feat(rpc): expose node version + git commit on getNetworkInfo

[tcsenpai]

Summary

Adds nodeVersion to the getNetworkInfo response so operators (and the SDK) can tell at a glance which binary a node is actually running.

The trigger was: PR #861 (GCREdit hash normalisation) landed on stabilisation, but dev.node2.demos.sh:53552 kept returning GCREdit mismatch on every post-fork transfer. The investigation forked into "is the fix wrong?" vs. "did the host get rebuilt?" — the latter would have been a one-second answer if the RPC had told us the running commit. Same diagnostic value for any future fix that gets merged and rolled out across multiple validator hosts.

Shape

NetworkInfo now carries a nodeVersion block:

{
  "forks": { "osDenomination": { … } },
  "nodeVersion": {
    "name": "demos-node-software",
    "version": "0.9.8",
    "commit": "4fff076da34456a99a9eac2a5caadf0b300476c8",
    "commitShort": "4fff076",
    "branch": "stabilisation",
    "dirty": false,
    "builtAt": null
  }
}

Additive — older SDKs that only destructure forks keep working.

Sources

src/utilities/nodeVersion.ts resolves at module evaluation (frozen for the binary's lifetime):

• name + version — top-level package.json
• commit + commitShort — .git/HEAD walked up from cwd (handles ref-pointer HEADs, detached HEADs, packed-refs fallback)
• branch — HEAD ref name when applicable
• dirty — git diff-index --quiet HEAD, tolerant of missing git binary
• builtAt — BUILT_AT env when a Docker image baked one in, else null

Env overrides (GIT_COMMIT, GIT_BRANCH, GIT_DIRTY) take precedence when present so stripped images (git clone --depth 0, multistage builds that don't ship .git/) can still surface meaningful values from build args.

Defensive failure modes

Every individual failure path lands on null. A corrupted .git/HEAD, missing git binary, or unreadable refs cannot panic the node — getNetworkInfo MUST keep answering even when provenance is unknown.

Test plan

• bun run type-check-ts — no new errors (pre-existing chainBlocks.ts duplicate-import + worker-threads-test errors unchanged)
• Smoke: bun --eval import returned the expected current SHA, short SHA, branch, and dirty flag from the working tree.
• No unit test added — module is pure-IO with environment dependencies tedious to mock and every failure mode returns null instead of throwing. A future PR can add a fixture-driven test if regressions appear.

Operator usage

curl -sS -X POST -H 'Content-Type: application/json' \
     -d '{"method":"nodeCall","params":[{"type":"nodeCall","message":"getNetworkInfo","data":{}}]}' \
     http://your-node-rpc/ | jq .response.nodeVersion

[qodo-code-review]

Qodo reviews are paused for this user.

Troubleshooting steps vary by plan Learn more →

On a Teams plan?
Reviews resume once this user has a paid seat and their Git account is linked in Qodo.
Link Git account →

Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center?
These require an Enterprise plan - Contact us
Contact us →

[coderabbitai]

Warning

Review limit reached

@tcsenpai, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 40 minutes and 22 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 7e8e6074-8e2b-46dd-a0aa-923b0dd06f58

📥 Commits

Reviewing files that changed from the base of the PR and between 4fff076 and 9dd74ee.

📒 Files selected for processing (2)

• src/libs/network/handlers/forkHandlers.ts
• src/utilities/nodeVersion.ts

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/expose-node-version

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Summary

This PR exposes build provenance (nodeVersion) on the existing getNetworkInfo RPC so operators can confirm which binary a node is actually running in one round-trip. The change is additive: forks consumers are unaffected.

• src/utilities/nodeVersion.ts — new module that resolves name/version from package.json, commit/branch/dirty from .git/HEAD (with a packed-refs fallback and env-var override path), and builtAt from BUILT_AT. All paths are try/catch-wrapped so any single failure returns null rather than throwing.
• src/libs/network/handlers/forkHandlers.ts — NetworkInfo interface gains a nodeVersion: NodeVersionInfo field and the handler appends the frozen NODE_VERSION snapshot to every getNetworkInfo response.

Confidence Score: 3/5

Safe to merge after adding a timeout to the execFileSync call — without it, a hung git binary will stall the node process at startup with no recovery path.

The execFileSync('git', ['diff-index', ...]) call runs synchronously during module evaluation with no timeout option. A stale .git/index.lock, a credential helper waiting for input, or a slow NFS-backed .git/ directory can cause the node process to hang indefinitely at startup — silently, with no RPC answering. This is the exact failure mode the module was designed to avoid. The fix is a one-liner (timeout: 5000), but it should land before this ships to validators.

src/utilities/nodeVersion.ts — specifically the execFileSync call at line 188 that lacks a startup timeout.

Important Files Changed

Filename	Overview
src/utilities/nodeVersion.ts	New module that reads package.json, .git/HEAD, and runs git diff-index synchronously at module evaluation. The git exec call lacks a timeout, which can hang startup; all other failure paths are defensively handled.
src/libs/network/handlers/forkHandlers.ts	Adds nodeVersion: NODE_VERSION to the getNetworkInfo response and extends the NetworkInfo interface accordingly. Change is additive and straightforward.

Sequence Diagram

sequenceDiagram
    participant Client
    participant forkHandlers
    participant NODE_VERSION
    participant readGitInfo
    participant fs as .git/HEAD
    participant git as git binary

    Note over NODE_VERSION,git: Module evaluation (once at startup)
    NODE_VERSION->>readGitInfo: readGitInfo()
    readGitInfo->>fs: readFileSync(.git/HEAD)
    fs-->>readGitInfo: ref or SHA
    readGitInfo->>git: execFileSync(diff-index --quiet HEAD)
    git-->>readGitInfo: exit 0 (clean) / exit 1 (dirty)
    readGitInfo-->>NODE_VERSION: "{commit, branch, dirty}"
    Note over NODE_VERSION: frozen snapshot

    Client->>forkHandlers: getNetworkInfo RPC
    forkHandlers->>NODE_VERSION: NODE_VERSION (read frozen value)
    NODE_VERSION-->>forkHandlers: NodeVersionInfo
    forkHandlers-->>Client: "{forks: {...}, nodeVersion: {...}}"

Loading

_{Reviews (1): Last reviewed commit: "feat(rpc): surface node identity (name +..." | Re-trigger Greptile}

[greptile-apps]

execFileSync without a timeout blocks node startup indefinitely

execFileSync is called synchronously during module evaluation with no timeout option. If git is installed but hangs — stale lock file at .git/index.lock, a credential helper prompting for input, or an NFS-backed .git/ with a dropped connection — the entire node process hangs at startup with no way to recover. The comment describes tolerating a missing binary, but a hung binary is not covered. Adding timeout: 5000 (or similar) ensures the call fails fast when git is unresponsive.

Suggested change

	try {
	execFileSync("git", ["diff-index", "--quiet", "HEAD"], {
	cwd: repoRoot,
	stdio: "ignore",
	})
	dirty = false
	} catch (e) {
	const code = (e as { status?: number }).status
	// Exit 1 = dirty. Anything else (binary missing, unreadable
	// refs) = "we don't know"; report clean rather than panic.
	dirty = code === 1
	}
	execFileSync("git", ["diff-index", "--quiet", "HEAD"], {
	cwd: repoRoot,
	stdio: "ignore",
	timeout: 5000,
	})

[greptile-apps]

The GIT_COMMIT env var accepts 7–40 character strings (the regex lower bound is 7), but NodeVersionInfo.commit is documented as "Full 40-char git SHA." When GIT_COMMIT carries a short SHA, commitShort becomes identical to commit, and any downstream consumer relying on commit being the full SHA will get a truncated value without warning. The JSDoc should reflect the actual range.

Suggested change

	/** Full 40-char git SHA, or `null` if not resolvable. */
	commit: string | null
	/** Full git SHA, or `null` if not resolvable. When sourced from the `GIT_COMMIT` env var, may be a short SHA (7–40 chars). */
	commit: string | null