Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 2ffef053ee
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| # Update version in package.json | ||
| cd ui/desktop | ||
| npm version ${{ inputs.version }} --no-git-tag-version --allow-same-version | ||
| pnpm version ${{ inputs.version }} --no-git-tag-version --allow-same-version |
There was a problem hiding this comment.
When inputs.version is provided, this step calls pnpm version before the workflow activates Hermit (the toolchain setup happens later in the Activate hermit and set CARGO_HOME step), so release/tag builds can fail immediately with pnpm: command not found on runners that do not have pnpm preinstalled. This makes the Linux desktop bundle path depend on runner image state instead of the repo-managed toolchain.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
added source ./bin/activate-hermit
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 227e9cf082
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
|
||
| - name: Install Dependencies | ||
| run: source ../../bin/activate-hermit && npm ci | ||
| run: source ../../bin/activate-hermit && pnpm install --frozen-lockfile |
There was a problem hiding this comment.
The desktop-lint job now installs dependencies from pnpm-lock.yaml (pnpm install --frozen-lockfile), but the guard step still runs check-lockfile-platforms.sh, which is hardcoded to inspect package-lock.json and npm-specific paths (ui/desktop/scripts/check-lockfile-platforms.sh:2-26). This means CI can report the lockfile check as healthy while the actual lockfile used in builds (pnpm-lock.yaml) is never validated, so cross-platform dependency regressions can slip through until later platform-specific bundle jobs fail.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
removed ui/desktop/scripts/check-lockfile-platforms.sh as it is no longer required
* main: (45 commits)
fix: resolve {{ recipe_dir }} in nested sub-recipe paths during secret discovery (#7797)
Add @DOsinga as CODEOWNER for documentation (#7799)
feat: Add summarize tool for deterministic reads (#7054)
fix(api): use camelCase in CallToolResponse and add type discriminators to ContentBlock (#7487)
feat: ACP providers for claude code and codex (#6605)
chore(deps): bump express-rate-limit from 8.2.1 to 8.3.0 in /evals/open-model-gym/mcp-harness (#7703)
feat(openai): capture reasoning summaries from responses API (#7375)
Fix some dependencies (#7794)
fix: improve keyring availability error detection (#7766)
feat: add MiniMax provider with Anthropic-compatible API (#7640)
feat: add Tensorix as a declarative provider (#7712)
fix(security): remove insecure default secret from GOOSE_EXTERNAL_BACKEND (#7783)
refactor: Convert Tanzu provider to declarative JSON config (#7124)
replaces https://github.com/block/goose/pull/7340/changes (#7786)
feat(summon): make skill supporting files individually loadable via load() (#7583)
Keep toast open on failed extension (#7771)
fix(ui-desktop): unify path resolution around GOOSE_PATH_ROOT (#7335)
fix: pass OAuth scopes to DCR and extract granted_scopes from token response (#7571)
fix: write to real file if config.yaml is symlink (#7669)
fix: preserve pairings when stopping gateway (#7733)
...
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 9b0f3a65fb
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| "engines": { | ||
| "node": "^24.10.0", | ||
| "npm": "^11.6.1" | ||
| "pnpm": ">=10.30.0" |
There was a problem hiding this comment.
After this change all desktop workflows and local commands run pnpm install --frozen-lockfile, and pnpm hard-fails when engines.pnpm is unmet (ERR_PNPM_UNSUPPORTED_ENGINE). Setting the floor to >=10.30.0 here can break installs on environments that still resolve an older pnpm@10.x (for example via existing tool caches), turning previously-working build/lint/test paths into immediate failures. Please either pin/provision pnpm to a guaranteed >=10.30.0 everywhere or lower this constraint to match the actual toolchain you ship.
Useful? React with 👍 / 👎.
yes! I had imagined we'd do something like this as well. the desktop will soon depend on the |
2 participants
Summary
Followup PR for #7676
This is an existing npm bug that it does not include the cross platform packages with
npm install.With
pnpm, it supports the cross platform packages.Note: I found acp and text in
uinow is a workspace. Maybe we can move the desktop in the workspace later and use pnpm for the workspace tooType of Change
AI Assistance
Testing
Testing the scripts in justfile. Will also check the binary generated by canary workflow after merging to main