fix(build): deterministic provider ordering in generated schema#432
Merged
Conversation
Greptile SummaryAdds a secondary sort by provider name in Confidence Score: 5/5Safe to merge — build-time codegen fix with no runtime impact. The change is a single-line comparator addition with a thorough comment, and the regenerated schema contains no content changes — only reordering. No P0/P1 issues found. No files require special attention. Important Files Changed
Flowchart%%{init: {'theme': 'neutral'}}%%
flowchart TD
A["fs::read_dir(providers/)"] -->|"OS-dependent order"| B["Vec<(name, ProviderToml)>"]
B --> C{"sort_by"}
C -->|"primary key"| D["cat_order(category)"]
D -->|"tie"| E["a.0.cmp(b.0)\n(provider name — NEW)"]
E --> F["Deterministic Vec"]
F --> G["generate_provider_config()"]
G --> H["ProviderConfig enum (Rust)"]
G --> I["docs/public/schema.json"]
Reviews (2): Last reviewed commit: "fix(build): sort providers by name withi..." | Re-trigger Greptile |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Code Review
This pull request improves the determinism of the provider generation process by updating the sorting logic in build/generate_providers.rs. Providers are now sorted by name as a secondary key after category, ensuring consistent output regardless of the underlying filesystem's directory entry order. This change results in a reordering of entries within docs/public/schema.json to maintain a stable schema across different environments. I have no feedback to provide as no review comments were present.
The provider codegen in build/generate_providers.rs sorted providers by category only. Stable sort preserves input order for equal keys, and fs::read_dir returns entries in OS-dependent order, so providers within the same category were ordered by whatever the filesystem produced. That non-determinism flowed into the generated ProviderConfig enum and then into docs/public/schema.json, causing autofix.ci to produce schema diffs that flip 100+ lines back and forth between runs (see #431 where three autofix passes kept reshuffling the same oneOf variants). Add a secondary sort by provider name so within-category ordering is deterministic, and regenerate docs/public/schema.json. Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
jdx
force-pushed
the
fix/deterministic-provider-schema
branch
from
291cd31 to
dcbd331
Compare
Merged
jdx
pushed a commit
that referenced
this pull request
Apr 26, 2026
### 🚀 Features - **(library)** top-level Fnox::discover() / get / list convenience API by [@bglusman](https://github.com/bglusman) in [#442](#442) ### 🐛 Bug Fixes - **(docs)** stack banner and pin close button on mobile by [@jdx](https://github.com/jdx) in [#437](#437) - **(set)** fall back to current provider when updating secrets by [@rpendleton](https://github.com/rpendleton) in [#439](#439) ### 📚 Documentation - **(site)** show release version and github stars by [@jdx](https://github.com/jdx) in [#443](#443) - add cross-site announcement banner by [@jdx](https://github.com/jdx) in [#434](#434) - respect banner expires field by [@jdx](https://github.com/jdx) in [#436](#436) ### 🛡️ Security - **(build)** deterministic provider ordering in generated schema by [@jdx](https://github.com/jdx) in [#432](#432) ### 🔍 Other Changes - **(release)** append en.dev sponsor blurb to release notes by [@jdx](https://github.com/jdx) in [#431](#431) ### 📦️ Dependency Updates - bump communique to 1.0.3 by [@jdx](https://github.com/jdx) in [#435](#435) - bump communique 1.0.3 → 1.0.4 by [@jdx](https://github.com/jdx) in [#438](#438) ### New Contributors - @bglusman made their first contribution in [#442](#442)
Merged
jdx
pushed a commit
that referenced
this pull request
Apr 26, 2026
### 🚀 Features - **(library)** top-level Fnox::discover() / get / list convenience API by [@bglusman](https://github.com/bglusman) in [#442](#442) ### 🐛 Bug Fixes - **(docs)** stack banner and pin close button on mobile by [@jdx](https://github.com/jdx) in [#437](#437) - **(set)** fall back to current provider when updating secrets by [@rpendleton](https://github.com/rpendleton) in [#439](#439) ### 📚 Documentation - **(site)** show release version and github stars by [@jdx](https://github.com/jdx) in [#443](#443) - add cross-site announcement banner by [@jdx](https://github.com/jdx) in [#434](#434) - respect banner expires field by [@jdx](https://github.com/jdx) in [#436](#436) ### 🛡️ Security - **(build)** deterministic provider ordering in generated schema by [@jdx](https://github.com/jdx) in [#432](#432) ### 🔍 Other Changes - **(release)** append en.dev sponsor blurb to release notes by [@jdx](https://github.com/jdx) in [#431](#431) ### 📦️ Dependency Updates - bump communique to 1.0.3 by [@jdx](https://github.com/jdx) in [#435](#435) - bump communique 1.0.3 → 1.0.4 by [@jdx](https://github.com/jdx) in [#438](#438) - bump communique to 1.1.2 by [@jdx](https://github.com/jdx) in [#444](#444) ### New Contributors - @bglusman made their first contribution in [#442](#442)
fullerzz
pushed a commit
to fullerzz/fnox-py
that referenced
this pull request
Apr 26, 2026
## Upstream release Bumps bundled fnox binary from 1.20.0 to 1.22.0. **Release**: https://github.com/jdx/fnox/releases/tag/v1.22.0 ## Release notes v1.22.0 introduces a top-level library API for embedding fnox in Rust applications, and fixes a sharp edge in `fnox set` that could turn an encrypted secret into plaintext. ## Added **Top-level `Fnox` library API** ([#442](jdx/fnox#442)) -- @bglusman Downstream Rust consumers can now use fnox as a library in three lines instead of replicating the internals of `GetCommand::run`: ```rust use fnox::Fnox; let fnox = Fnox::discover()?; // walks up + merges parent + local + global config let value = fnox.get("MY_KEY").await?; let names = fnox.list()?; ``` The new `Fnox` type lives in `src/library.rs` and is re-exported from the crate root. Highlights: - `Fnox::discover()` mirrors the binary's full config-discovery and merge chain via `Config::load_smart`, including the `FNOX_PROFILE` env var. - `Fnox::open(path)` loads an explicit config without the upward-search/merge behavior. - `Fnox::with_profile("staging")` builder for non-default profiles. - `get()` returns `FnoxError::SecretNotFound` with a populated "Did you mean…" suggestion, matching the CLI's UX so callers don't need to recompute it. - `Fnox` is cheap to clone (`Config` is held behind an `Arc`) and safe to hold across `.await`. `set()` is intentionally not part of this first cut; it'll get its own design pass. ## Fixed **`fnox set` no longer silently downgrades encrypted secrets to plaintext** ([#439](jdx/fnox#439)) -- @rpendleton When multiple providers were configured without a `default_provider`, running `fnox set` on an existing secret without `--provider` would write the new value as plaintext while leaving the original `provider = "..."` key in place. The next `fnox get` then failed trying to "decrypt" a value that was no longer encrypted. `fnox set` now reuses the secret's existing provider before falling back to `default_provider` or plaintext, so updates stay encrypted and readable without having to pass `--provider` on every call: ```bash fnox set --provider age MY_SECRET "original-value" # encrypted with age fnox set MY_SECRET "new-value" # still encrypted with age ``` **Deterministic provider ordering in the generated schema** ([#432](jdx/fnox#432)) -- @jdx Within-category provider ordering in `build/generate_providers.rs` was inheriting `fs::read_dir` order, which is OS- and filesystem-dependent. That non-determinism flowed into `docs/public/schema.json` and caused autofix.ci to keep reshuffling 100+ lines between runs. A secondary sort by provider name fixes the churn; running `fnox schema` twice now produces byte-identical output. **Mobile docs banner layout** ([#437](jdx/fnox#437)) -- @jdx At `<=640px` the announcement banner now switches to a column layout with the close button pinned to the top-right corner, instead of cramming the message and "Read more" link onto one squeezed line. ## Changed - Docs site nav now shows the current release version (read from `Cargo.toml` at build time) and a GitHub star count, matching the mise/aube docs ([#443](jdx/fnox#443)) -- @jdx - Added a dismissible cross-site announcement banner that fetches its config from `jdx.dev/banner.json` and respects the `expires` field ([#434](jdx/fnox#434), [#436](jdx/fnox#436)) -- @jdx ## New Contributors * @bglusman made their first contribution in [#442](jdx/fnox#442) **Full Changelog**: jdx/fnox@v1.21.0...v1.22.0 ## 💚 Sponsor fnox fnox is maintained by [@jdx](https://github.com/jdx) under [**en.dev**](https://en.dev) — a small independent studio building developer tooling like [mise](https://mise.jdx.dev/), [aube](https://aube.en.dev/), hk, and more. Keeping fnox secure, maintained, and free is funded by sponsors. If fnox is handling secrets or config for you or your team, please consider [sponsoring at en.dev](https://en.dev). Sponsorships are what let fnox stay independent and the project keep moving. Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
NorthIsUp
pushed a commit
to NorthIsUp/fnox
that referenced
this pull request
Apr 28, 2026
) ## Summary - Providers within a category were ordered by `fs::read_dir` (OS/filesystem-dependent). - That non-determinism flowed into the generated `ProviderConfig` enum and then into [docs/public/schema.json](docs/public/schema.json), causing [autofix.ci](https://github.com/jdx/fnox/blob/main/.github/workflows/autofix.yml) to keep reshuffling 100+ lines between runs. You can see this on [jdx#431](jdx#431) — three autofix passes each re-ordered the same `oneOf` variants without converging. - Adds a secondary sort by provider name in [`build/generate_providers.rs`](build/generate_providers.rs) so within-category ordering is fully deterministic, then regenerates [docs/public/schema.json](docs/public/schema.json) with the stable ordering. ## Root cause ```rust // before — stable sort on category only; within-category order = read_dir order providers.sort_by(|a, b| cat_order(&a.1.category).cmp(&cat_order(&b.1.category))); ``` Stable sort preserves input order on ties, and input order comes from `fs::read_dir`, which is not guaranteed to be sorted. Fix is a secondary `.then_with(|| a.0.cmp(&b.0))` on name. ## Test plan - [x] `mise run render:schema` locally - [x] Running `fnox schema` twice produces byte-identical output - [ ] `autofix.ci` on this PR does not re-touch `docs/public/schema.json` - [ ] Future PRs that don't touch provider definitions should not see schema churn 🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Low risk: only changes provider sorting in a build-time codegen script and regenerates `docs/public/schema.json`; no runtime logic or security-sensitive behavior is modified. > > **Overview** > Ensures provider definitions are loaded in a *fully deterministic* order during schema/code generation by sorting first by category and then by provider name (avoiding OS/filesystem-dependent `read_dir` ordering). > > Regenerates `docs/public/schema.json` so the `ProviderConfig` `oneOf` variants appear in stable order, eliminating cross-machine/CI churn in the generated schema output. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 291cd31. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>
NorthIsUp
pushed a commit
to NorthIsUp/fnox
that referenced
this pull request
Apr 28, 2026
### 🚀 Features - **(library)** top-level Fnox::discover() / get / list convenience API by [@bglusman](https://github.com/bglusman) in [jdx#442](jdx#442) ### 🐛 Bug Fixes - **(docs)** stack banner and pin close button on mobile by [@jdx](https://github.com/jdx) in [jdx#437](jdx#437) - **(set)** fall back to current provider when updating secrets by [@rpendleton](https://github.com/rpendleton) in [jdx#439](jdx#439) ### 📚 Documentation - **(site)** show release version and github stars by [@jdx](https://github.com/jdx) in [jdx#443](jdx#443) - add cross-site announcement banner by [@jdx](https://github.com/jdx) in [jdx#434](jdx#434) - respect banner expires field by [@jdx](https://github.com/jdx) in [jdx#436](jdx#436) ### 🛡️ Security - **(build)** deterministic provider ordering in generated schema by [@jdx](https://github.com/jdx) in [jdx#432](jdx#432) ### 🔍 Other Changes - **(release)** append en.dev sponsor blurb to release notes by [@jdx](https://github.com/jdx) in [jdx#431](jdx#431) ### 📦️ Dependency Updates - bump communique to 1.0.3 by [@jdx](https://github.com/jdx) in [jdx#435](jdx#435) - bump communique 1.0.3 → 1.0.4 by [@jdx](https://github.com/jdx) in [jdx#438](jdx#438) ### New Contributors - @bglusman made their first contribution in [jdx#442](jdx#442)
NorthIsUp
pushed a commit
to NorthIsUp/fnox
that referenced
this pull request
Apr 28, 2026
### 🚀 Features - **(library)** top-level Fnox::discover() / get / list convenience API by [@bglusman](https://github.com/bglusman) in [jdx#442](jdx#442) ### 🐛 Bug Fixes - **(docs)** stack banner and pin close button on mobile by [@jdx](https://github.com/jdx) in [jdx#437](jdx#437) - **(set)** fall back to current provider when updating secrets by [@rpendleton](https://github.com/rpendleton) in [jdx#439](jdx#439) ### 📚 Documentation - **(site)** show release version and github stars by [@jdx](https://github.com/jdx) in [jdx#443](jdx#443) - add cross-site announcement banner by [@jdx](https://github.com/jdx) in [jdx#434](jdx#434) - respect banner expires field by [@jdx](https://github.com/jdx) in [jdx#436](jdx#436) ### 🛡️ Security - **(build)** deterministic provider ordering in generated schema by [@jdx](https://github.com/jdx) in [jdx#432](jdx#432) ### 🔍 Other Changes - **(release)** append en.dev sponsor blurb to release notes by [@jdx](https://github.com/jdx) in [jdx#431](jdx#431) ### 📦️ Dependency Updates - bump communique to 1.0.3 by [@jdx](https://github.com/jdx) in [jdx#435](jdx#435) - bump communique 1.0.3 → 1.0.4 by [@jdx](https://github.com/jdx) in [jdx#438](jdx#438) - bump communique to 1.1.2 by [@jdx](https://github.com/jdx) in [jdx#444](jdx#444) ### New Contributors - @bglusman made their first contribution in [jdx#442](jdx#442)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
fs::read_dir(OS/filesystem-dependent).ProviderConfigenum and then into docs/public/schema.json, causing autofix.ci to keep reshuffling 100+ lines between runs. You can see this on #431 — three autofix passes each re-ordered the sameoneOfvariants without converging.build/generate_providers.rsso within-category ordering is fully deterministic, then regenerates docs/public/schema.json with the stable ordering.Root cause
Stable sort preserves input order on ties, and input order comes from
fs::read_dir, which is not guaranteed to be sorted. Fix is a secondary.then_with(|| a.0.cmp(&b.0))on name.Test plan
mise run render:schemalocallyfnox schematwice produces byte-identical outputautofix.cion this PR does not re-touchdocs/public/schema.json🤖 Generated with Claude Code
Note
Low Risk
Low risk: only changes provider sorting during schema generation to add a name tie-breaker, plus a regenerated
schema.jsonreflecting stable ordering.Overview
Ensures deterministic ordering when generating provider code/schema by sorting providers by category then name (instead of category only), avoiding OS/filesystem-dependent churn.
Regenerates
docs/public/schema.jsonso theProviderConfig.oneOfvariants appear in the new stable order (no semantic schema changes intended).Reviewed by Cursor Bugbot for commit dcbd331. Bugbot is set up for automated code reviews on this repo. Configure here.