chore: JSDoc total coverage + strict checkJs

[flyingrobots]

Summary

• Add complete JSDoc @param/@returns annotations to every function, class method, and callback across all 32 source files (ports, adapters, services, CLI)
• Add tsconfig.checkjs.json with strict checkJs — tsc --noEmit passes with zero errors (was 342)
• Add src/types/ambient.d.ts for @git-stunts/plumbing and bun module declarations
• Bump to v5.2.2

Test plan

• npx tsc -p tsconfig.checkjs.json --noEmit — 0 errors
• npx eslint . — 0 errors
• npm test — 785 tests pass
• npm pack --dry-run — clean
• npx jsr publish --dry-run --allow-dirty — clean
• Bun unit + integration tests (CI)
• Deno unit + integration tests (CI)

Summary by CodeRabbit

Release Notes: Version 5.2.2

• New Features

  • Added TypeScript type checking support with comprehensive JSDoc annotations across the codebase.
  • Introduced ambient type declarations for improved IDE support and type safety.

• Bug Fixes

  • Fixed encryption stream to skip empty output chunks for cleaner data handling.
  • Improved progress tracking with centralized state management.

• Chores

  • Updated version to 5.2.2.
  • Added @types/node as a development dependency for better type support.

[coderabbitai]

Warning

Rate limit exceeded

@flyingrobots has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 7 minutes and 48 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 6e93908 and 213879a.

📒 Files selected for processing (9)

• bin/actions.js
• bin/git-cas.js
• bin/ui/dashboard-view.js
• bin/ui/heatmap.js
• bin/ui/manifest-view.js
• bin/ui/progress.js
• src/infrastructure/adapters/EventEmitterObserver.js
• src/ports/CryptoPort.js
• tsconfig.checkjs.json

📝 Walkthrough

Walkthrough

This PR adds comprehensive JSDoc type annotations and ambient type declarations across the codebase. Key changes include: widening CryptoPort return types (string|Promise, Buffer|Uint8Array), renaming port parameters to underscore-prefixed variants (TS8024 fix), introducing new type definitions (EncryptionMeta, KdfParamSet, VaultMetadata), annotating CLI and observer handlers, and minor guards for encryption streams.

Changes

Cohort / File(s)	Summary
Core Port Definitions src/ports/CryptoPort.js, src/ports/GitPersistencePort.js, src/ports/GitRefPort.js, src/ports/CodecPort.js	Port abstract methods updated with underscore-prefixed parameters (TS8024 fix) and expanded JSDoc type annotations. CryptoPort introduces new public typedefs (EncryptionMeta, KdfParamSet, DeriveKeyParams) and widens method return types to support sync/async variants and broader buffer types.
Type Declarations src/types/ambient.d.ts, tsconfig.checkjs.json, package.json	New ambient type declarations for @git-stunts/plumbing and bun modules. Added tsconfig.checkjs.json for strict JS type-checking. Updated package.json with @types/node devDependency and version bump to 5.2.2.
Crypto Adapters src/infrastructure/adapters/NodeCryptoAdapter.js, src/infrastructure/adapters/WebCryptoAdapter.js, src/infrastructure/adapters/BunCryptoAdapter.js	JSDoc type annotations added across sha256, randomBytes, encrypt/decrypt, and key derivation methods. Guard logic introduced to avoid emitting empty chunks during encryption streaming. Minor ts-ignore directives for runtime compatibility.
Observers & Services src/infrastructure/adapters/SilentObserver.js, src/infrastructure/adapters/EventEmitterObserver.js, src/infrastructure/adapters/StatsCollector.js, src/domain/services/VaultService.js	Public observer methods (metric, log, span) fully documented with JSDoc type annotations. VaultService gets three new typedefs (VaultEncryptionMeta, VaultMetadata, VaultState) and comprehensive private method type documentation without behavioral changes.
Codec & Persistence Adapters src/infrastructure/adapters/GitPersistenceAdapter.js, src/infrastructure/adapters/GitRefAdapter.js, src/infrastructure/codecs/CborCodec.js, src/infrastructure/codecs/JsonCodec.js, src/infrastructure/chunkers/FixedChunker.js, src/domain/services/Semaphore.js	JSDoc @override blocks and type annotations added to all public and private methods. GitRefAdapter: -p parentOid flag wired when parentOid provided; updateRef now awaits policy execution internally. FixedChunker and codecs annotated with parameter/return types.
CLI Entry Points & Actions bin/actions.js, bin/git-cas.js	actions.js: introduces ErrorLike typedef, narrows writeError typing, updates runAction with explicit Promise signatures. git-cas.js: version bumped to 5.2.2, extensive JSDoc types added to internal helpers (readKeyFile, createCas, deriveVaultKey, parseRecipient, etc.); explicit type casts wired throughout.
CLI UI Components bin/ui/context.js, bin/ui/dashboard-cmds.js, bin/ui/dashboard-view.js, bin/ui/dashboard.js, bin/ui/encryption-card.js, bin/ui/heatmap.js, bin/ui/history-timeline.js, bin/ui/manifest-view.js	Comprehensive JSDoc typedefs introduced (DashModel, DashDeps, BijouContext, ManifestData, etc.). All render functions annotated with parameter/return types. encryption-card and manifest-view tighten VaultMetadata types. dashboard-view adds end property to visibleRange return for explicit bounds. No functional changes to UI rendering.
Progress Tracking bin/ui/progress.js	Refactored state tracking to use shared TrackerState object and new handleChunkEvent helper, replacing per-instance local variables. createStoreProgress/createRestoreProgress extended with fileSize and ctx options. Behavior gated by quiet/pipe modes remains unchanged; finalization computes throughput via shared state.
Version & Config jsr.json	Version bumped from 5.2.1 to 5.2.2.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• feat!: M14 Conduit — ObservabilityPort, streaming restore, parallel I/O (v4.0.0) #10 — Modifies same ObservabilityPort and adapter types (SilentObserver, EventEmitterObserver, StatsCollector), extending concurrent wiring through CLI and service layer.
• release: v2.0.0 — compression, KDF, Merkle manifests #6 — Updates CryptoPort typedefs (EncryptionMeta, KdfParamSet) and derives/async method signatures in parallel.
• feat(cas): M3 Launchpad — native Bun/Deno adapters, async crypto, and OIDC/JSR release workflow #3 — Modifies crypto adapter async behavior and signatures (encrypt/decrypt/createEncryptionStream stream guards).

Poem

🐰 Types bloom bright with JSDoc's care,
Ports and adapters now declare their ware,
Ambient declarations fill the air,
Parameters underscore-blessed, pristine and fair,
Strict type-checking hops everywhere! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The pull request title 'chore: JSDoc total coverage + strict checkJs' accurately summarizes the main objectives and changes in this PR.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/jsdoc-total-coverage

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 6

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

bin/ui/manifest-view.js (1)

89-94: ⚠️ Potential issue | 🟡 Minor

Guard blob access before slicing to prevent render crashes.

If a chunk lacks blob, c.blob.slice(...) will throw and break the view.

🛡️ Proposed defensive rendering fix

-  const chunkRows = displayChunks.map((/** `@type` {{ index: number, size: number, digest: string, blob: string }} */ c) => [
+  const chunkRows = displayChunks.map((/** `@type` {{ index: number, size: number, digest: string, blob?: string }} */ c) => [
     String(c.index),
     formatBytes(c.size),
     `${c.digest.slice(0, 12)}...`,
-    `${c.blob.slice(0, 12)}...`,
+    typeof c.blob === 'string' ? `${c.blob.slice(0, 12)}...` : '-',
   ]);

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@bin/ui/manifest-view.js` around lines 89 - 94, Guard access to c.blob when
building chunkRows inside the displayChunks.map to avoid render crashes; update
the mapping in the chunkRows creation so it checks c.blob (and optionally
c.digest) before calling .slice, e.g. use a conditional/fallback like (c.blob ?
c.blob.slice(0,12) + '...' : '<no-blob>') for that array element (and similarly
for c.digest if needed) so undefined values won't cause exceptions during
rendering.

🧹 Nitpick comments (5)

bin/git-cas.js (1)

189-189: Prefer typed option shapes over any casts on CAS calls.

These any casts weaken the strict checkJs guarantees this PR is aiming for. Consider replacing Record<string, any> + any casts with local JSDoc typedefs (or exported option types) for store/restore/rotate payloads.

Also applies to: 283-286, 485-485, 538-538

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@bin/git-cas.js` at line 189, Replace the ad-hoc /** `@type` {any} */ casts with
explicit JSDoc typedefs for the CAS payload shapes (e.g., define a StoreOptions
typedef and similar RestoreOptions/RotateOptions) and use those types where
variables like storeOpts are declared/used and when calling cas methods
(cas.storeFile, cas.restoreFile, cas.rotate*). Locate the variables named
storeOpts (and other payload variables mentioned in this PR) and add local or
exported JSDoc `@typedefs` that describe the expected properties (use
Record<string, unknown> or specific keys instead of any), then annotate the
variable declarations or the cas.* call sites with the new typedef names so
checkJs can validate types without any casts.

tsconfig.checkjs.json (1)

21-27: Minor: Redundant include pattern.

Line 26 (src/types/ambient.d.ts) is already covered by line 24 (src/**/*.d.ts). This redundancy is harmless but can be removed for cleaner configuration.

♻️ Proposed simplification

   "include": [
     "index.js",
     "src/**/*.js",
     "src/**/*.d.ts",
     "index.d.ts",
-    "src/types/ambient.d.ts",
     "bin/**/*.js"
   ],

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tsconfig.checkjs.json` around lines 21 - 27, Remove the redundant include
entry "src/types/ambient.d.ts" from the "include" array in tsconfig.checkjs.json
because it's already matched by the glob "src/**/*.d.ts"; update the "include"
array to keep only the more general patterns (e.g., "src/**/*.d.ts") to simplify
the config.

bin/ui/heatmap.js (1)

94-100: Avoid any for options.manifest to preserve strict typing value.

any drops type safety exactly where normalization happens. Prefer a narrow union-like shape.

♻️ Proposed JSDoc tightening

- * `@param` {any} options.manifest - The manifest (Manifest instance or plain ManifestData).
+ * `@param` {ManifestData|{ toJSON: () => ManifestData }} options.manifest - The manifest (Manifest instance or plain ManifestData).

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@bin/ui/heatmap.js` around lines 94 - 100, The JSDoc for the renderHeatmap
parameter is using `any` for `options.manifest`, which loses type-safety; update
the JSDoc to a narrower union (e.g., `Manifest | ManifestData | { toJSON():
ManifestData }`) so callers and tooling know the expected shape, and then keep
the normalization in renderHeatmap (the `manifest.toJSON ? manifest.toJSON() :
manifest` logic) but annotate the local `m` as `ManifestData` in the same JSDoc
block so `chunks` and other properties are typed; reference the `renderHeatmap`
function and the `manifest.toJSON`/`ManifestData` symbols when making this
change.

bin/ui/manifest-view.js (1)

142-148: Replace any on options.manifest with a concrete shape.

Using any here bypasses strictness and can hide invalid manifest inputs.

♻️ Proposed JSDoc tightening

- * `@param` {any} options.manifest - The manifest (Manifest instance or plain ManifestData).
+ * `@param` {ManifestData|{ toJSON: () => ManifestData }} options.manifest - The manifest (Manifest instance or plain ManifestData).

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@bin/ui/manifest-view.js` around lines 142 - 148, The JSDoc for
renderManifestView currently types options.manifest as any; replace it with a
concrete type (e.g., Manifest | ManifestData or an explicit object shape) so
callers and IDEs get proper typing and invalid manifests are caught. Update the
JSDoc parameter to reference the existing ManifestData typedef (or declare a
short typedef for the union Manifest|ManifestData or an object with an optional
toJSON(): ManifestData method) and keep the implementation using manifest.toJSON
? manifest.toJSON() : manifest; ensure the JSDoc name matches the function
signature renderManifestView and the ManifestData symbol used elsewhere.

src/ports/CryptoPort.js (1)

97-97: Widen options.salt JSDoc for consistency with cross-runtime byte inputs.

The port now broadly accepts Buffer|Uint8Array in related paths; salt should match that shape.

♻️ Proposed type consistency fix

-   * `@param` {Buffer} [options.salt] - Salt for the KDF (random if omitted).
+   * `@param` {Buffer|Uint8Array} [options.salt] - Salt for the KDF (random if omitted).

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/ports/CryptoPort.js` at line 97, Update the JSDoc for the salt parameter
to allow cross-runtime byte inputs: change the `@param` from {Buffer}
[options.salt] to {Buffer|Uint8Array} [options.salt] in src/ports/CryptoPort.js
(the JSDoc that documents options.salt used by the CryptoPort methods) so the
documented type matches the actual accepted types (Buffer and Uint8Array).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@bin/actions.js`:
- Around line 38-39: Guard the HINTS lookup to avoid inherited properties by
checking ownership before indexing: in the block that computes hint (referencing
the variables hint, code and the HINTS object), replace the direct index access
with a conditional that first verifies
Object.prototype.hasOwnProperty.call(HINTS, code) (or an equivalent own-key
check) and only then uses HINTS[code] to assign hint; this prevents resolving
inherited keys like __proto__ while preserving the existing behavior when code
is a known HINTS key.

In `@bin/git-cas.js`:
- Around line 57-62: Before casting metadata.encryption, add an explicit runtime
guard that checks metadata and metadata.encryption exist and have the expected
fields (e.g., kdf, kdf.salt, kdf.algorithm, kdf.iterations); if the check fails,
throw a clear Error like "Missing or malformed encryption metadata" (include
enough context such as metadata.id or similar) so the subsequent use of kdf and
the call to cas.deriveKey are safe; then continue to read const { kdf } =
metadata.encryption and call cas.deriveKey as before.
- Around line 31-33: The readKeyFile function currently returns whatever
readFileSync(keyFilePath) yields without validating size; update readKeyFile to
read the file into a Buffer, verify buffer.length === 32 and throw a clear error
(e.g., "invalid key length") if not, otherwise return the Buffer; reference the
readKeyFile function and the keyFilePath parameter when adding the length check
and error handling.

In `@bin/ui/dashboard-view.js`:
- Around line 94-95: The clamp logic treats size.width === 0 as falsy and skips
slicing; update the check used by clamp to explicitly test for a positive width
(e.g., use size.width > 0) so zero-width panes are handled correctly, and ensure
filterLine (which uses model.filtering and model.filterText) still calls clamp
with the same string when width is positive; modify the clamp definition and its
usage so the condition is an explicit numeric greater-than check rather than a
truthiness check.

In `@bin/ui/progress.js`:
- Around line 111-114: In the interactive branch (where deps.ctx.mode ===
'interactive') replace the direct process.stderr.write call with the
context-aware writer: call deps.ctx.io.write(`\r\x1b[K${status}`) so output
honors options.ctx overrides; optionally guard with a fallback to
process.stderr.write if deps.ctx.io is undefined. Keep the same status string
and still call deps.bar.update(pct).

In `@src/infrastructure/adapters/EventEmitterObserver.js`:
- Around line 19-21: The JSDoc/type mismatch: `data.action` is used without
guard but the type marks it optional; update the type for the metric parameter
in EventEmitterObserver so `action` is required (change Record<string, unknown>
& { action?: string } to Record<string, unknown> & { action: string }) and
update the JSDoc to say `action` is required; additionally add a short runtime
assertion in the method that accesses data.action (check data.action and throw
or log + return) to avoid forming event names like "chunk:undefined".

---

Outside diff comments:
In `@bin/ui/manifest-view.js`:
- Around line 89-94: Guard access to c.blob when building chunkRows inside the
displayChunks.map to avoid render crashes; update the mapping in the chunkRows
creation so it checks c.blob (and optionally c.digest) before calling .slice,
e.g. use a conditional/fallback like (c.blob ? c.blob.slice(0,12) + '...' :
'<no-blob>') for that array element (and similarly for c.digest if needed) so
undefined values won't cause exceptions during rendering.

---

Nitpick comments:
In `@bin/git-cas.js`:
- Line 189: Replace the ad-hoc /** `@type` {any} */ casts with explicit JSDoc
typedefs for the CAS payload shapes (e.g., define a StoreOptions typedef and
similar RestoreOptions/RotateOptions) and use those types where variables like
storeOpts are declared/used and when calling cas methods (cas.storeFile,
cas.restoreFile, cas.rotate*). Locate the variables named storeOpts (and other
payload variables mentioned in this PR) and add local or exported JSDoc
`@typedefs` that describe the expected properties (use Record<string, unknown> or
specific keys instead of any), then annotate the variable declarations or the
cas.* call sites with the new typedef names so checkJs can validate types
without any casts.

In `@bin/ui/heatmap.js`:
- Around line 94-100: The JSDoc for the renderHeatmap parameter is using `any`
for `options.manifest`, which loses type-safety; update the JSDoc to a narrower
union (e.g., `Manifest | ManifestData | { toJSON(): ManifestData }`) so callers
and tooling know the expected shape, and then keep the normalization in
renderHeatmap (the `manifest.toJSON ? manifest.toJSON() : manifest` logic) but
annotate the local `m` as `ManifestData` in the same JSDoc block so `chunks` and
other properties are typed; reference the `renderHeatmap` function and the
`manifest.toJSON`/`ManifestData` symbols when making this change.

In `@bin/ui/manifest-view.js`:
- Around line 142-148: The JSDoc for renderManifestView currently types
options.manifest as any; replace it with a concrete type (e.g., Manifest |
ManifestData or an explicit object shape) so callers and IDEs get proper typing
and invalid manifests are caught. Update the JSDoc parameter to reference the
existing ManifestData typedef (or declare a short typedef for the union
Manifest|ManifestData or an object with an optional toJSON(): ManifestData
method) and keep the implementation using manifest.toJSON ? manifest.toJSON() :
manifest; ensure the JSDoc name matches the function signature
renderManifestView and the ManifestData symbol used elsewhere.

In `@src/ports/CryptoPort.js`:
- Line 97: Update the JSDoc for the salt parameter to allow cross-runtime byte
inputs: change the `@param` from {Buffer} [options.salt] to {Buffer|Uint8Array}
[options.salt] in src/ports/CryptoPort.js (the JSDoc that documents options.salt
used by the CryptoPort methods) so the documented type matches the actual
accepted types (Buffer and Uint8Array).

In `@tsconfig.checkjs.json`:
- Around line 21-27: Remove the redundant include entry "src/types/ambient.d.ts"
from the "include" array in tsconfig.checkjs.json because it's already matched
by the glob "src/**/*.d.ts"; update the "include" array to keep only the more
general patterns (e.g., "src/**/*.d.ts") to simplify the config.

---

ℹ️ Review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c3e9956 and 6e93908.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (33)

• CHANGELOG.md
• bin/actions.js
• bin/git-cas.js
• bin/ui/context.js
• bin/ui/dashboard-cmds.js
• bin/ui/dashboard-view.js
• bin/ui/dashboard.js
• bin/ui/encryption-card.js
• bin/ui/heatmap.js
• bin/ui/history-timeline.js
• bin/ui/manifest-view.js
• bin/ui/progress.js
• jsr.json
• package.json
• src/domain/services/Semaphore.js
• src/domain/services/VaultService.js
• src/infrastructure/adapters/BunCryptoAdapter.js
• src/infrastructure/adapters/EventEmitterObserver.js
• src/infrastructure/adapters/GitPersistenceAdapter.js
• src/infrastructure/adapters/GitRefAdapter.js
• src/infrastructure/adapters/NodeCryptoAdapter.js
• src/infrastructure/adapters/SilentObserver.js
• src/infrastructure/adapters/StatsCollector.js
• src/infrastructure/adapters/WebCryptoAdapter.js
• src/infrastructure/chunkers/FixedChunker.js
• src/infrastructure/codecs/CborCodec.js
• src/infrastructure/codecs/JsonCodec.js
• src/ports/CodecPort.js
• src/ports/CryptoPort.js
• src/ports/GitPersistencePort.js
• src/ports/GitRefPort.js
• src/types/ambient.d.ts
• tsconfig.checkjs.json