fix(aqua): canonicalize and reject duplicate vars by risu729 · Pull Request #10187 · jdx/mise

risu729 · 2026-05-31T21:57:43Z

Summary

canonicalize Aqua var options from plain keys, nested vars, and literal vars.<name> backend-option keys into one lock/cache identity
reject duplicate final Aqua vars with a source-neutral conflicting aqua var error instead of picking one spelling
add unit/e2e coverage for literal dotted-key parsing, duplicate detection, and normal higher-precedence config overrides

Details

TOML already treats unquoted dotted keys and tables as the same structure: vars.channel = "stable" and [vars] channel = "stable" both parse as a nested vars table. This PR does not distinguish those TOML forms.

The extra spelling mise has to normalize is the literal backend-option key "vars.channel", which can come from backend arg/manual option parsing or persisted raw option maps rather than TOML dotted-key parsing. Aqua now canonicalizes that literal key to the same vars.channel lock/cache identity as nested TOML vars.channel and the documented plain channel var option.

If two entries in the final flattened options map collapse to the same Aqua var, Aqua stops with conflicting aqua var. If a higher-precedence config layer overrides a lower-precedence layer before Aqua sees the options, only the winning value reaches the backend, so normal config precedence still applies silently.

Note

mise lock still has existing best-effort behavior that can ignore invalid config/tool request conversion or skip failed per-platform lock resolution while writing successful entries. This PR does not change that broader policy; making invalid in-scope config fatal for mise lock should be handled separately.

Test plan

CI (lint, unit, e2e)
mise run test:e2e e2e/backend/test_aqua_vars

coderabbitai · 2026-05-31T21:57:49Z

Ready to act? Review this PR in Change Stack to turn feedback into patch suggestions you can inspect and refine.

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

@coderabbitai resume to resume automatic reviews.
@coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

▶️ Resume reviews
🔍 Trigger review

📝 Walkthrough

Walkthrough

This PR makes lockfile option resolution fallible across all backends and plugins, returning Result<BTreeMap<String, String>> instead of bare BTreeMap. Aqua gains variable canonicalization logic that normalizes flat/nested/prefixed vars spellings and errors on conflicts. Error propagation updates call sites in lockfile resolution and tool request flows.

Changes

Lockfile Options Resolution Fallibility & Aqua Canonicalization

Layer / File(s)	Summary
Aqua variable canonicalization and error handling `src/backend/aqua.rs`, `e2e/backend/test_aqua_vars`	AquaOptions canonicalizes `channel` / `vars.channel` / nested `vars` table into single canonical keys; rejects conflicting duplicates; propagates errors through `var()` and `lockfile_options()`; `list_bin_paths` aborts on canonicalization failure; unit and e2e tests cover ambiguous spellings and layered config overrides.
Backend trait and implementation signatures `src/backend/mod.rs`, `src/backend/cargo.rs`, `src/backend/conda.rs`, `src/backend/github.rs`, `src/backend/go.rs`, `src/backend/npm.rs`, `src/backend/pipx.rs`, `src/backend/spm.rs`, `src/backend/ubi.rs`	`Backend::resolve_lockfile_options` trait signature changes to return `Result<BTreeMap<String, String>>`; all implementations wrap computed option maps in `Ok(...)`; eyre `Result` imports added where needed.
Plugin resolve_lockfile_options updates `src/plugins/core/erlang.rs`, `src/plugins/core/java.rs`, `src/plugins/core/node.rs`, `src/plugins/core/python.rs`, `src/plugins/core/ruby.rs`, `src/plugins/core/rust.rs`	All core plugins update `resolve_lockfile_options` to return `Result<BTreeMap<String, String>>`; wrap computed maps in `Ok(...)`; Ruby updates both Windows early-return path and success path; test callsites unwrap results.
Error propagation in lockfile resolution `src/lockfile.rs`	`lockfile_tool_from_tool_version` now returns `Result<LockfileTool>` and propagates backend option resolution via `?` operator; `update_lockfiles` collects results and propagates failures; `resolve_tool_lock_info` explicitly handles resolution errors with early return of `Err(...)` and empty state.
Error propagation in tool request `src/toolset/tool_request.rs`	`ToolRequest::lockfile_resolve_with_prefix` applies `?` to `backend.resolve_lockfile_options(...)`, propagating failures to caller.
Configuration parsing test coverage `src/config/config_file/mise_toml.rs`	New test `test_tool_options_preserve_quoted_literal_dotted_keys` verifies that quoted dotted keys like `"vars.fixture_version"` are preserved as literal option keys alongside named field parsing.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

jdx/mise#9992: Refactors Ruby plugin resolve_lockfile_options and lockfile option construction paths, overlapping with this PR's updates to Ruby's fallible option resolution and test coverage.

Poem

A rabbit hops through vars so neat,
Canonical spellings—no repeat!
Aqua's errors caught with care,
Results that flow through call paths fair. 🐰✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 74.42% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'fix(aqua): canonicalize and reject duplicate vars' directly and specifically describes the main change—canonicalizing Aqua var options and rejecting duplicates—which is the core focus of the PR across aqua.rs and related changes.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

greptile-apps · 2026-05-31T22:01:16Z

Greptile Summary

This PR canonicalizes Aqua backend variable options across three spellings — plain key (channel), nested TOML table (vars.channel), and literal dotted key ("vars.channel") — into a single identity, and replaces the previous silent precedence rule with a hard "conflicting aqua var" error when two spellings resolve to the same variable name within a single option set.

canonical_var_options is the new shared helper that strips the vars. prefix and de-duplicates, called by both var() and lockfile_options(). The trait method resolve_lockfile_options signature is widened to Result<BTreeMap<String, String>> across all backends.
lockfile_tool_from_tool_version is updated to propagate errors, and the now-superfluous From<ToolVersionList> impl is removed; resolve_tool_lock_info keeps best-effort semantics by packaging the error string into the existing Err arm of the result tuple rather than panicking.
New unit and e2e tests cover literal dotted-key parsing, duplicate detection, and same-spelling config-layer override (which should not trigger the conflict error).

Confidence Score: 5/5

Safe to merge. The canonicalization logic is correct across all three spellings, conflict detection fires exactly when it should, and the config-layer override path correctly avoids false positives.

The new canonical_var_options helper is deterministic and sound: it iterates the insertion-order IndexMap, strips vars. prefixes, processes the nested vars table, and uses contains_key + bail! for conflict detection. Multi-file config merging replaces the full tool request at the ToolRequestSet level before Aqua ever sees the options, so cross-file overrides with different spellings never coexist in the same opts map. Test coverage is thorough.

No files require special attention.

Important Files Changed

Filename	Overview
src/backend/aqua.rs	Core change: `canonical_var_options` unifies three var spellings, duplicate detection via `contains_key` + `bail!`, and both `var()` / `lockfile_options()` now return `Result`. Logic is correct.
src/lockfile.rs	`lockfile_tool_from_tool_version` upgraded to `Result<LockfileTool>` with hard-error propagation in `update_lockfiles`; `resolve_tool_lock_info` keeps soft-error semantics via existing Err arm.
src/backend/mod.rs	Default `resolve_lockfile_options` trait method widened to `Result<BTreeMap<String, String>>`; all impls updated consistently.
src/config/config_file/mise_toml.rs	New test verifies TOML preserves the quoted literal dotted key as a distinct entry from the plain key.
e2e/backend/test_aqua_vars	New e2e conf.d two-file scenario exercises the config-layer override path correctly.
src/toolset/tool_request.rs	Single call site propagates `Result` with `?`; correct and minimal change.

_{Reviews (15): Last reviewed commit: "fix(lint): allow dead_code on unused Pro..." | Re-trigger Greptile}

risu729 · 2026-06-03T23:31:02Z

@coderabbitai review

coderabbitai · 2026-06-03T23:31:08Z

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

coderabbitai

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

src/plugins/core/ruby.rs (1)

1019-1039: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Include the precompiled/source selector in Ruby lockfile options.

This still keys only on ruby_install, but resolve_lock_info below switches artifact source based on should_try_precompiled() and resolve_precompiled_url(...). A ruby.compile=false or custom precompiled source can therefore collide with the source-tarball entry and reuse the wrong lock metadata.

Suggested fix

 fn resolve_lockfile_options(
     &self,
     _request: &ToolRequest,
     target: &PlatformTarget,
 ) -> Result<BTreeMap<String, String>> {
     let mut opts = BTreeMap::new();
     let settings = Settings::get();
     let is_current_platform = target.is_current();

+    let use_precompiled = self.should_try_precompiled();
+    if use_precompiled {
+        opts.insert("precompiled".to_string(), "true".to_string());
+        opts.insert(
+            "precompiled_url".to_string(),
+            settings.ruby.precompiled_url.clone(),
+        );
+        if let Some(arch) = settings.ruby.precompiled_arch.clone() {
+            opts.insert("precompiled_arch".to_string(), arch);
+        }
+        if let Some(os) = settings.ruby.precompiled_os.clone() {
+            opts.insert("precompiled_os".to_string(), os);
+        }
+    }
+
     let ruby_install = if is_current_platform {
         settings.ruby.ruby_install
     } else {
         false
     };

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/plugins/core/ruby.rs` around lines 1019 - 1039, The current
resolve_lockfile_options function only records ruby_install and omits the
artifact source selector, causing resolve_lock_info to pick wrong lock metadata;
update resolve_lockfile_options to include the precompiled/source flags used by
resolve_lock_info — specifically add the ruby.compile (or equivalent
Settings::ruby.compile) value and any custom precompiled source identifier (the
value used by resolve_precompiled_url and should_try_precompiled) into the
returned opts BTreeMap so resolve_lock_info can deterministically choose
precompiled vs source artifacts.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/backend/aqua.rs`:
- Around line 74-95: canonical_var_options and lockfile_options currently drop
invalid vars silently; change them to fail fast: in canonical_var_options(),
when encountering key == "vars" and the value is not a toml::Value::Table,
return an Err describing "vars must be a table" (refer to canonical_var_options
and insert_nested_var_options for where to validate), and in lockfile_options()
stop using filter_map so non-string toml values are not ignored—call
toml_value_to_string for each value and if it fails return an Err (include the
offending key in the error) instead of skipping it so invalid config surfaces
during lockfile canonicalization (update the error messages to reference
toml_value_to_string, lockfile_options, and canonical_var_options).

---

Outside diff comments:
In `@src/plugins/core/ruby.rs`:
- Around line 1019-1039: The current resolve_lockfile_options function only
records ruby_install and omits the artifact source selector, causing
resolve_lock_info to pick wrong lock metadata; update resolve_lockfile_options
to include the precompiled/source flags used by resolve_lock_info — specifically
add the ruby.compile (or equivalent Settings::ruby.compile) value and any custom
precompiled source identifier (the value used by resolve_precompiled_url and
should_try_precompiled) into the returned opts BTreeMap so resolve_lock_info can
deterministically choose precompiled vs source artifacts.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

Push a commit to this branch (recommended)
Create a new PR with the fixes

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 96139857-6fc5-4e1f-bb6a-ebe6fd5ba934

📥 Commits

Reviewing files that changed from the base of the PR and between 310e325 and 192214e.

📒 Files selected for processing (18)

src/backend/aqua.rs
src/backend/cargo.rs
src/backend/conda.rs
src/backend/github.rs
src/backend/go.rs
src/backend/mod.rs
src/backend/npm.rs
src/backend/pipx.rs
src/backend/spm.rs
src/backend/ubi.rs
src/lockfile.rs
src/plugins/core/erlang.rs
src/plugins/core/java.rs
src/plugins/core/node.rs
src/plugins/core/python.rs
src/plugins/core/ruby.rs
src/plugins/core/rust.rs
src/toolset/tool_request.rs

risu729 · 2026-06-04T21:56:07Z

@coderabbitai review

This comment was generated by an AI coding assistant.

coderabbitai · 2026-06-04T21:56:19Z

@risu729 I'll review the changes in this PR now.

This comment was generated by an AI coding assistant.

🧠 Learnings used

Learnt from: CR
Repo: jdx/mise PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-05-31T15:12:12.203Z
Learning: When posting comments on GitHub PRs or discussions, include a note that the comment was AI-generated (e.g., '*This comment was generated by an AI coding assistant.*').

Learnt from: CR
Repo: jdx/mise PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-05-31T15:12:18.847Z
Learning: When posting comments on GitHub PRs or discussions, always include a note that the comment was AI-generated

Learnt from: CR
Repo: jdx/mise PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-05-31T15:12:28.703Z
Learning: When posting comments on GitHub PRs or discussions, always include a note that the comment was AI-generated

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

coderabbitai · 2026-06-04T21:58:51Z

@risu729 I'll review the changes in this PR now.

This comment was generated by an AI coding assistant.

🧠 Learnings used

Learnt from: CR
Repo: jdx/mise PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-05-31T15:12:12.203Z
Learning: When posting comments on GitHub PRs or discussions, include a note that the comment was AI-generated (e.g., '*This comment was generated by an AI coding assistant.*').

Learnt from: CR
Repo: jdx/mise PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-05-31T15:12:18.847Z
Learning: When posting comments on GitHub PRs or discussions, always include a note that the comment was AI-generated

Learnt from: CR
Repo: jdx/mise PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-05-31T15:12:28.703Z
Learning: When posting comments on GitHub PRs or discussions, always include a note that the comment was AI-generated

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

risu729 · 2026-06-04T22:34:51Z

@coderabbitai review

This comment was generated by an AI coding assistant.

coderabbitai · 2026-06-04T22:35:09Z

@risu729 I'll review the changes in this PR now.

This comment was generated by an AI coding assistant.

🧠 Learnings used

Learnt from: CR
Repo: jdx/mise PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-05-31T15:12:12.203Z
Learning: When posting comments on GitHub PRs or discussions, include a note that the comment was AI-generated (e.g., '*This comment was generated by an AI coding assistant.*').

Learnt from: CR
Repo: jdx/mise PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-05-31T15:12:18.847Z
Learning: When posting comments on GitHub PRs or discussions, always include a note that the comment was AI-generated

Learnt from: CR
Repo: jdx/mise PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-05-31T15:12:28.703Z
Learning: When posting comments on GitHub PRs or discussions, always include a note that the comment was AI-generated

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

coderabbitai

♻️ Duplicate comments (1)

src/backend/aqua.rs (1)
74-81: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Fail fast on invalid Aqua var values.

lockfile_options() still drops non-string vars via filter_map, and canonical_var_options() still treats vars = <non-table> as a no-op. That means invalid Aqua config can still produce a partial/empty lockfile or bin-path cache key instead of surfacing through the new Result path.

Also applies to: 91-95
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/backend/aqua.rs` around lines 74 - 81, The code currently swallows
invalid var values by filtering out non-string TOML values; update
lockfile_options to propagate errors instead of using filter_map: call
toml_value_to_string for each (key,value), map failures into an Err and collect
into a Result<BTreeMap<...>, Error> (so use a fallible collect or explicit loop
that returns Err on the first invalid value) and return that Err; likewise,
change canonical_var_options to treat a non-table `vars` entry as an error
(return Err when vars is present but not a table) rather than treating it as a
no-op; use the existing helper toml_value_to_string, and reference
lockfile_options, canonical_var_options and toml_value_to_string when making
these changes.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Duplicate comments:
In `@src/backend/aqua.rs`:
- Around line 74-81: The code currently swallows invalid var values by filtering
out non-string TOML values; update lockfile_options to propagate errors instead
of using filter_map: call toml_value_to_string for each (key,value), map
failures into an Err and collect into a Result<BTreeMap<...>, Error> (so use a
fallible collect or explicit loop that returns Err on the first invalid value)
and return that Err; likewise, change canonical_var_options to treat a non-table
`vars` entry as an error (return Err when vars is present but not a table)
rather than treating it as a no-op; use the existing helper
toml_value_to_string, and reference lockfile_options, canonical_var_options and
toml_value_to_string when making these changes.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: eabc5b97-7897-4281-974b-3a9a4ee15cbc

📥 Commits

Reviewing files that changed from the base of the PR and between 967bccb and 7766806.

📒 Files selected for processing (22)

e2e/backend/test_aqua_vars
src/backend/aqua.rs
src/backend/cargo.rs
src/backend/conda.rs
src/backend/github.rs
src/backend/go.rs
src/backend/mod.rs
src/backend/npm.rs
src/backend/pipx.rs
src/backend/spm.rs
src/backend/ubi.rs
src/cli/lock.rs
src/config/config_file/mise_toml.rs
src/lockfile.rs
src/plugins/core/erlang.rs
src/plugins/core/java.rs
src/plugins/core/node.rs
src/plugins/core/python.rs
src/plugins/core/ruby.rs
src/plugins/core/rust.rs
src/toolset/tool_request.rs
src/toolset/tool_version_options.rs

💤 Files with no reviewable changes (1)

src/toolset/tool_version_options.rs

🚧 Files skipped from review as they are similar to previous changes (17)

src/plugins/core/erlang.rs
src/plugins/core/rust.rs
src/backend/pipx.rs
src/backend/cargo.rs
src/backend/conda.rs
src/backend/spm.rs
src/plugins/core/java.rs
src/plugins/core/ruby.rs
src/backend/github.rs
src/backend/npm.rs
src/lockfile.rs
src/backend/mod.rs
src/plugins/core/python.rs
src/backend/go.rs
src/backend/ubi.rs
e2e/backend/test_aqua_vars
src/toolset/tool_request.rs

risu729 · 2026-06-04T22:51:15Z

@coderabbitai review

This comment was generated by an AI coding assistant.

coderabbitai · 2026-06-04T22:51:27Z

@risu729 I'll review the changes in this PR now.

This comment was generated by an AI coding assistant.

🧠 Learnings used

Learnt from: CR
Repo: jdx/mise PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-05-31T15:12:12.203Z
Learning: When posting comments on GitHub PRs or discussions, include a note that the comment was AI-generated (e.g., '*This comment was generated by an AI coding assistant.*').

Learnt from: CR
Repo: jdx/mise PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-05-31T15:12:18.847Z
Learning: When posting comments on GitHub PRs or discussions, always include a note that the comment was AI-generated

Learnt from: CR
Repo: jdx/mise PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-05-31T15:12:28.703Z
Learning: When posting comments on GitHub PRs or discussions, always include a note that the comment was AI-generated

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

github-actions · 2026-06-06T00:25:56Z

This PR currently has merge conflicts. If this continues for 7 days, it will be closed automatically.

This is warning day 1 of 7.