Fixes#882 — npm install -g gsd-pi installing a broken version where
@gsd/pi-coding-agent cannot be resolved, causing ERR_MODULE_NOT_FOUND.
Root causes addressed:
1. On Windows without Developer Mode or admin rights, symlinkSync fails
even for NTFS junctions, leaving node_modules/@gsd/ empty and causing
a cryptic ERR_MODULE_NOT_FOUND instead of a usable error message.
2. If npm latest dist-tag is stale (pointing to an old version that
predates the packages/ directory), users get the same failure.
Changes:
- src/loader.ts: after symlinking, validate @gsd/pi-coding-agent exists;
emit a clear actionable error with reinstall instructions instead of
letting Node throw ERR_MODULE_NOT_FOUND deep inside cli.js. Also adds
cpSync fallback when symlinkSync fails (Windows without elevated perms).
- scripts/link-workspace-packages.cjs: same cpSync fallback — ensures
postinstall succeeds on restricted Windows environments.
- scripts/validate-pack.js: verify @gsd/* packages are resolvable after
the isolated install test, and run `gsd -v` to confirm end-to-end
resolution before declaring the pack valid.
- .github/workflows/build-native.yml: add post-publish dist-tag
verification step that confirms npm dist-tags.latest matches the
published version for stable releases, catching stale-tag regressions
in CI before users encounter them.
npm ≥7 suppresses lifecycle script output by default, so the clack
banner/spinner was invisible during `npm install -g`. The user-facing
onboarding experience already lives at first `gsd` launch (onboarding.ts),
making the postinstall UI redundant dead code.
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Nothing reads ~/.gsd/agent/AGENTS.md, and the script was incorrectly
pointing it at agents/researcher.md.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Extract duplicated help text from loader.ts and cli.ts into shared
help-text.ts module (single source of truth)
- Convert validate-pack.sh to Node.js for Windows compatibility
- Fix dev.js using unnecessary npx for tsc (it's a devDependency,
use node_modules/.bin/tsc directly)
* fix: read resources from dist/ to prevent branch-drift in npm-link setups
initResources() reads extensions, prompts, skills, and agents from
src/resources/ — which points into the live working tree when gsd is
installed via npm link. Switching branches in the gsd repo changes
src/resources/ for ALL projects using gsd, causing stale or broken
extensions to be synced to ~/.gsd/agent/ on next launch.
Fix: the build step now copies src/resources/ to dist/resources/.
At runtime, resource-loader.ts and loader.ts prefer dist/resources/
(stable, set at build time) over src/resources/ (live working tree).
Fallback to src/resources/ is preserved for setups without a build.
Also adds npm run dev watch-resources watcher that syncs src/resources/
to dist/resources/ on file changes, running alongside tsc --watch.
* fix: cache prompt templates per session to prevent cross-session invalidation
When two gsd sessions run concurrently, the second session's
initResources() overwrites ~/.gsd/agent/ templates on disk. The first
session then reads a newer template that expects variables its in-memory
code doesn't know about, causing 'template declares {{X}} but no value
was provided' crashes that hang auto-mode indefinitely.
Fix: cache each template on first read. A running session uses the
template versions from when it first loaded them, immune to later
disk overwrites by other sessions.
* fix: remove @gsd/* cross-deps that break npm install (#hotfix)
Workspace packages declared @gsd/* as dependencies in their own
package.json files. npm's bundleDependencies bundles packages into
node_modules/ but still tries to resolve sub-dependencies from the
registry — causing 404s for the unpublished @gsd/* scope.
- Remove @gsd/* from all dependencies (root and workspace packages)
- Add validate-pack.sh: tests tarball installability before publish
- Wire validate-pack into CI (every PR) and publish pipeline
- Bump to v2.10.10
- Update changelog
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: drop bundleDependencies, use postinstall symlinks instead
bundleDependencies with workspace packages causes npm to resolve
@gsd/* from the registry during install — 404 since they're not
published. Replace with a postinstall script that creates
node_modules/@gsd/* symlinks pointing to packages/*.
- Remove @gsd/* from dependencies and bundleDependencies
- Add link-workspace-packages.cjs (CJS, runs before ESM postinstall)
- Update validate-pack to verify symlinks after install
- Include link script in files array
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: robust validate-pack + fallback workspace linking
- Keep @gsd/* in bundleDependencies (for npm pack bundling)
- Remove @gsd/* from root dependencies (prevents 404 registry lookups)
- Add link-workspace-packages.cjs fallback for when bundled symlinks
aren't created
- Simplified validate-pack with better error diagnostics
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: remove bundleDependencies — use postinstall symlinks only
npm 10.x fetches packument metadata for ALL deps including bundled ones.
@gsd/* packages don't exist on npm → 404 → hard install failure.
bundleDependencies is fundamentally broken for unpublished workspace
packages. Replace with:
- packages/ shipped via files array (already was)
- link-workspace-packages.cjs creates node_modules/@gsd/* symlinks in
postinstall, pointing to packages/*
- No @gsd/* in dependencies or bundleDependencies at all
Tarball drops from 40M to 3M (no bundled node_modules).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: add .npmignore to prevent .gitignore from excluding dist/
.gitignore contains /dist/ and packages/*/dist/ which are needed in
the published tarball. Without .npmignore, npm pack respects .gitignore
and excludes them — even though "files" in package.json should override.
An empty .npmignore causes npm to ignore .gitignore entirely, letting
the "files" field control what's packed.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: avoid SIGPIPE in validate-pack on Linux
tar | grep -q causes SIGPIPE (exit 141) on Linux when grep closes the
pipe early. Write tar listing to a temp file and grep that instead.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: add GitHub Workflows skill with CI workflow and ci_monitor tool
- Runs on push to main and feature branches
- Runs on pull requests to main
- Build + test pipeline using Node 22
Cross-platform CI monitoring tool for debugging GitHub Actions:
- `runs` - List recent workflow runs
- `watch` - Monitor running workflow
- `fail-fast` - Exit 1 on first failure (for scripts)
- `log-failed` - Show failed job logs
- `test-summary` - Extract test pass/fail counts
- `check-actions` - GraphQL query for action versions
- `grep` - Search logs with context
- `wait-for` - Block until deployment keyword appears
Pure Node.js - no shell interpolation, works on macOS/Windows/Linux.
Drift-immune skill that:
- Routes all CI operations through ci_monitor.cjs
- Fetches live docs from docs.github.com (no stale training data)
- Provides validation constraints (BEFORE/AFTER/EVIDENCE)
- Split tests into test:unit (141 tests, ~12s) and test:integration (5 tests)
- Fixed idle-recovery.test.ts for current implementation
- Removed AGENTS.md dead code from resource-loader.ts
- Moved npm run build out of tests (fixes ENOBUFS)
When CI fails, you need observable diagnostics:
- `gh run` output is not script-friendly
- ci_monitor.cjs provides structured output for automation
- The skill ensures AI uses the tool, not stale training data
* fix: resolve imports and path for current upstream version
- Updated imports from @mariozechner/pi-coding-agent to @gsd/pi-coding-agent
- Fixed integration test path calculation to use process.cwd()
- Kept test:unit and test:integration scripts
* fix: replace search provider preference instead of accumulating
AuthStorage.set() for api_key credentials appends to the existing list
rather than replacing. When setSearchProviderPreference was called twice
with different values, the second call appended the new value, leaving
the first value at index 0, which get() returned.
Fix: call auth.remove() before auth.set() to ensure only the latest
preference is stored.
https://claude.ai/code/session_01Qx7HRSDb117KzDZzdKk1KB
* fix: address all 10 open PR review comments
- package.json: run build before test:integration so a fresh checkout works
- pack-install.test.ts: replace execSync+shell redirects with execFileSync
argument arrays (portable, no shell parsing, paths with spaces safe)
- ci_monitor.test.ts: remove unconditional passed++ after assert; move
success message after the failed > 0 check so it only prints on success
- setup_gh.cjs: replace unzip/tar shell-outs with platform-specific
execFileSync calls (unzip on macOS, PowerShell Expand-Archive on Windows);
add compareVersions() for correct element-by-element semver comparison
- ci_monitor.cjs: add --repo/-R global option so repo is overrideable;
fix getLogs() to use gh run view --log --job instead of binary REST endpoint
https://claude.ai/code/session_01AT6CgcAB62kWcDsTJg9HZM
* fix: make all changed files fully cross-platform (Windows/macOS/Linux)
- pack-install.test.ts: use tar npm package instead of tar CLI; resolve
gsd binary as gsd.cmd on Windows; skip shebang check on Windows
- setup_gh.cjs: use execFileSync for all binary invocations; replace
which with where on Windows; add Windows PATH guidance; filter preferred
install dirs by platform; unify ZIP extraction to use process.platform
consistently; escape single quotes in PowerShell Expand-Archive args
- ci_monitor.cjs: use path.join for .github/workflows paths; replace
all split('\n') with split(/\r?\n/) to handle Windows CRLF output
https://claude.ai/code/session_01AT6CgcAB62kWcDsTJg9HZM
* refactor: simplify and deduplicate changed files
- ci_monitor.cjs: memoize getRepo() so gh repo view subprocess runs at
most once per invocation instead of once per command call in watch loops
- pack-install.test.ts: extract packTarball() helper to eliminate
duplicate npm pack logic across two tests; remove unused contents variable
https://claude.ai/code/session_01AT6CgcAB62kWcDsTJg9HZM
* refactor: remove redundant existsSync before canWrite() in findInstallDir
canWrite() already returns false for non-existent directories, so the
pre-check was a TOCTOU-style redundancy with no behavioral value.
https://claude.ai/code/session_01AT6CgcAB62kWcDsTJg9HZM
* fix: replace tar npm package with Node built-ins (zlib + manual tar parsing)
tar is not in the dependency tree. listTarEntries() decompresses via
createGunzip() and parses the 512-byte tar block format directly,
reading name/prefix/type/size fields per POSIX ustar spec. No external
dependency required. Also fixes the broken tarball variable reference
left over from the packTarball() refactor.
https://claude.ai/code/session_01AT6CgcAB62kWcDsTJg9HZM
* remove: drop setup_gh scripts in favour of ci_monitor
setup_gh.cjs and setup_gh.py were one-shot gh CLI installers.
ci_monitor.cjs covers the day-to-day CI use case and is the tool
the skill routes through. Environments that need gh installed can
use brew/winget/distro packages directly.
https://claude.ai/code/session_01AT6CgcAB62kWcDsTJg9HZM
* fix: run only unit tests in CI — integration tests cause ENOBUFS
The integration tests (npm pack → npm install → spawn node) exceed
the buffer limits of the CI runner environment. They are documented
as requiring a manual build+run step. CI now runs test:unit only.
https://claude.ai/code/session_01AT6CgcAB62kWcDsTJg9HZM
* fix: run all tests in CI without ENOBUFS
- ci.yml: run unit and integration as separate steps; build is already
its own step so test:integration doesn't need to rebuild
- package.json: remove npm run build from test:integration script
- pack-install.test.ts: npm install uses stdio:'ignore' to avoid
piping large output through Node buffers (root cause of ENOBUFS);
add early dist/ check with clear error message instead of rebuilding
https://claude.ai/code/session_01AT6CgcAB62kWcDsTJg9HZM
* fix: resolve ENOBUFS and clean up setup_gh references
- pack-install.test.ts: derive tarball filename from package.json
instead of piping npm pack --json stdout; use stdio:ignore throughout
to avoid exhausting OS pipe buffers on CI runners
- SKILL.md: remove setup_gh install instructions; assume gh is
pre-installed via system package manager; point to ci_monitor.cjs
- github_project_setup.py: remove setup_gh.py reference from error message
https://claude.ai/code/session_01AT6CgcAB62kWcDsTJg9HZM
* fix: address Copilot review comments on pack-install.test.ts
- listTarEntries: collect chunks in array, Buffer.concat once on end
instead of O(n²) repeated concat in data handler
- listTarEntries: attach error handler to createReadStream so read
errors reject the Promise instead of crashing the process
- npm pack: use stdio:['ignore','ignore','pipe'] to preserve stderr
for diagnostics while still avoiding ENOBUFS on stdout
- npm install: same — pipe stderr so failures include error output
https://claude.ai/code/session_01AT6CgcAB62kWcDsTJg9HZM
---------
Co-authored-by: Claude <noreply@anthropic.com>
Vendor all 4 Pi packages (tui, ai, agent-core, coding-agent) from
pi-mono v0.57.1 as @gsd/* workspace packages under packages/. This
replaces the compiled npm dependency (@mariozechner/pi-coding-agent)
and patch-package workflow, giving direct source access for
modifications.
- Copy Pi source from pi-mono v0.57.1 into packages/
- Create workspace package.json + tsconfig.json for each package
- Rename ~240 imports from @mariozechner/pi-* to @gsd/pi-*
- Apply existing patches as source edits (setModel persist, VT input)
- Remove @mariozechner/pi-coding-agent dep and patch-package
- Update build pipeline to build packages in dependency order
- Add pi-upstream git remote for future selective syncing
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
mergeSliceToMain now runs git reset --hard if git merge --squash fails,
restoring a clean working tree instead of leaving conflict markers.
The merge guard catch block in auto.ts now:
1. Detects leftover conflicted state (UU/AA/UD in porcelain status)
2. Resets the working tree if conflicts remain
3. Stops auto-mode with a clear error instead of continuing with
corrupted .gsd/ state files that cause an infinite dispatch loop
Also fixes conflict markers in loader.ts, logo.ts, and postinstall.js
that were baked into main from a prior bad merge resolution.
* feat: branded postinstall with @clack/prompts
Replace raw ANSI ASCII art dump with structured, branded installer
flow using @clack/prompts and picocolors:
- Branded intro header with product name and version
- Animated spinners during patch and Playwright install steps
- Subprocess output captured (no more raw npm/Playwright noise)
- Boxed summary note with status indicators (✓/⚠)
- Clean outro with next-step instructions
- Graceful fallback to minimal output if clack unavailable
- All output routed to stderr for npm lifecycle visibility
- Async subprocess execution (not execSync) so spinners animate
* fix: restore ASCII banner alongside clack postinstall UI
The branded ASCII art banner is a key differentiator. Keep it as the
first thing users see, then follow with clack spinner steps for the
setup progress. Fallback path also simplified since the banner already
shows the version.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
On Linux, Playwright's --with-deps flag runs sudo to install system
packages. npm's spinner hides the password prompt, making the install
appear to hang. Now installs without --with-deps and directs Linux
users to run it manually if browser tools fail.
Closes#67
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Child processes (Git Bash/MSYS2) strip the ENABLE_VIRTUAL_TERMINAL_INPUT
flag from the shared stdin console handle, corrupting terminal input.
Re-enable the flag after every child process exits in bash.js, bg-shell,
and cache FFI handles in pi-tui for cheap repeated calls.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
pkg/package.json had a hardcoded version (0.1.0) that never got updated.
Since gsd-pi sets PI_PACKAGE_DIR=pkg/, pi's config.js reads VERSION from
pkg/package.json. The update check compares this stale version against npm
registry and always shows 'Update Available' even when the user is already
on the latest release.
Fix:
- Update pkg/package.json to current pi-coding-agent version (0.57.1)
- Add sync-pkg-version.cjs script that reads the installed pi-coding-agent
version and writes it into pkg/package.json
- Run the sync script in prepublishOnly so the version stays correct on
every publish
Brave now uses separate API keys per plan:
- BRAVE_API_KEY (Search plan) → web search, LLM context, news, etc.
- BRAVE_ANSWERS_KEY (Answers plan) → chat/completions
Updated:
- wizard: prompts for and stores both keys
- loadStoredEnvKeys: hydrates BRAVE_ANSWERS_KEY from auth.json
- smoke tests: covers BRAVE_ANSWERS_KEY hydration
- verify-s03.sh: includes BRAVE_ANSWERS_KEY in env and structural checks
