Open
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Pull request overview
This PR introduces first-pass support for distributing VIP-CLI as a standalone Node SEA executable, including runtime dependency extraction, internal command dispatch, and updates to dev-env/Lando loading to work in SEA mode.
Changes:
- Add SEA runtime preparation (embedded
node_modulesarchive extraction) and internal-bin dispatch for standalone execution. - Refactor Lando/dev-env module loading to resolve from the SEA runtime filesystem when applicable, and add readiness polling for dev-env start/exec.
- Add SEA build tooling (
helpers/build-sea.js,npm run build:sea), CI workflow for building/signing artifacts, and supporting documentation/runbooks.
Reviewed changes
Copilot reviewed 19 out of 23 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
src/lib/dev-environment/lando-loader.ts |
Adds SEA-aware require/resolve for loading Lando modules from extracted runtime deps. |
src/lib/dev-environment/dev-environment-lando.ts |
Switches direct Lando imports to SEA-aware lazy loaders; logs runtime mode in dev-env log banner. |
src/lib/dev-environment/dev-environment-core.ts |
Loads template assets from SEA when available; adds bounded readiness checks + one retry after start/rebuild. |
src/lib/dev-environment/dev-environment-cli.ts |
Loads Lando formatter module via SEA-aware loader. |
src/lib/cli/sea-runtime.js |
Extracts embedded node_modules archive and amends module resolution for SEA runtime. |
src/lib/cli/sea-dispatch.js |
Resolves internal bins from argv and rewrites argv for internal execution under SEA. |
src/lib/cli/runtime-mode.ts |
Adds runtime-mode detection and label for diagnostics/logging. |
src/lib/cli/internal-bin-loader.js |
Adds internal bin dynamic import map for SEA-mode dispatch. |
src/lib/cli/exit.ts |
Includes runtime mode label in debug output. |
src/lib/cli/config.ts |
Ensures a default publish config is always available via JSON import (SEA-friendly). |
src/lib/cli/command.js |
Commander-backed args compatibility wrapper + SEA-aware subcommand execution path; update-notifier disabled in SEA mode. |
src/commands/dev-env-sync-sql.ts |
Type-only import tweak for Lando. |
src/bin/vip.js |
Adds SEA target-bin dispatch and makes command argv handling async. |
src/bin/vip-sea.js |
New SEA entrypoint to prep runtime FS and set dispatch env vars before importing vip. |
src/bin/vip-dev-env-exec.js |
Adds bounded readiness polling before failing “env not running”. |
helpers/build-sea.js |
Adds SEA build script to bundle CLI, generate blob, inject into Node, and emit executable. |
docs/SEA-BUILD-SIGNING.md |
Adds build/signing runbook for macOS/Linux/Windows (+ WSL notes). |
docs/COMMANDER-MIGRATION.md |
Adds migration status and verification guidance. |
AGENTS.md / CLAUDE.md |
Adds contributor/agent guidance and pointers to SEA docs. |
.github/workflows/sea-build-sign.yml |
Adds workflow to build SEA artifacts across platforms and optionally sign them. |
package.json / npm-shrinkwrap.json |
Adds build:sea, introduces esbuild + postject, replaces args with commander. |
Files not reviewed (1)
- npm-shrinkwrap.json: Language not supported
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Contributor
Dependency ReviewThe following issues were found:
License Issues.github/workflows/sea-build-sign.yml
OpenSSF Scorecard
Scanned Files
|
sjinks
approved these changes
Mar 14, 2026
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This depends on #2736 to be merged first. This is the first pass on shipping a standalone executable (no need to download Node and such).
The next pass is actually code-signing the executables so that they can be ran on all supported platforms.
Pull request checklist
New release checklist
Steps to Test
Outline the steps to test and verify the PR here.
Example:
npm run build./dist/bin/vip-cookies.js nom