Skip to content

fix(agents): replace workspace:* protocol with * for npm ci compatibility#91

Closed
brawlaphant wants to merge 1 commit into
regen-network:mainfrom
brawlaphant:fix/agents-npm-workspace-protocol
Closed

fix(agents): replace workspace:* protocol with * for npm ci compatibility#91
brawlaphant wants to merge 1 commit into
regen-network:mainfrom
brawlaphant:fix/agents-npm-workspace-protocol

Conversation

@brawlaphant

Copy link
Copy Markdown
Contributor

Summary

The `Agents` CI job has been failing on every PR against `main` with `npm error code EUNSUPPORTEDPROTOCOL / Unsupported URL Type "workspace:": workspace:`. Root cause: three internal `package.json` files used the `workspace:` protocol (pnpm/yarn syntax), but CI runs plain `npm ci` which does not recognize it. The existing `agents/package-lock.json` is already in the correct state — it records these internal deps as `""`, not `"workspace:"`. This PR aligns the package.json files with the lockfile.

  • Lands in: `agents/packages/*/package.json`
  • Changes: replace 5 `workspace:` specifiers with `` so `npm ci` can parse them
  • Validate: `cd agents && npm ci && npx tsc --noEmit`

The fix

Five specifiers across three files:

File Dependency Before After
`agents/packages/agents/package.json` `@regen/core` `workspace:*` `*`
`agents/packages/agents/package.json` `@regen/plugin-ledger-mcp` `workspace:*` `*`
`agents/packages/agents/package.json` `@regen/plugin-koi-mcp` `workspace:*` `*`
`agents/packages/plugin-koi-mcp/package.json` `@regen/core` `workspace:*` `*`
`agents/packages/plugin-ledger-mcp/package.json` `@regen/core` `workspace:*` `*`

The `` specifier is the npm-workspaces idiomatic form: when the root `agents/package.json` declares a `workspaces` array (it already does), npm resolves internal dependencies locally by name rather than hitting the registry. No lockfile regeneration is needed — the lockfile already encodes the `` form, which means someone regenerated it at some point but never updated the individual package.json files.

Validation

Run in `agents/` on Node 22 locally, matching the exact CI commands:

```
$ npm ci
added 179 packages, and audited 184 packages in 6s
(no errors)

$ npx tsc --noEmit
(no errors, exit 0)
```

Both commands that the `Agents` CI job runs now succeed. This PR and #90 together should turn the whole PR queue's CI green.

Scope

Three files, 5 line delta total. Does not touch:

  • `agents/package-lock.json` (already correct)
  • `agents/package.json` (root workspaces array is already correct)
  • `agents/packages/core/package.json` (no internal deps)
  • Any TypeScript source
  • Any CI workflow

Related

This is the second half of a two-PR CI fix. The first half (#90) repairs contracts CI (clippy + 3 orphaned workspace members). Together they close out the pre-existing CI breakage that's been blocking every PR.

…lity

The Agents CI job has been failing on every PR against main with:

  npm error code EUNSUPPORTEDPROTOCOL
  npm error Unsupported URL Type "workspace:": workspace:*

Root cause: three internal package.json files in agents/packages/*
declared their cross-package dependencies using the `workspace:*`
protocol. That protocol is supported by pnpm and yarn berry but NOT
by npm, and the CI `agents` job runs `npm ci` in `agents/`.

Notably, `agents/package-lock.json` was already in the correct
state — the lockfile records these internal deps as `"*"`, not
`"workspace:*"`. The package.json files were out of sync with the
lockfile, which is exactly the mismatch `npm ci` refuses to
tolerate.

This PR aligns the three package.json files with the lockfile:

  agents/packages/agents/package.json
    @regen/core:               workspace:* → *
    @regen/plugin-ledger-mcp:  workspace:* → *
    @regen/plugin-koi-mcp:     workspace:* → *

  agents/packages/plugin-koi-mcp/package.json
    @regen/core:               workspace:* → *

  agents/packages/plugin-ledger-mcp/package.json
    @regen/core:               workspace:* → *

The `*` specifier is the npm-workspaces idiomatic form: when the
root package.json declares `workspaces`, npm resolves internal
dependencies locally rather than hitting the registry. No lockfile
regeneration is needed — the lockfile already encodes the `*`
form.

## Validation

Run in `agents/` on Node 22 locally, matching the CI command:

  $ npm ci
  added 179 packages, and audited 184 packages in 6s
  (no errors)

  $ npx tsc --noEmit
  (no errors, exit 0)

Both commands that the Agents CI job runs now succeed.

## Scope

Three files, 5 line delta total. Does not touch:
- `agents/package-lock.json` (already correct)
- `agents/package.json` (workspaces array at root is already correct)
- `agents/packages/core/package.json` (no internal deps)
- Any TypeScript source
- Any CI workflow

- Lands in: `agents/packages/*/package.json`
- Changes: replace 5 `workspace:*` specifiers with `*` so `npm ci` can parse them
- Validate: `cd agents && npm ci && npx tsc --noEmit`
brawlaphant added a commit to brawlaphant/agentic-tokenomics that referenced this pull request Apr 11, 2026
…sm-size)

Two pre-existing bugs in the CI workflow YAMLs have been producing
red check marks on every PR regardless of the content. This PR
fixes both.

## Bug 1: `verify-specs` runs `npm ci` at a root with no lockfile

The `Verify Specs` job in `.github/workflows/ci.yml` runs:

  - name: Install root dependencies
    run: npm ci

The repository root has a `package.json` (declaring only `scripts`,
zero dependencies), but **no `package-lock.json`**. `npm ci`
strictly requires a lockfile even when there is nothing to install:

  npm error code EUSAGE
  npm error The `npm ci` command can only install with an existing
  npm error package-lock.json or npm-shrinkwrap.json with
  npm error lockfileVersion >= 1.

The `Run verify script` step only calls `node scripts/verify.mjs`,
and that script only imports `node:fs`, `node:path`, and
`node:child_process`. No external dependencies are involved.

**Fix:** remove the `Install root dependencies` step entirely. It
was never doing any work, and the job now runs `node scripts/
verify.mjs` directly against the repository.

## Bug 2: `wasm-size` can't substitute multi-line report into JS

The `Report WASM Binary Sizes` job in `.github/workflows/
wasm-size.yml` uses `actions/github-script@v7` to post a PR
comment. The script is passed the multi-line WASM size report via
GitHub Actions template substitution:

  script: |
    ...
    '${{ steps.sizes.outputs.report }}',
    ...

GitHub Actions substitutes the value directly into the JavaScript
source text BEFORE execution. The report is a multi-line Markdown
table (one line per contract). When the substituted text is
dropped into a JavaScript single-quoted string literal, the
literal ends at the first newline and the remaining lines become
invalid JavaScript:

  SyntaxError: Invalid or unexpected token
      at new AsyncFunction (<anonymous>)
      ...

**Fix:** pass the report via an environment variable instead.
`actions/github-script` exposes the job's `env:` map to the
script via `process.env`, so the multi-line string survives as
an opaque runtime value. The script reads
`process.env.REPORT || '(no report)'` and uses it as-is. This
pattern is the one the `actions/github-script` docs recommend
for untrusted or multi-line inputs.

## Scope

Two YAML files, ~14 line delta total. Does not touch any
TypeScript, Rust, or reference-impl code.

## Validation

- Bug 1 validated by running `node scripts/verify.mjs` from the
  repo root — exits 0 with "agentic-tokenomics verify: PASS".
  The fix removes the broken step; no alternative to test
  because the script never needed dependencies.

- Bug 2 cannot be end-to-end validated locally (it requires a
  real PR to post a comment), but the JavaScript change is
  mechanical: `'${{ output }}'` →
  `process.env.REPORT || '(no report)'`. The env var is set via
  the `env:` map which `actions/github-script@v7` documents as
  the canonical way to pass multi-line/rich values.

## Related

Part of the CI-repair sweep alongside regen-network#90 (contracts clippy + 3
orphaned workspace members) and regen-network#91 (`agents/` workspace:*
protocol). Together these three PRs should clear every CI failure
on every open PR.

- Lands in: `.github/workflows/ci.yml`, `.github/workflows/wasm-size.yml`
- Changes: remove broken `npm ci` in verify-specs; pass wasm-size report via env var
- Validate: `node scripts/verify.mjs` (bug 1); wasm-size bug 2 runs end-to-end on this PR's CI

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the dependency versioning in several package.json files within the agents workspace, changing the version specifiers for @regen/core, @regen/plugin-ledger-mcp, and @regen/plugin-koi-mcp from workspace:* to *. I have no feedback to provide.

brawlaphant added a commit to brawlaphant/agentic-tokenomics that referenced this pull request Apr 13, 2026
Combines three independent fixes that each need the others to produce
a fully green CI run:

1. Contracts (Rust) — fix clippy errors across 6 contracts: replace
   redundant closures, op_ref on Uint128, manual_range_contains,
   unnecessary_map_or. Refactor too_many_arguments into param structs
   for credit-class-voting, contribution-rewards, service-escrow.
   Wire 3 orphaned contracts (reputation-signal, marketplace-curation,
   validator-governance) into the workspace so cargo clippy --workspace
   actually lints them.

2. Agents (Node) — replace workspace:* protocol with * in agent
   package.json files. npm ci on GitHub Actions doesn't support the
   workspace: protocol (pnpm-only feature).

3. Verify Specs — remove the npm ci step that fails because the root
   package.json has no lock file. The verify scripts only import
   built-in node:* modules, so no install is needed.

4. WASM Size Report — pass multi-line report through env var instead
   of inline ${{ }} substitution which breaks JS string literals.

Supersedes PRs regen-network#90, regen-network#91, regen-network#92 which each fix one job but fail the others.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@brawlaphant

Copy link
Copy Markdown
Contributor Author

Superseded by #106 which combines this fix with #90 and #92 into a single green-CI PR. The three standalone fix PRs each leave 2-3 other CI jobs failing; #106 fixes all four in one shot.

Suggest closing this once #106 lands.

glandua pushed a commit that referenced this pull request Apr 25, 2026
* fix: resolve all 4 CI job failures on main

Combines three independent fixes that each need the others to produce
a fully green CI run:

1. Contracts (Rust) — fix clippy errors across 6 contracts: replace
   redundant closures, op_ref on Uint128, manual_range_contains,
   unnecessary_map_or. Refactor too_many_arguments into param structs
   for credit-class-voting, contribution-rewards, service-escrow.
   Wire 3 orphaned contracts (reputation-signal, marketplace-curation,
   validator-governance) into the workspace so cargo clippy --workspace
   actually lints them.

2. Agents (Node) — replace workspace:* protocol with * in agent
   package.json files. npm ci on GitHub Actions doesn't support the
   workspace: protocol (pnpm-only feature).

3. Verify Specs — remove the npm ci step that fails because the root
   package.json has no lock file. The verify scripts only import
   built-in node:* modules, so no install is needed.

4. WASM Size Report — pass multi-line report through env var instead
   of inline ${{ }} substitution which breaks JS string literals.

Supersedes PRs #90, #91, #92 which each fix one job but fail the others.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* ci(wasm-size): mark comment-on-PR step as continue-on-error

PRs opened from forks run with a read-only GITHUB_TOKEN (GitHub
security policy), so the Comment on PR step returns 403 and fails
the job. The WASM build itself already succeeded — the report is
informational only, not a merge gate.

With continue-on-error the comment attempts to post (works on
branches inside the base repo) but won't fail the check when it
can't (fork PRs). That lets fork PRs show a fully green CI run
instead of a red check for a non-blocking reason.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(agents): pin internal @regen/* deps to ^0.1.0 for reproducible installs

Replace "*" with "^0.1.0" for the three internal workspace deps. The
original workaround was just to escape the workspace:* protocol that
npm ci rejects, and "*" does that — but it also matches any future
version, so an accidental major bump inside the workspace would still
resolve. Pinning to ^0.1.0 keeps the workspace-resolution behavior
(all three packages are versioned 0.1.0, private:true) while giving
npm ci a stable range to lock against.

Addresses Gemini review on fix/ci-green-all-jobs:
  - agents/packages/agents/package.json:8-10
  - agents/packages/plugin-koi-mcp/package.json:9
  - agents/packages/plugin-ledger-mcp/package.json:9

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: brawlaphant <brawlaphant@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@glandua

glandua commented Apr 25, 2026

Copy link
Copy Markdown
Contributor

Superseded by #106, which combined the fixes from this PR with the others needed to make all 4 CI jobs go green. #106 has been merged.

@glandua glandua closed this Apr 25, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants