fix(extensions): preserve binaries field in push archive manifest (swamp-club#309)#1354
fix(extensions): preserve binaries field in push archive manifest (swamp-club#309)#1354
Conversation
…amp-club#309) The archive re-emit in extensionPushPrepare omitted binaries from the stringifyYaml call, so pulled extensions lost the security warning and chmod 0o755 step even when the source manifest declared binaries. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
CLI UX Review
Blocking
None.
Suggestions
None.
Verdict
PASS — this PR fixes silent data loss in the archive manifest (the binaries field was dropped during swamp extension push) but introduces no changes to user-visible output, flags, error messages, or JSON shape. The behavioral fix is correct: pull-side consumers now correctly receive the binaries field, enabling the expected security warning and chmod 0o755 step. The regression test confirms the round-trip. No UX concerns.
There was a problem hiding this comment.
Code Review
Blocking Issues
None.
Suggestions
- Minor inconsistency in manifest path resolution: The new test hardcodes
join(dst, "extension", "manifest.yaml")while the adjacent test (line 295) uses thefindManifestRoot(dst)helper. Not blocking since the path is deterministic in the archive format, but using the helper would be more resilient to future archive layout changes.
Overall: Clean, minimal bug fix with a thorough regression test. The conditional spread for binaries correctly matches the established pattern for skills, include, platforms, and labels. LGTM.
There was a problem hiding this comment.
Adversarial Review
Critical / High
None.
Medium
None.
Low
-
Test cleanup on Windows (
push_pull_roundtrip_test.ts:389-390): Thefinallyblock callsDeno.remove(src, { recursive: true })andDeno.remove(dst, { recursive: true })without the Windows EBUSY.catch(() => {})pattern mentioned in CLAUDE.md. However, this is consistent with all other tests in this file (lines 320-321, 210-211) — none of them use the catch pattern either. Not a regression from this PR. -
Hardcoded archive root (
push_pull_roundtrip_test.ts:382-387): The test usesjoin(dst, "extension", ...)rather thanfindManifestRoot(dst)used in the second test. If the archive root path ever changes, this test would break. Again, consistent with the first test in the file (line 192), so not a regression.
Verdict
PASS — Clean, minimal 3-line fix that adds the missing binaries conditional spread to the archive manifest serialization at line 1057. The pattern exactly mirrors the existing handling of skills, include, platforms, and labels in the same stringifyYaml block. ExtensionManifest.binaries is typed as string[] (normalized from optional via ?? [] in the parser at extension_manifest.ts:200), so .length access is safe. The binary files themselves were already being copied correctly (lines 1201-1222) — only the YAML field was missing. Test properly validates the round-trip.
1 participant
Summary
swamp extension pushwas dropping thebinaries:field from the re-emitted archivemanifest.yaml, causing pull-side consumers to miss the security warning andchmod 0o755stepbinariesconditional spread to thestringifyYamlcall inpush.ts, matching the existing pattern forskills,include,platforms, andlabelsbinariessurvives push → extract in both the manifest YAML and the file treeFixes https://swamp-club.com/lab/issues/309
Test plan
deno checkpassesdeno lintpassesdeno fmtpassesbinariesfield in archive manifest and binary file presence underextension/files//tmp/swamp-repro-issue-309with compiled binary🤖 Generated with Claude Code