Skip to content

Writing a Rust Backend V1 #73

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Ryandonofrio3 wants to merge 19 commits into
base: main
Choose a base branch
from
Open

Writing a Rust Backend V1 #73

Show file tree
Hide file tree
Changes from 15 commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
58b320d
first commit
Ryandonofrio3 Dec 14, 2025
30ffe4d
second commit
Ryandonofrio3 Dec 14, 2025
7fabb4f
third commit
Ryandonofrio3 Dec 14, 2025
1e936d2
rust add
Ryandonofrio3 Dec 14, 2025
70e48c1
cleanup
Ryandonofrio3 Dec 14, 2025
2303bca
repo cleanup deps removal
Ryandonofrio3 Dec 14, 2025
95d88fb
build
Ryandonofrio3 Dec 14, 2025
16e6c10
mild cleanup
Ryandonofrio3 Dec 14, 2025
c6fcc3c
error fixing
Ryandonofrio3 Dec 14, 2025
6257b57
cleanup tests
Ryandonofrio3 Dec 14, 2025
69a94c9
memory leak fix
Ryandonofrio3 Dec 14, 2025
b182b7b
enhance git utility functions to better handle worktree detection and…
Ryandonofrio3 Dec 14, 2025
31797a0
little rearrangement
Ryandonofrio3 Dec 14, 2025
26273a0
typecheck
Ryandonofrio3 Dec 14, 2025
816901b
coreML
Ryandonofrio3 Dec 14, 2025
17a9e7d
undo core ml for now
Ryandonofrio3 Dec 14, 2025
b261fdb
Implement server management enhancements and live indexing features i…
Ryandonofrio3 Dec 14, 2025
d230535
Add `osgrep trace` command for call flow analysis and enhance README …
Ryandonofrio3 Dec 15, 2025
d0cf7b2
ready for model work
Ryandonofrio3 Dec 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
63 changes: 49 additions & 14 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,39 +2,74 @@ name: CI

on:
pull_request:
branches: [ main ]
branches: [main]
push:
branches: [ main ]
branches: [main]

jobs:
ci:
# Build native module on Linux (fast sanity check)
build-native:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Setup pnpm
uses: pnpm/action-setup@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: '20'

- name: Install Rust
uses: dtolnay/rust-toolchain@stable

- name: Cache Rust
uses: Swatinem/rust-cache@v2
with:
workspaces: osgrep-core

- name: Install napi-rs CLI
run: npm install -g @napi-rs/cli

- name: Build native module
working-directory: osgrep-core
run: napi build --platform --release

- name: Upload artifact
uses: actions/upload-artifact@v4
with:
version: 9
run_install: false
name: native-linux
path: osgrep-core/*.node

# TypeScript checks and tests
ci:
runs-on: ubuntu-latest
needs: build-native
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Setup bun
uses: oven-sh/setup-bun@v2

- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'pnpm'
cache-dependency-path: 'pnpm-lock.yaml'

- name: Download native module
uses: actions/download-artifact@v4
with:
name: native-linux
path: osgrep-core

- name: Install dependencies
run: pnpm install --frozen-lockfile
run: bun install

- name: Check types
run: pnpm run typecheck
run: bun run typecheck

- name: Run tests
run: pnpm run test
run: bun run test

- name: Build
run: pnpm run build

run: bun run build
129 changes: 108 additions & 21 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,47 +6,113 @@ on:
- 'v*.*.*'
workflow_dispatch:

env:
CARGO_INCREMENTAL: 0

jobs:
publish-npm:
# =============================================================================
# Build native binaries for each platform
# =============================================================================
build-native:
strategy:
fail-fast: false
matrix:
include:
- target: aarch64-apple-darwin
os: macos-latest
- target: x86_64-apple-darwin
os: macos-latest
- target: x86_64-unknown-linux-gnu
os: ubuntu-latest
- target: x86_64-unknown-linux-musl
os: ubuntu-latest
use-cross: true
- target: x86_64-pc-windows-msvc
os: windows-latest

runs-on: ${{ matrix.os }}

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: '20'

- name: Install Rust
uses: dtolnay/rust-toolchain@stable
with:
targets: ${{ matrix.target }}

- name: Install dependencies (Linux musl)
if: matrix.use-cross
run: |
sudo apt-get update
sudo apt-get install -y musl-tools

- name: Install napi-rs CLI
run: npm install -g @napi-rs/cli

- name: Build native module
working-directory: osgrep-core
run: napi build --platform --release --target ${{ matrix.target }}

- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: bindings-${{ matrix.target }}
path: osgrep-core/*.node
if-no-files-found: error

# =============================================================================
# Publish platform packages + meta package + osgrep
# =============================================================================
publish:
runs-on: ubuntu-latest
needs: build-native
permissions:
contents: write
id-token: write

steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Setup pnpm
uses: pnpm/action-setup@v4
with:
version: 9
run_install: false

- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: '20'
registry-url: 'https://registry.npmjs.org'
cache: 'pnpm'
cache-dependency-path: 'pnpm-lock.yaml'

- name: Install napi-rs CLI
run: npm install -g @napi-rs/cli

- name: Download all artifacts
uses: actions/download-artifact@v4
with:
path: osgrep-core/artifacts

- name: Move artifacts to osgrep-core
run: |
cd osgrep-core
for dir in artifacts/bindings-*/; do
mv "$dir"*.node . 2>/dev/null || true
done
rm -rf artifacts
Comment on lines +100 to +105
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Dec 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Artifact movement script lacks error visibility.

The defensive || true silently ignores errors when moving .node files. If artifacts fail to copy due to unexpected directory structure or permissions, the publish job will still proceed with missing binaries.

Add explicit verification that artifacts were moved:

  cd osgrep-core
  for dir in artifacts/bindings-*/; do
-   mv "$dir"*.node . 2>/dev/null || true
+   if ! mv "$dir"*.node . 2>/dev/null; then
+     echo "Warning: Failed to move artifacts from $dir"
+   fi
  done
  rm -rf artifacts
- ls -la *.node
+ if ! ls *.node 1>/dev/null 2>&1; then
+   echo "Error: No .node files found in osgrep-core after moving artifacts"
+   exit 1
+ fi
+ ls -la *.node

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents 
.github/workflows/release.yml around lines 100 to 105: the current loop uses "||
true" which hides failures when moving .node artifacts; replace the silent
ignore with explicit checks: attempt to move files, capture whether any .node
files were moved, emit a clear error message if none were moved (including
listing the artifacts/bindings-*/ directories for diagnosis) and exit non‑zero
to fail the job; ensure permissions errors are surfaced by removing the "||
true" and adding a conditional that fails the step when the moved-file count is
zero.

ls -la *.node

- name: Verify tag commit is on main
working-directory: .
run: |
git fetch origin main --depth=1
if ! git merge-base --is-ancestor "$GITHUB_SHA" origin/main; then
echo "Refusing to publish: tag commit is not on main"
exit 1
fi

- name: Install dependencies
run: pnpm install --frozen-lockfile

- name: Check types
run: pnpm run typecheck

- name: Verify tag matches package.json version
run: |
TAG="${GITHUB_REF##*/}"
Expand All @@ -56,15 +122,36 @@ jobs:
exit 1
fi

- name: Build
run: pnpm build
- name: Publish osgrep-core platform packages
working-directory: osgrep-core
run: napi prepublish -t npm
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

- name: Publish osgrep-core meta package
working-directory: osgrep-core
run: npm publish --access public --provenance
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

- name: Install bun
uses: oven-sh/setup-bun@v2

- name: Install osgrep dependencies
run: bun install

- name: Check types
run: bun run typecheck

- name: Build osgrep
run: bun run build

- name: Publish to npm
run: pnpm publish --access public --provenance --no-git-checks
- name: Publish osgrep to npm
run: npm publish --access public --provenance
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

- name: Create GitHub Release (tag only, no assets)
- name: Create GitHub Release
uses: softprops/action-gh-release@v1
with:
tag_name: ${{ github.ref_name }}
Expand Down
55 changes: 40 additions & 15 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,28 +1,53 @@
dist/
node_modules/
**/node_modules/
*.tsbuildinfo
*.tgz
.DS_Store

# Local osgrep data
.osgrep/
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Dec 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Redundant entry: remove line 53 .osgrep.

Line 53 (.osgrep) is a duplicate of the new entry on line 9 (.osgrep/). The trailing slash is more precise as it targets only directories. Remove the old entry to avoid confusion.

-.osgrep

Also applies to: 53-53

🤖 Prompt for AI Agents 
In .gitignore around lines 9 and 53, there is a duplicate entry for `.osgrep`
(line 9 has `.osgrep/` and line 53 has `.osgrep`); remove the redundant line 53
entry so only the more precise directory pattern `.osgrep/` remains, ensuring no
other references to the same pattern are left elsewhere in the file.


# Development files
CLAUDE.md
TODO.md
AGENTS.md
ADVANCED.md
test-build.sh
TEST_SUITE_PROMPT.md
WATCH_MODE_PROMPT.md
ENGINEERING_DIARY.md
RELEASE_GUIDE.md
osgrep/run-benchmark.sh
TEST_SUITE_PROMPT.md
WATCH_MODE_PROMPT.md
AGENT_BENCHMARK.md
latest_review.md
plan.md

# Benchmark & experiments (dev-only)
benchmark/
experiments/
scripts/
tools/
public/
test_skeleton.py
test-build.sh
run-agent-benchmark.sh
setup-benchmark-repos.sh
AGENT_BENCHMARK.md
benchmark-results.json
src/bench/benchmark-agent.ts
src/bench/generate-benchmark-chart.ts
src/.env.local
CLAUDE.md
.DS_Store
latest_review.md
benchmarks/*.log
.osgrep/server.json
.osgrep/cache/meta.lmdb-lock
src/bench/

# Env files
src/.env.local
.env*

# Lockfiles (using bun)
pnpm-lock.yaml
package-lock.json
yarn.lock

bun.lockb
# Native core (Rust / N-API) build outputs
osgrep-core/target/
**/target/
osgrep-core/*.node
osgrep-core/bench/
.osgrep
TODO.md
AGENTS.md
Loading
Loading