release: promote dev to main

[namastex888]

Summary

Promote current dev to main after RLMX pi-ai maintenance.

Included maintenance:

• fix: migrate pi-ai package scope #87 migrate pi-ai package scope from deprecated @mariozechner/pi-ai to @earendil-works/pi-ai
• docs: clean deprecated pi-ai scope references #88 clean remaining tracked deprecated pi-ai scope references and historical docs ambiguity

Verification

• fix: migrate pi-ai package scope #87 checks passed before merge to dev
• docs: clean deprecated pi-ai scope references #88 checks passed before merge to dev
• Local verification after hygiene: npm run check, npm run build, npm test -- --runInBand, npm audit --audit-level=moderate

Notes

Disposable Genie/Hermes wish-board reflection captured in docs/hermes/day-1-world/RLMX_PIAI_MAINTENANCE_REFLECTION.md (outside this repo).

Summary by CodeRabbit

• Chores

  • Bumped package version to v0.260526.2
  • Updated LLM package dependency to the maintained @earendil-works/pi-ai and raised Node.js engine requirement to ≥22.19.0

• Documentation

  • Updated release notes and guidance to reflect the package migration and verification steps

• Tests

  • Aligned test imports with the updated LLM package (no test logic changes)

[coderabbitai]

Warning

Review limit reached

@github-actions[bot], we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 49 minutes and 5 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: b9162eb3-9eec-4595-ba7c-fee4ed5db0e9

📥 Commits

Reviewing files that changed from the base of the PR and between 05ae3f6 and e2cea55.

⛔ Files ignored due to path filters (4)

• bun.lock is excluded by !**/*.lock
• dist/src/version.d.ts is excluded by !**/dist/**
• dist/src/version.js is excluded by !**/dist/**
• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (3)

• README.md
• package.json
• src/version.ts

📝 Walkthrough

Walkthrough

This PR migrates imports and docs from @mariozechner/pi-ai to @earendil-works/pi-ai, updates package.json (dependency, Node engine, version to 0.260526.2), and updates src/version.ts and related scaffolding/docs to match.

Changes

Package migration and version update

Layer / File(s)	Summary
Package manifest and version metadata update package.json, src/version.ts	Replaces @mariozechner/pi-ai with @earendil-works/pi-ai@^0.75.5, bumps package version to 0.260526.2, raises engines.node to >=22.19.0, and updates exported VERSION constant.
Code import migration across codebase src/llm.ts, src/sdk/rlm-driver.ts, tests/sdk-rlm-driver-tools.test.ts	Updates runtime imports (completeSimple, getModel) and type-only imports (e.g., AssistantMessage, Context, ToolCall) to import from @earendil-works/pi-ai instead of @mariozechner/pi-ai.
Documentation and scaffolding plan updates .genie/wishes/*, docs/spike-pi-ai.md	Updates wish files and spike documentation to reference the new package scope, adds a package rename note, and aligns scaffolding guidance and code-location/evidence references with the migration.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• automagik-dev/rlmx#55: Both PRs touch the pi-ai dependency/versioning and src/version.ts metadata.
• automagik-dev/rlmx#39: Both PRs update release metadata including package.json and src/version.ts.
• automagik-dev/rlmx#31: Both PRs modify the exported VERSION constant in src/version.ts.

Poem

🐰 I hopped through imports, pins, and prose,
From mario's scope to earendil's rose,
Bumped the version, raised the node,
Docs and tests all in one code,
The rabbit cheers — migration goes! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'release: promote dev to main' is overly broad and does not clearly convey the specific nature of the changes, which involve a pi-ai package migration and dependency updates.	Consider a more descriptive title such as 'release: promote dev to main (pi-ai migration to @earendil-works)' to better reflect the substantive changes in this release.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dev

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​earendil-works/​pi-ai@​0.75.5

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm typebox is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: ? → npm/@earendil-works/pi-ai@0.75.5 → npm/typebox@1.1.38 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/typebox@1.1.38. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[gemini-code-assist]

Code Review

This pull request migrates the project's dependency from the deprecated @mariozechner/pi-ai package to the newly maintained @earendil-works/pi-ai package, updating all source files, compiled outputs, documentation, and lockfiles accordingly. It also bumps the project version to 0.260526.1 and updates the minimum Node.js engine requirement to >=22.19.0. The review feedback correctly identifies that the compiled files in dist/ and the lockfiles (package-lock.json) are out of sync with the newly bumped version in package.json. Additionally, the reviewer recommends pinning the new @earendil-works/pi-ai dependency to an exact version across package.json, package-lock.json, and bun.lock to align with the project's documented risk mitigation strategy.

[gemini-code-assist]

The version in package-lock.json (0.260425.2) does not match the version in package.json (0.260526.1). Please update the lockfile to ensure the versions are synchronized.

Suggested change

	"version": "0.260425.2",
	"version": "0.260526.1",

[gemini-code-assist]

The package version under packages[""] in package-lock.json (0.260425.2) is out of sync with package.json (0.260526.1). Please update it to match.

Suggested change

	"version": "0.260425.2",
	"version": "0.260526.1",

[gemini-code-assist]

The compiled version in dist/src/version.js (0.260425.2) is out of sync with the source version in src/version.ts (0.260526.1). Please rebuild the project using npm run build to ensure the built artifacts are up to date.

Suggested change

	export const VERSION = '0.260425.2';
	export const VERSION = '0.260526.1';

[gemini-code-assist]

The compiled declaration version in dist/src/version.d.ts (0.260425.2) is out of sync with the source version in src/version.ts (0.260526.1). Please rebuild the project to update the built declarations.

Suggested change

	export declare const VERSION = "0.260425.2";
	export declare const VERSION = "0.260526.1";

[gemini-code-assist]

To align with the project's documented risk mitigation strategy of pinning the pi-ai dependency to an exact version (to prevent unexpected breaking changes from upstream updates), consider pinning @earendil-works/pi-ai to an exact version instead of using a caret range (^).

Suggested change

	"@earendil-works/pi-ai": "^0.75.5",
	"@earendil-works/pi-ai": "0.75.5",

[gemini-code-assist]

To align with the project's risk mitigation strategy of pinning the pi-ai dependency to an exact version, consider pinning @earendil-works/pi-ai to "0.75.5" in package-lock.json as well.

Suggested change

	"@earendil-works/pi-ai": "^0.75.5",
	"@earendil-works/pi-ai": "0.75.5",

[gemini-code-assist]

To align with the project's risk mitigation strategy of pinning the pi-ai dependency to an exact version, consider pinning @earendil-works/pi-ai to "0.75.5" in bun.lock as well.

        "@earendil-works/pi-ai": "0.75.5",

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: b3ffef0954

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Sync documented Node requirement with new engine floor

Raising engines.node to >=22.19.0 here introduces a user-facing compatibility change, but the repository still documents Node.js >= 18 in README.md requirements; users following current docs can hit EBADENGINE during install (especially with engine-strict) or run unsupported runtimes. Please update the documented/runtime prerequisites in the same release so installation guidance matches this new constraint.

Useful? React with 👍 / 👎.