From 8db7f3165bf7a950899703fb0d2b2e053cfe0341 Mon Sep 17 00:00:00 2001 From: JSONbored <49853598+JSONbored@users.noreply.github.com> Date: Tue, 14 Jul 2026 02:26:20 -0700 Subject: [PATCH] fix(miner): tighten the @loopover/engine dependency to ^2.0.0 lib/deny-hooks.js imports DEFAULT_DENY_RULES from @loopover/engine -- an export that only exists starting in engine 2.0.0. The miner-v1.0.0 release's own packed-tarball smoke test (a real standalone `npm install`, outside the monorepo workspace) caught this: with the dependency declared as "*", a fresh install resolved the currently-published engine 1.0.0 and crashed with SyntaxError: The requested module '@loopover/engine' does not provide an export named 'DEFAULT_DENY_RULES'. The "*" pin traced back to an earlier fix reverting a release-please speculative cross-bump (engine 2.0.0 wasn't published yet at the time, so a tight ^2.0.0 pin would have failed npm ci with ETARGET). Now that engine 2.0.0 is actually published, ^2.0.0 is both installable and correctly expresses miner's real requirement. --- package-lock.json | 2 +- packages/gittensory-miner/package.json | 2 +- test/unit/miner-status.test.ts | 9 ++++----- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/package-lock.json b/package-lock.json index a2ff3793d6..685014b8cb 100644 --- a/package-lock.json +++ b/package-lock.json @@ -15920,7 +15920,7 @@ "version": "1.0.0", "license": "AGPL-3.0-only", "dependencies": { - "@loopover/engine": "*", + "@loopover/engine": "^2.0.0", "@modelcontextprotocol/sdk": "1.29.0", "zod": "^4.4.3" }, diff --git a/packages/gittensory-miner/package.json b/packages/gittensory-miner/package.json index ad9572f336..cae5aee8de 100644 --- a/packages/gittensory-miner/package.json +++ b/packages/gittensory-miner/package.json @@ -41,7 +41,7 @@ "build": "node --check bin/gittensory-miner.js && node --check bin/gittensory-miner-mcp.js && node --check lib/ams-policy.js && node --check lib/attempt-cli.js && node --check lib/attempt-input-builder.js && node --check lib/attempt-log.js && node --check lib/attempt-runner.js && node --check lib/attempt-worktree.js && node --check lib/calibration-run.js && node --check lib/calibration-types.js && node --check lib/calibration.js && node --check lib/ci-poller.js && node --check lib/claim-adjudication.js && node --check lib/claim-conflict-resolver.js && node --check lib/claim-ledger-cli.js && node --check lib/claim-ledger-expiry.js && node --check lib/claim-ledger.js && node --check lib/cli.js && node --check lib/coding-agent-construction.js && node --check lib/coding-agent-house-rules.js && node --check lib/coding-task-spec.js && node --check lib/deny-check.js && node --check lib/deny-hook-synthesis.js && node --check lib/deny-hooks.js && node --check lib/deployment-docs-audit.js && node --check lib/discover-cli.js && node --check lib/event-ledger-cli.js && node --check lib/event-ledger.js && node --check lib/execute-local-write.js && node --check lib/feasibility-cli.js && node --check lib/governor-action-mode.js && node --check lib/governor-chokepoint-persisted.js && node --check lib/governor-chokepoint.js && node --check lib/governor-kill-switch.js && node --check lib/governor-ledger-cli.js && node --check lib/governor-ledger.js && node --check lib/governor-metrics-cli.js && node --check lib/governor-open-pr.js && node --check lib/governor-pause-cli.js && node --check lib/governor-run-halt.js && node --check lib/governor-state.js && node --check lib/governor-write-rate-limit.js && node --check lib/harness-submission-trigger.js && node --check lib/init-wizard.js && node --check lib/laptop-init.js && node --check lib/live-issue-snapshot.js && node --check lib/local-store.js && node --check lib/logger.js && node --check lib/loop-cli.js && node --check lib/loop-closure.js && node --check lib/loop-reentry.js && node --check lib/manage-poll.js && node --check lib/manage-status.js && node --check lib/metrics-cli.js && node --check lib/miner-goal-spec.js && node --check lib/opportunity-fanout.js && node --check lib/opportunity-ranker.js && node --check lib/orb-export.js && node --check lib/plan-store-cli.js && node --check lib/plan-store.js && node --check lib/policy-doc-cache.js && node --check lib/policy-verdict-cache.js && node --check lib/portfolio-dashboard.js && node --check lib/portfolio-discovery.js && node --check lib/portfolio-queue-cli.js && node --check lib/portfolio-queue-manager.js && node --check lib/portfolio-queue.js && node --check lib/portfolio-queue-expiry.js && node --check lib/pr-disposition-poller.js && node --check lib/pr-number-parse.js && node --check lib/pr-outcome.js && node --check lib/prediction-ledger.js && node --check lib/pretooluse-hook.js && node --check lib/purge-cli.js && node --check lib/ranked-candidates.js && node --check lib/rejection-signal.js && node --check lib/rejection-state-machine.js && node --check lib/rejection-templates.js && node --check lib/replay-objective-anchor.js && node --check lib/replay-snapshot.js && node --check lib/replay-task-generation.js && node --check lib/repo-clone.js && node --check lib/run-state-cli.js && node --check lib/run-state.js && node --check lib/self-review-context.js && node --check lib/slop-assessment.js && node --check lib/stack-detection.js && node --check lib/status.js && node --check lib/submission-freshness-check.js && node --check lib/update-check.js && node --check lib/version.js && node --check lib/worktree-allocator.js" }, "dependencies": { - "@loopover/engine": "*", + "@loopover/engine": "^2.0.0", "@modelcontextprotocol/sdk": "1.29.0", "zod": "^4.4.3" }, diff --git a/test/unit/miner-status.test.ts b/test/unit/miner-status.test.ts index 03141d1322..9f5a429cd0 100644 --- a/test/unit/miner-status.test.ts +++ b/test/unit/miner-status.test.ts @@ -63,11 +63,10 @@ describe("gittensory-miner status/doctor (#2288)", () => { it("REGRESSION: collectStatus reports the REAL installed engine version, not the declared dependency range", () => { const root = tempRoot(); const status = collectStatus({ LOOPOVER_MINER_CONFIG_DIR: join(root, "state") }, root); - // The monorepo declares "*" for this workspace dependency -- a self-hoster asking "what's installed" - // needs the real resolved semver (matching what doctor's own engine-version-skew check already shows), - // not the meaningless declared range. + // A self-hoster asking "what's installed" needs the real resolved semver (matching what doctor's own + // engine-version-skew check already shows), not the declared dependency range. expect(status.engine.version).toBe(readInstalledEnginePackageVersion()); - expect(status.engine.version).not.toBe("*"); + expect(status.engine.version).not.toBe("^2.0.0"); }); it("buildEngineVersionDisplay prefers a real resolved version when available", () => { @@ -75,7 +74,7 @@ describe("gittensory-miner status/doctor (#2288)", () => { }); it("REGRESSION: buildEngineVersionDisplay falls back to the declared dependency range when real resolution comes up empty", () => { - expect(buildEngineVersionDisplay(() => null)).toBe("*"); + expect(buildEngineVersionDisplay(() => null)).toBe("^2.0.0"); }); it("collectStatus prefers LOOPOVER_MINER_VERSION over package.json (#4310)", () => {