после формального понимания задачи (типы/инварианты → архитектура → код → тесты),
- источники указывать только если реально использован внешний материал; иначе
SOURCE: n/a.ИНСТРУМЕНТАЛЬНОЕ ПОВЕДЕНИЕ (ОБЯЗАТЕЛЬНО, НЕ ФОРМАТ ОТВЕТА):
- Агент всегда использует доступные инструменты среды (терминал, поиск по проекту, запуск тестов/скриптов, анализ сборки, web-ресёрч при необходимости)
для ресёрча, проверки гипотез и выполнения действий. Приоритет: проверяемость, воспроизводимость, минимальный риск.- Агент не предлагает “гайд” как замену действия. Если действие возможно выполнить инструментами — агент выполняет его сам,
затем сообщает, что было сделано и как повторить.- Любые инструкции (команды/процедуры) агент даёт только после собственной проверки на доступной среде.
Если проверить невозможно — явно фиксирует ограничение и перечисляе...
Files:
packages/app/package.jsonpackages/terminal/package.jsonpackages/app/tests/docker-git/controller-resource-limits.test.tspackage.jsonpackages/app/tests/docker-git/gridland-react-singleton.test.tspackages/api/Dockerfile
**/*.{ts,tsx}
📄 CodeRabbit inference engine (CLAUDE.md)
**/*.{ts,tsx}: Implement Functional Core, Imperative Shell (FCIS) pattern: CORE layer contains only pure functions with immutable data and mathematical operations; SHELL layer isolates all effects (IO, network, database). Strict dependency direction: SHELL → CORE (never reverse).
Never useany,unknown,eslint-disable,ts-ignore, orastype assertions (except in rigorously justified cases with documentation). Always use exhaustive union type analysis through.exhaustive()pattern matching.
All external dependencies must be wrapped through typed interfaces and injected via Effect-TS Layer pattern. Never call external services directly from CORE functions.
Use monadic composition with Effect-TS for all effects:Effect<Success, Error, Requirements>. Compose effects throughpipe()andEffect.flatMap(). Implement dependency injection via Layer pattern. Handle errors without try/catch blocks.
All functions must be pure in the CORE layer: no side effects (logging, console output, IO operations, mutations). Separate all side effects into the SHELL layer.
Use exhaustive pattern matching with Effect.Match instead of switch statements. Example:Match.value(item).pipe(Match.when(...), Match.exhaustive).
Document all functions with comprehensive TSDoc including:@pure(true/false),@effect(required services),@invariant(mathematical invariants),@precondition,@postcondition,@complexity(time and space),@throwsNever (errors must be typed in Effect).
Use functional comment markers for code clarity: CHANGE (brief description), WHY (mathematical/architectural justification), QUOTE(ТЗ) (requirement citation), REF (RTM or message ID), SOURCE (external source with quote), FORMAT THEOREM (∀x ∈ Domain: P(x) → Q(f(x))), PURITY (CORE|SHELL), EFFECT (Effect type signature), INVARIANT (mathematical invariant), COMPLEXITY (time/space).
Define all external service dependencies as Context.Tag classes with fully typed methods returning Effect types. Example: `class Da...
Files:
packages/app/tests/docker-git/controller-resource-limits.test.tspackages/app/tests/docker-git/gridland-react-singleton.test.ts
**/*.test.{ts,tsx}
📄 CodeRabbit inference engine (CLAUDE.md)
**/*.test.{ts,tsx}: Implement property-based testing using fast-check for mathematical properties and invariants. Example:fc.property(fc.array(messageArbitrary), (messages) => isChronologicallySorted(sortMessagesByTimestamp(messages))).
Mock external dependencies in unit tests using Effect's testing utilities. Run tests without Effect runtime for speed. Example:Effect.provide(MockService), Effect.runPromise.
Files:
packages/app/tests/docker-git/controller-resource-limits.test.tspackages/app/tests/docker-git/gridland-react-singleton.test.ts
**/*.{ts,tsx,js,jsx}
📄 CodeRabbit inference engine (AGENTS.md)
**/*.{ts,tsx,js,jsx}: Forbidden constructs in CORE code:any,eslint-disable,ts-ignore,async/await, raw Promise chains (then/catch),Promise.all,try/catchfor logic control,console.*, switch statements (use Match with .exhaustive() instead)
All functions must use Effect-TS for composing effects:Effect<Success, Error, Requirements>. No direct async/await, Promise chains, or try/catch in product logic.
Functional comments must include: CHANGE, WHY, QUOTE(ТЗ) or n/a, REF, SOURCE or n/a, FORMAT THEOREM, PURITY (CORE|SHELL), EFFECT signature for SHELL functions, INVARIANT, and COMPLEXITY.
All data mutations must use immutable patterns (ReadonlyArray, readonly properties, Object.freeze); mutation in SHELL only when absolutely necessary and documented.
Files:
packages/app/tests/docker-git/controller-resource-limits.test.tspackages/app/tests/docker-git/gridland-react-singleton.test.ts
**/*.{test,spec}.{ts,tsx}
📄 CodeRabbit inference engine (AGENTS.md)
Property-based tests (fast-check) must verify mathematical invariants; unit tests must use Effect test utilities without async/await.
Files:
packages/app/tests/docker-git/controller-resource-limits.test.tspackages/app/tests/docker-git/gridland-react-singleton.test.ts
**/*.{sh,bash,py,js,ts,jsx,tsx,go,java,rb,php}
📄 CodeRabbit inference engine (Custom checks)
Fail if changed files introduce command injection or unsafe shell/process execution with user-controlled input
Files:
packages/app/tests/docker-git/controller-resource-limits.test.tspackages/app/tests/docker-git/gridland-react-singleton.test.ts
**/*.{py,js,ts,jsx,tsx,go,java,rb,php,sh,bash,c,cpp}
📄 CodeRabbit inference engine (Custom checks)
Fail if changed files introduce path traversal or writes outside intended project/container state directories
Files:
packages/app/tests/docker-git/controller-resource-limits.test.tspackages/app/tests/docker-git/gridland-react-singleton.test.ts
package.json
📄 CodeRabbit inference engine (CLAUDE.md)
Dependencies must include Effect-TS (
effect: ^3.x) for monadic effects and@effect/schema: ^0.xfor validation with strong typing.Dependencies like effect (^3.x) and
@effect/schema(^0.x) are mandatory; project must enforce monadic composition through Effect.
Files:
package.json
**/{Dockerfile*,docker-compose*.{yml,yaml},.dockerignore}
📄 CodeRabbit inference engine (Custom checks)
Fail if changed files introduce unsafe Docker configuration such as privileged containers, broad host mounts, unbounded Docker socket access, or unnecessary write permissions
Files:
packages/api/Dockerfile
🧠 Learnings (5)
📚 Learning: 2026-05-13T07:09:47.992Z
Learnt from: CR
Repo: ProverCoderAI/docker-git PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-05-13T07:09:47.992Z
Learning: Applies to package.json : Dependencies must include Effect-TS (`effect: ^3.x`) for monadic effects and `effect/schema: ^0.x` for validation with strong typing.
Applied to files:
packages/app/package.jsonpackages/terminal/package.jsonpackages/app/tests/docker-git/gridland-react-singleton.test.ts
📚 Learning: 2026-05-13T07:10:13.213Z
Learnt from: CR
Repo: ProverCoderAI/docker-git PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-05-13T07:10:13.213Z
Learning: Applies to package.json : Dependencies like effect (^3.x) and effect/schema (^0.x) are mandatory; project must enforce monadic composition through Effect.
Applied to files:
packages/terminal/package.jsonpackages/app/tests/docker-git/gridland-react-singleton.test.ts
📚 Learning: 2026-05-13T07:10:13.213Z
Learnt from: CR
Repo: ProverCoderAI/docker-git PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-05-13T07:10:13.213Z
Learning: Applies to **/*.{test,spec}.{ts,tsx} : Property-based tests (fast-check) must verify mathematical invariants; unit tests must use Effect test utilities without async/await.
Applied to files:
packages/app/tests/docker-git/gridland-react-singleton.test.ts
📚 Learning: 2026-05-13T07:09:47.992Z
Learnt from: CR
Repo: ProverCoderAI/docker-git PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-05-13T07:09:47.992Z
Learning: Applies to **/*.test.{ts,tsx} : Mock external dependencies in unit tests using Effect's testing utilities. Run tests without Effect runtime for speed. Example: `Effect.provide(MockService), Effect.runPromise`.
Applied to files:
packages/app/tests/docker-git/gridland-react-singleton.test.ts
📚 Learning: 2026-05-13T07:10:13.213Z
Learnt from: CR
Repo: ProverCoderAI/docker-git PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-05-13T07:10:13.213Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : All functions must use Effect-TS for composing effects: `Effect<Success, Error, Requirements>`. No direct async/await, Promise chains, or try/catch in product logic.
Applied to files:
packages/app/tests/docker-git/gridland-react-singleton.test.ts
🪛 Hadolint (2.14.0)
packages/api/Dockerfile
[warning] 49-49: Pin versions in npm. Instead of npm install <package> use npm install <package>@<version>
(DL3016)
[warning] 49-49: Pin versions in apt get install. Instead of apt-get install <package> use apt-get install <package>=<version>
(DL3008)
🪛 markdownlint-cli2 (0.22.1)
.changeset/fix-gridland-react-singleton.md
[warning] 5-5: First line in a file should be a top-level heading
(MD041, first-line-heading, first-line-h1)
🔇 Additional comments (4)
package.json (1)
65-66: LGTM!packages/app/package.json (1)
83-84: LGTM!.changeset/fix-gridland-react-singleton.md (1)
1-5: LGTM!packages/terminal/package.json (1)
58-58: Ensurepackages/terminaldeclaresreact-dom@19.2.4as a runtime dependency to match the pinned React singleton contract
packages/terminal/package.jsoncurrently hasreact-dom@19.2.4only indevDependencies, while the repo’s React/ReactDOM pinning contract for this package is meant to keep runtime singleton resolution consistent; move/addreact-domtodependencies(orpeerDependenciesif that’s the established pattern here) with the exact19.2.4version.
| if curl -fsSL --retry 5 --retry-all-errors --retry-delay 2 https://deb.nodesource.com/setup_24.x -o /tmp/nodesource-setup.sh \ | ||
| && bash /tmp/nodesource-setup.sh \ | ||
| && apt-get -o Acquire::Retries=3 install -y --no-install-recommends nodejs \ | ||
| && npm install -g --prefix /opt/bun --no-audit --no-fund bun@1.3.11 node-gyp \ |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
set -euo pipefail
# Inspect the cited Dockerfile lines
echo "=== packages/api/Dockerfile (lines 35-80) ==="
nl -ba packages/api/Dockerfile | sed -n '35,80p'
# Find all node-gyp mentions
echo
echo "=== rg 'node-gyp' ==="
rg -n "node-gyp" -S .
# Find any hadolint/static-analysis mentions of DL3016/DL3008
echo
echo "=== rg 'DL3016|DL3008' ==="
rg -n "DL3016|DL3008" -S .Repository: ProverCoderAI/docker-git
Length of output: 175
🏁 Script executed:
#!/bin/bash
set -euo pipefail
command -v rg >/dev/null 2>&1 && echo "rg: OK" || echo "rg: MISSING"
command -v awk >/dev/null 2>&1 && echo "awk: OK" || echo "awk: MISSING"
command -v sed >/dev/null 2>&1 && echo "sed: OK" || echo "sed: MISSING"
# Inspect cited Dockerfile lines (use awk for line numbers)
echo "=== packages/api/Dockerfile (lines 35-80) ==="
awk 'NR>=35 && NR<=80 {printf "%d\t%s\n", NR, $0}' packages/api/Dockerfile
echo
echo "=== rg 'node-gyp' ==="
rg -n "node-gyp" -S .
echo
echo "=== rg 'DL3016|DL3008' ==="
rg -n "DL3016|DL3008" -S .Repository: ProverCoderAI/docker-git
Length of output: 4653
Зафиксируйте точную версию node-gyp при глобальной установке controller tooling.
В packages/api/Dockerfile строка 56 npm install -g --prefix /opt/bun --no-audit --no-fund bun@1.3.11 node-gyp выполняется без версии, из-за чего сборка недетерминирована и растёт supply-chain риск (также в корневом Dockerfile npm i -g node-gyp без версии).
Предлагаемый фикс
- && npm install -g --prefix /opt/bun --no-audit --no-fund bun@1.3.11 node-gyp \
+ && npm install -g --prefix /opt/bun --no-audit --no-fund bun@1.3.11 node-gyp@<exact-version> \🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@packages/api/Dockerfile` at line 56, Pin the node-gyp package to an explicit
version in the global installs to make builds deterministic: change the command
that currently reads "npm install -g --prefix /opt/bun --no-audit --no-fund
bun@1.3.11 node-gyp" to include a fixed node-gyp version (e.g., node-gyp@X.Y.Z)
and likewise update the root Dockerfile's "npm i -g node-gyp" to the same pinned
version; ensure both locations use the identical explicit version string so the
controller tooling install is reproducible.
Sources: Coding guidelines, Linters/SAST tools
| it.effect("retries network-bound controller tooling downloads", () => | ||
| Effect.gen(function*(_) { | ||
| const contents = yield* _(readComposeFile("packages/api/Dockerfile")) | ||
| expect(contents).toContain("https://deb.nodesource.com/setup_24.x -o /tmp/nodesource-setup.sh") | ||
| expect(contents).toContain("npm install -g --prefix /opt/bun --no-audit --no-fund bun@1.3.11 node-gyp") | ||
| expect(contents).toContain("curl -fsSL --retry 5 --retry-all-errors --retry-delay 2") | ||
| expect(contents).toContain("controller tooling install failed after retries") | ||
| expect(contents).toContain("test \"$(bun --version)\" = \"1.3.11\"") | ||
| expect(contents).toContain("node-gyp --version") | ||
| })) |
There was a problem hiding this comment.
Добавьте проверку верхней границы retry-цикла (1..5).
Сейчас тест не закрепляет ключевой инвариант из этого изменения — максимальное число попыток. На практике это позволит регрессии пройти незаметно.
Предлагаемое усиление теста
expect(contents).toContain("curl -fsSL --retry 5 --retry-all-errors --retry-delay 2")
+ expect(contents).toContain("for attempt in 1 2 3 4 5; do")
expect(contents).toContain("controller tooling install failed after retries")🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@packages/app/tests/docker-git/controller-resource-limits.test.ts` around
lines 112 - 121, The test "retries network-bound controller tooling downloads"
doesn't assert the explicit retry-range invariant; update the test (inside the
it.effect block using readComposeFile) to also assert that the retry loop upper
bound is fixed to 5 by checking for the exact loop/range token used in the
Dockerfile (e.g., assert contents contains "1..5" or the concrete loop string
your script emits such as "for i in 1..5" or "seq 1 5"), so the max-attempts
invariant is anchored alongside the existing checks for "--retry 5" and the
failure message.
| expect(stripCaret(appPackage.dependencies.react)).toBe(gridlandRendererReactVersion) | ||
| expect(stripCaret(appPackage.dependencies["react-dom"])).toBe(gridlandRendererReactVersion) | ||
| expect(stripCaret(terminalPackage.dependencies.react)).toBe(gridlandRendererReactVersion) | ||
| expect(stripCaret(terminalPackage.devDependencies["react-dom"])).toBe(gridlandRendererReactVersion) |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
set -euo pipefail
echo "Проверка, что тест валидирует нужное поле и манифест соответствует ему"
rg -n --type=ts 'terminalPackage\.(devDependencies|dependencies)\["react-dom"\]' packages/app/tests/docker-git/gridland-react-singleton.test.ts
python - <<'PY'
import json, pathlib
pkg = json.loads(pathlib.Path("packages/terminal/package.json").read_text())
print("dependencies.react-dom:", pkg.get("dependencies", {}).get("react-dom"))
print("devDependencies.react-dom:", pkg.get("devDependencies", {}).get("react-dom"))
PYRepository: ProverCoderAI/docker-git
Length of output: 311
Исправить тест singleton-контракта: проверять react-dom в dependencies, а не в devDependencies.
Сейчас тест на Line ~30 фиксирует terminalPackage.devDependencies["react-dom"], но в packages/terminal/package.json react-dom отсутствует в dependencies (там None), из-за чего регресс runtime-зависимости может пройти незамеченной.
Предлагаемый фикс
- expect(stripCaret(terminalPackage.devDependencies["react-dom"])).toBe(gridlandRendererReactVersion)
+ expect(stripCaret(terminalPackage.dependencies["react-dom"])).toBe(gridlandRendererReactVersion)🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@packages/app/tests/docker-git/gridland-react-singleton.test.ts` at line 30,
Тест проверяет неверное поле: вместо проверять
terminalPackage.devDependencies["react-dom"] надо проверять
terminalPackage.dependencies["react-dom"]; исправьте ожидание в тесте (используя
уже применённую stripCaret и gridlandRendererReactVersion) так, чтобы оно
проверяло наличие и версию react-dom в dependencies, а не в devDependencies,
сохранив остальную логику и переменные (terminalPackage, stripCaret,
gridlandRendererReactVersion, "react-dom").
Source: Coding guidelines
konard
changed the title
Working session summaryImplemented and pushed the CI fixes to PR 386: #386 What changed:
Verification:
SOURCE: GitHub Actions logs for PR 386; npm registry metadata via This summary was automatically extracted from the AI working session output. |
🔄 Auto-restart-until-mergeable Log (iteration 1)This log file contains the complete execution trace of the AI solution draft process. 💰 Cost estimation:
🤖 Models used:
📎 Log file uploaded as Repository (2 chunks) (127324KB)Now working session is ended, feel free to review and add any feedback on the solution draft. |
✅ Ready to mergeThis pull request is now ready to be merged:
Monitored by hive-mind with --auto-restart-until-mergeable flag |
1 participant
Summary
reactandreact-domto19.2.4across the app package, terminal workspace, and root overrides so Gridland's Bun renderer uses the React version it resolves forreact-reconciler@0.33.0.E2E (Clone cache): retry the NodeSource setup, installbun@1.3.11from npm under/opt/bun, verify the installed Bun version, and keepnode-gypinstallation in the same checked boundary.@prover-coder-ai/docker-gitand remove the initial PR placeholder.gitkeep.Reproduction
Before the React fix, the focused regression test fails with:
This captures the same contract behind the issue stack (
resolveDispatcher().useCallback): hooks in the TUI must be dispatched by the same React singleton/version that Gridland's renderer expects.For the original failing CI check,
E2E (Clone cache)failed while buildingpackages/api/Dockerfileat the controller tooling install layer. A local no-cache build reproduced repeated Bun release download failures:After the Dockerfile fix, the controller-base build installs Bun from the npm registry and verifies:
On the next CI run,
E2E (Clone cache)passed andE2E (OpenCode)exposed a separate transient controller build failure during auth bootstrap:The OpenCode auth bootstrap now retries the controller auth commands before failing the E2E scenario.
Mathematical Guarantees
Invariants
∀ dep ∈ {root overrides, app react/react-dom, terminal react/react-dom}: version(dep) = 19.2.4version(react) = version(Gridland renderer peer resolution) -> dispatcher(hookCall) != nullcontrollerBase.tooling.bun.version = packageManager.bun.version = 1.3.11controllerBase.tooling.install.success -> node ∧ npm ∧ bun ∧ node-gyp are executableOpenCode.authBootstrap.transientFailure(k), 1 <= k < 3 -> scenario continues to attempt k + 1OpenCode.authBootstrap.failureCount = 3 -> typed E2E failure message is emitted before clone assertionsPreconditions
@gridland/bun@0.4.3andreact-reconciler@0.33.0.Postconditions
react@19.2.4and onereact-dom@19.2.4for the app/terminal packages.19.2.7state and passes after the pin.github.com/.../latest/downloadendpoint during CI.ERRtrap path for expected retry failures.Verification
bun install --frozen-lockfilenpm view bun@1.3.11 version dist.tarball --jsonnpm install -g --prefix /tmp/bun-npm-global-test bun@1.3.11 node-gyp && /tmp/bun-npm-global-test/bin/bun --version && /tmp/bun-npm-global-test/bin/node-gyp --versionbash -n scripts/e2e/opencode-autoconnect.shbun run --cwd packages/app vitest run tests/docker-git/controller-resource-limits.test.tsdocker build --progress plain --target controller-base -f packages/api/Dockerfile -t docker-git-controller-base-e2e-385 .bun run --cwd packages/app testbun run --cwd packages/app checkbun run checkbun run testgit diff --checkSOURCE: GitHub Actions logs for PR 386 and npm registry metadata via
npm view.Fixes #385