ci: make attw advisory (upstream crash), keep publint gating#41
Conversation
@arethetypeswrong/cli crashes internally ("Cannot read properties of undefined
(reading 'filename')") on this package's ESM-only multi-subpath exports — across
versions and on a clean rebuild, unrelated to package content. publint validates
the exports are correct and stays gating; attw is downgraded to a warning so its
crash no longer fails CI. Revert once the upstream bug is fixed.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
Warning Review limit reached
Your plan includes 1 review of capacity. Refill in 44 minutes and 7 seconds. Your organization has run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After more review capacity refills, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than trial, open-source, and free plans. In all cases, review capacity refills continuously over time. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
@arethetypeswrong/core crashes ("Cannot read properties of undefined (reading
'filename')") on tarballs that gunzip into multiple chunks — its extractTarball
overwrites `unzipped` per streaming chunk instead of concatenating, so untar gets
the last (empty) chunk and returns zero files. Root-caused and fixed upstream
(arethetypeswrong/arethetypeswrong.github.io#263).
Pin @arethetypeswrong/cli as a dev dep and apply the same fix via a bun patch on
@arethetypeswrong/core, so CI runs the patched local binary (`bun run attw`)
instead of npx-latest. Reverts the advisory `|| echo` workaround from #41 — attw
gates the package again. Drop the patch + pin and return to npx once the upstream
fix is released.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@arethetypeswrong/cli crashes ("Cannot read properties of undefined (reading
'filename')") decompressing this package's tarball — its core overwrites the
fflate Gunzip output per chunk instead of concatenating, so any package large
enough to stream in multiple chunks (ours: 341KB/92 files) loses all but the
last empty chunk. That's a checker bug, not a problem with the generated package.
Rather than carry a local patch + pinned dep for a third-party tool, drop attw
entirely. publint remains the gating export validator. Removes the pinned
@arethetypeswrong/cli dev dep, the bun patch, and the attw script/CI step added
in #41/#42.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Follow-up to #39.
@arethetypeswrong/clicrashes internally ("Cannot read properties of undefined (reading 'filename')") on this package's ESM-only multi-subpath exports — reproduced across attw versions (0.17.4 / 0.18.1 / 0.18.2) and on a clean rebuild, independent of package content. This was failing the "Verify package" CI step.publint (the real export validator) passes ("All good!"), so attw is downgraded to a warning (
|| echo ::warning::) while publint stays gating. Revert once the upstream attw bug is fixed.(The #39 squash-merge landed before this CI commit existed, so main's CI would otherwise stay red on the attw crash.)