fix(parsers): support legacy bun.lockb layouts#595
Merged
Conversation
Accept Bun's older 7-field binary lockfile records so legacy bun.lockb files discovered in oven-sh/bun no longer fail package extraction during compare verification. Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent) Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
Lock the seven-field Bun lockfile fix in place with parser, golden, and scanner-level regression coverage backed by a Provenant-owned fixture from the verified oven-sh/bun compare case. Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent) Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
Capture the validated Bun benchmark and scorecard outcome after the legacy bun.lockb regression was fixed and the remaining compare tail was reviewed down to non-blocking normalization differences. Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent) Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
bun.lockbpackage layout sobench/bundle/bun.lockbinoven-sh/bun @ 700fc117no longer fails package extraction duringcompare-outputsoven-sh/buncompare run indocs/BENCHMARKS.mdand expand the scorecard note with the reviewed remaining tailScope and exclusions
src/parsers/bun_lockb.rssupport for 7-field and 8-field binary package layoutssrc/parsers/bun_lockb_test.rs,src/parsers/bun_lockb_golden_test.rs, andsrc/parsers/npm_scan_test.rscoverage for the legacybun.lockbscenariotestdata/bun/docs/BENCHMARKS.mdanddocs/implementation-plans/package-detection/PARSER_VERIFICATION_SCORECARD.mdbun.lockbsupport beyond the existing current-version boundaryIntentional differences from Python
bun.lockblayout, which upstream ScanCode still does not parse natively; this is an intentional correctness improvement verified against Bun's own loader expectations and the savedcompare-outputsartifacts.Expected-output fixture changes
testdata/bun/golden/bun-lockb-v2-no-scripts-expected.jsonbun.lockbthat Bun itself acceptspkg:npm/bundlewith the resolvedpkg:npm/bun-types@0.5.8dependency information that previously failed behind a scan errorFollow-up work
bun.lockbv3 support because this PR only fixes the verified legacy seven-field regression found inoven-sh/bunpackage.jsondependency identities because the raw compare output already matches and this branch is scoped to the Bun parser regression