add better EUID loading, ENV handling, provider subpackage resolution…#25
add better EUID loading, ENV handling, provider subpackage resolution…#25
Conversation
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
Co-authored-by: devin-ai-integration[bot] <158243242+devin-ai-integration[bot]@users.noreply.github.com>
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
|
You're iterating quickly on this pull request. To help protect your rate limits, cubic has paused automatic reviews on new pushes for now—when you're ready for another review, comment |
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
| for opt in param.opts | ||
| if opt.startswith("--") and opt not in _BARE_TRUE_BOOL_FLAGS | ||
| ) | ||
| ) | frozenset({"--abspath", "--version", "--install-args", "--packages"}) |
There was a problem hiding this comment.
🟡 --version in _ABXPKG_GROUP_OPTS_WITH_VALUES causes abx entrypoint to consume binary name as option value
Adding "--version" to _ABXPKG_GROUP_OPTS_WITH_VALUES (cli.py:1835) causes _split_abx_argv to treat --version as a value-consuming option. Since the cli group already has --version as a boolean flag (via click.version_option), this creates a collision. When a user runs abx --version yt-dlp, _split_abx_argv now consumes yt-dlp as the value of --version (setting skip_next=True), leaving rest=[]. After _expand_bare_bool_flags converts --version to --version=True, the not rest fallback path checks "--version" in ["--version=True", "yt-dlp"] which is False, so the command falls through to the usage error and exits with code 2. Before this PR, yt-dlp would correctly become the binary name in rest. The other three additions (--abspath, --install-args, --packages) are fine since they don't collide with existing group-level flags.
| ) | frozenset({"--abspath", "--version", "--install-args", "--packages"}) | |
| ) | frozenset({"--abspath", "--install-args", "--packages"}) |
Was this helpful? React with 👍 or 👎 to provide feedback.
| effective_min_release_age = ( | ||
| 7.0 if min_release_age is None else min_release_age | ||
| ) | ||
| effective_min_release_age = min_release_age or 0 |
There was a problem hiding this comment.
🟡 NpmProvider _resolve_security_constraints silently drops min_release_age safety default from 7 days to 0
The old code at binprovider_npm.py:182 used effective_min_release_age = 7.0 if min_release_age is None else min_release_age, providing a 7-day safety net when min_release_age was unresolved. The new code uses min_release_age or 0, which maps both None and 0.0 to 0 (no protection). While the normal call path through BinProvider.install() resolves min_release_age to a non-None value before the handler runs, _resolve_security_constraints is also called from default_uninstall_handler where the resolution flow is less strict. If any code path reaches this method with min_release_age=None, supply-chain protection silently drops from 7 days to zero.
| effective_min_release_age = min_release_age or 0 | |
| effective_min_release_age = min_release_age if min_release_age is not None else 0 |
Was this helpful? React with 👍 or 👎 to provide feedback.
1 participant
…, abxpkg version command, and more
Summary by cubic
Improves binary metadata (EUID/mtime), execution ENV building, and provider resolution (incl. subpackages); adds
abxpkg versionandabxpkg list. Also merges same‑name script dependency options into the run binary to prevent conflicts.New Features
binary.euid/binary.mtime(README/CLI).abxpkg version,abxpkg list.DEFAULT_PROVIDER_NAMES;ABXPKG_BINPROVIDERSrespected for dependency and installer resolution. Subpackage‑aware provider resolution with version/abspath overrides. Per‑rootderived.envcaching for installer binaries and combined ENV with provenance.Refactors & Fixes
setup_PATH()/ENV;build_exec_env()callssetup_PATH()and merges runtime + installer PATHs. Richer logging (provider emojis, clearer command/exception formatting, trace‑depth logs).<install_root>/venv/binforpip/uv; tightenpip/pnpmENV/cache; improve PATH/bin_dir acrossnpm/yarn/bun/deno/gem/cargo/brew/nix/dockerand drivers.env. Fix installer cache writes/provenance, ENV PATH proxies, ambient dependency provider resolution, ENV relinking, and Nix profile cache path.postinstall_scripts,min_release_age) before action handlers run. Limit Homebrew postinstall‑disable to install only and remove the stale update path.1.10.3.Written for commit 80e4787. Summary will update on new commits.