Finish install-based package recommendation behavior

[jesse-merhi]

Summary

Follow-up to #2633. That PR merged the first install-ranking slice; this keeps the remaining branch work that was still local afterward.

• completes install/recommended sort plumbing across plugin, package, and skill catalog endpoints
• keeps recommended pagination stable when score backfills are incomplete or cursors are stale
• defaults filtered plugin browse to updated ordering where recommended scores are not safe to use
• records package install metrics with viewer identity and safer dedupe/cleanup behavior
• updates package stats, search digest, docs, and UI stat displays to use install-based fields consistently

Verification

• VITE_CONVEX_URL=https://example.invalid bunx vitest run convex/httpApiV1.handlers.test.ts convex/skills.packageCatalog.test.ts src/__tests__/packages-route.test.tsx convex/packages.public.test.ts convex/packages.stats.test.ts passed: 5 files, 605 tests
• bun run ci:unit passed: 264 files, 3189 tests
• bunx convex dev --once --typecheck=disable passed
• bun run ci:types-build passed
• bun run format:check passed
• bun run lint passed
• bun run deadcode:ci passed

Static Gate Note

bun run ci:static currently stops in bun audit before format/lint/dead-code because dompurify advisories are reported through mermaid and monaco-editor. I ran the remaining static checks directly after that failure.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
clawhub	Ready	Preview, Comment	Jun 15, 2026 11:58pm

[Copilot]

Pull request overview

Completes the remaining “install-based” ranking/recommendation work across the plugin/package/skill catalogs, including safer pagination fallbacks while recommendation-score backfills are incomplete, and aligns install/stat recording + digest synchronization so public list/search views stay consistent.

Changes:

• Extend catalog sorting/plumbing to support recommended/installs/updated consistently across UI routes and HTTP/Convex endpoints, including stable cursor fallback behavior.
• Record package install metrics with required viewer identity inputs and improve hard-delete cleanup of install dedupe rows.
• Keep package search digest stats in sync with package stat updates and add a maintenance backfill to patch stale digest stats.

Reviewed changes

Copilot reviewed 17 out of 17 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
src/routes/plugins/index.tsx	Adjusts default sort + sort persistence behavior for plugin browse/search.
src/components/SkillHeader.tsx	Uses migrated top-level skill stats fields when present.
src/components/SkillHeader.test.tsx	Adds coverage for migrated install stats selection.
src/tests/packages-route.test.tsx	Updates/adds tests for plugin route sort defaults and install sorting.
docs/http-api.md	Documents unified packages endpoint sort options.
docs/api.md	Documents /api/v1/packages sort parameter options.
convex/statsMaintenance.ts	Adds internal mutation to backfill package digest stats and a helper comparer.
convex/statsMaintenance.test.ts	Adds tests for the new digest-stat backfill mutation.
convex/skills.ts	Adds recommended sort support and recommended→updated fallback cursoring for package catalog rows.
convex/skills.packageCatalog.test.ts	Tests recommended sort and fallback behavior for package catalog pagination.
convex/schema.ts	Adds install-sorted indexes for capability/category package digest tables.
convex/packages.ts	Adds install-sorted digest query builders, makes install metric args required, syncs digest stats post-stat-processing, and improves install-dedupe cleanup on hard delete.
convex/packages.stats.test.ts	Updates tests for required install metric args and validates digest stat syncing.
convex/packages.public.test.ts	Adds tests for install-sorted capability/category listings and install-dedupe cleanup during hard delete.
convex/lib/packageSearchDigest.ts	Adds helper to patch digest stats across digest tables for a package.
convex/httpApiV1/packagesV1.ts	Adds recommended-fallback cursor state handling and default-sort behavior for plugin endpoints; tightens install metric recording to identity-backed installs only.
convex/httpApiV1.handlers.test.ts	Adds handler coverage for merged sorting behavior and recommended fallback semantics.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[clawsweeper]

Codex review: needs maintainer review before merge. Reviewed June 15, 2026, 8:07 PM ET / 00:07 UTC.

Summary
The PR completes install/recommended sorting and install metric plumbing across package/plugin/skill catalog endpoints, digest stats/backfills, docs, and plugin browse UI behavior.

Reproducibility: not applicable. as a maintainer-authored feature/plumbing PR; review focused on source, diff, related merged work, and validation evidence.

Review metrics: 2 noteworthy metrics.

• Diff size: 17 files, +2074/-112. The change spans schema, backend catalog queries, HTTP API behavior, tests, docs, and UI route defaults, so it warrants broad maintainer review.
• Observed CI: Most required jobs passed; static failed at audit. The only observed failing validation is the already-noted dependency audit issue rather than a clear patch-introduced correctness failure.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🌊 off-meta tidepool
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• none.

Risk before merge

• [P1] The static CI job is currently blocked at bun audit by the DOMPurify advisory chain through mermaid/monaco-editor, which the PR body calls out as an existing audit issue rather than a diff-introduced failure.
• [P1] The branch adds Convex indexes and backfill/cleanup behavior, so maintainers should keep the normal deploy ordering and runtime validation expectations for Convex schema changes before landing.

Maintainer options:

1. Decide the mitigation before merge
   Land the branch after normal maintainer review and required checks, keeping install-based catalog behavior on the existing package, plugin, and skill APIs.
2. Pause or close
   Do not merge this PR until maintainers decide whether the risk is worth taking.

Next step before merge

• [P2] Maintainer-authored implementation PR should remain open for normal review; no concrete automated repair is identified.

Security
Cleared: No concrete security or supply-chain regression was found; the diff changes app/backend catalog and stat plumbing without workflow, dependency, secret, or artifact-execution changes.

Review details

Best possible solution:

Land the branch after normal maintainer review and required checks, keeping install-based catalog behavior on the existing package, plugin, and skill APIs.

Do we have a high-confidence way to reproduce the issue?

Not applicable as a maintainer-authored feature/plumbing PR; review focused on source, diff, related merged work, and validation evidence.

Is this the best way to solve the issue?

Yes; completing the install/recommended sort plumbing in the existing catalog endpoints and digest/stat paths is the narrow maintainable path, and no supported duplicate path was found.

AGENTS.md: found and applied where relevant.

Codex review notes: model internal, reasoning high; reviewed against ab3c708cc993.

Label changes

Label changes:

• add P2: This is a normal-priority catalog/API behavior improvement with meaningful but bounded backend and UI blast radius.
• add rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🌊 off-meta tidepool and patch quality is 🐚 platinum hermit.
• add status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Not applicable: The PR is maintainer-authored, so the external-contributor real behavior proof gate does not apply; the body and CI provide supplemental validation.

Label justifications:

• P2: This is a normal-priority catalog/API behavior improvement with meaningful but bounded backend and UI blast radius.
• rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🌊 off-meta tidepool and patch quality is 🐚 platinum hermit.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Not applicable: The PR is maintainer-authored, so the external-contributor real behavior proof gate does not apply; the body and CI provide supplemental validation.

Evidence reviewed

Acceptance criteria:

• [P1] bun run ci:static.
• [P1] bun run ci:unit.
• [P1] bun run ci:types-build.
• [P1] bun run ci:packages.
• [P1] bunx convex dev --once --typecheck=disable.

What I checked:

• Repository policy read: AGENTS.md was inspected and applied, including the Convex guideline requirement, stat migration guidance, and PR validation expectations. (AGENTS.md:1)
• PR diff surface: The diff touches Convex schema/backend/API/tests, package search digest stats/backfills, docs, and the plugins browse route rather than a narrow docs-only or obsolete change. (convex/packages.ts:1766, 637154c11e80)
• Related merged work: PR Make installs the primary plugin and skill usage signal #2633 merged the first install-usage slice on 2026-06-15, but this PR adds remaining package recommendation, digest stat, filtered sort, and cleanup behavior beyond that merged branch. (078425f074da)
• History/provenance: Recent install-adoption and catalog work appears in merged commit 44ce895 and PR Make installs the primary plugin and skill usage signal #2633 merge commit 078425f; the current PR is a follow-up rather than a duplicate of a current-main implementation. (convex/packages.ts:3992, 44ce895b442c)
• Validation status: The PR body reports targeted tests, ci:unit, ci:types-build, ci:packages, and Convex codegen; GitHub checks show the main validation jobs passing, with static blocked only by the noted audit advisory.

Likely related people:

• jesse-merhi: Authored the prior merged install-usage PR Make installs the primary plugin and skill usage signal #2633 and the current follow-up commits that extend install/recommended catalog behavior. (role: recent area contributor; confidence: high; commits: 078425f074da, 637154c11e80; files: convex/packages.ts, convex/httpApiV1/packagesV1.ts, convex/skills.ts)
• Patrick Erichsen: Git history and blame show prior package/catalog/stat work across the same Convex and UI surfaces, including recent public adoption surface changes. (role: adjacent owner; confidence: medium; commits: 44ce895b442c, a63d153b1d46; files: convex/packages.ts, convex/httpApiV1/packagesV1.ts, convex/skills.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[jesse-merhi]

Closing this broad follow-up PR in favor of the smaller split stack:

• Add install sort support to package catalog APIs #2674: install sort API plumbing
• Stabilize package recommendation fallback sorting #2675: recommendation fallback stability
• Harden package install metrics cleanup #2676: install metric cleanup
• Index filtered package install sorting #2677: filtered install indexes and digest stat backfill

The split PRs each have proof-pack bodies based on their own net diff.