• chore(claude): add pkg-pr-new preview deploy lookup instructions #4767
• refactor(pegboard-gateway2): consolidate hibernation in-flight and tunnel flush #4754
• chore(kitchen-sink): configurable endpoint #4766
• refactor(rivetkit-core): rename StopReason to ShutdownKind and kill enum fallthroughs #4765
• chore(envoy-client): log command and event payloads #4751
• fix(rivetkit): minor sleep-cleanup follow-ups #4761
• docs(rivetkit): clean up stale setPreventSleep references in docs and JSDoc #4760
• docs(rivetkit): document keepAwake/waitUntil counter-arm race and surface bridge errors #4759
• test(engine): force overdue branch in alarm-during-sleep test with negative offset #4758
• fix(rivetkit-core): return stopping not starting when sleep/destroy called mid-shutdown #4757
• test(rivetkit): remove sleepWithPreventSleep fixture and tests #4756
• test(engine): add regression test for alarm-during-sleep-transition race #4755 👈 (View in Graphite)
• test(rivetkit-core): cover sleep/destroy guards and prevent_sleep no-op #4750
• docs: add keepAwake vs waitUntil table and internal sleep-sequence invariants #4749
• feat(rivetkit): expose c.keepAwake(promise) through native path #4748
• refactor(rivetkit): deprecate setPreventSleep to no-op in TypeScript #4747
• fix(rivetkit-core): enumerate non-drained counters in grace deadline warn log #4746
• fix(rivetkit-core): abort graceful cleanup task when grace deadline elapses #4745
• fix(rivetkit-core): error on sleep/destroy before startup or already-requested #4743
• fix(rivetkit-core): cap SerializeState shutdown timeout at 15s #4742
• refactor(rivetkit-core): remove prevent_sleep field and deprecate set_prevent_sleep to no-op #4741
• fix(api-public): remove orphan import_export actors module #4764
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

PR Review: Regression Test for Alarm-During-Sleep-Transition Race

Overview

Adds a single regression test alarm_overdue_during_sleep_transition_fires_via_reallocation to guard against the alarm-during-sleep-transition race where a near-overdue alarm is silently dropped when Decision::Sleep clears state.alarm_ts without checking for overdue alarms.

Issues

1. #[ignore] makes this a non-functional regression guard

The test never runs in CI. If the Decision::Sleep overdue-alarm reallocation path is later reverted, no CI gate will catch it. The other ignored tests in this file (envoy_at_max_capacity, kv_empty_value) are ignored for infrastructure-capacity reasons; this one is different because the fix being guarded is in production code.

Suggestion: Either remove #[ignore] if the test is reliable enough (consider bumping the alarm offset to 500ms+ for more margin), or explicitly track it as a deferred follow-up.

2. Potential lifecycle event subscription race

The test subscribes to lifecycle events after ready_rx.await but without first confirming the actor entered sleep. With a 100ms alarm offset, the alarm can fire and the actor can restart at generation 1 before subscribe_lifecycle_events() is called, causing the test to hang waiting for a missed event.

The existing alarm_fires_at_correct_time test uses a 5000ms alarm and explicitly waits for wait_for_actor_sleep before subscribing (with a comment explaining why). The new test skips both guards.

Suggestion: Call runner.subscribe_lifecycle_events() before ready_rx.await, or wait for sleep confirmation before subscribing.

3. Delta documentation in comments

The doc comment references the specific before/after state and file path: "Before the fix in actor2/runtime.rs, this window cleared state.alarm_ts..."

CLAUDE.md discourages delta-documenting comments. If actor2/runtime.rs is renamed or the fix moves, the comment becomes misleading.

Suggestion: Describe the invariant being tested rather than the historical before/after. E.g.: "Verifies that an alarm that becomes overdue during the sleep-shutdown transition is not silently dropped: the engine must detect and handle it via reallocation."

4. No sleep-entry assertion

The test verifies the actor wakes at generation 1 but never confirms it entered sleep first. If a regression caused the actor to stay awake and handle the alarm via the normal (non-overdue) path, the test would still pass at generation 1 without exercising the race-specific code path.

Suggestion: Add a wait_for_actor_sleep call (short timeout) before waiting for the wake, to confirm the sleep-transition path was actually exercised.

Positive Aspects

• Reuses AlarmAndSleepOnceActor without adding new actor structs.
• The scenario description is thorough and clearly explains the race.
• Correct test file placement (tests/ directory, not inline #[cfg(test)]).
• Consistent Arc<Mutex<Option<oneshot::Sender<()>>>> ready-signal pattern.

Summary

The race scenario is valid and worth guarding. Main concerns: (1) #[ignore] means no CI regression protection; (2) the 100ms alarm window creates a subscription race that could cause spurious hangs; (3) delta-style comments will rot as the codebase evolves; (4) without a sleep-entry check the test does not prove the race path was actually exercised.

Preview packages published to npm

Install with:

npm install rivetkit@pr-4755

All packages published as 0.0.0-pr.4755.867c305 with tag pr-4755.

Engine binary is shipped via @rivetkit/engine-cli on linux-x64-musl, linux-arm64-musl, darwin-x64, and darwin-arm64. Windows users should use the release installer or set RIVET_ENGINE_BINARY.

Docker images:

docker pull rivetdev/engine:slim-867c305
docker pull rivetdev/engine:full-867c305

npm install rivetkit@pr-4755
npm install @rivetkit/react@pr-4755
npm install @rivetkit/rivetkit-napi@pr-4755
npm install @rivetkit/workflow-engine@pr-4755