Skip to content

feat: multi-install cleanup + upgrade discoverability#101

Merged
CybotTM merged 3 commits into
mainfrom
feat/reconcile-discoverability
Jul 8, 2026
Merged

feat: multi-install cleanup + upgrade discoverability#101
CybotTM merged 3 commits into
mainfrom
feat/reconcile-discoverability

Conversation

@CybotTM

@CybotTM CybotTM commented Jul 8, 2026

Copy link
Copy Markdown
Member

Closes the gap where make upgrade warns about duplicate installs but offers no
way to act, and where the existing bulk-upgrade commands are undiscoverable.
Design: docs/superpowers/specs/2026-07-08-reconcile-and-upgrade-discoverability-design.md.

What changed

audit.py --reconcile (new CLI over the existing reconcile.py engine)

  • --reconcile <tool> reports the plan: per-install version, which install
    is active on PATH (the default when called without a path), and which is
    preferred (kept). --apply removes the non-preferred duplicates
    (aggressive mode, honoring the system-tool safelist). --all sweeps the full
    catalog. JSON via CLI_AUDIT_JSON=1.
  • Fixes reconcile_tool to resolve catalog candidates when a caller omits them,
    so alternate-named duplicates (pip/pip3, fd/fdfind) are caught in bulk sweeps.
    Previously bulk_reconcile only looked at config.tools (5 tools); the sweep
    now finds all of them (37 on the author's machine).

Guide (scripts/guide.sh)

  • The ⚠️ Multiple installations listing now shows version + → active +
    ✓ keep per install, and notes when cleanup would change which binary runs.
  • New inline c = clean up duplicates action (confirms, then applies).

Make targets

  • make reconcile-all (confirm-each) and make reconcile-all-dry-run (plan only).

Discoverability + safety

  • Audit readiness line and guide summary hint at make reconcile-all (when
    duplicates exist) and make upgrade-managed.
  • auto_update.sh warns that native manager upgrades bypass cli-audit pins and
    project lockfiles before running (skipped on dry-run / FORCE=1).

Example

⚠️  Multiple installations detected (2):
   • 4.44.3  manual  /home/sme/.local/bin/yq   → active  ✓ keep
   • 4.40.1  manual  /usr/local/bin/yq

Verification

  • pytest: 644 passed, 1 skipped (+10 new reconcile-CLI tests; +1 shell
    guard test that the dry-run target never passes --apply).
  • Gating flake8 (E9,F63,F7,F82): clean. Smoke: pass. mypy: no new errors.
  • test_guide_multi_install.sh: unchanged (same 3 pre-existing failures on
    main; no regression).
  • make reconcile-all-dry-run verified non-destructive; --all sweep + render
    markers verified against real duplicates.

Safety model: confirm-each + dry-run; nothing removed without explicit yes;
critical-tools protect list honored; removing the active install gets an extra
heads-up. No version bump / CHANGELOG (feature branch).

Copilot AI review requested due to automatic review settings July 8, 2026 06:34
@github-actions

github-actions Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

@codecov

codecov Bot commented Jul 8, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 95.91837% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 72.45%. Comparing base (f03b57e) to head (46660c9).

Files with missing lines Patch % Lines
cli_audit/reconcile.py 95.55% 2 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##             main     #101      +/-   ##
==========================================
+ Coverage   71.33%   72.45%   +1.12%     
==========================================
  Files          22       22              
  Lines        3359     3402      +43     
==========================================
+ Hits         2396     2465      +69     
+ Misses        963      937      -26     
Flag Coverage Δ
unittests 72.45% <95.91%> (+1.12%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces multi-install cleanup and upgrade discoverability features, adding new make targets (reconcile-all and reconcile-all-dry-run), CLI arguments, and interactive prompts in the guide to resolve duplicate tool installations. The review feedback highlights two important issues: a thread-safety race condition in _resolve_candidates when resolving candidates concurrently, and an incorrect exit code logic in cmd_reconcile that incorrectly treats expected blocks on protected tools as execution failures.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread cli_audit/reconcile.py Outdated
Comment thread audit.py Outdated

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds a first-class “reconcile duplicate installs” flow across the CLI (audit.py --reconcile), the interactive guide, and Make targets, with additional discoverability hints and safety prompts to help users clean up multi-installs and find bulk-upgrade functionality.

Changes:

  • Introduces audit.py --reconcile (plan + optional --apply) wired to the existing cli_audit.reconcile engine, plus catalog-candidate resolution for alternate binary names.
  • Enhances scripts/guide.sh to render richer multi-install warnings (version/active/keep) and adds an inline cleanup action (c), plus summary hints.
  • Adds make reconcile-all / make reconcile-all-dry-run, a pin/lock override warning in auto_update.sh, and new tests/docs to cover the safety-critical boundary.

Reviewed changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
audit.py Adds --reconcile command routing and plan/apply JSON/human output.
cli_audit/reconcile.py Adds catalog-candidate resolution to detect alternate-named duplicates.
cli_audit/render.py Prints discoverability hints for reconcile/upgrade-managed.
scripts/guide.sh Renders reconcile-based multi-install details and adds inline duplicate cleanup action.
scripts/auto_update.sh Adds an interactive warning that native manager upgrades bypass pins/lockfiles.
Makefile.d/user.mk Adds reconcile-all and reconcile-all-dry-run targets.
Makefile Exposes new reconcile-all targets in the top-level target list.
tests/test_reconcile_cli.py Adds unit tests for reconcile plan shaping, candidate resolution, and JSON output.
tests/test_reconcile_dryrun.sh Adds a shell test guarding that dry-run targets never pass --apply.
docs/superpowers/specs/2026-07-08-reconcile-and-upgrade-discoverability-design.md Adds the design spec documenting goals, safety model, and UX expectations.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread tests/test_reconcile_dryrun.sh Outdated
Comment thread audit.py
Comment thread scripts/guide.sh
Comment thread cli_audit/reconcile.py
CybotTM added 2 commits July 8, 2026 09:57
Signed-off-by: Sebastian Mendel <github@sebastianmendel.de>
…talls

Expose reconcile.py as an audit.py entrypoint: --reconcile <tool> reports the
plan (versions, which install is active on PATH, which is preferred/kept), and
--apply removes the non-preferred duplicates (aggressive mode, honoring the
system-tool safelist). --all sweeps the full catalog. JSON via CLI_AUDIT_JSON=1
for shell consumers. reconcile_tool now resolves catalog candidates when a
caller omits them, so alternate-named duplicates (pip/pip3, fd/fdfind) are
detected in bulk sweeps too.

Signed-off-by: Sebastian Mendel <github@sebastianmendel.de>
@CybotTM CybotTM force-pushed the feat/reconcile-discoverability branch 2 times, most recently from a741fd8 to 0dfdf71 Compare July 8, 2026 08:11
@CybotTM CybotTM requested a review from Copilot July 8, 2026 08:12
@CybotTM CybotTM force-pushed the feat/reconcile-discoverability branch from 0dfdf71 to 10fbca1 Compare July 8, 2026 08:16

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 11 out of 11 changed files in this pull request and generated 1 comment.

Comment thread audit.py
@CybotTM CybotTM force-pushed the feat/reconcile-discoverability branch 2 times, most recently from 6fd2661 to dec5423 Compare July 8, 2026 08:24
@CybotTM CybotTM requested a review from Copilot July 8, 2026 08:24

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 11 out of 11 changed files in this pull request and generated 5 comments.

Comment thread cli_audit/reconcile.py Outdated
Comment thread cli_audit/reconcile.py
Comment thread audit.py
Comment thread audit.py Outdated
Comment thread cli_audit/render.py
@CybotTM CybotTM force-pushed the feat/reconcile-discoverability branch from dec5423 to 3c24cc7 Compare July 8, 2026 08:34
@CybotTM CybotTM requested a review from Copilot July 8, 2026 08:35

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 11 out of 13 changed files in this pull request and generated no new comments.

…ability

guide.sh now renders per-install version + active (PATH default) + preferred
(kept) markers for duplicates and offers an inline 'c' action to remove the
non-preferred ones. Adds 'make reconcile-all' (confirm-each) and
'reconcile-all-dry-run' (plan only). The audit readiness line and guide summary
hint at 'make reconcile-all' (when duplicates exist) and 'make upgrade-managed'.
auto_update.sh warns that native manager upgrades bypass cli-audit pins and
project lockfiles before running (skipped on dry-run or FORCE=1).

Signed-off-by: Sebastian Mendel <github@sebastianmendel.de>
@CybotTM CybotTM force-pushed the feat/reconcile-discoverability branch from 3c24cc7 to 46660c9 Compare July 8, 2026 09:48
@sonarqubecloud

sonarqubecloud Bot commented Jul 8, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
16 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@CybotTM CybotTM merged commit bc3e476 into main Jul 8, 2026
21 checks passed
@CybotTM CybotTM deleted the feat/reconcile-discoverability branch July 8, 2026 10:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants