Open
Conversation
Deploying with
|
| Status | Name | Latest Commit | Preview URL | Updated (UTC) |
|---|---|---|---|---|
| ✅ Deployment successful! View logs |
kdco-registry | 5e39452 | Commit Preview URL Branch Preview URL |
Feb 24 2026, 12:41 PM |
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #119 +/- ##
==========================================
+ Coverage 48.34% 54.70% +6.36%
==========================================
Files 47 56 +9
Lines 4944 7451 +2507
==========================================
+ Hits 2390 4076 +1686
- Misses 2554 3375 +821 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
kdcokenny
changed the title
- Add getLayered() method to ProfileManager for merging global and local profiles - Update ConfigResolver to use layered profile loading - Implement local profile AGENTS.md discovery (highest priority) - Add 19 unit tests for profile layering behavior Merge behavior (matching OpenCode): - Objects (registries): deep merge, local adds to global - Arrays (exclude/include): local replaces global - Special arrays (plugin/instructions): concatenate + dedupe - Scalars: local wins Documentation updates: - Clarify --global flag usage in all profile examples - Add 'Local vs Global Profiles' section to PROFILES.md - Update configuration merging documentation - Add testing philosophy section to MANUAL_TESTING.md - Add profile layering test cases
- Remove @Version parsing from update command (never worked) - Remove dead version field from registry config schema - Remove version pinning sections from all documentation - Fix component names to use real registry components: - kdco/agents → kdco/researcher - kdco/skills → kdco/code-philosophy - kdco/plugins → kdco/notify
- Profile install now uses only registries declared in profile's ocx.jsonc - Add -g/--global to profile remove/move (local is default) - Remove --force from profile add docs (use remove + add) - Remove "marks active profile" claim from profile list docs
- Use full profile registries for transitive deps
- Only check last-profile guard for global removals
- Remove unused registries variable in profile add
- Update docs to match CLI output ("Global profiles:")
- Accept both ocx:bundle/ocx:profile and bundle/profile types
- Support direct URL profile installation (--from http://...)
- build: use path.resolve() for absolute path handling - resolver: registry not found returns NOT_FOUND (66) instead of CONFIG (78) - update: specific error when component not installed with empty receipt - docs: correct test 17.7 exit code expectation (1, not 78)
Update all documentation to use correct receipt path: - Old: .opencode/ocx-receipt.json - New: .ocx/receipt.jsonc
- Remove --force from init calls (not a valid option) - Add --global to profile move/remove tests (tests use global profiles) Fixes ~50 test failures caused by tests using invalid/missing flags.
The init command does not accept a --force flag. These test calls were causing unnecessary errors in the test output. Changes: - Remove --force from all init command calls in tests - Tests now use correct init syntax without flags
OPENCODE_CONFIG_DIR always points to global config directory. Profile config is passed via OPENCODE_CONFIG_CONTENT.
- Pass cwd to ProfileManager.create() in ConfigResolver - Add kdco registry to test-profile-with-deps mock
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
17 issues found across 136 files
Note: This PR contains a large number of files. cubic only reviews up to 75 files per PR, so some files may not have been reviewed.
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name="packages/cli/src/commands/verify.ts">
<violation number="1" location="packages/cli/src/commands/verify.ts:56">
P2: Spinner output corrupts JSON when `--json` flag is used. The spinner should be disabled when `options.json` is true to ensure clean, parseable JSON output.</violation>
</file>
<file name="packages/cli/src/commands/add.ts.bak5">
<violation number="1" location="packages/cli/src/commands/add.ts.bak5:911">
P1: Regular npm dependencies are incorrectly placed in `devDependencies`. The function combines both `npmDeps` and `npmDevDeps` into one array, then `mergeDevDependencies` writes all of them to `devDependencies`. Regular dependencies should go to `dependencies` field instead.</violation>
</file>
<file name="packages/cli/src/utils/instruction-paths.ts">
<violation number="1" location="packages/cli/src/utils/instruction-paths.ts:147">
P2: Variable `path` shadows the imported `path` module from `node:path`. Rename the loop variable to avoid confusion and potential bugs when maintaining this code.</violation>
</file>
<file name="docs/OPENCODE_REFERENCE.md">
<violation number="1" location="docs/OPENCODE_REFERENCE.md:1046">
P3: Instruction discovery is described as a project-tree walk, but the implementation only walks up from the working directory to the git root. This doc line should reflect the upward search to avoid misleading users about which instruction files are discovered.</violation>
</file>
<file name="packages/cli/src/commands/profile/add.ts">
<violation number="1" location="packages/cli/src/commands/profile/add.ts:311">
P2: Catch-all error handler masks the real error. `manager.get()` can throw `OcxConfigError` or schema validation errors, not just `ProfileNotFoundError`. Catching and re-throwing as `ProfileNotFoundError` loses critical diagnostic information and misleads users.</violation>
</file>
<file name="docs/REGISTRY_PROTOCOL.md">
<violation number="1" location="docs/REGISTRY_PROTOCOL.md:135">
P2: The install locations for plugin/agent/command/tool are listed as singular directories, but the CLI only accepts plural prefixes (plugins/, agents/, commands/, tools/). Update the table to use the plural paths so registry authors generate valid targets.</violation>
</file>
<file name="packages/cli/src/commands/diff.ts">
<violation number="1" location="packages/cli/src/commands/diff.ts:127">
P2: The `fileStatus` variable is computed from `integrity.details` but its `status` property is never used. This appears to be incomplete implementation - the integrity check result is fetched but ignored. The subsequent code duplicates file existence checks. Either use `fileStatus.status` to optimize the logic (e.g., skip comparison for 'intact' files, handle 'missing' directly) or remove the unused integrity lookup.</violation>
</file>
<file name="packages/cli/src/schemas/registry.ts">
<violation number="1" location="packages/cli/src/schemas/registry.ts:193">
P2: The prefix validation logic incorrectly allows files like `AGENTS.md.backup` or `ocx.jsonc.old` to pass validation because `startsWith` is used for exact file name matches. For non-directory prefixes (no trailing `/`), only exact matches should be allowed.</violation>
</file>
<file name="packages/cli/src/commands/remove.ts">
<violation number="1" location="packages/cli/src/commands/remove.ts:80">
P2: Error message only shows modified files but not missing files. When `integrity.intact` is false due to missing files (but no modifications), the error says "has been modified" with an empty list, which is misleading. Include `integrity.missing` in the error message.</violation>
<violation number="2" location="packages/cli/src/commands/remove.ts:100">
P1: Success message shown before receipt is persisted. If `writeReceipt()` fails after `spin?.succeed()`, the user sees success but files are deleted without updating the receipt. Move the success message after the write operation completes.</violation>
</file>
<file name="packages/cli/src/profile/manager.ts">
<violation number="1" location="packages/cli/src/profile/manager.ts:208">
P2: Inconsistent `cwd` usage: `exists(name, false)` uses `this.cwd` from constructor, but `loadFromLocal(name, cwd)` uses the `cwd` parameter. If these differ, the existence check and load will target different directories. Consider removing the `cwd` parameter and using `this.cwd` consistently, or passing `cwd` to the existence check.</violation>
</file>
<file name="docs/MANUAL_TESTING.md">
<violation number="1" location="docs/MANUAL_TESTING.md:71">
P2: Hard-coded absolute paths make the manual test steps non-portable. Use a placeholder (e.g., `$OCX_REPO` or `~/workspace/ocx`) so other developers can follow the guide without editing every command.</violation>
<violation number="2" location="docs/MANUAL_TESTING.md:698">
P3: The update test headings (7.6/7.7) are misplaced inside the diff section, which breaks numbering and mixes unrelated commands. These update tests should live under Section 7 (ocx update), leaving Section 8 exclusively for diff cases.</violation>
</file>
<file name="packages/cli/src/commands/registry.ts">
<violation number="1" location="packages/cli/src/commands/registry.ts:100">
P2: Incorrect string escaping: `\\n` produces literal `\n` characters instead of a newline. Use `\n` (single backslash) for an actual line break in the error message.</violation>
</file>
<file name="packages/cli/src/commands/profile/install-from-registry.ts">
<violation number="1" location="packages/cli/src/commands/profile/install-from-registry.ts:314">
P2: The `typeof regsRaw === "object"` check doesn't exclude arrays since `typeof [] === "object"` in JavaScript. This could allow malformed config (e.g., `"registries": []`) to pass validation and cause runtime errors downstream.</violation>
</file>
<file name="docs/CREATING_REGISTRIES.md">
<violation number="1" location="docs/CREATING_REGISTRIES.md:134">
P2: Inconsistent directory name: uses `plugins/` here but the Component Types table shows `plugin/` (singular). These should match to avoid confusion.</violation>
<violation number="2" location="docs/CREATING_REGISTRIES.md:360">
P2: Duplicate `## Dependencies` section header. The first one should likely be renamed to something like `## Instruction Files` or the instruction content should be moved under the existing Dependencies section with appropriate subsection headers.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
When --global is used, ocx migrate now discovers and processes the global root plus every directory under profiles/*, sorted alphabetically. Each target is analyzed/applied independently with per-target summaries. Apply mode continues after individual target failures and exits non-zero with a partial_failure status when any target errors.
There was a problem hiding this comment.
1 issue found across 6 files (changes from recent commits).
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="packages/cli/src/commands/migrate/index.ts">
<violation number="1" location="packages/cli/src/commands/migrate/index.ts:97">
P2: Preview mode for global migration lacks per-target error handling, unlike apply mode. If any target throws unexpectedly (e.g., permission error), the entire preview crashes rather than continuing and reporting the failure per-target. Consider wrapping the `analyzeTarget` call in a try-catch consistent with the apply path.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
Owner
Author
|
r2m |
kdcokenny
force-pushed
the
v2-clean-break
branch
from
7b558a8 to
e13f892
Compare
kdcokenny
force-pushed
the
v2-clean-break
branch
from
38081ea to
bb6be6e
Compare
There was a problem hiding this comment.
1 issue found across 8 files (changes from recent commits).
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="packages/cli/tests/registry/fetcher.test.ts">
<violation number="1" location="packages/cli/tests/registry/fetcher.test.ts:225">
P3: Test name contradicts its assertions; it says "returns null" but expects a non-null ancient-format result. Rename the test to reflect the actual behavior.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
…ly in worker - Enforce canonical versioned registry schema URLs in CLI checks. - Emit diagnostics for legacy, invalid, and unsupported schema declarations. - Serve bundled schemas in the worker, restore registry v1, and add versioned routes. - Update templates, manifests, and tests for v2 schema URL behavior.
- enforce schema URL major-version validation in the CLI registry flow - serve local registry schemas from worker-backed v1/v2 routes - align docs/templates with required `$schema` guidance and versioned URLs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR finalizes the OCX v2 architecture with several breaking improvements:
/srcprefix guessing)ocx.lockwith.opencode/receipts/for granular component metadataremoveandverifycommands for component managementTest Results
All tests passing:
Breaking Changes
targetsarray containing root-relative pathsocx.lockis replaced by.opencode/receipts/*.jsonfor installed componentsocx ghost migrate)Documentation
V2_RECEIPT_IMPLEMENTATION.mdwith full receipt system designSummary by cubic
Finalizes OCX v2 with alias-first registries, v2 protocol, receipt-based installs (.ocx/receipt.jsonc v1), global-only layered profiles, a unified dry-run/JSON/exit-code contract, hardened path safety, and a Mintlify docs site at /docs. Adds ocx migrate for v1.4.6 → v2 with --global fan-out (root + all profiles), per-target summaries, and preview_with_errors/partial_failure statuses.
New Features
Bug Fixes
Written for commit 5e39452. Summary will update on new commits.