Bump cli-node SDK dep to ^0.25.0 and ship CLI in scaffold devDeps#70
Merged
Conversation
Three related cleanups now that sdk@0.25.0 is published: 1. cli-node @primitivedotdev/sdk dep range moves from ^0.23.0 to ^0.25.0. Under npm semver for 0.x packages, ^0.23.0 resolved only to >=0.23.0 <0.24.0, so the lockfile was pinned at sdk@0.23.0 and the CLI shipped a bundled operation manifest that did not include the local_part body field added in #69. The lockfile is refreshed against the published sdk@0.25.0 so `primitive functions:test-function --help` now surfaces --local-part as a flag. 2. functions:init scaffolder's SDK_VERSION_RANGE moves from ^0.23.0 to ^0.25.0 in lockstep, satisfying the existing regression test that asserts the two ranges match. 3. The scaffolder now includes @primitivedotdev/cli as a devDependency in the generated package.json so node_modules/.bin/primitive resolves to the real CLI inside the scaffolded project. Without this, the SDK's deprecated CLI bin wins the bin race and every `npm run deploy` prints the "CLI moved to @primitivedotdev/cli" stderr banner. AGX feedback called this out: agents using the scaffold's deploy script kept hitting the deprecation banner with no way out short of editing package.json themselves. A new regression test guards the cli devDep so the scaffold cannot silently regress to the SDK-only state. cli-node bumps to 0.25.1 to ship the bundled-manifest refresh and the scaffold devDep. 163 tests green; lint and typecheck clean.
Greptile SummaryThis PR bumps the CLI's
Confidence Score: 5/5Safe to merge — all changes are version bumps, a lockfile refresh, and a well-guarded scaffold addition with dedicated regression tests. The diff is limited to updating two version constants, refreshing the lockfile, and adding one new devDep to the scaffolded package.json. The new CLI_VERSION_RANGE constant is correctly decoupled from SDK_VERSION_RANGE, and the lockstep test reads the actual package.json version to prevent silent drift. No logic paths are altered. No files require special attention. Important Files Changed
Reviews (2): Last reviewed commit: "Decouple scaffolded CLI version range fr..." | Re-trigger Greptile |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
Greptile flagged that the scaffolded @primitivedotdev/cli devDep was pinned to SDK_VERSION_RANGE, which silently couples two independent packages. If we ever bump SDK_VERSION_RANGE without publishing a matching CLI release, npm install in every scaffolded project starts 404ing on the CLI version that does not exist. Split CLI_VERSION_RANGE into its own constant. They hold the same literal today (^0.25.0) but a future bump of either side is now an explicit decision in code instead of an accidental side effect. Strengthen the regression test from the previous caret-only check to a real lockstep invariant: the scaffolded CLI range must include this CLI's own published version. A bump of cli-node/package.json that forgets to update CLI_VERSION_RANGE now fails CI, in the same shape as the pre-existing SDK lockstep test.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Three cleanups now that
sdk@0.25.0is on npm:cli-node
@primitivedotdev/sdkdep range bumped from^0.23.0to^0.25.0. Under npm semver for 0.x packages,^0.23.0resolves only to>=0.23.0 <0.24.0, so cli-node's lockfile was pinned atsdk@0.23.0and the bundled operation manifest didn't include thelocal_partbody field shipped in Add local_part to testFunction spec and bump all SDKs to 0.25.0 #69. Lockfile refreshed againstsdk@0.25.0. Result:primitive functions:test-function --helpnow surfaces--local-partas a flag.Scaffolder
SDK_VERSION_RANGEmoves from^0.23.0to^0.25.0in lockstep, satisfying the existing regression test that asserts the two ranges match byte-for-byte.Scaffolder generates
@primitivedotdev/clias a devDependency. Without this, the SDK's deprecated CLI bin wins thenode_modules/.bin/primitiverace inside a scaffolded project, so everynpm run deployprints the "CLI moved to @primitivedotdev/cli" stderr banner. AGX feedback flagged this exact behavior. New regression test pins the devDep so it can't silently regress.Versions
Test plan
npm install -g @primitivedotdev/cli@0.25.1 && primitive functions:test-function --helplists--local-part.primitive functions:init demo-fn && cd demo-fn && npm install && grep primitive node_modules/.bin/primitiveresolves to the cli package, not the sdk alias.npm run deployno longer prints the deprecation banner.