chore(core): migrate client protocol to BARE

[NathanFlurry]

Fixes KIT-247

[claude]

Claude finished @NathanFlurry's task —— View job

---

PR Review: chore(core): migrate to BARE

This is a comprehensive migration adding BARE (Binary Application Record Encoding) as a third serialization option alongside JSON and CBOR. The implementation appears well-structured with proper versioning support.

✅ Code Quality & Architecture

Strengths:

• Clean schema definitions in /packages/core/schemas/client-protocol/v1.bare
• Well-architected versioned data handling with migration support
• Proper separation of concerns with dedicated utility packages
• Good abstraction with VersionedDataHandler for future schema evolution
• Comprehensive test coverage for the versioned data utility

Areas for Improvement:

• The versioned-data-util package has excellent test coverage, but core protocol changes need integration tests
• Consider adding more specific error types for BARE decoding failures

🐛 Potential Issues

1. Import Resolution Issue (packages/core/src/schemas/client-protocol/versioned.ts:5):

   import * as v1 from "../../../dist/schemas/client-protocol/v1";

   This imports from dist/ which may not exist during development. Should import from source or ensure build order.

2. Hardcoded HTTP_RESOLVE_REQUEST_VERSIONED (versioned.ts:53-54):

   serializeVersion: (_) => new Uint8Array(),
   deserializeVersion: (bytes) => null,

   The void type serialization seems correct but returning null instead of void type could cause issues.

3. Error Handling Gap: No specific error handling for BARE format corruption or version mismatch beyond generic exceptions.

🚀 Performance Considerations

Positive:

• CachedSerializer prevents re-serialization for same encoding
• Binary format should be more efficient than JSON
• Versioning allows backward compatibility without performance penalty

Concerns:

• Version embedding adds 4 bytes overhead to every message
• No compression mentioned for BARE format (JSON/CBOR benefit from built-in compression)

🔒 Security Assessment

Good Practices:

• Input validation through schema enforcement
• Version checks prevent processing future/unknown versions
• Proper error boundaries for malformed data

Recommendations:

• Add size limits for BARE payloads similar to other encodings
• Consider validating schema compliance during deserialization
• Ensure version migration functions are safe from malicious input

📊 Test Coverage

Excellent:

• versioned-data-util has comprehensive test coverage (175 lines of tests)
• Tests cover migration paths, error cases, and edge conditions

Missing:

• Integration tests for client-server BARE communication
• Tests for protocol backward compatibility
• Performance benchmarks comparing JSON/CBOR/BARE

🔄 Breaking Changes

This appears to be backward compatible - existing JSON/CBOR clients should continue working. The Encoding enum adds "bare" but doesn't modify existing behavior.

📝 Recommendations

1. High Priority:

   • Fix the dist/ import issue in versioned.ts
   • Add integration tests for BARE protocol communication
   • Add size/corruption validation for BARE payloads

2. Medium Priority:

   • Consider adding BARE-specific error types
   • Add performance benchmarks
   • Document migration strategy for clients

3. Low Priority:

   • Consider compression options for BARE format
   • Add metrics for encoding usage

🎯 Overall Assessment

This is a well-executed migration that maintains backward compatibility while adding a modern binary serialization format. The versioning system is particularly well-designed for future evolution. Primary concerns are the import resolution issue and missing integration tests.

Recommendation: ✅ Approve with minor fixes - Address the import issue and consider adding integration tests before merging.

---

[NathanFlurry]

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

• chore: simplify package directories #1205
• chore(core): migrate actor persist & file system to bare #1204
• chore(core): migrate client protocol to BARE #1203 👈 (View in Graphite)
• chore(core): move actor liveness check to setInterval #1202
• fix(core): fix disconnecting sse connections #1201
• feat(core): add abort controller & implement waitUntil #1200
• feat(core): actor sleeping #1178
• fix(core): revert deleted fixtures #1199
• main

---

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

• merge queue - adds this PR to the back of the merge queue
• hotfix - for urgent hot fixes, skip the queue and merge this PR next

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

[claude]

Claude finished @NathanFlurry's task —— View job

---

PR Review: BARE Protocol Migration

This is a comprehensive migration adding BARE (Binary Application Record Encoding) as a third serialization option alongside JSON and CBOR. The implementation demonstrates good architectural planning with proper versioning support.

Review Tasks

• Analyze BARE schema definitions and structure
• Review versioned data handling implementation
• Check core protocol changes and serialization logic
• Examine client-server communication updates
• Assess test coverage and integration tests
• Verify import resolution and build dependencies
• Review security implications and error handling
• Evaluate performance considerations
• Check for breaking changes and backward compatibility

---

✅ Code Quality & Architecture

Strengths:

• Clean Schema Definitions: The BARE schema in packages/core/schemas/client-protocol/v1.bare is well-structured with clear type definitions for client-server communication
• Excellent Versioned Data Architecture: The VersionedDataHandler in packages/misc/versioned-data-util/src/mod.ts provides robust migration support with proper error handling
• Comprehensive Test Coverage: The versioned data utility has excellent test coverage (175+ lines) covering migrations, error cases, and multi-version scenarios
• Clean Integration: BARE encoding is properly integrated into the existing serialization pipeline via packages/core/src/serde.ts
• Good Separation of Concerns: New utility packages are well-organized with dedicated BARE compiler and versioned data handling

🐛 Critical Issues

1. Import Resolution Problem (packages/core/src/schemas/client-protocol/versioned.ts:5):

import * as v1 from "../../../dist/schemas/client-protocol/v1";

• ❌ Issue: Imports from dist/ directory which doesn't exist during development or fresh checkouts
• ❌ Build Order Dependency: This creates a chicken-and-egg problem where TypeScript compilation depends on build artifacts
• ✅ Solution: The build system has build:schema task that generates these files, and turbo.json:23 shows check-types depends on build:schema

2. Inconsistent HTTP_RESOLVE_REQUEST Handling (versioned.ts:53-54):

serializeVersion: (_) => new Uint8Array(),
deserializeVersion: (bytes) => null,

• ⚠️ Concern: Returns null instead of proper void type, could cause type issues
• Context: HttpResolveRequest is defined as void in the BARE schema, so this appears intentional

🚀 Performance Considerations

Positive:

• CachedSerializer prevents re-serialization for same encoding (packages/core/src/actor/protocol/serde.ts:25)
• Binary format should provide better performance than JSON
• Version embedding adds only 4 bytes overhead per message

Potential Concerns:

• No size validation specific to BARE format
• Missing compression options (JSON/CBOR may benefit from built-in compression)

🔒 Security Assessment

Good Practices:

• Schema-enforced validation through BARE types
• Proper version validation in VersionedDataHandler.deserialize() prevents processing future versions
• Error boundaries for malformed data with descriptive error messages

Recommendations:

• Add payload size limits for BARE similar to other encodings
• Consider validating schema compliance during deserialization

📊 Test Coverage Analysis

Excellent:

• ✅ Versioned data utility has comprehensive coverage including migration paths and error cases
• ✅ Edge cases well-tested (multi-version migrations, missing migrations, invalid data)

Missing:

• ❌ No integration tests for BARE protocol communication between client and server
• ❌ No tests for protocol backward compatibility with existing JSON/CBOR clients
• ❌ Missing performance benchmarks comparing serialization formats

🔄 Breaking Changes

✅ Backward Compatible: This appears to be fully backward compatible. The Encoding enum adds "bare" but doesn't modify existing "json" or "cbor" behavior. Existing clients should continue working unchanged.

📝 Key Recommendations

High Priority:

1. ✅ Build Process: The import resolution issue is handled by the build system - turbo.json ensures schema compilation happens before type checking
2. Consider Integration Tests: Add end-to-end tests for BARE protocol communication
3. Documentation: Consider adding migration guide for clients wanting to adopt BARE

Medium Priority:

1. Error Handling: Add BARE-specific error types beyond generic MalformedMessage
2. Validation: Add payload size limits and schema validation for BARE format
3. Performance: Add benchmarks comparing JSON/CBOR/BARE performance

Low Priority:

1. Compression: Evaluate compression strategies for BARE format
2. Metrics: Add telemetry for encoding format usage

🎯 Overall Assessment

This is a well-architected migration that successfully adds BARE serialization while maintaining backward compatibility. The versioning system is particularly well-designed for future protocol evolution.

Key Strengths:

• Solid architectural foundation with proper versioning
• Comprehensive test coverage for core utilities
• Clean integration with existing systems
• Maintains backward compatibility

Areas for Improvement:

• Missing integration tests for the full protocol stack
• Could benefit from performance benchmarks
• Documentation for client adoption

Recommendation: ✅ Approve - This is a solid implementation that follows good patterns and maintains compatibility. Consider adding integration tests as a follow-up.

---

[graphite-app]

Async setup race condition: Using setImmediate() with an async callback creates a fire-and-forget async operation that could continue executing after the actor instance is disposed or in an inconsistent state. If _sleep() is called during actor shutdown or if the actor driver becomes unavailable between the setImmediate scheduling and execution, this could cause undefined behavior. The async operation should be properly awaited or the actor should track this pending operation for cleanup.

Suggested change

	// Schedule sleep to happen on the next tick. This allows for any action that calls _sleep to complete.
	setImmediate(async () => {
	// The actor driver should call stop when ready to stop
	//
	// This will call _stop once Pegboard responds with the new status
	await sleep();
	});
	// Return a promise that resolves when sleep is complete
	return new Promise<void>((resolve, reject) => {
	// Schedule sleep to happen on the next tick. This allows for any action that calls _sleep to complete.
	setImmediate(async () => {
	try {
	// The actor driver should call stop when ready to stop
	//
	// This will call _stop once Pegboard responds with the new status
	await sleep();
	resolve();
	} catch (error) {
	reject(error);
	}
	});
	});

Spotted by Diamond



Is this helpful? React 👍 or 👎 to let us know.

[graphite-app]

Logic error in WebSocket state check: The condition checks for readyState values 2 (CLOSING) and 3 (CLOSED) using hardcoded numbers, but WebSocket readyState constants should be used for clarity and correctness. More critically, if the WebSocket is in CLOSING state (2), the code assumes it's safe to skip cleanup, but CLOSING state means close() has been called but the connection isn't fully closed yet. The code should only skip cleanup for CLOSED state (3), and should still wait for the close event in CLOSING state to ensure proper cleanup.

Suggested change

	if (
	ws.readyState === 2 /* CLOSING */ ||
	ws.readyState === 3 /* CLOSED */
	) {
	if (
	ws.readyState === WebSocket.CLOSED
	) {

Spotted by Diamond



Is this helpful? React 👍 or 👎 to let us know.

[graphite-app]

Merge activity

• Sep 11, 10:34 PM UTC: NathanFlurry added this pull request to the Graphite merge queue.
• Sep 11, 10:35 PM UTC: CI is running for this pull request on a draft pull request (#1206) due to your merge queue CI optimization settings.
• Sep 11, 10:35 PM UTC: Merged by the Graphite merge queue via draft PR: #1206.

[linear]

KIT-247 Switch to VBARE