Skip to content

Comments

fix: move native deps to optionalDependencies#1

Merged
rx294 merged 1 commit intomainfrom
fix/optional-native-deps
Feb 13, 2026
Merged

fix: move native deps to optionalDependencies#1
rx294 merged 1 commit intomainfrom
fix/optional-native-deps

Conversation

@0xsergen
Copy link
Collaborator

@0xsergen 0xsergen commented Feb 13, 2026

Summary

  • Move better-sqlite3 and keytar from dependencies to optionalDependencies so npm install succeeds even when native compilation fails (e.g., missing build tools, unsupported Node versions)
  • The CLI already handles missing native modules gracefully (SQLite output and OS keychain degrade to file-based alternatives)
  • Bump version to 0.1.1 — already published to npm
  • Update CHANGELOG.md

Context

After publishing 0.1.0, we discovered that npm install @quicknode/hypercore-cli fails on environments where better-sqlite3 can't compile (Node 25, missing Xcode CLI tools, etc.). This patch fixes that.

Test plan

  • pnpm typecheck passes
  • pnpm test — 83/83 pass
  • Clean install tested: npm install @quicknode/hypercore-cli + npx hypercore-cli --version works
  • Published as 0.1.1 to npm and verified

🤖 Generated with Claude Code


Note

Low Risk
Packaging-only change (dependency classification + version bump) with no runtime logic modifications; primary risk is missing optional native features at install time.

Overview
Bumps the CLI version to 0.1.1 and documents the patch in CHANGELOG.md.

Moves the native modules better-sqlite3 and keytar from dependencies to optionalDependencies, and updates lockfiles accordingly so npm install can succeed even when native builds/bindings are unavailable.

Written by Cursor Bugbot for commit 913a6b1. This will update automatically on new commits. Configure here.

Move `better-sqlite3` and `keytar` to `optionalDependencies` so
`npm install` succeeds even when native compilation fails (e.g.,
missing build tools or unsupported Node versions). The CLI already
handles missing modules gracefully. Bump to 0.1.1.
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.

"": {
"name": "@quicknode/hypercore-cli",
"version": "0.1.0",
"version": "0.1.1",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lockfile keeps native modules mandatory

Medium Severity

package-lock.json still records better-sqlite3 and keytar under root dependencies instead of optionalDependencies. This leaves the lockfile out of sync with package.json and keeps native addons effectively required for lockfile-driven installs, so environments without native build support can still fail installation.

Fix in Cursor Fix in Web

@rx294 rx294 merged commit 4d6bb51 into main Feb 13, 2026
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants