Build(deps-dev): Bump @typescript-eslint/parser from 8.29.1 to 8.39.1#103
Closed
dependabot[bot] wants to merge 1 commit into
Closed
Build(deps-dev): Bump @typescript-eslint/parser from 8.29.1 to 8.39.1#103dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 8.29.1 to 8.39.1. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.39.1/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-version: 8.39.1 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
Contributor
Author
|
Superseded by #111. |
dependabot
Bot
deleted the
dependabot/npm_and_yarn/typescript-eslint/parser-8.39.1
branch
joelteply
added a commit
that referenced
this pull request
Jun 2, 2026
…CI / replay / sandbox (task #103) Promotes the in-tree concept of "fake inference" from a #[cfg(test)] StubAdapter to a first-class production-runnable peer adapter, registered unconditionally (no API key required, priority 99 so it never auto-selects over real adapters) in AIProviderModule's default adapter set. Joel (2026-05-31): "Even if you were afraid of local LLM you could run proxy models, like a fake or canned response like heuristic LLM stand in... I would also make sure the inference command is used. Always should be. Could have this fake model. As an adapter." This realizes [[inference-is-an-adapter-always-in-the-loop]]: - Same adapter trait, same registry, same command surface (`inference/llm/request`) - Headless CI / sandbox / replay runs end-to-end without GGUFs, without cloud keys - "Run the whole system end-to-end with or without an actual LLM" is now true ### Determinism contract Same `(model, system_prompt, messages, temperature, max_tokens)` → byte-identical response. Implementation: SHA-256 over canonical inputs → 8-char hex prefix in the response. Required for [[persona-record-replay-is-a-product-requirement]]: replay against the same adapter reproduces the same response. ### Response shape `[heuristic:<hash>] ack: "<last 200 chars of last user message>"` - The `[heuristic:...]` marker is intentionally unmistakable in logs + traces; no risk of being confused with real model output. - Echoing the last user message proves end-to-end: prompt → adapter → response → trace. - Hash varies with all sampling-relevant inputs so changing temperature changes the prefix even if the prompt is identical. ### Tests (13, all green) - Determinism: same prompt → byte-identical text - Different prompts → different text - Echoes the latest user message with heuristic prefix - No user message → marker response (no panic) - Always returns FinishReason::Stop - UsageMetrics populated + nonzero for nonempty prompt - Provider field matches HEURISTIC_PROVIDER_ID - AdapterRegistry round-trip - Health check reports Healthy - Capabilities admit text+chat but not modality-specific (vision, embeddings, etc. — those are peer-adapter territory per [[ai-namespace-multimodal-crutches]]) - supports_model accepts any name so callers can pass real IDs - temperature + max_tokens shift determinism hash - **routes_through_inference_llm_request_command_surface** — the slice-completing integration test: drives the heuristic adapter through `InferenceLlmModule::handle_command("inference/llm/request", ...)` end-to-end, verifying the canonical command surface routes to it. Without this test, "adapter exists" doesn't prove "command-funnel doctrine works." With it, the contract is locked. ### Registration In AIProviderModule::register_adapters: unconditional registration at priority 99 (lowest — never auto-selects over real). Opt-in via `provider: "heuristic"` in InferenceRequest or future TS layer.
joelteply
added a commit
that referenced
this pull request
Jun 2, 2026
…trict opt-in (#128) ## Why Joel (2026-06-01) called out a recurring failure mode: "You mix this fake shit in and it's going live ALL THE TIME. Why fallbacks are forbidden. The fake shit is a CHOSEN model adapter no other form. Declaration. Gating in test is smart." The HeuristicInferenceAdapter was registered unconditionally at boot in `modules::ai_provider`, and its `supports_model()` returned `true` for any model name including production IDs like `anthropic/claude-opus-4-7`. Two structural leaks: auto-discovery could pick it via tier-3 walk in `AdapterRegistry::select()` when callers passed `model: None`; explicit-by-name lookups for real production models silently degraded to it when no real adapter was registered first. Both paths "go live ALL THE TIME." This commit closes the leaks structurally — not via runtime guards that can be forgotten, but via the compiler. ## What ships ### 1. Compile-time elimination (the no-going-back gate) - `Cargo.toml`: new `test-fixtures` feature flag. Production builds do not enable it. - `src/ai/mod.rs`: `pub mod heuristic_adapter` and re-exports gated behind `#[cfg(any(test, feature = "test-fixtures"))]`. Without the feature, the entire module + struct + constants don't exist in the binary. Unit tests in continuum-core get it free via `cfg(test)`; external test code / fixtures opts in via the feature. - `Cargo.toml`: `airc_chat_demo` bin target now declares `required-features = ["test-fixtures"]` — it uses heuristic and must opt in like any other test-fixture consumer. ### 2. Removal of unconditional production registration - `src/modules/ai_provider.rs`: deleted the unconditional `registry.register(HeuristicInferenceAdapter::new(), 99)` block. The comment about "lowest priority so never auto-selects" was wrong; nothing prevented `select()` with `model: None` from landing there. Tests that legitimately want heuristic register it explicitly in setup (no global default registration). ### 3. Trait-level self-declaration (belt-and-suspenders) - `src/ai/adapter.rs`: new `fn is_production_capable(&self) -> bool` on `AIProviderAdapter` (default `true`). Real adapters keep the default; heuristic returns `false`. - `src/ai/adapter.rs`: new `AdapterSelectionError` type with `Display` impl that names what was requested, what's registered, and what remediation looks like. Designed for downstream `select_production` callers in follow-up slices. - `src/ai/adapter.rs`: `AdapterRegistry::select()` now refuses calls with no `preferred_provider` AND no `model` — the textbook auto-discovery path forbidden by [[no-fallbacks-ever]]. Hard return None with a diagnostic. Callers must specify intent. ### 4. Heuristic strict opt-in - `src/ai/heuristic_adapter.rs`: `supports_model()` overridden to match ONLY model names starting with "heuristic" (case-insensitive). Previously returned `true` unconditionally — THE leak path. The test asserting that behavior (renamed: `supports_only_heuristic_model_names_never_substitutes_for_real_models`) now pins the opposite: production model names like `anthropic/claude-opus-4-7`, `gpt-4`, `qwen3.5-4b-code-forged-Q4_K_M` MUST NOT match. - `supported_model_prefixes()` declares `vec!["heuristic"]` (was empty + comment claimed "opt-in only" but the empty list combined with always-true `supports_model` meant anything went). The two methods now agree and the registry's prefix-based auto-routing cannot pick heuristic for any real model name. ## Layered defense Heuristic adapter cannot reach production traffic via FOUR independent barriers: 1. cfg-gate: not in the binary unless `test-fixtures` is on 2. No auto-registration: even with the feature, nothing in production code registers it 3. Trait self-declaration: `is_production_capable() = false` for `select_production` (follow-up #128 slice 2) 4. Strict model match: even at test time, only "heuristic-*" model names route here Joel: "No fallbacks ever it's forbidden." Now structural, not policy. ## Tests (47 passing, no regression) - `ai::heuristic_adapter::tests` — 10/10 pass with `test-fixtures` including the rewritten `supports_only_heuristic_model_names_never_substitutes_for_real_models`. - `ai::adapter::tests` — pass - `modules::generator::tests` — 8/8 pass (regression check) - `persona::hw_tier_descriptor::tests` — 11/11 pass (regression check) - `persona::orm_entity_registration_tests` — 2/2 pass (regression check) - `orm::entity::tests` — 10/10 pass (regression check) - Full lib test sweep with `test-fixtures` green (regression sweep) - Production build (`cargo build --lib --features metal,accelerate`) with NO test-fixtures: clean, heuristic adapter physically absent from the binary ## Follow-up (deferred) - Wire qwen3.5-4b-code-forged-Q4_K_M (the local GGUF on this Intel MacBookPro15,1) through the persona path so we have a REAL model running. The chat-flawless work continues on top of this clean base. - `select_production()` method that wraps `select()` and additionally filters `is_production_capable()`. Will land when the first production cognition call site is migrated to use it. - Audit existing `select()` callers — anyone passing `model: None` is now broken loud; either give them a real model or refactor. References: [[no-fallbacks-ever]], [[no-if-statements-use-llms-for- cognition]], [[persona-chat-flawless-before-video]], [[persona-webrtc-all-tiers-latency-obsessed]], #103 (heuristic promotion that this constrains), #105 (bypass audit), #112-#114 (routing the cognition path through inference command — chat-flawless slices C+). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps @typescript-eslint/parser from 8.29.1 to 8.39.1.
Release notes
Sourced from
@typescript-eslint/parser's releases.... (truncated)
Changelog
Sourced from
@typescript-eslint/parser's changelog.... (truncated)
Commits
b2ee794chore(release): publish 8.39.1c98d513chore(release): publish 8.39.02112d58feat: update to TypeScript 5.9.2 (#11445)d11e79echore(release): publish 8.38.0816be17chore(release): publish 8.37.084b7a2echore(release): publish 8.36.0e2ecca6chore: fix issues introduced by updatednxconfiguration (#11230)f9bd7d8chore(release): publish 8.35.1d19c9f3chore(release): publish 8.35.0ccd0791chore(release): publish 8.34.1Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)