omnipkg v1.6.0 - The Quantum Lock & Concurrency Release

omnipkg v1.6.0: The Quantum Lock & Concurrency Release

After a monumentally productive weekend and over 70 developer commits, this release transforms omnipkg from a powerful tool into a battle-hardened, production-grade orchestrator. This isn't just an update; it's a foundational rewrite of the core engine, focused on eliminating race conditions, conquering state corruption, and achieving true, safe concurrency on all platforms, including Windows.

With over 6,000 lines of code changed, this release introduces an entirely new level of intelligence, compatibility, and resilience to the system.

🚀 New Features & Major Architectural Victories

True, Multi-Platform Concurrency: The "Impossible" Achieved

Omnipkg now fully supports simultaneous, parallel operations without corrupting its own state. The "Quantum Multiverse" is no longer just a concept—it's a reality. Our Windows CI now proves that three concurrent threads can simultaneously swap to different Python versions, install different package versions, and operate in the same environment without a single failure.

This was made possible by a ground-up re-architecture of state management:

• Atomic Registry Operations: All writes to the interpreter registry.json are now protected by file locks and atomic move operations.
• The "Admin vs. Worker" Firewall: A critical safety rule has been implemented. The "native" interpreter is a protected "admin" context, and "worker" contexts (e.g., a thread on Python 3.9) are forbidden from modifying the native environment, solving the primary source of self-syncing bugs and race conditions.

Intelligent, Trustworthy Self-Healing

The "zombie state"—where an interpreter exists on disk but is unknown to the registry—has been eradicated. The core commands are now self-aware and capable of healing the system.

• Smart swap Command: Now features a multi-tiered fallback that will automatically trigger a full filesystem rescan to find and register "zombie" interpreters before proceeding.
• Hardened adopt & remove: These commands are now fully transactional, performing a final rescan to verify the ground truth before reporting success. The system will never lie to you again.

Full Python 3.7+ Compatibility & Next-Gen Resolution

• Legacy Project Support: Omnipkg now fully supports managing projects running on Python 3.7. The entire dependency chain has been updated, and omnipkg can now download and manage standalone Python 3.7 interpreters.
• Smarter Dependency Resolution: Omnipkg now intelligently calculates the correct intersection of version requirements (e.g., numpy<2.0 vs. numpy>=1.26).

Platform-Aware Intelligence & User Experience

• Platform-Aware Wheel Selection: Omnipkg now inspects all available package files, parsing wheel tags to select the best binary wheel for your specific OS, CPU architecture, and Python version.

  Pip may still be a reckless time traveler, but with omnipkg, it's now carrying the right passport.

• "Return to Origin" Install Guarantee: The install command now automatically returns you to your original Python context after a "Quantum Healing" event.
• Blazing Fast Startup (204x Faster Self-Heal): The startup self-heal check has been optimized with a multi-tiered caching strategy, reducing its execution time from 138ms down to a mere 0.677ms on a cache hit.

📝 Important Notes & Known Issues

• Native Interpreter Sync: To ensure maximum safety and respect for the user's environment, the self-healing mechanism will sync all managed interpreters automatically, but it will not automatically upgrade the native omipkg installation. This is intentional. To upgrade the native installation, please use the explicit omnipkg upgrade omnipkg command, or pip install -e . for developers.
• Python 3.7 Self-Heal: While Python 3.7 is now fully supported for adoption, installation, and swapping, the self-healing logic for identifying it as a "native" interpreter is still under development. This is a known issue that will be resolved in an upcoming patch release.

🔮 What's Next: Activating "Quantum Installation"

The individual pieces of our next great leap are already here. This release doesn't just promise future features; it ships the proven, foundational technology for them.

The install command's "Quantum Healing" engine can already perform fully autonomous, cross-interpreter installations—detecting Python version incompatibilities, adopting the correct Python version, installing the package, and seamlessly returning to the original context. The run command's auto-healing loader can already activate version "bubbles" at runtime.

The next major step is to integrate these two proven technologies.

In a near-future release, the omnipkg run loader will be wired directly into the Quantum Healing engine. When a script imports a package that requires a completely different version of Python, the loader won't just fail—it will trigger the full, cross-dimensional installation workflow that omnipkg install uses today.

The architecture is built. The engine is battle-tested. The final integration is the next logical step. The multiverse is not just expanding; it's becoming fully interactive.

omnipkg v1.5.14 - The Time Traveler's Update

omnipkg v1.5.14 - The Time Traveler's Update

This is a landmark release. omnipkg now travels through time.

The Dependency Time Machine is now fully operational, solving one of the most painful problems in package management: installing legacy software that fails to build with modern toolchains. With this update, omnipkg can resurrect packages from the past, making "impossible" installations not just possible, but trivial.

The successful test_old_flask.py demo is a testament to this power, flawlessly installing flask-login==0.4.1 (from 2017!) alongside a modern version in the same environment—a task that would utterly destroy a standard pip installation.

✨ Key Features & Major Enhancements

• Time Machine is Now Fully Operational: The smart_install command now seamlessly integrates the Time Machine. When a modern pip install fails due to legacy build errors (e.g., metadata-generation-failed), omnipkg automatically:

  1. Travels back to the package's original release date.
  2. Finds the contemporary versions of all its dependencies.
  3. Installs an ancient version of setuptools (40.x) to handle the old build system.
  4. Builds the complete, historical dependency tree in a fully isolated sandbox.
  5. Bubbles the resulting installation, preserving the main environment perfectly.

• The Repair Bot v7: A Hyper-Aware Knowledge Base: This release introduces a completely redesigned discovery engine that finally solves the challenge of tracking identical package versions across multiple locations.

  • The Problem: Previously, the discovery logic would find the first instance of a package (e.g., requests in the main environment) and stop. It would fail to process other instances of the same version located in bubbles or nested inside other packages (like pygments inside rich). This led to "blank" or incomplete Knowledge Base entries.
  • The Solution: The new Repair Bot is "hyper-aware." It performs a comprehensive, concurrent scan of the entire environment to find all physical instances of every package. It then uses the unique, resolved file path of each instance to generate a stable installation_hash.
  • The Result: This hash allows for surgical, high-performance KB updates. The system now intelligently skips already-synced instances, finds and registers new ones, and instantly exorcises ghosts. This guarantees the KB is always a perfect reflection of reality and makes synchronization dramatically faster.

• ⚡ Ultra-Fast Pre-Flight Checks: omnipkg install is now faster than ever. It performs a new, ultra-fast check that determines if your requested packages are already satisfied (in the main environment or a bubble). If they are, the command exits immediately with success in milliseconds, avoiding all unnecessary processing.

🐛 Bug Fixes & Refinements

• Guaranteed Bubble Isolation: The bubble creation process (create_isolated_bubble) has been hardened to ensure all installations, including Time Machine operations, occur within a temporary sandbox. This completely prevents the main site-packages from being polluted during a build.
• Demo Overhaul: The test_old_flask.py script has been transformed into a powerful, interactive demo that first shows how pip violently destroys an environment when trying to install a legacy package, and then demonstrates how omnipkg handles the same task with intelligence and grace.
• Quantum Healing™ Pre-Flight: omnipkg now detects Python version incompatibility before an install even starts, triggering Quantum Healing immediately to download the correct Python interpreter and seamlessly retry the command.
• Hyper-Aggressive Module Cleanup: The omnipkgLoader now performs an "exorcism" on exit, purging every single module loaded from a bubble out of memory to guarantee zero state leakage between version swaps.

This release marks a significant step forward in solving dependency hell. Welcome to the era of time travel for your Python packages.

omnipkg v1.5.13 - uv security patch

omnipkg v1.5.13 Release Notes

Release Date: 2025-11-02

This release brings a crucial security patch, several bug fixes, and significant improvements to our continuous integration (CI) and testing infrastructure.

✨ Highlights

• New "Quantum Chaos" Test: A new stress test (tests/quantum_chaos.py) has been added to the suite. This test is designed to be impossible for traditional package managers, simultaneously using multiple conflicting versions of TensorFlow, SciPy, NumPy, and Rich in the same execution to showcase Omnipkg's advanced context-switching capabilities.
• CI Stability Improvements: Workflows for testing and dependency management have been made more robust and efficient.

🛡️ Security Fixes

• Dependency Vulnerability: Upgraded the uv dependency from 0.9.5 to 0.9.6 in both pyproject.toml and requirements.txt to resolve a known security vulnerability.

🐛 Bug Fixes & Stability

• Core: Fixed a syntax error involving a missing parenthesis in the libresolver module.
• CLI: Stabilized the "Quantum Multiverse Warp" concurrent installation test by pinning its execution to Python 3.11, ensuring more consistent test results.

⚙️ CI/CD Improvements

• Dependency Management: The update-requirements.yml workflow has been improved to use a more recent version of pip-tools and streamline the process.
• Windows Testing: The Windows concurrency test has been optimized to use a faster status command for priming, reducing runtime and improving efficiency.

📖 Documentation

• Updated the performance and comparison statistics badges in the README.md.

---

This version is a recommended update for all users, as it includes an important security fix and enhances the overall stability of the package.

omnipkg v1.5.12 - Overhauled Windows First-Time Setup

This is a critical stability and hotfix release, primarily focused on resolving major installation and usability issues for Windows users. It also includes significant code cleanup, new tests, and documentation after a major restoration effort.

🚀 Features & Fixes

• HOTFIX: Overhauled Windows First-Time Setup: The initial setup process on Windows has been completely redesigned for robustness.

  • No More Admin Rights: omnipkg now creates a self-contained, managed copy of the Python interpreter using venv, completely avoiding the need for administrator privileges to create symlinks.
  • Long Path (MAX_PATH) Errors Resolved: The managed interpreter is created in a short, predictable path (%LOCALAPPDATA%\omnipkg), preventing all downstream errors related to Windows' 260-character path limit.

• Refactor: Professional Command-Line Experience: The CLI has been significantly cleaned up.

  • Removed all verbose, internal debugging output from commands for a clean, professional user experience.
  • The demo command logic has been overhauled for better stability and clarity, and now guarantees restoration of the user's original Python context after a demo runs.
  • The legacy Flask demo (Option 6) is now marked as "Under Construction" and gracefully redirects to a stable demo to ensure a polished user experience.

• Refactor: Production-Ready Utilities: The common_utils.py module has been cleaned up, removing extensive debug prints from the critical sync_context_to_runtime function to make it silent and reliable for production use.

• Feat: New libresolver Module & Documentation:

  • Added the powerful libresolver.py module, a dormant but production-ready system for managing and swapping low-level system libraries (like glibc, OpenSSL) for advanced compatibility testing.
  • Added new documentation (docs/LIBRESOLVER.md) explaining its features and future integration plans.

• Feat: New Legacy Flask Test: Added test_old_flask_dev.py, a comprehensive new test that demonstrates omnipkg's ability to create isolated "bubbles" for legacy packages using the Time Machine fallback, all without polluting the main environment.

• Fix: Test Suite Reliability: Removed brittle, anti-pattern logic from several key test files to improve test suite reliability and prevent CI flakiness:

  • Removed the problematic ensure_python_or_relaunch logic from test_tensorflow_switching.py.
  • Removed the force_omnipkg_context_to_current_python hack from test_version_combos.py.

housekeeping

• Chore: Updated .gitignore to exclude local feature testing directories.
• Docs: Updated the README with the latest package manager comparison stats.

omnipkg v1.5.11 - Hotfix tor specific install resolution failures

Hotfix Release v1.5.11

Critical Bug Fix

Fixed: Installation Failure When Package Exists in Bubble

Severity: High - Blocks installations in common scenarios

Symptoms:

• 8pkg install <package> fails with "❌ Could not resolve all packages. Aborting installation."
• Occurs when using latest-active strategy (default)
• Package resolves successfully but exists only as a bubble (not in main env)
• Example: uv resolved to v0.9.5 (exists as bubble), v0.9.4 active → install fails

Root Cause:
Preflight check incorrectly treated "package needs installation" as "resolution failed" when:

1. Package resolves successfully (e.g., uv==0.9.5)
2. Found as bubble but not active in main environment
3. Strategy is latest-active (requires packages in main env, not bubbles)
4. Code aborted installation instead of proceeding

Fix:

• Removed incorrect abort logic after resolution phase
• Preflight now correctly distinguishes between:
  • ✅ Resolution success → package needs installation → continue
  • ❌ Resolution failure → abort
• Removed duplicate "packages need installation" log message

Impact:

• Installations now work correctly when upgrading from bubbled versions
• latest-active strategy functions as designed
• No behavior change for already-working scenarios

---

Changes

• Fixed preflight satisfaction check abort condition
• Cleaned up duplicate logging during preflight phase

Testing

Verified fix with:

• 8pkg install uv (when v0.9.5 bubbled, v0.9.4 active) ✅
• Cross-Python version swaps with bubbled packages ✅
• Fresh installs (no existing versions) ✅

---

Upgrade immediately if experiencing installation failures.

omnipkg v1.5.10 - Critical Hotfix For Non-Redis Users

This is an emergency hotfix release that addresses a critical P0 bug introduced in v1.5.9.

🚨 CRITICAL FIX

• Fixed: A fatal AttributeError crash on startup if the redis Python library was not installed. The application would fail for any user who did not have Redis available in their environment. The caching logic is now fully resilient and correctly falls back to SQLite without crashing.

All users on v1.5.9 are strongly urged to upgrade to v1.5.10 immediately.

omnipkg v1.5.9 - Improved Preflight Install Checks & Cross-Platform Redis Logic

This is a critical update that significantly improves the intelligence, speed, and stability of the core installer. It addresses key logic bugs in the preflight satisfaction check and makes the caching mechanism far more robust, especially for cross-platform users.

✨ Key Features & Fixes

🧠 Smarter, Strategy-Aware Preflight Checks

The preflight satisfaction check is now significantly more intelligent, eliminating unnecessary installations and providing a faster, more accurate user experience.

• Fixed: The installer now correctly re-checks package satisfaction after resolving a version (e.g., when running 8pkg install pydantic). This prevents the tool from incorrectly proceeding to a full install when the resolved package is already active.
• Fixed: The preflight check is now fully "strategy-aware." It correctly understands that a bubbled package is not satisfied when using the latest-active strategy, ensuring the main installer runs to promote the package to the active environment.
• Result: A faster, more reliable, and less confusing installation process that does the right thing in all scenarios.

⚡️ Robust Caching with Redis Circuit Breaker

The connection logic for the caching backend has been completely overhauled to be faster and more resilient, eliminating frustrating delays.

• New: A "circuit breaker" pattern has been implemented for Redis connections. The tool tries to connect only once with an aggressive 0.2-second timeout. If it fails, it instantly and permanently falls back to the local SQLite cache for the remainder of the command's execution.
• Fixed: This completely solves the long (5+ second) startup delays experienced by users on Windows when a Redis server was running in WSL, as the tool no longer repeatedly tries to connect to an unreachable host.
• New: Added a redis_enabled: false option to the configuration file, allowing users to explicitly disable Redis and force the use of the SQLite cache.

⚛️ Atomic Knowledge Base Updates

The end-of-install process has been reordered to be more efficient and eliminate potential race conditions, paving the way for future high-concurrency features.

• Fixed: The "redundant bubble" cleanup now runs before the consolidated Knowledge Base (KB) update.
• Result: The KB is now updated once with the final, correct state of the filesystem. This eliminates temporary inconsistencies, reduces I/O operations, and ensures atomic updates.

foundational Work

• New: Added the deptimemachine.py module, laying the groundwork for a future feature to install packages with their historical dependencies.
• General code cleanup and improvements to the testing suite.

omnipkg v1.5.8: Quantum Healing Introduced

Release v1.5.8

This is a massive feature and stability release, incorporating over 100 commits. It introduces major new capabilities like Quantum Healing for Python version conflicts, an AI Import Healer, and significant improvements to the CI/CD pipeline, performance, and reliability of the core engine.

🚀 Major New Features & Enhancements

• 🌌 Quantum Healing for Python Versions: A groundbreaking feature that automatically detects when a package is incompatible with the current Python version. omnipkg will now find a compatible Python version, adopt or download it, switch the environment context, and seamlessly retry the installation—all in a single command with zero user intervention.
• 🤖 AI Import Healer: A new utility that runs before your script and automatically detects and removes "hallucinated" placeholder imports (e.g., from your_file import ...) commonly generated by AI code assistants. This prevents an entire class of frustrating runtime errors.
• ⚡️ Ultra-Fast Preflight Checks: The install command is now significantly faster. It performs sub-millisecond checks to see if packages are already satisfied before initializing the full dependency resolver, making runs for already-installed packages nearly instantaneous.
• Flask Port Finder & Auto-Healing: A new advanced demo and utility that can find open ports for Flask applications and automatically heal missing dependencies when running tests.
• Comprehensive upgrade Command: The omnipkg upgrade command is now fully implemented for upgrading both omnipkg itself and any other managed package.
• Enhanced run Command: The omnipkg run command now has a --verbose flag and provides clearer AI-facing status messages to indicate success, test failures, or healing attempts.
• Concurrency Optimization: The test suite has been optimized to run concurrent tests in under 500ms by eliminating unnecessary subprocess calls.

🐛 Bug Fixes & Reliability Improvements

• Fixed a critical bug with Windows socket handling in the run command.
• Resolved an AttributeError during the first-time setup for new environments.
• Fixed a bug where the uninstall command could fail in certain edge cases.
• Improved the self-upgrade logic to work correctly for both standard and editable developer installs.
• Made the dependency resolver more robust by adding fallbacks and better error handling for PyPI queries.
• Corrected path handling logic to preserve the integrity of the native Python environment during context swaps.
• Fixed a TypeError in the loader and prevented recursive omnipkg calls within bubbles.

🔧 CI/CD & Development Experience

• Massive CI Expansion: Added 10+ new GitHub Actions workflows to automate:
  • Package upgrade testing.
  • Cross-interpreter installation tests ("Quantum Healing").
  • omnipkg self-upgrade validation.
  • Flask port finder and auto-healing demos.
  • Windows concurrency tests.
  • Automatic Docker image builds and pushes to Docker Hub and GHCR on release.
• Parallel Priming on Windows: The Windows CI workflow now primes Python environments in parallel, significantly speeding up test runs.
• Automated requirements.txt Updates: The CI will now automatically update requirements.txt via pip-compile when pyproject.toml changes.
• Improved Test Suite: The entire test suite has been refactored for better robustness, debugging, and performance.

🧹 Housekeeping & Refactoring

• Overhauled the core installation logic for better performance and reliability.
• Synced and refactored the run and loader logic from the developer-port branch.
• Improved security scanning with a pip-audit fallback.
• Cleaned up and improved project documentation, repo maintenance scripts, and file organization.
• Consolidated commit identities by removing the .mailmap file.

omnipkg v1.5.7 - Security Update

🔒 Security Update

Fixed

• Security vulnerability in uv dependency - Updated uv from 0.8.20 to 0.9.5 to address CVE related to CWE-843
  • Impact: Type confusion vulnerability in tar extraction with PAX headers
  • Severity: Low
  • Affected versions: uv <= 0.9.4
  • Resolution: Upgraded to uv >= 0.9.5

Changed

• Updated pyproject.toml to enforce minimum uv version (>= 0.9.5)
• Regenerated requirements.txt with updated dependencies

Full Changelog: v1.5.6...v1.5.7

omnipkg v1.5.6 - Adding Python 3.13, 3.14, and 3.8 Support

This release introduces major enhancements to security scanning, Python version compatibility, and internal automation. It resolves critical bugs related to multi-Python environment management and significantly improves the robustness of the test suite.
✨ Key Features & Enhancements
Intelligent Security Scanner Fallback:
pip-audit Integration: The security scanner now automatically falls back to using pip audit on modern Python versions (3.14+) where safety's dependencies may not be available. This ensures that security scanning functionality is always present, even on bleeding-edge Python releases.
Conditional Dependencies: The project's dependencies have been updated to conditionally install safety only on compatible Python versions, preventing installation failures in newer environments.
New Flask Port Finder Utility & Demo:
A new utility, flask_port_finder.py, has been added. It automatically finds available network ports and can patch Flask application code on the fly to prevent port conflicts, which is especially useful in testing and CI environments.
A new interactive demo (8pkg demo, option 9) has been added to showcase this new auto-healing capability.
Robust Bootstrap Process:
The bootstrapping process for newly adopted Python interpreters has been improved. It now prioritizes using the built-in ensurepip module for maximum reliability before falling back to other methods.
CI Automation for Dependencies:
A new GitHub Actions workflow (update-requirements.yml) has been implemented to automatically compile and commit an updated requirements.txt whenever pyproject.toml is changed, ensuring dependency lists are always in sync.
Enhanced Test Suite:
The concurrent installation test (test_concurrent_install.py) has been significantly improved. It now automatically checks for and adopts required Python versions before running and uses isolated subprocess calls to more accurately simulate real-world CLI usage.
🐛 Critical Bug Fixes
Context-Aware Redis Key Generation Fixed: Corrected a bug where the Redis key generation would fail to use the correct Python context after a swap command. The tool now reliably generates keys based on the target environment, eliminating false "ghost" package reports when switching between different Python versions.
🧹 Housekeeping & Refactoring
Project Structure Cleanup: Test scripts and utility files (like stress_test.py) have been moved from the main omnipkg/ source directory into the appropriate tests/ and omnipkg/utils/ folders, improving code organization.
Dependency Simplification: The pyproject.toml file has been cleaned up to use clearer and more precise environment markers for dependencies.
Code Cleanup: Removed obsolete files related to previous experiments (OMNIPKG_CODE_COMPARISON.txt, Ruby gem files).