Sync main to dev (rc.24)#307
Conversation
- Add forge-core commit blocker hook (prevents direct commits) - Version all dev-core hooks in scripts/hooks/ - Update Makefile to install all hooks including blocker - Rewrite AGENTS.md Amendment #11 with single-repo experience - Rewrite DUAL_REPO_WORKFLOW.md with correct workflow - All member crates use version.workspace = true - Update to Rust Edition 2024, nightly-2025-05-18
- Add forge-core-pre-push hook to block direct pushes - Add `make push-both` command for pushing both repos together - Add `make pr-both` command for creating PRs in both repos (with RC label) - Update dev-core to install both blocker hooks in forge-core - Update AGENTS.md Amendment #11 with new workflow - Update DUAL_REPO_WORKFLOW.md with simplified commands
…elain Replace separate checks for staged, unstaged, and untracked files with a single `git status --porcelain` command. Same behavior, fewer lines.
Adds pre-checkout cleanup step to prevent permission issues on self-hosted runners where stale files from previous runs can cause checkout failures.
The e2e workflow was missing the dtolnay/rust-toolchain step, causing 'cargo: command not found' errors on the self-hosted runner.
Fix clippy warnings about uninlined format args in: - forge-app/src/router.rs (test functions) - forge-app/src/services/mod.rs (test function) - forge-app/examples/test_profile_names.rs - forge-app/examples/test_genie_discovery.rs
feat: idiot-proof dual-repo workflow with git hooks
cargo-edit requires newer nightly for smol_str dependency. Aligned with upstream BloopAI/vibe-kanban toolchain.
Align with upstream BloopAI/vibe-kanban toolchain version: - test.yml: nightly-2025-05-18 → nightly-2025-12-04 - playwright-e2e.yml: nightly-2025-05-18 → nightly-2025-12-04 - build-all-platforms.yml: container tag nightly-2025-12-04 - rust-toolchain.toml: nightly-2025-12-04 Container image ghcr.io/namastexlabs/forge-builder:nightly-2025-12-04 has been built and pushed to registry.
Add openssl with vendored feature as a direct dependency to enable Cargo feature unification across all transitive dependencies. This fixes cross-compilation failures where openssl-sys couldn't find the OpenSSL installation. Previously, Android had a target-specific vendored openssl, but Windows and Linux ARM64 cross-compilation also need it. Moving the dependency to a general (non-target-specific) section ensures all platforms can build without a local OpenSSL installation.
Add step to Unified Release workflow that automatically creates matching tags in namastexlabs/forge-core when bumping RC or nightly versions. This eliminates the need for manual tag creation. Uses existing PAT_TOKEN secret for cross-repo API access. Includes idempotency check to skip if tag already exists.
… token - Remove NODE_AUTH_TOKEN env var from publish step - Add --provenance flag for OIDC-based authentication - Configured Trusted Publishing on npm for both @automagik/forge and automagik packages Fixes npm publish failure due to expired classic token on December 9, 2025.
The setup-node action with registry-url automatically configures NODE_AUTH_TOKEN for token-based authentication, which conflicts with OIDC Trusted Publishing. Remove registry-url and set registry manually via npm config to allow OIDC to handle authentication.
Add mozilla-actions/sccache-action to cache compiled Rust artifacts across builds. Uses GitHub Actions cache backend. Expected improvement: 30min -> 12-15min for warm builds
…ation feat(ci): add sccache for faster Rust builds
…r ownership Two fixes for CI issues: 1. sccache incompatibility: Add CARGO_INCREMENTAL=0 because sccache doesn't work with Cargo's incremental compilation. The forge-builder Docker container has CARGO_INCREMENTAL=1 set, which caused builds to fail. 2. Container ownership: Add cleanup step to fix file ownership at end of Linux container builds. Docker containers run as root, creating files that the runner user can't clean up, causing subsequent jobs (e2e, test) to fail with EACCES permission errors.
Previously, release.yml created tags in forge-core pointing at main HEAD without updating the workspace version first. This caused version mismatch where crates showed old version (e.g., 0.8.7-rc.4) even from newer tags (e.g., v0.8.7-rc.11). Now triggers sync-version-from-forge workflow in forge-core which: 1. Updates [workspace.package] version using cargo set-version 2. Commits the change 3. Creates annotated tag pointing at the versioned commit
fix(ci): disable incremental compilation for sccache
- Add continue-on-error to sccache setup step - Only set RUSTC_WRAPPER if sccache setup succeeds - Add retry logic to cargo-zigbuild installation (3 attempts) - Disable sccache during cargo install to avoid cache issues - Make sccache stats conditional on SCCACHE_AVAILABLE This allows builds to succeed even when GitHub Actions cache service is temporarily unavailable, falling back to uncached compilation instead of failing.
The previous fix only checked if sccache setup action succeeded, but the real failure occurs when sccache tries to access the GitHub Actions cache backend during compilation. This change: - Tests sccache server startup before enabling - Runs --zero-stats to verify backend connectivity - Only sets RUSTC_WRAPPER if backend is reachable - Falls back to uncached build if tests fail - Uses timeout to quickly detect hung connections
GitHub Actions cache service is experiencing intermittent outages that cause builds to fail mid-compilation with exit code 101, even when initial connectivity tests pass. Changes: - Disable sccache setup step entirely (if: false) - Enable CARGO_INCREMENTAL=1 for faster rebuilds without sccache - Clear comments explaining this is temporary This ensures RC builds complete successfully while GHA cache recovers. Will re-enable sccache once service stabilizes.
The packaging step needs zip command which may not be installed in the Docker container. Add direct installation in the packaging step as a fallback, supporting both apt-get (Debian) and apk (Alpine).
- Switch from OIDC Trusted Publishing to NPM_TOKEN authentication - OIDC was failing with ENEEDAUTH due to classic token revocation - Add build-docker-image.yml for building optimized builder images - Add scripts/setup-windows-runner.ps1 for pre-installing Windows tools - Clean up verify step and packaging comments
- Replace Trusted Publishing (OIDC) with NPM_TOKEN secret - Add registry-url to setup-node configuration - Remove --provenance flag (OIDC-specific) - Add NODE_AUTH_TOKEN env var to publish step npm deprecated classic tokens and OIDC wasn't authenticating properly. Using granular access token for @automagik/forge package.
Summary of ChangesHello @namastex888, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request brings the Highlights
Ignored Files
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
There was a problem hiding this comment.
Code Review
This pull request syncs a significant number of changes from the main branch to dev, encompassing release candidates rc.4 through rc.24. The updates span across documentation, build tooling, and application code. Key changes include a major improvement to the dual-repo development workflow with new git hooks and Makefile targets for automation, updates to dependencies including moving to Rust 2024 edition with a nightly toolchain, and various code quality improvements like adopting modern Rust formatting idioms. My review found the changes to be well-implemented, especially the new development workflow which should greatly improve developer experience. I have one minor suggestion to improve the documentation to be consistent with the new Makefile targets.
| # Now push both repos (forge-core was already committed by hooks!) | ||
| git push # automagik-forge | ||
| cd forge-core && git push && cd .. # forge-core | ||
|
|
||
| # Or manually via GitHub UI | ||
| # Create PRs for both repos | ||
| gh pr create --base main --fill # automagik-forge | ||
| cd forge-core && gh pr create --base main --fill && cd .. # forge-core |
There was a problem hiding this comment.
The 'Complete Workflow' section should be updated to recommend using the new make push-both and make pr-both targets instead of raw git/gh commands. This would make the detailed instructions consistent with the 'Quick Start' section and promote the use of the safer, more convenient Makefile targets which include important safety checks.
| # Now push both repos (forge-core was already committed by hooks!) | |
| git push # automagik-forge | |
| cd forge-core && git push && cd .. # forge-core | |
| # Or manually via GitHub UI | |
| # Create PRs for both repos | |
| gh pr create --base main --fill # automagik-forge | |
| cd forge-core && gh pr create --base main --fill && cd .. # forge-core | |
| # Now push both repos using the new Makefile target | |
| make push-both | |
| # Create PRs for both repos | |
| make pr-both |
Syncing all RC releases (rc.4 through rc.24) from main back to dev to keep branches identical.