feat(lockfile): implement actual lockfile generation with platform metadata#6231
Closed
feat(lockfile): implement actual lockfile generation with platform metadata#6231
Conversation
Owner
Author
This stack of pull requests is managed by Graphite. Learn more about stacking. |
1f1449f to
b5de99a
Compare
6d0dd32 to
2810501
Compare
1f1449f to
956b511
Compare
2810501 to
8a48dbd
Compare
…t platform metadata fetching - Add high-level Lockfile::generate_for_tools() API for lockfile generation - Implement concurrent tool processing using parallel.rs for improved performance - Add concurrent platform metadata fetching within each tool - Refactor CLI to use high-level lockfile API instead of low-level TOML manipulation - Support multi-version lockfile format with proper serialization - Include comprehensive error handling and progress reporting - Preserve existing lockfile entries while adding new platform metadata - Support force update mode to refresh existing platform data 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
956b511 to
450a82e
Compare
8a48dbd to
b28e46e
Compare
- Fix CLI logic to use Lockfile::generate_for_tools() high-level API - Convert ToolRequestSet to Toolset to get ToolVersion objects - Maintain clean separation between CLI and core lockfile logic
- Replace analysis-based tests with actual lockfile generation tests - Update expectations for multi-version TOML format - Test dry-run, tool filtering, platform filtering, and force flags - Verify lockfile creation and regeneration behavior
Hyperfine Performance
|
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2025.9.5 x -- echo |
19.2 ± 0.5 | 18.4 | 24.6 | 1.00 |
mise x -- echo |
19.5 ± 0.6 | 18.6 | 21.2 | 1.01 ± 0.04 |
mise env
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2025.9.5 env |
18.5 ± 0.3 | 17.8 | 20.0 | 1.00 |
mise env |
18.7 ± 0.5 | 17.9 | 22.9 | 1.01 ± 0.03 |
mise hook-env
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2025.9.5 hook-env |
18.3 ± 0.4 | 17.6 | 20.1 | 1.00 |
mise hook-env |
18.6 ± 0.5 | 17.8 | 20.4 | 1.02 ± 0.03 |
mise ls
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2025.9.5 ls |
16.7 ± 0.4 | 15.8 | 18.2 | 1.00 |
mise ls |
16.9 ± 0.5 | 16.0 | 19.0 | 1.01 ± 0.04 |
xtasks/test/perf
| Command | mise-2025.9.5 | mise | Variance |
|---|---|---|---|
| install (cached) | 167ms | ✅ 103ms | +62% |
| ls (cached) | 63ms | 62ms | +1% |
| bin-paths (cached) | 67ms | 67ms | +0% |
| task-ls (cached) | 485ms | 481ms | +0% |
✅ Performance improvement: install cached is 62%
- Add resolve_lock_info method to Bun backend for complete platform metadata - Implement GitHub asset size fetching via GitHub API integration - Add save() method to Lockfile as alias for write() with better naming - Update CLI to use save() instead of write() for consistency - Update e2e tests to verify multi-platform lockfile generation - Fix compilation errors with PlatformInfo type usage Successfully demonstrates multi-platform lockfile generation for: - Bun: Fetches URLs, sizes from GitHub releases API - Node.js: Generates platform-specific URLs from nodejs.org 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
…h digest support - Revert to original Lockfile.save() instance method from origin/main - Add digest field to GithubAsset struct for SHA256 checksums (GitHub June 2025 feature) - Implement complete resolve_lock_info_from_github_release method with full metadata - Add tag_prefix field to GitHubReleaseInfo for flexible tag formats (e.g., "bun-v", "v") - Remove Bun-specific resolve_lock_info in favor of shared implementation - Add get_release_asset_metadata function for fetching both size and digest - Fix force_update parameter handling in lockfile generation The shared implementation now supports: - Full GitHub API integration for asset metadata (size, digest, URLs) - Flexible tag prefix handling for different tools - Automatic fallback when API fails - Future-compatible digest support for newer releases All existing e2e tests pass with the new shared implementation. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
87664f5 to
be4e86c
Compare
- Remove unused methods from lockfile.rs: tools_mut, write, to_toml_string, convert_toml_value - Remove unused function from github.rs: get_release_asset_size - Improve e2e tests for bun and node to call mise lock once with all platforms - Add comprehensive lockfile metadata validation including size and URL checks - Fix shell script formatting issues 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
be4e86c to
b89ccbf
Compare
…leases - Add download_and_hash_file method to calculate SHA256 checksums when GitHub API doesn't provide digest - Enhance resolve_lock_info_from_github_release with fallback behavior - Download file temporarily and calculate checksum for lockfile generation - Gracefully handle errors with warnings while still providing platform info - Use temporary cache directory for checksum calculation files - Tested with Bun e2e test showing successful checksum generation 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
d80e39c to
b7277a2
Compare
…kfile generation - Remove api_url field from GithubReleaseConfig to use consistent GitHub API URLs - Remove get_release_asset_metadata function and call github::get_release directly - Consolidate GitHub release logic into single function for better maintainability - Add comprehensive debug logging to all resolve_lock_info methods for easier troubleshooting - Switch from SHA256 to BLAKE3 checksums for better performance - Update download_and_hash_file to return both checksum and size, eliminating HEAD requests - Make lockfile tests strict - require checksums and sizes to always be present - Enhance tarball-based lockfile resolution to fetch actual checksums and sizes 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR implements actual lockfile generation functionality with platform metadata support, replacing the previous analysis-only implementation. The changes add core lockfile generation capabilities, GitHub release metadata fetching, and comprehensive platform-specific tool information.
Key changes:
- Implement complete lockfile generation pipeline in CLI with platform metadata fetching
- Add GitHub release metadata support with size, checksum, and URL resolution
- Enhance parallel processing to support shared closures across async operations
Reviewed Changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| src/plugins/core/bun.rs | Update Bun plugin to use new GitHub release configuration structure |
| src/parallel.rs | Fix parallel processing to support shared closures with Arc wrapping |
| src/lockfile.rs | Add lockfile generation methods with platform metadata fetching |
| src/github.rs | Add GitHub release configuration and asset metadata structures |
| src/cli/lock.rs | Replace analysis-only implementation with full lockfile generation |
| src/backend/mod.rs | Implement platform metadata resolution with GitHub API integration |
| e2e/core/test_node | Add comprehensive Node.js lockfile generation tests |
| e2e/core/test_bun | Add Bun-specific lockfile generation tests |
| e2e/cli/test_lock_creation | Update tests for actual lockfile creation functionality |
| e2e/cli/test_lock | Update tests to match new lockfile generation behavior |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| /// Used as fallback when GitHub API doesn't provide digest information | ||
| async fn download_and_hash_file(&self, url: &str) -> Result<(String, u64)> { | ||
| use crate::http::HTTP; | ||
| use std::io::Write; |
There was a problem hiding this comment.
[nitpick] The Write trait import should be moved to the top of the file with other use statements rather than being imported within the function scope for better code organization.
Comment on lines
+1083
to
+1084
| let url_hash = hash::hash_blake3_to_str(url); | ||
| let temp_path = temp_dir.join(format!("temp_{}.bin", &url_hash[..16])); |
There was a problem hiding this comment.
The magic number 16 for hash truncation should be defined as a named constant to improve code maintainability and make the intent clearer.
- Replace HTTP.get_bytes with HTTP.download_file for memory efficiency
- Add progress reports for lockfile metadata fetching operations
- Remove unnecessary {os}/{arch} templating from asset patterns
- Wire up get_github_release_info in GitHub backend trait implementation
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
…eno and go - deno.rs: Use get_tarball_url() in download() instead of manual URL construction - go.rs: Use get_tarball_url() in download() instead of manual URL construction - Remove obsolete helper functions (os, arch, platform, ext) from both plugins - Eliminates code duplication between lockfile generation and installation 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
…ix aqua asset_pattern - Add mise lock tests to test_aqua backend to verify lockfile generation with FiloSottile/age - Add mise lock tests to test_github_tools backend to verify lockfile generation with ripgrep - Fix aqua backend get_github_release_info to use "*" asset_pattern instead of None - Update test assertions to match TOML table format ([[tools.name]] vs [tools."name"]) 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
…d add lockfile tests - Change GithubReleaseConfig.asset_pattern from Option<String> to required String - Update all backends (bun, ruby_windows, aqua, github) to provide asset_pattern as String - Use "*" as fallback pattern when no specific pattern is provided - Add basic lockfile generation tests to github and aqua backend e2e tests - Remove Option wrapper handling from lockfile generation code in backend/mod.rs Note: Aqua and GitHub backends have complex lockfile needs that require further investigation. The current implementation provides basic lockfile structure but may need refinement for full checksum and size metadata generation. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
89f2ceb to
df17a2b
Compare
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
makes
mise lockactually work. Now you can use it to generate platforms you are not on.