perf: cut D1 tools-sync runtime via single mise registry --json --security#130
perf: cut D1 tools-sync runtime via single mise registry --json --security#130
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request optimizes the sync-to-d1.js script by reducing the number of external process calls and introducing parallelism. It replaces individual mise tool calls with a single bulk mise registry --json call to retrieve backends and descriptions. Additionally, it implements a concurrent worker pattern to fetch security metadata for multiple tools in parallel, significantly improving the script's execution time. I have no feedback to provide.
Greptile SummaryReplaces 977 sequential Confidence Score: 5/5Safe to merge; the refactor is well-tested with both the fast path and the simulated-older-mise fallback path verified locally. Only P2 findings present. The logic is straightforward — one bulk call replaces many sequential ones — and the alias second-pass and fallback paths are clearly reasoned in comments. No data-loss or correctness issues found. No files require special attention beyond the note about the broad catch block in getRegistryInfo. Important Files Changed
Flowchart%%{init: {'theme': 'neutral'}}%%
flowchart TD
A[main] --> B[getRegistryInfo]
B --> C{mise registry
--json --security}
C -->|success| D[JSON.parse output]
C -->|throws| E[warn: upgrade mise]
E --> F{mise registry
--json fallback}
F -->|success| D
F -->|throws| G[error log
return empty Map]
D --> H[Pass 1: index by short]
H --> I[Pass 2: register aliases]
I --> J[return infoMap]
J --> K[For each TOML file]
K --> L[registryMap.get toolName]
L --> M{has backends?}
M -->|yes| N[buildPackageUrls
buildAquaLink
extractGithubSlug]
M -->|no| O{toolName
has slash?}
N --> O
O -->|yes| P[tool.github = toolName]
O -->|no| Q[no github]
P --> R[apply manualOverrides]
Q --> R
N --> R
R --> S[push to tools array]
S --> T[POST /api/admin/tools/sync]
Reviews (3): Last reviewed commit: "perf: cut D1 tools-sync runtime via sing..." | Re-trigger Greptile |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
jdx
changed the title
|
Both greptile review comments above (the negative- Verified at HEAD: No code change needed. |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit d7f3861. Configure here.
…urity The `Sync tools to D1` step previously shelled out to `mise tool <name> --json` once per tool (977 sequential invocations) just to assemble each tool's GitHub slug, description, and security list. That dominated the step at ~4 of its ~5 min wall time. This PR collapses the whole metadata gather into one mise call: - `mise registry --json --security` (added upstream in mise v2026.4.22 via jdx/mise#9364) returns `{short, backends, description, aliases, security}` for every tool in one JSON array. No per-tool shell-outs, no parallel worker pool, no `MISE_TOOL_CONCURRENCY` env knob. - Falls back to `mise registry --json` (without security) if the installed mise predates the flag, so the rest of the manifest still syncs. Local timing on 978 tools: manifest phase ~30 s end-to-end, vs. ~240 s before any of this work. Code is also dramatically simpler — drops the `getSecurity` / `fetchSecurityMap` worker plumbing and the `execFile` + `promisify` async machinery. Bonus bug fix preserved from the prior version of this PR: the original script read `description` from `mise tool --json`, which almost always returned null. With `mise registry --json` providing descriptions, the count jumps from ~17 tools-with-descriptions to ~975. Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
|
Fixed in
|
1 participant
Summary
mise tool <name> --jsonshell-outs (~4 min) with a singlemise registry --json --securitycall (~30 s end-to-end for the entire manifest phase). The--securityflag landed upstream in mise v2026.4.22 via jdx/mise#9364 and returns backends + description + security in one JSON array.MISE_TOOL_CONCURRENCYenv knob, thegetSecurity/fetchSecurityMapworker pool, and theexecFile+promisifyasync plumbing.mise registry --json(no--security) for any environment running pre-4.22 mise — the rest of the manifest still syncs, just without security info.Why
The
Sync tools to D1step ran for ~5 min every 30 min in the update workflow. Profiling showed ~4 min was spent in 977 sequential mise process spawns just to read each tool'ssecurityarray (and adescriptionthat was almost alwaysnullfrommise tool --json).mise v2026.4.22 exposes everything we need on
mise registry --json --security, so the script no longer has any reason to do per-tool work.Measurement
Local, 978 tools (current registry size):
In CI the relative speedup will be even larger since the previous design paid 977× the process-spawn + mise-startup cost.
Bonus bug fix
The previous code read
descriptionfrommise tool --json, which almost always returnsnull. Pulling descriptions frommise registry --jsoninstead bumps tools-with-descriptions from 17 to 975 locally — purely a side effect of using the right command.Test plan
bun run test— 42 tests passprettier --check+tsc --noEmitclean--security(simulating older mise): warning printed, fallback path runs, manifest still buildsmain— verify D1 sync step duration drops from ~5 min → well under 1 min, andUpserted: ~977 / Errors: 0in the resultNotes
curl https://mise.run | shafter themise-actionstep, so CI will have v2026.4.22+ on every run.mise ls-remote --jsoncall inupdate.sh'sgenerate_toml_file(different rate-limit issue, separate fix).🤖 Generated with Claude Code
Note
Medium Risk
Moderate risk because it changes how tool metadata (backends/description/security) is sourced and relies on
mise registry --json --securityoutput/alias handling; failures would impact the D1 sync payload, though a fallback path is included for oldermise.Overview
Speeds up the D1 tool-manifest build by replacing per-tool
mise tool <name> --jsonshell-outs with a singlemise registry --json --securitycall that providesbackends,description, andsecurityfor all tools at once.Adds a compatibility fallback to
mise registry --jsonwhen--securityis unsupported, and preserves prior alias resolution by mapping registryaliasesto the same metadata entry. Metadata derivation is adjusted to pull GitHub/repo URLs from registrybackends(orowner/repotool names) while keeping manual overrides as highest priority.Reviewed by Cursor Bugbot for commit 6e28e7d. Bugbot is set up for automated code reviews on this repo. Configure here.