Skip to content

chore: migrate pi-* deps to @earendil-works, harden native install (v0.3.1)#18

Merged
mandarnilange merged 3 commits into
mainfrom
chore/v0.3.1-install-hardening-pi-migration
Jun 22, 2026
Merged

chore: migrate pi-* deps to @earendil-works, harden native install (v0.3.1)#18
mandarnilange merged 3 commits into
mainfrom
chore/v0.3.1-install-hardening-pi-migration

Conversation

@mandarnilange

@mandarnilange mandarnilange commented Jun 22, 2026

Copy link
Copy Markdown
Owner

Summary

Maintenance release (v0.3.1) that clears the deprecated-dependency warnings seen on npm install and improves the first-run experience on npm 11+.

Changes

Dependencies — migrate off deprecated @mariozechner/pi-*

  • @mariozechner/pi-ai, @mariozechner/pi-agent-core, @mariozechner/pi-coding-agent were deprecated (renamed by the author). Migrated to @earendil-works/pi-* ^0.79.9.
  • Updated the two execution backends, all test mocks, docs, and the example extension. tsc --build passes, confirming the 0.65 → 0.79 API surface is compatible.

Install hardening (npm 11+ allow-scripts)

  • npm 11 blocks dependency install scripts by default. AgentForge depends on the native module better-sqlite3 (and koffi), which need their build scripts to compile — otherwise the package fails at runtime with a cryptic native-binding error.
  • Added a lazy, fail-friendly loader (packages/core/src/state/native-sqlite.ts) that translates a missing/incompatible binding into actionable guidance (npm approve-scripts + npm rebuild). Wired into the core and platform SQLite stores.
  • Documented the gating in both READMEs and the getting-started guide.

Release

  • Bump to 0.3.1; refreshed stale version / RC references in docs.

Testing

  • tsc --build
  • biome check
  • Full test suite: 1692 passed / 156 files
  • CodeRabbit review: no findings ✅

Notes

  • No public API or breaking changes — hence a patch bump.
  • package-lock.json regenerated to resolve @earendil-works/*.

@mandarnilange
chore: migrate pi-* deps to @earendil-works, harden native install (v…
42c76f5 
…0.3.1)

Dependencies:
- Migrate @mariozechner/pi-{ai,agent-core,coding-agent} (deprecated) to
  @earendil-works/pi-* ^0.79.9. Updates source backends, test mocks, docs,
  and the example extension. Typecheck confirms API compatibility.

Install hardening:
- Add a lazy, fail-friendly better-sqlite3 loader (native-sqlite.ts) that
  translates a missing/incompatible native binding into actionable guidance
  (npm approve-scripts + npm rebuild). Wired into the core and platform
  SQLite stores.
- Document the npm 11+ install-script gating in both READMEs and the
  getting-started guide.

Release:
- Bump to 0.3.1; refresh stale version/RC references in docs.

Closes the deprecated-dependency warnings surfaced on install.
@coderabbitai

coderabbitai Bot commented Jun 22, 2026
edited
Loading

Copy link
Copy Markdown

Warning

Review limit reached

@mandarnilange, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 45 minutes and 5 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits.

🚦 How do rate limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan refill rate.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, the refill rate gradually slows as usage increases. The highest same-day bursts are limited more strictly.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 035014e5-213d-40b9-80f4-e0e63e7c2477

📥 Commits

Reviewing files that changed from the base of the PR and between cb11125 and 88ff4bc.

⛔ Files ignored due to path filters (1)
  • package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (32)
  • .agentforge/extensions/example-skill.ts
  • .github/workflows/ci.yml
  • .github/workflows/release.yml
  • CHANGELOG.md
  • Dockerfile
  • README.md
  • ROADMAP.md
  • docs/architecture.md
  • docs/getting-started.md
  • docs/pi-coding-agent-extensions.md
  • docs/platform-architecture.md
  • package.json
  • packages/core/README.md
  • packages/core/package.json
  • packages/core/src/adapters/execution/pi-ai-backend.ts
  • packages/core/src/adapters/execution/pi-coding-agent-backend.ts
  • packages/core/src/state/native-sqlite.ts
  • packages/core/src/state/store.ts
  • packages/core/tests/adapters/pi-ai-backend.test.ts
  • packages/core/tests/adapters/pi-coding-agent-backend.test.ts
  • packages/core/tests/integration/extension-loading.test.ts
  • packages/core/tests/publish/smoke.test.ts
  • packages/core/tests/state/native-sqlite.test.ts
  • packages/platform/README.md
  • packages/platform/package.json
  • packages/platform/src/adapters/store/sqlite-definition-store.ts
  • packages/platform/tests/adapters/execution/gemini-execution-backend.test.ts
  • packages/platform/tests/adapters/execution/ollama-execution-backend.test.ts
  • packages/platform/tests/adapters/execution/openai-execution-backend.test.ts
  • packages/platform/tests/di/platform-container.test.ts
  • packages/platform/tests/integration/multi-provider-execution.test.ts
  • packages/platform/tests/publish/smoke.test.ts

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@mandarnilange
chore: require Node >=22.19 (pi 0.79 dependency floor)
1ee48c0 
@earendil-works/pi-* declare engines.node >=22.19.0 (bundled undici 8.5.0
needs a Node 22 API), so Node 20 can no longer run the execution backends.

- Raise engines.node to >=22.19.0 in root, core, and platform manifests
- Drop Node 20 from the CI test matrix; bump release workflow to Node 22
- Update runtime Dockerfile stages and doc examples to node:22-alpine
- Update getting-started prerequisites to Node 22.19+

Docker executor node templates (node:20-slim) are left as-is — they sandbox
user workloads and do not run pi.

Follow-up to the @earendil-works migration; keeps v0.3.1.
@mandarnilange
docs: document Node 22.19+ requirement; align engines smoke tests
88ff4bc 
- CHANGELOG: add 0.3.1 entry (pi migration, Node 22 floor, install hardening)
- README / core / platform READMEs: note Node.js 22.19+ requirement
- Update publish smoke tests to assert engines >= 22.19 (matches the new floor)
@mandarnilange mandarnilange merged commit 06acea3 into main Jun 22, 2026
5 of 6 checks passed
@mandarnilange mandarnilange deleted the chore/v0.3.1-install-hardening-pi-migration branch June 22, 2026 07:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mandarnilange