fix: username issue and bun lock issue

[MaheshtheDev]

No description provided.

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
✅ Deployment successful! View logs	supermemory-app	7b64ce1	Mar 31 2026, 09:45 PM

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
🔵 In progress View logs	supermemory-app	95d3d92	Mar 31 2026, 06:18 PM

[MaheshtheDev]

• fix: username issue and bun lock issue #818 👈 (View in Graphite)
• main

---

How to use the Graphite Merge Queue

Add the label Main to this PR to add it to the merge queue.

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

[claude]

Claude finished @MaheshtheDev's task in 1m 25s —— View job

---

Review Complete

Overview: Fixes username generation to use underscores instead of hyphens, refactors AI SDK tools from Zod to JSON schema format, and updates dependencies.

Changes analyzed:

• apps/web/app/(app)/onboarding/welcome/page.tsx: Username generation now chains .replace(/-/g, "_") to convert hyphens to underscores (e.g., "john-doe" → "john_doe")
• packages/ai-sdk/src/tools.ts: Switched from Zod schemas to native JSON schemas using jsonSchema<T>() from the ai package with proper TypeScript types
• packages/ai-sdk/package.json: Removed zod dependency since it's no longer used
• bun.lock: Updated lockfile reflecting dependency changes and new raycast-extension workspace

Issues found: None — this looks good to ship.

The username fix is straightforward and correct. The AI SDK schema migration from Zod to JSON schema is clean - the jsonSchema<T>() helper provides type safety through the generic parameter while using the native JSON schema format that the AI SDK supports. All required fields and defaults are properly preserved in the migration.

Score: 10/10

[claude]

Overview: Fixes username generation to use underscores instead of hyphens, and updates the bun lockfile.

Issues found: None — this looks good to ship.

The change to generateUsername() correctly converts hyphens to underscores (e.g., "john-doe" → "john_doe") before appending the random suffix. This is the expected format for usernames. The bun.lock update is standard lockfile maintenance.

Score: 10/10

[entelligence-ai-pr-reviews]

---

Confidence Score: 4/5 - Mostly Safe

Safe to merge — this PR makes two targeted fixes: correcting username generation in onboarding/welcome/page.tsx by chaining .replace(/-/g, '_') onto generateSlugFromName, and updating bun.lock with ESLint v9.39.4 and related dependency upgrades including estraverse from v4 to v5. The username fix is straightforward and addresses a formatting correctness issue with no apparent side effects. The lock file changes are dependency-driven and follow expected package manager behavior, though only one of the two changed files was reviewed.

Key Findings:

• The .replace(/-/g, '_') fix in generateUsername within onboarding/welcome/page.tsx is a correct and minimal change that ensures slugs with hyphens are properly converted to underscores for username formatting, with no broader logic changes that could introduce regressions.
• The bun.lock changes reflect a legitimate dependency tree update adding ESLint v9.39.4 and scoped @eslint/* packages; the estraverse v4→v5 upgrade is a known breaking-change-free upgrade that is well-established in the ecosystem.
• Coverage was 1/2 changed files reviewed — bun.lock was not deeply analyzed, but as a generated lock file its risk is limited to dependency integrity, and the packages added are widely used and trusted.
• No logic bugs, null-safety issues, or security concerns were identified in the reviewed code path; the PR is narrow in scope and easy to reason about.

Files requiring special attention

• onboarding/welcome/page.tsx
• bun.lock

[entelligence-ai-pr-reviews]

---

Confidence Score: 4/5 - Mostly Safe

Safe to merge — this PR makes two focused changes: registering apps/raycast-extension as a new monorepo workspace and wrapping Zod schema objects with zodSchema() from the ai package in packages/ai-sdk/src/tools.ts to fix AI SDK tool schema compatibility. The zodSchema wrapper in both searchMemories and addMemory tool inputSchema fields is a straightforward correctness fix aligned with the AI SDK's expected interface. No logic bugs, security concerns, or breaking changes were identified in the reviewed code, and the lock file changes appear consistent with adding a new workspace.

Key Findings:

• The zodSchema() wrapper applied to inputSchema in both searchMemories and addMemory tools in packages/ai-sdk/src/tools.ts is the correct fix for AI SDK schema compatibility — without this, raw Zod objects may not be properly recognized by the SDK's tool validation pipeline.
• The bun.lock changes reflect expected transitive dependency adjustments from adding apps/raycast-extension as a workspace; no suspicious version downgrades or unexpected dependency additions are apparent from the summary.
• Only 1 of 2 changed files was reviewed (coverage gap on bun.lock), but lock file changes are typically low-risk and mechanical when driven by a new workspace addition.
• No pre-existing unresolved review comments exist, and no new issues were flagged — the PR scope is narrow and the changes are coherent with the stated fix.

Files requiring special attention

• packages/ai-sdk/src/tools.ts
• bun.lock

[entelligence-ai-pr-reviews]

---

Confidence Score: 4/5 - Mostly Safe

Safe to merge — this PR performs dependency cleanup and lockfile maintenance by removing the apps/raycast-extension workspace and deduplicating/upgrading shared packages in bun.lock. The changes are confined to lockfile updates with no application logic modifications, and no review comments were generated indicating any problematic patterns. The promotion of supermemory from a local workspace dependency to a published package reference warrants a quick sanity check to ensure the published version matches expected behavior, but this is a low-risk concern for a lockfile-only change.

Key Findings:

• The PR is entirely scoped to bun.lock changes — no application source code, configuration files, or business logic is modified, significantly limiting blast radius.
• Removal of apps/raycast-extension workspace and its associated oclif, @raycast/*, and @typescript-eslint/* dependencies appears intentional and consistent with the stated PR purpose, reducing maintenance surface.
• The promotion of supermemory from a local workspace path reference to an external published package could introduce a subtle version mismatch if the published version diverges from the local one, but this is a pre-existing architectural decision rather than a bug introduced here.
• Major version bumps on 10 shared packages (e.g., ajv, glob-parent, globals) via deduplication are common in lockfile hygiene PRs and carry low risk since these are transitive/dev dependencies being aligned, not direct API consumers being changed.

Files requiring special attention

• bun.lock

[entelligence-ai-pr-reviews]

---

Confidence Score: 5/5 - Safe to Merge

Safe to merge — this PR makes a targeted, correct update to align the zod import path in packages/ai-sdk/src/tools.ts with Zod v4's modular package structure by switching from zod to zod/v4. The change is minimal, well-scoped, and directly addresses a compatibility requirement introduced by Zod v4's new subpath exports. No logic, validation, or security concerns are introduced by this single-line import path correction.

Key Findings:

• The import change from zod to zod/v4 in tools.ts is the correct approach for Zod v4 compatibility, as Zod v4 exposes its API via the zod/v4 subpath export rather than the root package entry point.
• The PR is highly focused with no collateral changes — only the import source is modified, leaving all type usage and schema definitions in tools.ts untouched, which minimizes regression risk.
• No review comments, no pre-existing unresolved issues, and full file coverage was achieved during analysis, giving high confidence in the correctness of this change.

Files requiring special attention

• packages/ai-sdk/src/tools.ts

[entelligence-ai-pr-reviews]

---

Confidence Score: 4/5 - Mostly Safe

Safe to merge — this PR cleanly migrates @supermemory/ai-sdk tool schema definitions from Zod to raw JSON Schema via jsonSchema from the ai package, and registers the new apps/raycast-extension workspace in bun.lock. The changes are well-scoped: dropping the zod dependency from packages/ai-sdk/package.json, updating the .d.ts reference, and replacing zodSchema with jsonSchema in tools.ts are all coherent and consistent with the stated goal. No review comments were generated and no critical, significant, or medium issues were identified by automated analysis.

Key Findings:

• The migration from zodSchema/zod to jsonSchema in packages/ai-sdk/src/tools.ts is a straightforward substitution using a supported API from the ai package, with no logic branching or runtime validation gaps introduced.
• The bun.lock changes correctly register the new apps/raycast-extension workspace and resolve transitive dependency version conflicts via scoped overrides, which is standard monorepo housekeeping.
• One file in the changed set was not reviewed (coverage 2/3), leaving a small blind spot — likely the bun.lock diff which is typically auto-generated and low-risk, but worth confirming no unexpected dependency regressions were introduced.
• Dropping zod as a direct dependency is safe given the shift to raw JSON Schema, but callers of tools.ts who previously relied on Zod schema inference for TypeScript types should verify their type compatibility after this change.

Files requiring special attention

• packages/ai-sdk/src/tools.ts
• packages/ai-sdk/package.json
• bun.lock

[entelligence-ai-pr-reviews]

---

Confidence Score: 5/5 - Safe to Merge

Safe to merge — this PR performs a lockfile cleanup by removing the apps/raycast-extension workspace and consolidating previously duplicated package entries in bun.lock. The changes are purely administrative to the dependency lockfile and do not touch any application logic, runtime code, or configuration files. No review comments were generated and no critical, significant, or medium issues were identified by heuristic analysis.

Key Findings:

• The bun.lock changes are purely mechanical — removing a workspace entry (apps/raycast-extension) and deduplicating scoped package entries like ajv, glob-parent, lilconfig, and globals into single top-level entries, which is expected behavior when a workspace is removed.
• No application source files, configuration files, or runtime logic were modified, meaning there is zero risk of behavioral regressions from this change.
• Lockfile consolidation of this type (removing a workspace and its transitive dependencies) is a standard housekeeping operation with no security or correctness implications provided the remaining entries are consistent, which the automated review found no issues with.

Files requiring special attention

• bun.lock

[graphite-app]

Merge activity

• Mar 31, 9:39 PM UTC: MaheshtheDev added this pull request to the Graphite merge queue.
• Mar 31, 9:42 PM UTC: Merged by the Graphite merge queue.

[entelligence-ai-pr-reviews]

---

Confidence Score: 5/5 - Safe to Merge

Safe to merge — this PR cleanly removes the direct zod dependency from packages/ai-sdk/package.json and migrates searchMemories and addMemory tool schemas in tools.ts to use Vercel AI SDK's native jsonSchema utility with explicit TypeScript input types, reducing dependency surface area without altering runtime behavior. The username formatting fix in the onboarding flow (replacing spaces with underscores) is a straightforward correctness improvement. No review comments were generated, no critical or significant issues were identified by static analysis, and the changes are well-scoped with clear intent.

Key Findings:

• The migration from Zod schemas to raw jsonSchema definitions in tools.ts maintains equivalent schema validation semantics while eliminating an unnecessary direct dependency, which is a clean architectural improvement.
• The username underscore formatting fix in the onboarding app route addresses a functional correctness issue (usernames with spaces are typically invalid in many systems) without introducing new logic complexity.
• All changed files were covered by the heuristic analysis, zero issues at any severity level were flagged, and there are no pre-existing unresolved comments — giving high confidence the changes are safe.

Files requiring special attention

• packages/ai-sdk/src/tools.ts
• packages/ai-sdk/package.json
• apps/web/app/(app)/onboarding/page.tsx