fs-packages: re-normalize 10 publint git+ prefix regressions (PR #35 aftermath)#48
Merged
Merged
Conversation
All 10 workspace packages had drifted back to the plain https:// form after 4bd3115 introduced the git+ prefix — the merge of PR #35 (feat/adapter-store-apply-external-updates, branch cut pre-4bd3115) carried the pre-fix state across every manifest, and no subsequent commit re-normalised. publint 0.3.18 was emitting the "could be a full git URL like git+https://..." suggestion for every package. Re-applies 4bd3115's canonical form mechanically across all 10: adapter-store, dialog, helpers, http, loading, router, storage, theme, toast, translation. One-line change per manifest, identical to the original patch. Before: 10/10 packages carry the publint git+ suggestion. After: 0/10 suggestions; lint:pkg gate clean. Root package.json has no repository field and is private — no change. No version bumps — metadata-only. Closes the publint git+ class advisory surfaced by PR #45's adapter-store Engineer execution report. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Closes enforcement queue #33. publint 0.3.18 CLI does not expose a flag to fail on suggestions: --level only controls log verbosity, --strict only promotes warnings → errors. Verified empirically with all three flag combinations on a real git+ URL suggestion — every invocation exits 0. Option (a) rejected by empirical test; Option (b) chosen. Adds scripts/lint-pkg.mjs — ESM Node wrapper that runs publint per workspace, detects Suggestions:/Warnings:/Errors: blocks, runs attw --pack alongside, and exits non-zero on any publint advisory OR attw failure. Failure output names both the package and the advisory class in a single greppable line. Root "lint:pkg" now points at the wrapper; per-package "lint:pkg" scripts stay as "publint && attw --pack" for developer ergonomics during per-package iteration. Smoke test: - BEFORE tightening: publint && attw on git+-stripped http/package.json → exit 0 (silent drift) - AFTER tightening: npm run lint:pkg on same regression → exit 1 with "fs-http: publint emitted \"Suggestions:\" block (fail-on-suggestion gate)" - Post-revert: npm run lint:pkg → exit 0 All 8 CI gates green on sweep-normalized base (stacked on armory-publint-git-prefix-sweep). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
9 tasks
…ghtening Tighten lint:pkg gate: fail CI on publint suggestions (enforcement #33)
Deploying fs-packages with
|
| Latest commit: |
05149fc
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://1293cf8b.fs-packages.pages.dev |
| Branch Preview URL: | https://armory-publint-git-prefix-sw.fs-packages.pages.dev |
jasperboerhof
approved these changes
Apr 23, 2026
jasperboerhof
approved these changes
Apr 23, 2026
jasperboerhof
approved these changes
Apr 23, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
4bd3115canonical URL form (nogit+prefix) across all 10 workspace package manifests that regressed on PR Add broadcast subscription contract to fs-adapter-store #35's merge.Root cause (not a partial fix — a stale-branch regression)
The
git+prefix wasn't deliberately removed by anyone.4bd3115fixed it originally; PR #35 (merged 2026-04-19) was branched BEFORE4bd3115landed and silently overwrote pre-fix manifest state across every file it touched on merge. `git log --all -S 'git+https'` confirms only4bd3115ever introduced the fix string — no explicit revert commit exists.Scope of regression: all 10 packages, not just adapter-store (adapter-store, dialog, helpers, http, loading, router, storage, theme, toast, translation). Root
package.jsonis"private": truewith norepositoryfield, so it's not publint-linted and was unaffected.Why the gate didn't catch this
`publint` grades
git+as a suggestion, not an error. The currentlint:pkgscript returns exit 0 on suggestion-only output, so `npm run lint:pkg` went green every CI run during the 3 days of drift. Enforcement queue entry #33 (filed 2026-04-22) tracks the gate-tightening follow-up: either `publint --level=suggestion` or a wrapper that fails CI on any `Suggestions:` block.Verification
All 8 CI gates green locally. Notable delta on gate 6 (
lint:pkg):Suggestions:blocksSuggestions:blocksNo problems foundNo problems foundNo new advisory classes surfaced.
Test plan