Rewrite publishing @typeberry/lib to NPM

[tomusdrw]

After #852 the lib became completely broken (apologies!). The idea is okay, but I didn't test it properly and the overall execution using our misc/builder was also not a good idea.

Problem with previous approach

• We were trying to bundle all dependencies together and produce a single file - this works okay, when there was only one export, but for mutliple exports this is broken, because the code is duplicated everywhere
• The approach was based on previous requirements of obfuscation and having "stand-alone" packages. It is no longer valid, since are only releasing @typeberry/lib now.

Current approach

1. Compile TS -> JS using special tsconfig.lib.json.
2. Rewrite imports for workspace packages to use internal imports (see imports in package.json).
3. Publish only types + MJS and keep the entire file structure intact.

This new approach allows me to remove the builder completely (since @typeberry/jam and @typeberry/convert are using different build scripts) and I feel that the process is a bit more lightweight now.

Caveats

• @typeberry/lib now needs to list external dependencies of any potential sub-packages explicitly - for now we only have @typeberry/native, hash-wasm, @noble/ed25519 and @fluffylabs/anan-as, but we have to be careful when exposing any new packages.

[coderabbitai]

📝 Walkthrough

Summary by CodeRabbit

• Chores

  • Packaging updated to publish JS-built exports, added a post-build packaging script and new build tooling, updated npmignore to exclude build artifacts, introduced a few runtime dependencies, and added a library TypeScript config.
  • Removed the legacy builder package from the workspace and docs; related config and ignore entries adjusted.

• Refactor

  • Public module surface reorganized into standardized namespace exports, several module entry points renamed, and deprecated type exports removed.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

Walkthrough

This PR restructures the library build for bin/lib: adds tsconfig.lib.json, replaces the old builder with a tsc-based compile plus two new scripts (bin/lib/scripts/build-lib.ts and bin/lib/scripts/extract-examples.ts), moves JS export entrypoints to ./exports/*.js and updates bin/lib/package.json (exports, scripts, runtime deps), updates bin/lib/index.ts to remove deprecated type aliases and expose many namespace re-exports, moves build output to dist/lib, and removes the packages/misc/builder workspace and its build files. Ancillary docs and ignore files were adjusted.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• Clean up PVM packages #801 — Changes to PVM-related public exports and package mappings that overlap the pvm → pvm_interface/pvm_interpreter edits.
• Fixes for @typeberry/lib #829 — Modifies bin/lib export surface and type re-exports similar to the index.ts namespace refactor here.
• Fix typeberry-lib release path. #613 — Adjusts distribution output paths and publishing to ./dist/lib, related to this PR's dist/lib layout and packaging changes.

Suggested reviewers

• skoszuta
• DrEverr

Poem

I nibble imports and hop through dist,
I stitch new exports with a careful twist. 🐇
TS compiles, scripts tidy the trail,
Old builder folded, new paths set sail. ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main objective of the PR: rewriting the publishing process for @typeberry/lib to NPM, which aligns with the substantial refactoring of the build and export strategy across multiple configuration files.
Description check	✅ Passed	The description provides a clear explanation of the problem with the previous approach, outlines the new approach in detail, and mentions important caveats about external dependencies, directly relating to the changeset.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Fix all issues with AI agents

In @bin/lib/package.json:
- Around line 42-45: The dependency entry for "@noble/ed25519" pinned at "2.2.3"
should be updated to "3.0.0" in package.json; change the version string for the
"@noble/ed25519" dependency to "3.0.0", install/update the lockfile (npm/yarn)
and run the test suite, and then search code that imports/uses "@noble/ed25519"
for any breaking API changes introduced in v3 (adjust call sites accordingly)
before committing the updated package.json and lockfile.

In @bin/lib/scripts/build-lib.ts:
- Around line 299-302: The code directly accesses sourcePackageJson.dependencies
without checking if the field exists, which will cause Object.entries() to throw
an error if the dependencies property is undefined. Guard against this by
checking if sourcePackageJson.dependencies is defined before calling
Object.entries() on it, and provide a fallback such as an empty object or empty
array when the dependencies field is missing.
- Around line 240-255: Update the JSDoc examples to match the actual
implementation in buildImportsField: the wildcard mapping target uses
"./<packagePath>/*" (no ".js" suffix) as produced by
imports[`${internalName}/*`] rather than "./<packagePath>/*.js"; revise any
example lines that show "./packages/.../*.js" to "./packages/.../*" so the docs
reflect imports[internalName] = `./${packagePath}/index.js` and
imports[`${internalName}/*`] = `./${packagePath}/*`.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 31343a9 and 1534485.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (13)

• bin/lib/.npmignore
• bin/lib/index.ts
• bin/lib/package.json
• bin/lib/scripts/build-lib.ts
• bin/lib/scripts/extract-examples.ts
• package.json
• packages/README.md
• packages/misc/builder/.gitignore
• packages/misc/builder/package.json
• packages/misc/builder/rollup.config.js
• packages/misc/builder/setup.cjs
• packages/misc/builder/tsconfig.json
• tsconfig.lib.json

💤 Files with no reviewable changes (7)

• package.json
• packages/misc/builder/.gitignore
• packages/README.md
• packages/misc/builder/tsconfig.json
• packages/misc/builder/rollup.config.js
• packages/misc/builder/setup.cjs
• packages/misc/builder/package.json

🧰 Additional context used

📓 Path-based instructions (2)

**/*.ts

⚙️ CodeRabbit configuration file

**/*.ts: rules from ./CODESTYLE.md should be adhered to.

**/*.ts: Any function whose documentation mention it must not be used in production code,
can be safely used in *.test.ts files. Other usage should be carefuly reviewed
and the comment must explain why it's safe to use there.

**/*.ts: as conversions must not be used. Suggest using tryAs conversion methods.

**/*.ts: Classes with static Codec field must have private constructor and static create method.

**/*.ts: Casting a bigint (or U64) using Number(x) must have an explanation comment why
it is safe.

**/*.ts: When making changes to code with comments containing links (in classes, constants, methods, etc.)
to graypaper.fluffylabs.dev, ensure those links point to the current version for this update.

Files:

• bin/lib/scripts/extract-examples.ts
• bin/lib/scripts/build-lib.ts
• bin/lib/index.ts

bin/lib/index.ts

⚙️ CodeRabbit configuration file

bin/lib/index.ts: Every new export * as <name> statement must have a corresponding entry point file
at bin/lib/exports/<name>.ts that re-exports the package (e.g., export * from "@typeberry/<package>").
The builder will automatically detect these files and generate the appropriate exports.

Files:

• bin/lib/index.ts

🧠 Learnings (4)

📓 Common learnings

Learnt from: tomusdrw
Repo: FluffyLabs/typeberry PR: 625
File: benchmarks/package.json:8-15
Timestamp: 2025-09-15T14:37:04.214Z
Learning: In the FluffyLabs/typeberry monorepo, the workspace:* protocol does not work for internal typeberry dependencies. The working approach is to use "*" as the version specifier for internal monorepo packages instead of "workspace:*".

Learnt from: tomusdrw
Repo: FluffyLabs/typeberry PR: 442
File: packages/core/pvm-debugger-adapter/index.ts:22-40
Timestamp: 2025-06-18T20:35:13.536Z
Learning: The `typeberry/utils` package has browser compatibility issues due to Node.js-specific code like `measure` function using `process.hrtime()` and `testUtils` importing `node:assert`, causing white screens in browser environments.

📚 Learning: 2025-05-26T21:31:58.688Z

Learnt from: tomusdrw
Repo: FluffyLabs/typeberry PR: 399
File: .github/workflows/vectors-jamduna.yml:78-78
Timestamp: 2025-05-26T21:31:58.688Z
Learning: In the typeberry project, the npm start script in the test-runner workspace is designed to accept test suite names as arguments (e.g., "jamduna", "w3f"). The command `npm start -w typeberry/test-runner jamduna` is the correct way to run the jamduna test suite, not `npm run jamduna`. This is an architectural design choice where the start script acts as a unified entry point for different test suites.

Applied to files:

• bin/lib/package.json

📚 Learning: 2025-09-15T14:37:04.214Z

Learnt from: tomusdrw
Repo: FluffyLabs/typeberry PR: 625
File: benchmarks/package.json:8-15
Timestamp: 2025-09-15T14:37:04.214Z
Learning: In the FluffyLabs/typeberry monorepo, the workspace:* protocol does not work for internal typeberry dependencies. The working approach is to use "*" as the version specifier for internal monorepo packages instead of "workspace:*".

Applied to files:

• bin/lib/package.json
• bin/lib/index.ts

📚 Learning: 2025-06-18T20:35:13.536Z

Learnt from: tomusdrw
Repo: FluffyLabs/typeberry PR: 442
File: packages/core/pvm-debugger-adapter/index.ts:22-40
Timestamp: 2025-06-18T20:35:13.536Z
Learning: The `typeberry/utils` package has browser compatibility issues due to Node.js-specific code like `measure` function using `process.hrtime()` and `testUtils` importing `node:assert`, causing white screens in browser environments.

Applied to files:

• bin/lib/index.ts

🪛 ast-grep (0.40.3)

bin/lib/scripts/extract-examples.ts

[warning] 24-24: Regular expression constructed from variable input detected. This can lead to Regular Expression Denial of Service (ReDoS) attacks if the variable contains malicious patterns. Use libraries like 'recheck' to validate regex safety or use static patterns.
Context: new RegExp(dynamicImportRegex)
Note: [CWE-1333] Inefficient Regular Expression Complexity [REFERENCES]
- https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
- https://cwe.mitre.org/data/definitions/1333.html

(regexp-from-variable)

⏰ Context from checks skipped due to timeout of 120000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Setup test vectors cache
• GitHub Check: benchmarks (22.x)
• GitHub Check: test (22.x)
• GitHub Check: jam-e2e (22.x)
• GitHub Check: e2e (22.x)

🔇 Additional comments (14)

bin/lib/.npmignore (1)

1-10: LGTM!

The ignore rules correctly exclude build artifacts and development-only packages from npm publishing. The bin/lib/* paths are appropriate since this file gets copied to dist/lib/ during build, where these relative paths correctly target the compiled subdirectories.

tsconfig.lib.json (1)

1-9: LGTM!

Clean configuration extension for library builds. The settings appropriately enable declaration generation with source maps while outputting to dist/lib.

bin/lib/scripts/extract-examples.ts (4)

1-1: LGTM!

The shebang change to tsx aligns with the TSX-based tooling updates across the project.

---

16-49: Type annotations improve maintainability.

The added type annotations and nullish handling make the code more robust.

Regarding the static analysis warning about ReDoS on line 24: this is a false positive since dynamicImportRegex is a compile-time constant defined within the same function, not derived from external input.

---

79-120: LGTM!

Good type annotations on the function signature and local variables. The nullish coalescing on line 106 properly handles potential undefined values from regex matches.

---

125-148: LGTM!

Return type annotations added consistently to the remaining functions.

bin/lib/scripts/build-lib.ts (4)

96-123: LGTM!

Solid implementation of workspace package discovery with appropriate error handling for missing package.json files.

---

137-146: LGTM!

Correct handling of both scoped and non-scoped package name extraction.

---

164-197: LGTM!

Import rewriting logic is sound - correctly skips relative imports, checks package membership, and only writes when modifications occur.

---

388-428: LGTM!

Clear main execution flow with helpful logging and proper error handling for missing dist directory.

bin/lib/package.json (2)

82-83: LGTM!

Build scripts correctly chain TypeScript compilation with the post-processing script.

---

8-39: Export mappings correctly reference build output.

The exports reference .js files, which TypeScript resolves to .ts during development and exist as compiled output after build. All export entry points have corresponding source files in bin/lib/exports/.

bin/lib/index.ts (2)

1-2: Type exports are still present in the code.

The AI summary indicates these type exports were removed, but they remain in the source. Please clarify if these should be retained or removed.

---

4-34: LGTM - Namespace exports properly updated.

The reorganized namespace exports (importer, pvm_interface, workers_api) follow consistent naming conventions. Per coding guidelines, each export * as <name> requires a corresponding entry point at bin/lib/exports/<name>.ts - this was verified in the package.json review.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @bin/lib/.npmignore:
- Around line 3-10: The .npmignore in bin/lib lists paths (benchmarks, bin/jam,
bin/convert, bin/ipc2rpc, bin/pvm, bin/rpc, bin/tci, bin/test-runner) that do
not exist under the bin/lib package and therefore won’t be excluded on publish;
either update the build to emit those files into bin/lib (copy/create dist
artifacts) or remove/replace those entries in bin/lib/.npmignore so it only
references actual files/dirs in this package; search for the .npmignore file in
this package and adjust the entries accordingly to point to real build outputs
or delete the stale sibling-level paths.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1534485 and 862a34a.

📒 Files selected for processing (1)

• bin/lib/.npmignore

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: tomusdrw
Repo: FluffyLabs/typeberry PR: 625
File: benchmarks/package.json:8-15
Timestamp: 2025-09-15T14:37:04.214Z
Learning: In the FluffyLabs/typeberry monorepo, the workspace:* protocol does not work for internal typeberry dependencies. The working approach is to use "*" as the version specifier for internal monorepo packages instead of "workspace:*".

⏰ Context from checks skipped due to timeout of 120000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: benchmarks (22.x)
• GitHub Check: Setup test vectors cache

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @bin/lib/scripts/build-lib.ts:
- Around line 332-351: The loop assumes sourcePackageJson.exports exists and
will throw if it's undefined; before iterating over
Object.entries(sourcePackageJson.exports) in the function that builds
distPackageJson.exports, guard by using a fallback empty object or an early
return when sourcePackageJson.exports is falsy (e.g. const exportsSrc =
sourcePackageJson.exports || {}; then iterate Object.entries(exportsSrc)),
ensuring distPackageJson.exports is only populated when exports exist and
avoiding runtime errors referencing sourcePackageJson.exports.

🧹 Nitpick comments (1)

bin/lib/scripts/build-lib.ts (1)

295-329: Consider adding runtime validation for npm-required fields.

The function directly accesses properties from the source package.json (name, version, description, author, license, type) without validation. While bin/lib/package.json contains all required fields, adding a guard check would make the build more resilient and fail fast with a clear error message if fields are unexpectedly missing.

Example:

const requiredFields = ['name', 'version'];
for (const field of requiredFields) {
  if (!sourcePackageJson[field]) {
    throw new Error(`Missing required field in bin/lib/package.json: ${field}`);
  }
}

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 862a34a and 8b00a32.

📒 Files selected for processing (2)

• bin/lib/.npmignore
• bin/lib/scripts/build-lib.ts

🚧 Files skipped from review as they are similar to previous changes (1)

• bin/lib/.npmignore

🧰 Additional context used

📓 Path-based instructions (1)

**/*.ts

⚙️ CodeRabbit configuration file

**/*.ts: rules from ./CODESTYLE.md should be adhered to.

**/*.ts: Any function whose documentation mention it must not be used in production code,
can be safely used in *.test.ts files. Other usage should be carefuly reviewed
and the comment must explain why it's safe to use there.

**/*.ts: as conversions must not be used. Suggest using tryAs conversion methods.

**/*.ts: Classes with static Codec field must have private constructor and static create method.

**/*.ts: Casting a bigint (or U64) using Number(x) must have an explanation comment why
it is safe.

**/*.ts: When making changes to code with comments containing links (in classes, constants, methods, etc.)
to graypaper.fluffylabs.dev, ensure those links point to the current version for this update.

Files:

• bin/lib/scripts/build-lib.ts

🧠 Learnings (3)

📓 Common learnings

Learnt from: tomusdrw
Repo: FluffyLabs/typeberry PR: 625
File: benchmarks/package.json:8-15
Timestamp: 2025-09-15T14:37:04.214Z
Learning: In the FluffyLabs/typeberry monorepo, the workspace:* protocol does not work for internal typeberry dependencies. The working approach is to use "*" as the version specifier for internal monorepo packages instead of "workspace:*".

📚 Learning: 2025-09-15T14:37:04.214Z

Learnt from: tomusdrw
Repo: FluffyLabs/typeberry PR: 625
File: benchmarks/package.json:8-15
Timestamp: 2025-09-15T14:37:04.214Z
Learning: In the FluffyLabs/typeberry monorepo, the workspace:* protocol does not work for internal typeberry dependencies. The working approach is to use "*" as the version specifier for internal monorepo packages instead of "workspace:*".

Applied to files:

• bin/lib/scripts/build-lib.ts

📚 Learning: 2025-06-18T20:35:13.536Z

Learnt from: tomusdrw
Repo: FluffyLabs/typeberry PR: 442
File: packages/core/pvm-debugger-adapter/index.ts:22-40
Timestamp: 2025-06-18T20:35:13.536Z
Learning: The `measure` function in `typeberry/utils/debug.ts` attempts environment detection by checking `process === undefined` but still causes bundling issues because bundlers see the `process.hrtime` reference in the Node.js branch.

Applied to files:

• bin/lib/scripts/build-lib.ts

⏰ Context from checks skipped due to timeout of 120000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: benchmarks (22.x)
• GitHub Check: Setup test vectors cache
• GitHub Check: e2e (22.x)
• GitHub Check: jam-e2e (22.x)
• GitHub Check: test (22.x)

🔇 Additional comments (6)

bin/lib/scripts/build-lib.ts (6)

96-123: LGTM!

The package map building logic correctly handles workspace discovery, includes appropriate error handling for missing files, and validates package names before adding them to the map.

---

137-146: LGTM!

The package name extraction logic correctly handles both scoped and non-scoped packages with appropriate regex patterns and safe fallbacks.

---

164-197: LGTM!

The import rewriting logic correctly identifies workspace package imports, preserves relative imports, and safely transforms workspace references to internal # prefixed imports. The regex pattern appropriately handles both import and export statements.

---

207-219: LGTM!

The directory processing logic correctly traverses the file tree and filters for JavaScript and TypeScript declaration files.

---

368-386: LGTM!

The distribution file copying logic includes appropriate existence checks and gracefully handles missing optional files.

---

405-428: LGTM!

The main execution flow includes appropriate error handling for missing prerequisites, clear progress logging, and a logical sequence of build steps.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.coderabbit.yaml (1)

36-44: Consider consolidating duplicate path entries.

Two separate path_instructions entries target packages/**/package.json. While this is valid YAML and per the schema, consolidating them into a single entry would improve maintainability and make it clearer what rules apply to package.json files.

♻️ Proposed consolidation

-    - path: 'packages/**/package.json'
-      instructions: |
-        Dependencies coming from the workspace (typically the ones starting with `@typeberry/`)
-        must use `*` as version.
-        External dependencies must be added sparingly. If package is re-exported by `@typeberry/lib`,
-        the dependency must be browser-compatible and added directly to `./bin/lib/package.json` as well.
-    - path: 'packages/**/package.json'
-      instructions: |
-        Whenever a new package is added, the `packages/README.md` should be updated accordingly.
+    - path: 'packages/**/package.json'
+      instructions: |
+        Dependencies coming from the workspace (typically the ones starting with `@typeberry/`)
+        must use `*` as version.
+        External dependencies must be added sparingly. If package is re-exported by `@typeberry/lib`,
+        the dependency must be browser-compatible and added directly to `./bin/lib/package.json` as well.
+        
+        Whenever a new package is added, the `packages/README.md` should be updated accordingly.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8b00a32 and 039ca40.

📒 Files selected for processing (1)

• .coderabbit.yaml

🧰 Additional context used

🧠 Learnings (3)

📓 Common learnings

Learnt from: tomusdrw
Repo: FluffyLabs/typeberry PR: 625
File: benchmarks/package.json:8-15
Timestamp: 2025-09-15T14:37:04.214Z
Learning: In the FluffyLabs/typeberry monorepo, the workspace:* protocol does not work for internal typeberry dependencies. The working approach is to use "*" as the version specifier for internal monorepo packages instead of "workspace:*".

📚 Learning: 2025-09-15T14:37:04.214Z

Learnt from: tomusdrw
Repo: FluffyLabs/typeberry PR: 625
File: benchmarks/package.json:8-15
Timestamp: 2025-09-15T14:37:04.214Z
Learning: In the FluffyLabs/typeberry monorepo, the workspace:* protocol does not work for internal typeberry dependencies. The working approach is to use "*" as the version specifier for internal monorepo packages instead of "workspace:*".

Applied to files:

• .coderabbit.yaml

📚 Learning: 2025-05-26T21:31:58.688Z

Learnt from: tomusdrw
Repo: FluffyLabs/typeberry PR: 399
File: .github/workflows/vectors-jamduna.yml:78-78
Timestamp: 2025-05-26T21:31:58.688Z
Learning: In the typeberry project, the npm start script in the test-runner workspace is designed to accept test suite names as arguments (e.g., "jamduna", "w3f"). The command `npm start -w typeberry/test-runner jamduna` is the correct way to run the jamduna test suite, not `npm run jamduna`. This is an architectural design choice where the start script acts as a unified entry point for different test suites.

Applied to files:

• .coderabbit.yaml

⏰ Context from checks skipped due to timeout of 120000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: Setup test vectors cache
• GitHub Check: e2e (22.x)
• GitHub Check: test (22.x)
• GitHub Check: jam-e2e (22.x)

🔇 Additional comments (1)

.coderabbit.yaml (1)

35-35: LGTM! Clear dependency management guidance.

The added instructions appropriately document the new external dependency management approach introduced in this PR. Requiring browser-compatible external dependencies in bin/lib/package.json for re-exported packages is a good practice for library publishing.

Also applies to: 40-41

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

.coderabbit.yaml (2)

40-41: Consider minor wording clarification.

The instruction is clear and correctly emphasizes browser compatibility for re-exported packages. The phrase "as well" at the end of line 41 could be simplified to just "added directly to ./bin/lib/package.json" since it's understood the dependency will also be in the package's own package.json.

✨ Suggested wording improvement

-        the dependency must be browser-compatible and added directly to `./bin/lib/package.json` as well.
+        the dependency must be browser-compatible and added directly to `./bin/lib/package.json`.

---

36-44: Consider consolidating duplicate path entries.

Two separate path_instructions entries exist for the same path pattern packages/**/package.json (lines 36-41 and 42-44). While the schema permits this, consolidating them into a single entry improves maintainability and removes ambiguity about whether both instructions will be applied.

♻️ Consolidate into a single entry

    - path: 'packages/**/package.json'
      instructions: |
        Dependencies coming from the workspace (typically the ones starting with `@typeberry/`)
        must use `*` as version.
        External dependencies must be added sparingly. If package is re-exported by `@typeberry/lib`,
        the dependency must be browser-compatible and added directly to `./bin/lib/package.json` as well.
-    - path: 'packages/**/package.json'
-      instructions: |
+        
        Whenever a new package is added, the `packages/README.md` should be updated accordingly.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 039ca40 and 0915319.

📒 Files selected for processing (1)

• .coderabbit.yaml

🧰 Additional context used

🧠 Learnings (3)

📓 Common learnings

Learnt from: tomusdrw
Repo: FluffyLabs/typeberry PR: 625
File: benchmarks/package.json:8-15
Timestamp: 2025-09-15T14:37:04.214Z
Learning: In the FluffyLabs/typeberry monorepo, the workspace:* protocol does not work for internal typeberry dependencies. The working approach is to use "*" as the version specifier for internal monorepo packages instead of "workspace:*".

📚 Learning: 2025-09-15T14:37:04.214Z

Learnt from: tomusdrw
Repo: FluffyLabs/typeberry PR: 625
File: benchmarks/package.json:8-15
Timestamp: 2025-09-15T14:37:04.214Z
Learning: In the FluffyLabs/typeberry monorepo, the workspace:* protocol does not work for internal typeberry dependencies. The working approach is to use "*" as the version specifier for internal monorepo packages instead of "workspace:*".

Applied to files:

• .coderabbit.yaml

📚 Learning: 2025-05-26T21:31:58.688Z

Learnt from: tomusdrw
Repo: FluffyLabs/typeberry PR: 399
File: .github/workflows/vectors-jamduna.yml:78-78
Timestamp: 2025-05-26T21:31:58.688Z
Learning: In the typeberry project, the npm start script in the test-runner workspace is designed to accept test suite names as arguments (e.g., "jamduna", "w3f"). The command `npm start -w typeberry/test-runner jamduna` is the correct way to run the jamduna test suite, not `npm run jamduna`. This is an architectural design choice where the start script acts as a unified entry point for different test suites.

Applied to files:

• .coderabbit.yaml

⏰ Context from checks skipped due to timeout of 120000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: test (22.x)
• GitHub Check: Setup test vectors cache
• GitHub Check: e2e (22.x)
• GitHub Check: jam-e2e (22.x)

🔇 Additional comments (1)

.coderabbit.yaml (1)

35-35: LGTM! Dependency tracking instruction aligns with PR objectives.

The requirement to add transitive external dependencies to ./bin/lib/package.json matches the caveat mentioned in the PR description and supports the new publishing approach.

[github-actions]

View all

File	Benchmark	Ops
bytes/hex-from.ts[0]	parse hex using Number with NaN checking	48253.46 ±0.65%	89.45% slower
bytes/hex-from.ts[1]	parse hex from char codes	457229.9 ±0.36%	fastest ✅
bytes/hex-from.ts[2]	parse hex from string nibbles	241964.7 ±0.22%	47.08% slower
bytes/hex-to.ts[0]	number toString + padding	92052.41 ±0.39%	fastest ✅
bytes/hex-to.ts[1]	manual	7359.87 ±0.29%	92% slower
collections/map-set.ts[0]	2 gets + conditional set	45901.47 ±0.84%	fastest ✅
collections/map-set.ts[1]	1 get 1 set	28846.15 ±0.38%	37.16% slower
codec/bigint.compare.ts[0]	compare custom	95130332.71 ±4.58%	1.36% slower
codec/bigint.compare.ts[1]	compare bigint	96437421.23 ±4.11%	fastest ✅
codec/decoding.ts[0]	manual decode	9240904.96 ±0.64%	86.07% slower
codec/decoding.ts[1]	int32array decode	66360698.91 ±3.51%	fastest ✅
codec/decoding.ts[2]	dataview decode	65792680.4 ±3.31%	0.86% slower
codec/bigint.decode.ts[0]	decode custom	70901157.04 ±3.28%	fastest ✅
codec/bigint.decode.ts[1]	decode bigint	42770344.73 ±1.49%	39.68% slower
codec/encoding.ts[0]	manual encode	965351.99 ±0.52%	13.16% slower
codec/encoding.ts[1]	int32array encode	1111634.9 ±0.41%	fastest ✅
codec/encoding.ts[2]	dataview encode	1021239.85 ±1.38%	8.13% slower
math/count-bits-u64.ts[0]	standard method	499545.75 ±2.06%	83.25% slower
math/count-bits-u64.ts[1]	magic	2983181.8 ±0.67%	fastest ✅
hash/index.ts[0]	hash with numeric representation	70.66 ±0.15%	27.91% slower
hash/index.ts[1]	hash with string representation	40.16 ±0.3%	59.03% slower
hash/index.ts[2]	hash with symbol representation	68.35 ±0.16%	30.27% slower
hash/index.ts[3]	hash with uint8 representation	65.91 ±2.28%	32.76% slower
hash/index.ts[4]	hash with packed representation	98.02 ±2%	fastest ✅
hash/index.ts[5]	hash with bigint representation	75.14 ±0.58%	23.34% slower
hash/index.ts[6]	hash with uint32 representation	82.14 ±0.3%	16.2% slower
math/mul_overflow.ts[0]	multiply and bring back to u32	97237225.18 ±4.84%	1.9% slower
math/mul_overflow.ts[1]	multiply and take modulus	99123052.6 ±4%	fastest ✅
logger/index.ts[0]	console.log with string concat	4981302.77 ±27.09%	fastest ✅
logger/index.ts[1]	console.log with args	956187.64 ±79.74%	80.8% slower
math/add_one_overflow.ts[0]	add and take modulus	95313698.06 ±5.14%	0.11% slower
math/add_one_overflow.ts[1]	condition before calculation	95414085.9 ±4.8%	fastest ✅
math/count-bits-u32.ts[0]	standard method	46235441.75 ±2.16%	52.26% slower
math/count-bits-u32.ts[1]	magic	96852518.92 ±4.59%	fastest ✅
math/switch.ts[0]	switch	100810181.4 ±4.93%	0.81% slower
math/switch.ts[1]	if	101638116.18 ±4.06%	fastest ✅
collections/hash-dict-vs-blob-dict_delete.ts[0]	StringHashDictionary	2229.45 ±0.47%	fastest ✅
collections/hash-dict-vs-blob-dict_delete.ts[1]	BlobDictionary(1)	2208.27 ±0.5%	0.95% slower
collections/hash-dict-vs-blob-dict_delete.ts[2]	BlobDictionary(2)	2210.15 ±0.43%	0.87% slower
collections/hash-dict-vs-blob-dict_delete.ts[3]	BlobDictionary(3)	2142.67 ±0.8%	3.89% slower
collections/hash-dict-vs-blob-dict_delete.ts[4]	BlobDictionary(4)	2128.42 ±0.89%	4.53% slower
collections/hash-dict-vs-blob-dict_delete.ts[5]	BlobDictionary(5)	2202.77 ±0.46%	1.2% slower
collections/hash-dict-vs-blob-dict_get.ts[0]	StringHashDictionary	1767.41 ±0.47%	0.34% slower
collections/hash-dict-vs-blob-dict_get.ts[1]	BlobDictionary(1)	1755.42 ±0.47%	1.02% slower
collections/hash-dict-vs-blob-dict_get.ts[2]	BlobDictionary(2)	1773.47 ±0.56%	fastest ✅
collections/hash-dict-vs-blob-dict_get.ts[3]	BlobDictionary(3)	1688.85 ±0.55%	4.77% slower
collections/hash-dict-vs-blob-dict_get.ts[4]	BlobDictionary(4)	1767.63 ±0.45%	0.33% slower
collections/hash-dict-vs-blob-dict_get.ts[5]	BlobDictionary(5)	1748.66 ±0.53%	1.4% slower
collections/hash-dict-vs-blob-dict_set.ts[0]	StringHashDictionary	1620.91 ±0.46%	3.78% slower
collections/hash-dict-vs-blob-dict_set.ts[1]	BlobDictionary(1)	1626.12 ±0.79%	3.47% slower
collections/hash-dict-vs-blob-dict_set.ts[2]	BlobDictionary(2)	1669.83 ±0.61%	0.87% slower
collections/hash-dict-vs-blob-dict_set.ts[3]	BlobDictionary(3)	1681.87 ±0.46%	0.16% slower
collections/hash-dict-vs-blob-dict_set.ts[4]	BlobDictionary(4)	1678.37 ±0.45%	0.36% slower
collections/hash-dict-vs-blob-dict_set.ts[5]	BlobDictionary(5)	1684.5 ±0.47%	fastest ✅
collections/map_vs_sorted.ts[0]	Map	122394.73 ±0.27%	fastest ✅
collections/map_vs_sorted.ts[1]	Map-array	46167.09 ±0.23%	62.28% slower
collections/map_vs_sorted.ts[2]	Array	28732.61 ±3.81%	76.52% slower
collections/map_vs_sorted.ts[3]	SortedArray	82776.94 ±0.17%	32.37% slower
bytes/compare.ts[0]	Comparing Uint32 bytes	10325.56 ±0.51%	1.26% slower
bytes/compare.ts[1]	Comparing raw bytes	10456.89 ±0.14%	fastest ✅
bytes/bytes-to-number.ts[0]	Conversion with bitops	3707.96 ±5.27%	fastest ✅
bytes/bytes-to-number.ts[1]	Conversion without bitops	3646.16 ±5.19%	1.67% slower
codec/view_vs_object.ts[0]	Get the first field from Decoded	13016.1 ±62.3%	92.88% slower
codec/view_vs_object.ts[1]	Get the first field from View	38656.93 ±1.57%	78.87% slower
codec/view_vs_object.ts[2]	Get the first field as view from View	41677.14 ±0.52%	77.22% slower
codec/view_vs_object.ts[3]	Get two fields from Decoded	178860.5 ±1.04%	2.22% slower
codec/view_vs_object.ts[4]	Get two fields from View	36847 ±0.48%	79.86% slower
codec/view_vs_object.ts[5]	Get two fields from materialized from View	74952.65 ±0.47%	59.02% slower
codec/view_vs_object.ts[6]	Get two fields as views from View	36933.27 ±0.47%	79.81% slower
codec/view_vs_object.ts[7]	Get only third field from Decoded	182916.73 ±0.48%	fastest ✅
codec/view_vs_object.ts[8]	Get only third field from View	45812.27 ±0.51%	74.95% slower
codec/view_vs_object.ts[9]	Get only third field as view from View	45593.75 ±0.43%	75.07% slower
codec/view_vs_collection.ts[0]	Get first element from Decoded	12260.82 ±0.45%	55.23% slower
codec/view_vs_collection.ts[1]	Get first element from View	27387.04 ±0.64%	fastest ✅
codec/view_vs_collection.ts[2]	Get 50th element from Decoded	12196.71 ±0.36%	55.47% slower
codec/view_vs_collection.ts[3]	Get 50th element from View	14390.98 ±0.68%	47.45% slower
codec/view_vs_collection.ts[4]	Get last element from Decoded	12010.68 ±0.41%	56.14% slower
codec/view_vs_collection.ts[5]	Get last element from View	10016.82 ±0.49%	63.42% slower
hash/blake2b.ts[0]	our hasher	1.13 ±0.35%	fastest ✅
hash/blake2b.ts[1]	blake2b js	0.03 ±0.12%	97.35% slower
crypto/ed25519.ts[0]	native crypto	3.86 ±19.5%	fastest ✅
crypto/ed25519.ts[1]	wasm lib	2.02 ±3.3%	47.67% slower
crypto/ed25519.ts[2]	wasm lib batch	2.11 ±0.31%	45.34% slower

Benchmarks summary: 83/83 OK ✅