Skip to content
This repository was archived by the owner on Jan 23, 2026. It is now read-only.

Bun/Node: remove the --no-save which seems to cause issues sometimes #412

Merged
jhaynie merged 1 commit into from
Jul 8, 2025
Merged

Bun/Node: remove the --no-save which seems to cause issues sometimes #412

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ go 1.24.4

require (
github.com/Masterminds/semver v1.5.0
github.com/agentuity/go-common v1.0.64
github.com/agentuity/go-common v1.0.67
github.com/agentuity/mcp-golang/v2 v2.0.2
github.com/bmatcuk/doublestar/v4 v4.8.1
github.com/charmbracelet/bubbles v0.20.0
Expand Down
4 changes: 2 additions & 2 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,8 @@ github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERo
github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
github.com/ProtonMail/go-crypto v1.1.5 h1:eoAQfK2dwL+tFSFpr7TbOaPNUbPiJj4fLYwwGE1FQO4=
github.com/ProtonMail/go-crypto v1.1.5/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE=
github.com/agentuity/go-common v1.0.64 h1:E7PRLFcrPDd32doxSzI2reCpaHtHr3mcSmVl9yz+Ffc=
github.com/agentuity/go-common v1.0.64/go.mod h1:cy1EPYpZUkp3JSMgTb+Sa3sLnS7vQQupj/RwO4An6L4=
github.com/agentuity/go-common v1.0.67 h1:Pw6Lv/2eJ+F4kZZgnZhYy3JyTzA3VEa64h/BPSfayxw=
github.com/agentuity/go-common v1.0.67/go.mod h1:cy1EPYpZUkp3JSMgTb+Sa3sLnS7vQQupj/RwO4An6L4=
github.com/agentuity/mcp-golang/v2 v2.0.2 h1:wZqS/aHWZsQoU/nd1E1/iMsVY2dywWT9+PFlf+3YJxo=
github.com/agentuity/mcp-golang/v2 v2.0.2/go.mod h1:U105tZXyTatxxOBlcObRgLb/ULvGgT2DJ1nq/8++P6Q=
github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8=
Expand Down
6 changes: 3 additions & 3 deletions internal/bundler/bundler.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,7 @@ func installSourceMapSupportIfNeeded(ctx BundleContext, dir string) error {
// only bun needs to install this library to aide in parsing the source maps
path := filepath.Join(dir, "node_modules", "source-map-js", "package.json")
if !util.Exists(path) {
cmd := exec.CommandContext(ctx.Context, "bun", "add", "source-map-js", "--no-save", "--silent", "--no-progress", "--no-summary", "--ignore-scripts")
cmd := exec.CommandContext(ctx.Context, "bun", "add", "source-map-js", "--silent", "--no-progress", "--no-summary", "--ignore-scripts")
cmd.Dir = dir
out, err := cmd.CombinedOutput()
if err != nil {
Expand Down Expand Up @@ -147,9 +147,9 @@ func bundleJavascript(ctx BundleContext, dir string, outdir string, theproject *
var install *exec.Cmd
switch theproject.Bundler.Runtime {
case "nodejs":
install = exec.CommandContext(ctx.Context, "npm", "install", "--no-save", "--no-audit", "--no-fund", "--include=prod", "--ignore-scripts")
install = exec.CommandContext(ctx.Context, "npm", "install", "--no-audit", "--no-fund", "--include=prod", "--ignore-scripts")
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot Jul 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Behavioral change: npm install will now save dependencies to package.json.

Removing --no-save from the npm install command means dependencies will be saved to package.json. This is a significant change in dependency management behavior.

Since this command is used for installing production dependencies (note the --include=prod flag), consider:

  • Whether saving dependencies to package.json is intentional
  • If this might cause conflicts with existing package.json entries
  • The impact on CI/CD pipelines that rely on the current behavior

If the intent is to install without saving, consider using --no-save explicitly or use a different approach like npm ci for production installs.

🤖 Prompt for AI Agents 
In internal/bundler/bundler.go at line 150, the npm install command was changed
to remove the --no-save flag, causing dependencies to be saved to package.json,
which alters the intended behavior. To fix this, explicitly add the --no-save
flag back to the npm install command to prevent modifying package.json during
production dependency installation, or alternatively replace the command with
npm ci if the goal is to install exact dependencies from package-lock.json
without saving changes.

case "bunjs":
args := []string{"install", "--production", "--no-save", "--ignore-scripts"}
args := []string{"install", "--production", "--ignore-scripts"}
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot Jul 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Behavioral change: bun install will now save dependencies to package.json.

Removing --no-save from the bun install command means dependencies will be saved to package.json. This change aligns with the npm install modification but could have significant implications.

Consider the following impacts:

  • Dependencies will now be persisted in package.json
  • This could affect build reproducibility across different environments
  • CI/CD pipelines may need adjustment if they rely on the current behavior
  • Team members will automatically install these dependencies

If the goal is to ensure dependencies are tracked, this change makes sense. However, if temporary installation was intended, consider using --no-save explicitly or documenting this behavioral change.

🤖 Prompt for AI Agents 
In internal/bundler/bundler.go at line 152, the bun install command was changed
by removing the --no-save flag, causing dependencies to be saved to
package.json. To fix this, decide if you want dependencies to be persisted; if
not, re-add the --no-save flag to the args slice to prevent modifying
package.json and maintain the previous behavior. If saving dependencies is
intended, ensure this behavioral change is documented and communicated to the
team.

if ctx.CI {
args = append(args, "--verbose", "--no-cache")
} else {
Expand Down
Loading