Don't leak file handles

Update dist
Update messaging
2025-03-28 19:55:52 -04:00 · 2025-03-28 19:43:29 -04:00 · 2025-03-28 19:42:55 -04:00 · 2025-03-28 19:42:10 -04:00 · 2025-03-28 19:41:14 -04:00 · 2025-03-28 19:38:57 -04:00
16 changed files with 929 additions and 6521 deletions
@@ -3,25 +3,10 @@ name: CI
 on:
  pull_request:
  push:
-    branches: [main]
+    branches: [main, curl-data]
  workflow_dispatch:

 jobs:
-  tests:
-    runs-on: ubuntu-22.04
-    needs:
-      - check-dist-up-to-date
-      - install-nix
-      - install-with-non-default-source-inputs
-      - install-no-id-token
-    # NOTE(cole-h): GitHub treats "skipped" as "OK" for the purposes of required checks on branch
-    # protection, so we take advantage of this fact and fail if any of the dependent actions failed,
-    # or "skip" (which is a success for GHA's purposes) if none of them did.
-    if: failure()
-    steps:
-      - name: Dependent checks failed
-        run: exit 1
-
  check-dist-up-to-date:
    name: Check the dist/ folder is up to date
    runs-on: ubuntu-22.04
@@ -51,15 +36,8 @@ jobs:
      matrix:
        runner:
          - ubuntu-latest
-          - nscloud-ubuntu-22.04-amd64-4x16
-          - namespace-profile-default-arm64
-          # - macos-12-large # determinate-nixd is broken on macos-12
-          - macos-13-large
-          - macos-14-large
-          - macos-14-xlarge # arm64
        determinate:
          - true
-          - false
    runs-on: ${{ matrix.runner }}
    permissions:
      contents: read
@@ -74,6 +52,12 @@ jobs:
          backtrace: full
          _internal-strict-mode: true
          determinate: ${{ matrix.determinate }}
+        # - name: Breakpoint if tests failed
+        #   uses: namespacelabs/breakpoint-action@v0
+        #   with:
+        #     duration: 30m
+        #     authorized-users: grahamc
+
      - name: echo $PATH
        run: echo $PATH

@@ -143,38 +127,3 @@ jobs:
          cat -n /etc/nix/nix.conf
          nix config show | grep -E "^trusted-users = .*$USER"
          nix config show | grep -E "^use-sqlite-wal = true"
-
-  install-with-non-default-source-inputs:
-    name: Install Nix using non-default source-${{ matrix.inputs.key }}
-    runs-on: ubuntu-22.04
-    strategy:
-      matrix:
-        inputs:
-          # https://github.com/DeterminateSystems/nix-installer/blob/v0.18.0
-          - key: url
-            value: https://github.com/DeterminateSystems/nix-installer/releases/download/v0.18.0/nix-installer-x86_64-linux
-            nix-version: "2.21.2"
-          # https://github.com/DeterminateSystems/nix-installer/tree/7011c077ec491da410fbc39f68676b0908b9ce7e
-          - key: revision
-            value: 7011c077ec491da410fbc39f68676b0908b9ce7e
-            nix-version: "2.19.2"
-
-    steps:
-      - uses: actions/checkout@v4
-      - name: Install with alternative source-${{ matrix.inputs.key }}
-        uses: ./
-        with:
-          source-${{ matrix.inputs.key }}: ${{ matrix.inputs.value }}
-          _internal-strict-mode: true
-      - name: Ensure that the expected Nix version ${{ matrix.inputs.nix-version }} is installed via alternative source-${{ matrix.inputs.key }}
-        run: .github/verify-version.sh ${{ matrix.inputs.nix-version }}
-
-  install-no-id-token:
-    name: Install Nix without an ID token
-    runs-on: ubuntu-22.04
-    steps:
-      - uses: actions/checkout@v4
-      - uses: ./
-        with:
-          _internal-strict-mode: true
-          determinate: true
@@ -1,5 +1,3 @@
 # Submitting Pull Requests

-Run `pnpm install` to install necessary JS tools.
-
 This action is based off https://github.com/actions/javascript-action. As part of your contributing flow you **must** run `npm run all` before we can merge.
@@ -11,8 +11,7 @@
    "check-fmt": "prettier --check .",
    "lint": "eslint src/**/*.ts",
    "package": "ncc build",
-    "test": "vitest --watch false",
-    "all": "pnpm run test && pnpm run format && pnpm run lint && pnpm run build && pnpm run package"
+    "all": "pnpm run format && pnpm run lint && pnpm run build && pnpm run package"
  },
  "repository": {
    "type": "git",
@@ -30,13 +29,12 @@
    "@actions/exec": "^1.1.1",
    "@actions/github": "^6.0.0",
    "detsys-ts": "github:DeterminateSystems/detsys-ts",
-    "got": "^14.4.7",
-    "string-argv": "^0.3.2",
-    "vitest": "^3.1.1"
+    "got": "^14.4.6",
+    "string-argv": "^0.3.2"
  },
  "devDependencies": {
    "@trivago/prettier-plugin-sort-imports": "^4.3.0",
-    "@types/node": "^20.17.30",
+    "@types/node": "^20.17.28",
    "@types/uuid": "^9.0.8",
    "@typescript-eslint/eslint-plugin": "^7.18.0",
    "@vercel/ncc": "^0.38.3",
@@ -44,9 +42,9 @@
    "eslint-import-resolver-typescript": "^3.10.0",
    "eslint-plugin-github": "^4.10.2",
    "eslint-plugin-import": "^2.31.0",
-    "eslint-plugin-prettier": "^5.2.6",
+    "eslint-plugin-prettier": "^5.2.5",
    "prettier": "^3.5.3",
    "tsup": "^8.4.0",
-    "typescript": "^5.8.3"
+    "typescript": "^5.8.2"
  }
 }
@@ -1,66 +0,0 @@
-import * as core from "@actions/core";
-
-import type { Fix, FixHashesOutputV1, Mismatch } from "./fixHashes.js";
-
-function prettyDerivation(derivation: string): string {
-  return derivation.replace(/\/nix\/store\/\w+-/, "").replace(/.drv$/, "");
-}
-
-function annotateSingle(
-  file: string,
-  line: number,
-  { derivation, replacement }: Mismatch,
-): void {
-  const pretty = prettyDerivation(derivation);
-  core.error(`To correct the hash mismatch for ${pretty}, use ${replacement}`, {
-    file,
-    startLine: line,
-  });
-}
-
-function annotateMultiple(
-  file: string,
-  { line, found, mismatches }: Fix,
-): void {
-  const matches = mismatches
-    .map(({ derivation, replacement }) => {
-      const pretty = prettyDerivation(derivation);
-      return `* For the derivation ${pretty}, use ${replacement}`;
-    })
-    .join("\n");
-
-  core.error(
-    `There are multiple replacements for the expression ${found}:\n${matches}`,
-    {
-      file,
-      startLine: line,
-    },
-  );
-}
-
-function annotate(file: string, fix: Fix): void {
-  if (fix.mismatches.length === 1) {
-    annotateSingle(file, fix.line, fix.mismatches[0]);
-  } else {
-    annotateMultiple(file, fix);
-  }
-}
-
-/**
- * Annotates fixed-output derivation hash mismatches using GitHub Actions'
- *
- * @param output The output of `determinate-nixd fix hashes --json`
- * @returns The number of annotations reported to the user
- */
-export function annotateMismatches(output: FixHashesOutputV1): number {
-  let count = 0;
-
-  for (const { file, fixes } of output.files) {
-    for (const fix of fixes) {
-      annotate(file, fix);
-      count++;
-    }
-  }
-
-  return count;
-}
@@ -1,65 +0,0 @@
-import { parseEvents, getRecentEvents } from "./events.js";
-import { expect, test } from "vitest";
-
-// Handy test for locally making sure you can fetch recent events:
-// eslint-disable-next-line no-constant-condition
-if (false) {
-  test("Parsing existing events", async () => {
-    expect(await getRecentEvents(new Date(Date.now() - 1000000))).toStrictEqual(
-      [{}],
-    );
-  });
-}
-
-test("Parsing existing events", () => {
-  const events = parseEvents([
-    {
-      v: "1",
-      c: "BuiltPathResponseEventV1",
-      drv: "/nix/store/m96zgji4fhi70s2zs6pq5pric6ch7p4h-stdenv-darwin.drv",
-      outputs: ["/nix/store/dalhfz3l75w4b4q06sxzqgb2wfydvkbv-stdenv-darwin"],
-      timing: null,
-    },
-    {
-      v: "1",
-      c: "BuiltPathResponseEventV1",
-      drv: "/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv",
-      outputs: ["/nix/store/qwlgz5da3pfb53gqpgdmazaj9jczrnly-dep-1"],
-      timing: {
-        startTime: "2025-04-11T14:38:02Z",
-        stopTime: "2025-04-11T14:38:05Z",
-        durationSeconds: 3,
-      },
-    },
-    {
-      v: "1",
-      c: "BuildFailureResponseEventV1",
-      drv: "/nix/store/ykvbksjqrza2zpj6nkbycrdfwgfdpr8g-hash-mismatch-md5-base16.drv",
-      timing: {
-        startTime: "2025-04-11T14:36:44Z",
-        stopTime: "2025-04-11T14:36:44Z",
-        durationSeconds: 0,
-      },
-    },
-  ]);
-  expect(events).toStrictEqual([
-    {
-      v: "1",
-      c: "BuiltPathResponseEventV1",
-      drv: "/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv",
-      timing: {
-        durationSeconds: 3,
-        startTime: new Date("2025-04-11T14:38:02Z"),
-      },
-    },
-    {
-      v: "1",
-      c: "BuildFailureResponseEventV1",
-      drv: "/nix/store/ykvbksjqrza2zpj6nkbycrdfwgfdpr8g-hash-mismatch-md5-base16.drv",
-      timing: {
-        durationSeconds: 0,
-        startTime: new Date("2025-04-11T14:36:44Z"),
-      },
-    },
-  ]);
-});
@@ -1,71 +0,0 @@
-import got from "got";
-
-export interface DEvent {
-  v: string;
-  c: string;
-  drv: string;
-  timing: {
-    startTime: Date;
-    durationSeconds: number;
-  };
-}
-
-export function parseEvents(data: unknown): DEvent[] {
-  if (!Array.isArray(data)) {
-    return [];
-  }
-
-  return data.flatMap((event) => {
-    if (
-      event.v === "1" &&
-      (event.c === "BuildFailureResponseEventV1" ||
-        event.c === "BuiltPathResponseEventV1") &&
-      Object.hasOwn(event, "drv") &&
-      typeof event.drv === "string" &&
-      Object.hasOwn(event, "timing") &&
-      typeof event.timing === "object" &&
-      event.timing !== null
-    ) {
-      const timing = event.timing as { [key: string]: unknown };
-
-      if (
-        Object.hasOwn(timing, "startTime") &&
-        typeof timing.startTime === "string" &&
-        Object.hasOwn(timing, "durationSeconds") &&
-        typeof timing.durationSeconds === "number"
-      ) {
-        const date = Date.parse(timing.startTime);
-        if (!Number.isNaN(date)) {
-          return [
-            {
-              v: event.v,
-              c: event.c,
-              drv: event.drv,
-              timing: {
-                startTime: new Date(date),
-                durationSeconds: timing.durationSeconds,
-              },
-            },
-          ];
-        }
-      }
-    }
-
-    return [];
-  });
-}
-
-export async function getRecentEvents(since: Date): Promise<DEvent[]> {
-  const queryParam = encodeURIComponent(since.toISOString());
-
-  const resp = await got
-    .get(
-      `http://unix:/nix/var/determinate/determinate-nixd.socket:/events/recent?since=${queryParam}`,
-      {
-        enableUnixSockets: true,
-      },
-    )
-    .json();
-
-  return parseEvents(resp);
-}
@@ -1,274 +0,0 @@
-import { expect, test } from "vitest";
-import {
-  FailureSummary,
-  getBuildFailures,
-  summarizeFailures,
-} from "./failuresummary.js";
-
-/* eslint-disable @typescript-eslint/no-non-null-assertion */
-
-test("Select for failure events", () => {
-  const events = [
-    {
-      v: "1",
-      c: "BuildFailureResponseEventV1",
-      drv: `/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv`,
-      timing: {
-        startTime: new Date(1 * 1000),
-        durationSeconds: 1,
-      },
-    },
-    {
-      v: "1",
-      c: "BuiltPathResponseEventV1",
-      drv: `/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-2.drv`,
-      timing: {
-        startTime: new Date(2 * 1000),
-        durationSeconds: 2,
-      },
-    },
-    {
-      v: "1",
-      c: "BuildFailureResponseEventV1",
-      drv: `/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv`,
-      timing: {
-        startTime: new Date(3 * 1000),
-        durationSeconds: 3,
-      },
-    },
-  ];
-
-  expect(getBuildFailures(events)).toStrictEqual([
-    {
-      v: "1",
-      c: "BuildFailureResponseEventV1",
-      drv: `/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv`,
-      timing: {
-        startTime: new Date(1 * 1000),
-        durationSeconds: 1,
-      },
-    },
-    {
-      v: "1",
-      c: "BuildFailureResponseEventV1",
-      drv: `/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv`,
-      timing: {
-        startTime: new Date(3 * 1000),
-        durationSeconds: 3,
-      },
-    },
-  ]);
-});
-
-test("Summarize Failures", async () => {
-  const events = [
-    {
-      v: "1",
-      c: "BuildFailureResponseEventV1",
-      drv: `/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv`,
-      timing: {
-        startTime: new Date(1 * 1000),
-        durationSeconds: 1,
-      },
-    },
-    {
-      v: "1",
-      c: "BuiltPathResponseEventV1",
-      drv: `/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-2.drv`,
-      timing: {
-        startTime: new Date(2 * 1000),
-        durationSeconds: 2,
-      },
-    },
-    {
-      v: "1",
-      c: "BuildFailureResponseEventV1",
-      drv: `/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv`,
-      timing: {
-        startTime: new Date(3 * 1000),
-        durationSeconds: 3,
-      },
-    },
-  ];
-
-  const logMaker = async (drv: string): Promise<string | undefined> => {
-    if (drv.includes("dep-1")) {
-      return `${drv}\n`.repeat(9).trimEnd();
-    } else {
-      return `${drv}\n`.repeat(25).trimEnd();
-    }
-  };
-
-  const summary: FailureSummary = (await summarizeFailures(events, logMaker))!;
-
-  expect(summary.markdownLines.join("\n"))
-    .toStrictEqual(`### Build error review :boom:
-> [!NOTE]
-> 2 builds failed
-<details><summary>Failure log: <code>/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-<strong>dep-1</strong>.drv</code></summary>
-
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-
-</details>
-
-<details><summary>Failure log: <code>/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-<strong>dep-3</strong>.drv</code></summary>
-
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-
-</details>
-`);
-
-  expect(summary.logLines.join("\n"))
-    .toStrictEqual(`\u001b[38;2;255;0;0mBuild logs from 2 failures
-The following build logs are also available in the Markdown summary:
-::group::Failed build: /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-::endgroup::
-::group::Failed build: /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-::endgroup::`);
-});
-
-test("Omit some logs if there are too many", async () => {
-  const events = [
-    {
-      v: "1",
-      c: "BuildFailureResponseEventV1",
-      drv: `/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv`,
-      timing: {
-        startTime: new Date(1 * 1000),
-        durationSeconds: 1,
-      },
-    },
-    {
-      v: "1",
-      c: "BuiltPathResponseEventV1",
-      drv: `/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-2.drv`,
-      timing: {
-        startTime: new Date(2 * 1000),
-        durationSeconds: 2,
-      },
-    },
-    {
-      v: "1",
-      c: "BuildFailureResponseEventV1",
-      drv: `/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv`,
-      timing: {
-        startTime: new Date(3 * 1000),
-        durationSeconds: 3,
-      },
-    },
-  ];
-
-  const logMaker = async (drv: string): Promise<string | undefined> => {
-    return `${drv}\n`.repeat(5).trimEnd();
-  };
-
-  const summary: FailureSummary = (await summarizeFailures(
-    events,
-    logMaker,
-    500,
-  ))!;
-
-  expect(summary.markdownLines.join("\n"))
-    .toStrictEqual(`### Build error review :boom:
-> [!NOTE]
-> 2 builds failed
-<details><summary>Failure log: <code>/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-<strong>dep-1</strong>.drv</code></summary>
-
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-
-</details>
-
-> [!NOTE]
-> The following failure has been ommitted due to GitHub Actions summary length limitations.
-> The full logs are available in the post-run phase of the Nix Installer Action.
-> * \`/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv\``);
-
-  expect(summary.logLines.join("\n"))
-    .toStrictEqual(`\u001b[38;2;255;0;0mBuild logs from 2 failures
-The following build logs are also available in the Markdown summary:
-::group::Failed build: /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv
-::endgroup::
-The following build logs are NOT available in the Markdown summary:
-::group::Failed build: /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-    /nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-3.drv
-::endgroup::`);
-});
@@ -1,123 +0,0 @@
-import { getExecOutput } from "@actions/exec";
-import { DEvent } from "./events.js";
-import { stripVTControlCharacters } from "node:util";
-
-// CI summaries have a max length of "1024k" which I assume to be 1048576 bytes.
-// Generously, the mermaid doc is about 50,000 bytes.
-// Rounding it all down a bit further for wiggle room, that leaves lots of log space.
-const defaultMaxSummaryLength = 995_000;
-
-export function getBuildFailures(events: DEvent[]): DEvent[] {
-  return events.filter((event: DEvent): Boolean => {
-    return event.c === "BuildFailureResponseEventV1";
-  });
-}
-
-export interface FailureSummary {
-  logLines: string[];
-  markdownLines: string[];
-}
-
-export async function summarizeFailures(
-  events: DEvent[],
-  getLog: (drv: string) => Promise<string | undefined> = getLogFromNix,
-  maxLength: number = defaultMaxSummaryLength,
-): Promise<FailureSummary | undefined> {
-  const failures = getBuildFailures(events);
-
-  if (failures.length === 0) {
-    return undefined;
-  }
-
-  const logLines = [];
-  const markdownLines = [];
-
-  logLines.push(
-    `\u001b[38;2;255;0;0mBuild logs from ${failures.length} failure${failures.length === 1 ? "" : "s"}`,
-  );
-  logLines.push(
-    `The following build logs are also available in the Markdown summary:`,
-  );
-  markdownLines.push(`### Build error review :boom:`);
-  markdownLines.push("> [!NOTE]");
-  markdownLines.push(
-    `> ${failures.length} build${failures.length === 1 ? "" : "s"} failed`,
-  );
-
-  const markdownLogChunks: {
-    drv: string;
-    txtLines: string[];
-    mdLines: string[];
-  }[] = [];
-  for (const event of failures) {
-    const markdownLogChunk = [];
-    const txtLogChunk = [];
-    txtLogChunk.push(`::group::Failed build: ${event.drv}`);
-
-    const log =
-      (await getLog(event.drv)) ??
-      "(failure reading the log for this derivation.)";
-    const indented = log.split("\n").map((line) => `    ${line}`);
-
-    markdownLogChunk.push(
-      `<details><summary>Failure log: <code>${event.drv.replace(/^(\/nix[^-]*-)(.*)(\.drv)$/, "$1<strong>$2</strong>$3")}</code></summary>`,
-    );
-    markdownLogChunk.push("");
-
-    for (const line of indented) {
-      txtLogChunk.push(line);
-      markdownLogChunk.push(stripVTControlCharacters(line));
-    }
-    markdownLogChunk.push("");
-    markdownLogChunk.push("</details>");
-    markdownLogChunk.push("");
-
-    markdownLogChunks.push({
-      drv: event.drv,
-      mdLines: markdownLogChunk,
-      txtLines: txtLogChunk,
-    });
-    txtLogChunk.push(`::endgroup::`);
-  }
-
-  const skippedChunks = [];
-
-  // Add markdown log chunks until we exceed the max length
-  let markdownLength = markdownLines.join("\n").length;
-  for (const chunk of markdownLogChunks) {
-    const chunkLength = chunk.mdLines.join("\n").length;
-    if (markdownLength + chunkLength > maxLength) {
-      skippedChunks.push(chunk);
-    } else {
-      logLines.push(...chunk.txtLines);
-      markdownLines.push(...chunk.mdLines);
-      markdownLength += chunkLength;
-    }
-  }
-
-  if (skippedChunks.length > 0) {
-    markdownLines.push(
-      "> [!NOTE]",
-      `> The following ${skippedChunks.length === 1 ? "failure has" : "failures have"} been ommitted due to GitHub Actions summary length limitations.`,
-      "> The full logs are available in the post-run phase of the Nix Installer Action.",
-    );
-
-    logLines.push(
-      "The following build logs are NOT available in the Markdown summary:",
-    );
-    for (const chunk of skippedChunks) {
-      markdownLines.push(`> * \`${chunk.drv}\``);
-      logLines.push(...chunk.txtLines);
-    }
-  }
-
-  return { logLines, markdownLines };
-}
-
-async function getLogFromNix(drv: string): Promise<string | undefined> {
-  const output = await getExecOutput("nix", ["log", drv], {
-    silent: true,
-  });
-
-  return output.stdout;
-}
@@ -1,38 +0,0 @@
-import { getExecOutput } from "@actions/exec";
-
-export interface Mismatch {
-  readonly derivation: string;
-  readonly replacement: string;
-}
-
-export interface Fix {
-  readonly line: number;
-  readonly found: string;
-  readonly mismatches: readonly Mismatch[];
-}
-
-export interface FileFix {
-  readonly file: string;
-  readonly fixes: readonly Fix[];
-}
-
-export interface FixHashesOutputV1 {
-  readonly version: "v1";
-  readonly files: readonly FileFix[];
-}
-
-export async function getFixHashes(since: string): Promise<FixHashesOutputV1> {
-  const output = await getExecOutput(
-    "determinate-nixd",
-    ["fix", "hashes", "--json", "--since", since],
-    { silent: true },
-  );
-
-  if (output.exitCode !== 0) {
-    throw new Error(
-      `determinate-nixd fix hashes returned non-zero exit code ${output.exitCode} with the following error output:\n${output.stderr}`,
-    );
-  }
-
-  return JSON.parse(output.stdout);
-}
@@ -1,7 +1,6 @@
 import * as actionsCore from "@actions/core";
 import * as actionsExec from "@actions/exec";
-import * as github from "@actions/github";
-import { access, readFile, stat } from "node:fs/promises";
+import { access, open, readFile, stat } from "node:fs/promises";
 import { join } from "node:path";
 import fs from "node:fs";
 import { userInfo } from "node:os";
@@ -11,11 +10,7 @@ import { DetSysAction, inputs, platform, stringifyError } from "detsys-ts";
 import { randomUUID } from "node:crypto";
 import got from "got";
 import { setTimeout } from "node:timers/promises";
-import { getFixHashes } from "./fixHashes.js";
-import { annotateMismatches } from "./annotate.js";
-import { getRecentEvents } from "./events.js";
-import { makeMermaidReport } from "./mermaid.js";
-import { summarizeFailures } from "./failuresummary.js";
+import { SpawnOptions, spawn } from "node:child_process";

 // Nix installation events
 const EVENT_INSTALL_NIX_FAILURE = "install_nix_failure";
@@ -33,10 +28,6 @@ const EVENT_LOGIN_TO_FLAKEHUB = "login_to_flakehub";

 // Other events
 const EVENT_CONCLUDE_JOB = "conclude_job";
-const EVENT_FOD_ANNOTATE = "fod_annotate";
-
-// Feature flag names
-const FEAT_ANNOTATIONS = "hash-mismatch-annotations";

 // Facts
 const FACT_DETERMINATE_NIX = "determinate_nix";
@@ -50,7 +41,8 @@ const FACT_NIX_INSTALLER_PLANNER = "nix_installer_planner";
 const FLAG_DETERMINATE = "--determinate";

 // Pre/post state keys
-const STATE_START_DATETIME = "DETERMINATE_NIXD_START_DATETIME";
+const STATE_EVENT_LOG = "DETERMINATE_NIXD_EVENT_LOG";
+const STATE_EVENT_PID = "DETERMINATE_NIXD_EVENT_PID";

 class NixInstallerAction extends DetSysAction {
  determinate: boolean;
@@ -134,20 +126,14 @@ class NixInstallerAction extends DetSysAction {
    await this.scienceDebugFly();
    await this.detectAndForceDockerShim();
    await this.install();
-    actionsCore.saveState(STATE_START_DATETIME, new Date().toISOString());
+    await this.spewEventLog();
  }

  async post(): Promise<void> {
-    await this.annotateMismatches();
-    try {
-      await this.summarizeExecution();
-    } catch (err: unknown) {
-      this.recordEvent("summarize-execution:error", {
-        exception: stringifyError(err),
-      });
-    }
    await this.cleanupDockerShim();
    await this.reportOverall();
+    await this.slurpEventLog();
+    await this.cleanupLogger();
  }

  private get isMacOS(): boolean {
@@ -888,46 +874,6 @@ class NixInstallerAction extends DetSysAction {
    }
  }

-  async summarizeExecution(): Promise<void> {
-    const startDate = new Date(actionsCore.getState(STATE_START_DATETIME));
-    const events = await getRecentEvents(startDate);
-
-    const mermaidSummary = makeMermaidReport(events);
-    const failureSummary = await summarizeFailures(events);
-
-    if (mermaidSummary || failureSummary) {
-      actionsCore.summary.addRaw(
-        `## ![](https://avatars.githubusercontent.com/u/80991770?s=30) Determinate Nix build summary`,
-        true,
-      );
-      actionsCore.summary.addRaw("\n", true);
-    }
-
-    if (mermaidSummary !== undefined) {
-      actionsCore.summary.addRaw(mermaidSummary, true);
-      actionsCore.summary.addRaw("\n", true);
-    }
-
-    if (failureSummary !== undefined) {
-      for (const logLine of failureSummary.logLines) {
-        actionsCore.info(logLine);
-      }
-
-      actionsCore.summary.addRaw(failureSummary.markdownLines.join("\n"), true);
-      actionsCore.summary.addRaw("\n", true);
-    }
-
-    if (mermaidSummary || failureSummary) {
-      actionsCore.summary.addRaw("---", true);
-      actionsCore.summary.addRaw(
-        `_Please let us know what you think about this summary on the [Determinate Systems Discord](https://determinate.systems/discord)._`,
-        true,
-      );
-      actionsCore.summary.addRaw("\n", true);
-      await actionsCore.summary.write();
-    }
-  }
-
  async cleanupDockerShim(): Promise<void> {
    const containerId = actionsCore.getState("docker_shim_container_id");

@@ -990,42 +936,22 @@ class NixInstallerAction extends DetSysAction {
  }

  async flakehubLogin(): Promise<void> {
-    const canLogin =
+    if (
      process.env["ACTIONS_ID_TOKEN_REQUEST_URL"] &&
-      process.env["ACTIONS_ID_TOKEN_REQUEST_TOKEN"];
-
-    if (!canLogin) {
-      const pr = github.context.payload.pull_request;
-      const base = pr?.base?.repo?.full_name;
-      const head = pr?.head?.repo?.full_name;
-
-      if (pr && base !== head) {
-        actionsCore.info(
-          `Not logging in to FlakeHub: GitHub Actions does not allow OIDC authentication from forked repositories ("${head}" is not the same repository as "${base}").`,
-        );
-        return;
+      process.env["ACTIONS_ID_TOKEN_REQUEST_TOKEN"]
+    ) {
+      actionsCore.startGroup("Logging in to FlakeHub");
+      this.recordEvent(EVENT_LOGIN_TO_FLAKEHUB);
+      try {
+        await actionsExec.exec(`determinate-nixd`, ["login", "github-action"]);
+      } catch (e: unknown) {
+        actionsCore.warning(`FlakeHub Login failure: ${stringifyError(e)}`);
+        this.recordEvent("flakehub-login:failure", {
+          exception: stringifyError(e),
+        });
      }
-
-      actionsCore.info(
-        `Not logging in to FlakeHub: GitHub Actions has not provided OIDC token endpoints; please make sure that \`id-token: write\` and \`contents: read\` are set for this step's (or job's) permissions.`,
-      );
-      actionsCore.info(
-        `For more information, see https://docs.determinate.systems/guides/github-actions/#nix-installer-action`,
-      );
-      return;
+      actionsCore.endGroup();
    }
-
-    actionsCore.startGroup("Logging in to FlakeHub");
-    this.recordEvent(EVENT_LOGIN_TO_FLAKEHUB);
-    try {
-      await actionsExec.exec(`determinate-nixd`, ["login", "github-action"]);
-    } catch (e: unknown) {
-      actionsCore.warning(`FlakeHub Login failure: ${stringifyError(e)}`);
-      this.recordEvent("flakehub-login:failure", {
-        exception: stringifyError(e),
-      });
-    }
-    actionsCore.endGroup();
  }

  async executeUninstall(): Promise<number> {
@@ -1053,36 +979,9 @@ class NixInstallerAction extends DetSysAction {
    try {
      await access(receiptPath);
      // There is a /nix/receipt.json
-      actionsCore.info(
-        "\u001b[32m Nix is already installed: found /nix/receipt.json \u001b[33m",
-      );
      return true;
    } catch {
      // No /nix/receipt.json
-    }
-
-    try {
-      const exitCode = await actionsExec.exec("nix", ["--version"], {});
-
-      if (exitCode === 0) {
-        actionsCore.info(
-          "\u001b[32m Nix is already installed: `nix --version` exited 0 \u001b[33m",
-        );
-        // Working existing installation of `nix` available, possibly a self-hosted runner
-        return true;
-      }
-    } catch {
-      // nix --version was not successful
-    }
-
-    return false;
-  }
-
-  private async canAccessKvm(): Promise<boolean> {
-    try {
-      await access("/dev/kvm", fs.constants.R_OK | fs.constants.W_OK);
-      return true;
-    } catch {
      return false;
    }
  }
@@ -1093,12 +992,6 @@ class NixInstallerAction extends DetSysAction {
    const isRoot = currentUser.uid === 0;
    const maybeSudo = isRoot ? "" : "sudo";

-    // First check to see whether the current user can open the KVM device node
-    if (await this.canAccessKvm()) {
-      return true;
-    }
-
-    // The current user can't access KVM, so try adding a udev rule to allow access to all users and groups
    const kvmRules = "/etc/udev/rules.d/99-determinate-nix-installer-kvm.rules";
    try {
      const writeFileExitCode = await actionsExec.exec(
@@ -1220,39 +1113,206 @@ class NixInstallerAction extends DetSysAction {
    }
  }

-  private async annotateMismatches(): Promise<void> {
+  private async spewEventLog(): Promise<void> {
    if (!this.determinate) {
      return;
    }

-    const active = this.getFeature(FEAT_ANNOTATIONS)?.variant;
-    if (!active) {
-      actionsCore.debug("The annotations feature is disabled for this run");
+    const logfile = this.getTemporaryName();
+    actionsCore.saveState(STATE_EVENT_LOG, logfile);
+    const stdout = await open(logfile, "a");
+    const stderr = await open(`${logfile}.stderr`, "a");
+
+    actionsCore.debug(`Event log: ${logfile}`);
+
+    const opts: SpawnOptions = {
+      stdio: ["ignore", stdout.fd, stderr.fd],
+      detached: true,
+    };
+
+    // Start the server. Once it is ready, it will notify us via the notification server.
+    const daemon = spawn(
+      "curl",
+      [
+        "--no-buffer",
+        "--unix-socket",
+        "/nix/var/determinate/determinate-nixd.socket",
+        "http://localhost/events",
+      ],
+      opts,
+    );
+
+    actionsCore.saveState(STATE_EVENT_PID, daemon.pid);
+    daemon.unref();
+
+    // Wait a tick in the event loop in order for curl to actually be running
+    await Promise.resolve();
+
+    try {
+      await stdout.close();
+    } catch (error) {
+      actionsCore.info(`Could not close curl's stdout: ${error}`);
+    }
+
+    try {
+      await stderr.close();
+    } catch (error) {
+      actionsCore.info(`Could not close curl's stderr: ${error}`);
+    }
+  }
+
+  private async slurpEventLog(): Promise<void> {
+    if (!this.determinate) {
      return;
    }

    try {
-      actionsCore.debug("Getting hash fixes from determinate-nixd");
+      const logPath = actionsCore.getState(STATE_EVENT_LOG);
+      const events = await readMismatchEvents(logPath);

-      const since = actionsCore.getState(STATE_START_DATETIME);
-      const mismatches = await getFixHashes(since);
-      if (mismatches.version !== "v1") {
-        throw new Error(
-          `Unsupported \`determinate-nixd fix hashes\` output (got ${mismatches.version}, expected v1)`,
-        );
+      // No point doing any more work if there are no mismatch events
+      if (events.length === 0) {
+        actionsCore.debug("No hash mismatches found.");
+        return;
      }

-      actionsCore.debug("Annotating mismatches");
-      const count = annotateMismatches(mismatches);
-      this.recordEvent(EVENT_FOD_ANNOTATE, { count });
+      const listing = await getFileListing();
+
+      // For each file, search for potentially bad hashes
+      for (const file of listing) {
+        const text = await readFile(file, "utf-8");
+        const lines = text.split("\n");
+
+        for (const [index, line] of lines.entries()) {
+          const lineNumber = index + 1;
+
+          for (const event of events) {
+            const match = line.match(event.search);
+            if (!match) {
+              continue;
+            }
+
+            // Allegedly, match.index is optional, so default to 0
+            const column = (match.index ?? 0) + 1;
+
+            actionsCore.error(`This derivation's hash is \`${event.good}\``, {
+              title: "Determinate Nix detected an incorrect dependency hash.",
+              file,
+              startLine: lineNumber,
+              startColumn: column,
+            });
+          }
+        }
+      }
    } catch (error) {
      // Don't hard fail the action if something exploded; this feature is only a nice-to-have
-      actionsCore.warning(`Could not consume hash mismatch events: ${error}`);
-      this.recordEvent("annotation-mismatch-execution:error", {
-        exception: stringifyError(error),
-      });
+      actionsCore.warning(`Could not consume hash mismatch logs: ${error}`);
    }
  }
+
+  async cleanupLogger(): Promise<void> {
+    const rawPid = actionsCore.getState(STATE_EVENT_PID);
+    const pid = Number(rawPid);
+
+    try {
+      process.kill(pid);
+    } catch (error) {
+      actionsCore.info(`Could not kill pid ${rawPid}: ${error}`);
+    }
+  }
+}
+
+// Fields we're interested in from the source event
+interface MismatchSourceEvent {
+  readonly drv: string;
+  readonly good: string;
+  readonly bad: readonly string[];
+}
+
+// Our augmented event with the RegExp to match against the bad hashes
+interface MismatchEvent extends MismatchSourceEvent {
+  readonly search: RegExp;
+}
+
+async function readMismatchEvents(logPath: string): Promise<MismatchEvent[]> {
+  const prefix = "data: ";
+
+  // Used to deduplicate events (see below)
+  const memo = new Set<string>();
+
+  const events = (await readFile(logPath, "utf-8"))
+    .split(/\n/)
+    .filter((line) => line.startsWith(prefix))
+    .map((line) => {
+      // Note: this currently assumes that all events being ingested are mismatches
+      const json = line.slice(prefix.length);
+      const source = JSON.parse(json) as MismatchSourceEvent;
+
+      // Construct a regular expression to search for any of the hash patterns
+      // (do it here to avoid creating RegExp objects in a loop below)
+      const search = new RegExp(
+        source.bad.map((s) => s.replace(/[+]/g, (ch) => `\\${ch}`)).join("|"),
+      );
+
+      return {
+        ...source,
+        search,
+      } satisfies MismatchEvent;
+    })
+    .filter((event) => {
+      // Deduplicate based on the derivation's store path and list of bad hashes.
+      const key = [event.drv, ...event.bad].join("\0");
+      if (memo.has(key)) {
+        false;
+      }
+
+      memo.add(key);
+      return true;
+    });
+
+  return events;
+}
+
+// Get the list of files with potential hash mismatches (limited currently to *.{nix,json,toml})
+async function getFileListing(): Promise<readonly string[]> {
+  return new Promise((resolve, reject) => {
+    const chunks: Buffer[] = [];
+    let length = 0;
+
+    const child = spawn(
+      "git",
+      ["ls-files", "-z", "*.nix", "*.json", "*.toml"],
+      {
+        stdio: ["ignore", "pipe", "inherit"],
+      },
+    );
+
+    child.stdout.on("data", (chunk: Buffer) => {
+      chunks.push(chunk);
+      length += chunk.length;
+    });
+
+    child.stdout.on("end", () => {
+      const lines = Buffer.concat(chunks, length)
+        .toString("utf-8")
+        .replace(/\0$/, "")
+        .split(/\0/);
+
+      resolve(lines);
+    });
+
+    child.stdout.on("error", reject);
+
+    child.on("error", reject);
+    child.on("exit", (code, signal) => {
+      // We should consider rejecting the promise here
+      if (code !== 0) {
+        actionsCore.warning(
+          `git ls-files exited suspiciously code=${code}; signal=${signal}`,
+        );
+      }
+    });
+  });
 }

 type ExecuteEnvironment = {
@@ -1,171 +0,0 @@
-import { mermaidify, makeMermaidReport } from "./mermaid.js";
-import { DEvent, parseEvents } from "./events.js";
-import { expect, test } from "vitest";
-
-/* eslint-disable @typescript-eslint/no-non-null-assertion */
-
-function generateEvents(count: number): DEvent[] {
-  const events: DEvent[] = [];
-
-  for (let i = 0; i < count; i++) {
-    events.push({
-      v: "1",
-      c: "BuiltPathResponseEventV1",
-      drv: `/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-${i}.drv`,
-      timing: {
-        startTime: new Date(i * 1000),
-        durationSeconds: i,
-      },
-    });
-  }
-
-  return events;
-}
-
-test("Create a very large report doc and make sure it is small enough", () => {
-  {
-    const report = makeMermaidReport(generateEvents(2000))!;
-
-    // Assert the `.drv` suffix was pruned (1 reference = the NOTE at the end)
-    expect(report.match(/\.drv/g)!.length).equals(1);
-
-    // Assert the `/nix/store` prefix was pruned (1 reference = the NOTE at the end)
-    expect(report.match(/\/nix\/store\//g)!.length).equals(1);
-
-    // Assert that some events were pruned
-    expect(report.match(/dep-/g)!.length).lessThan(2000);
-    expect(report.match(/dep-/g)!.length).greaterThan(1500);
-
-    expect(report).toContain("suffix, and builds that took less than 3");
-
-    expect(report.length).lessThan(50200);
-    expect(report.length).greaterThan(49000);
-  }
-});
-
-test("Create a medium large report doc and make sure it is small enough", () => {
-  {
-    const eventCount = 675;
-    const report = makeMermaidReport(generateEvents(eventCount))!;
-
-    // Assert the `.drv` suffix was pruned (1 reference = the NOTE at the end)
-    expect(report.match(/\.drv/g)!.length).equals(1);
-
-    // Assert the `/nix/store` prefix was pruned (1 reference = the NOTE at the end)
-    expect(report.match(/\/nix\/store\//g)!.length).equals(1);
-
-    // Assert that no lines were pruned
-    expect(report.match(/dep-/g)!.length).toStrictEqual(eventCount);
-
-    expect(report).toContain(
-      "suffixes have been removed to make the graph small enough to render",
-    );
-
-    expect(report.length).lessThan(50200);
-    expect(report.length).greaterThan(18000);
-  }
-});
-
-test("Create a small report doc and make sure it isn't pruned", () => {
-  {
-    const report = makeMermaidReport(generateEvents(100))!;
-
-    // Assert 100 events have the `.drv` suffix, ie: were not pruned
-    expect(report.match(/\.drv/g)!.length).equals(100);
-
-    // Assert 100 events have the `.drv` suffix, ie: were not pruned
-    expect(report.match(/\/nix\/store\//g)!.length).equals(100);
-
-    expect(report.length).lessThan(50000);
-  }
-});
-
-test("Generate a really big report and shrink it", () => {
-  const events = generateEvents(1000);
-
-  const originalLength = mermaidify(events, -1)!.length;
-  const limitedLengthZero = mermaidify(events, 0)!.length;
-  const limitedLengthOne = mermaidify(events, 1)!.length;
-  const limitedLengthTwo = mermaidify(events, 2)!.length;
-
-  expect(originalLength).greaterThan(limitedLengthZero);
-  expect(limitedLengthZero).greaterThan(limitedLengthOne);
-  expect(limitedLengthOne).greaterThan(limitedLengthTwo);
-});
-
-test("Generate a rough report of various length", () => {
-  const events = parseEvents([
-    {
-      v: "1",
-      c: "BuiltPathResponseEventV1",
-      drv: "/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-0.drv",
-      outputs: ["/nix/store/qwlgz5da3pfb53gqpgdmazaj9jczrnly-dep-0"],
-      timing: {
-        startTime: "2025-04-11T14:38:02Z",
-        stopTime: "2025-04-11T14:38:05Z",
-        durationSeconds: 0,
-      },
-    },
-    {
-      v: "1",
-      c: "BuiltPathResponseEventV1",
-      drv: "/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv",
-      outputs: ["/nix/store/qwlgz5da3pfb53gqpgdmazaj9jczrnly-dep-1"],
-      timing: {
-        startTime: "2025-04-11T14:38:02Z",
-        stopTime: "2025-04-11T14:38:05Z",
-        durationSeconds: 1,
-      },
-    },
-    {
-      v: "1",
-      c: "BuiltPathResponseEventV1",
-      drv: "/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-2.drv",
-      outputs: ["/nix/store/qwlgz5da3pfb53gqpgdmazaj9jczrnly-dep-2"],
-      timing: {
-        startTime: "2025-04-11T14:38:02Z",
-        stopTime: "2025-04-11T14:38:05Z",
-        durationSeconds: 2,
-      },
-    },
-    {
-      v: "1",
-      c: "BuildFailureResponseEventV1",
-      drv: "/nix/store/ykvbksjqrza2zpj6nkbycrdfwgfdpr8g-hash-mismatch-md5-base16.drv",
-      timing: {
-        startTime: "2025-04-11T14:38:05Z",
-        stopTime: "2025-04-11T14:38:09Z",
-        durationSeconds: 4,
-      },
-    },
-  ]);
-
-  expect(mermaidify(events, -1)).toStrictEqual(`\`\`\`mermaid
-gantt
-    dateFormat X
-    axisFormat %Mm%Ss
-/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-0.drv (0s):d, 0, 0s
-/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-1.drv (1s):d, 0, 1s
-/nix/store/rz9hrpay90sjrid5hx3x8v606ji679xa-dep-2.drv (2s):d, 0, 2s
-/nix/store/ykvbksjqrza2zpj6nkbycrdfwgfdpr8g-hash-mismatch-md5-base16.drv (4s):crit, 3, 4s
-\`\`\``);
-
-  expect(mermaidify(events, 0)).toStrictEqual(`\`\`\`mermaid
-gantt
-    dateFormat X
-    axisFormat %Mm%Ss
-dep-0 (0s):d, 0, 0s
-dep-1 (1s):d, 0, 1s
-dep-2 (2s):d, 0, 2s
-hash-mismatch-md5-base16 (4s):crit, 3, 4s
-\`\`\``);
-
-  expect(mermaidify(events, 1)).toStrictEqual(`\`\`\`mermaid
-gantt
-    dateFormat X
-    axisFormat %Mm%Ss
-dep-1 (1s):d, 0, 1s
-dep-2 (2s):d, 0, 2s
-hash-mismatch-md5-base16 (4s):crit, 3, 4s
-\`\`\``);
-});
@@ -1,90 +0,0 @@
-import { DEvent } from "./events.js";
-import { truncateDerivation } from "./util.js";
-
-export function makeMermaidReport(events: DEvent[]): string | undefined {
-  // # 50k is the max: https://github.com/mermaid-js/mermaid/blob/c269dc822c528e1afbde34e18a1cad03d972d4fe/src/defaultConfig.js#L55
-  const maxLength = 49900;
-  let mermaid = "";
-  let pruneLevel = -2;
-
-  do {
-    pruneLevel += 1;
-    mermaid = mermaidify(events, pruneLevel) ?? "";
-  } while (mermaid.length > maxLength);
-
-  if (mermaid === undefined) {
-    return undefined;
-  }
-
-  const lines = [
-    "<details open><summary><strong>Build timeline</strong> :hourglass_flowing_sand:</summary>",
-    "", // load bearing whitespace, deleting it breaks the details expander / markdown
-    mermaid,
-    "", // load bearing whitespace, deleting it breaks the details expander / markdown
-  ];
-
-  if (pruneLevel === 0) {
-    lines.push("> [!NOTE]");
-    lines.push(
-      "> `/nix/store/[hash]` and the `.drv` suffixes have been removed to make the graph small enough to render.",
-    );
-  } else if (pruneLevel > 0) {
-    lines.push("> [!NOTE]");
-    lines.push(
-      `> \`/nix/store/[hash]\`, the \`.drv\` suffix, and builds that took less than ${pruneLevel}s have been removed to make the graph small enough to render.`,
-    );
-  }
-
-  lines.push(""); // load bearing whitespace, deleting it breaks the details expander / markdown
-  lines.push("</details>");
-
-  return lines.join("\n");
-}
-
-export function mermaidify(
-  allEvents: DEvent[],
-  pruneLevel: number,
-): string | undefined {
-  const events = allEvents
-    .filter(
-      (event) =>
-        event.c === "BuiltPathResponseEventV1" ||
-        event.c === "BuildFailureResponseEventV1",
-    )
-    .sort(
-      (a, b) => a.timing.startTime.getTime() - b.timing.startTime.getTime(),
-    );
-
-  const firstEvent = events.at(0);
-  if (firstEvent === undefined) {
-    return undefined;
-  }
-
-  const zeroMoment = firstEvent.timing.startTime.getTime();
-
-  const lines = [
-    "```mermaid",
-    "gantt",
-    "    dateFormat X",
-    "    axisFormat %Mm%Ss",
-  ];
-
-  for (const event of events) {
-    const duration = event.timing.durationSeconds;
-    if (duration < pruneLevel) {
-      continue;
-    }
-
-    const label = pruneLevel >= 0 ? truncateDerivation(event.drv) : event.drv;
-    const tag = event.c === "BuildFailureResponseEventV1" ? "crit" : "d";
-    const relativeStartTime =
-      (event.timing.startTime.getTime() - zeroMoment) / 1000;
-
-    lines.push(
-      `${label} (${duration}s):${tag}, ${relativeStartTime}, ${duration}s`,
-    );
-  }
-  lines.push("```");
-
-  return lines.join("\n");
-}
@@ -1,3 +0,0 @@
-export function truncateDerivation(drv: string): string {
-  return drv.replace(/^\/nix\/store\/[a-z0-9]+-/, "").replace(/\.drv$/, "");
-}
@@ -1,6 +1,6 @@
 {
  "compilerOptions": {
-    "target": "ES2022" /* Specify ECMAScript target version: 'ES3' (default), 'ES5', 'ES2015', 'ES2016', 'ES2017', 'ES2018', 'ES2019' or 'ESNEXT'. */,
+    "target": "ES2020" /* Specify ECMAScript target version: 'ES3' (default), 'ES5', 'ES2015', 'ES2016', 'ES2017', 'ES2018', 'ES2019' or 'ESNEXT'. */,
    "module": "Node16",
    "moduleResolution": "NodeNext",
    "outDir": "./dist",
@@ -11,5 +11,5 @@
    "resolveJsonModule": true,
    "declaration": true
  },
-  "exclude": ["node_modules", "dist"]
+  "exclude": ["node_modules", "**/*.test.ts", "dist"]
 }
Author	SHA1	Message	Date
gustavderdrache	8d7ad706d3	Don't leak file handles CI / Check the dist/ folder is up to date (push) Failing after 52s CI / Test: ${{ matrix.runner }}${{ matrix.determinate && ' with determinate' \|\| '' }} (true, ubuntu-latest) (push) Failing after 42s	2025-03-28 19:55:52 -04:00
gustavderdrache	871bc2c1eb	Update dist	2025-03-28 19:43:29 -04:00
gustavderdrache	03441dfa7a	Update messaging	2025-03-28 19:42:55 -04:00
gustavderdrache	d58e92bfa1	Downgrade warning to info	2025-03-28 19:42:10 -04:00
gustavderdrache	1eafba6ccb	Use NUL-terminated ls-files output	2025-03-28 19:41:14 -04:00
gustavderdrache	583b0fbb40	Cleanup child processes	2025-03-28 19:38:57 -04:00
gustavderdrache	b433f89383	Escape all the metacharacters	2025-03-28 19:35:42 -04:00
gustavderdrache	b09ec83579	Render hash mismatches as feedback	2025-03-28 18:37:29 -04:00
gustavderdrache	0e85837c7a	prevent breakpoint activation	2025-03-28 18:37:15 -04:00
Graham Christensen	92da2ded77	?	2025-03-28 16:47:54 -04:00
Graham Christensen	651153b0f5	?	2025-03-28 16:42:33 -04:00
Graham Christensen	f632d22519	bep	2025-03-28 16:33:50 -04:00
Graham Christensen	37394bd1c7	?	2025-03-28 16:30:15 -04:00
Graham Christensen	d9d0dababa	?	2025-03-28 16:29:37 -04:00
Graham Christensen	e528e29ddf	beep boop	2025-03-28 16:29:16 -04:00