Skip to content

ci: add automated semantic-release publishing#3

Merged
sharpTrick merged 1 commit into
mainfrom
ci/automated-releases
Jul 3, 2026
Merged

ci: add automated semantic-release publishing#3
sharpTrick merged 1 commit into
mainfrom
ci/automated-releases

Conversation

@sharpTrick

Copy link
Copy Markdown
Owner

Automates npm publishing so a merge to main is a release.

What this does

On every push to main: run the full test gate → semantic-release reads the conventional-commit PR title since the last vX.Y.Z tag, decides the lockstep bump, tags + creates a GitHub Release, stamps that version across all workspaces (rewriting internal @sharptrick/parley-* ranges), and publishes every public package to npm with provenance via trusted publishing (OIDC — no NPM_TOKEN).

No version is committed back; the git tag + npm are the source of truth.

Files

File Role
.github/workflows/release.yml Test gate → semantic-release on push to main
.releaserc.json semantic-release config (no @semantic-release/npm/git → no commit-back)
scripts/stamp-version.mjs Lockstep-stamp version + rewrite internal dep ranges
scripts/publish-workspaces.mjs Idempotent publish (skips versions already on the registry)
.github/workflows/publish-manual.yml workflow_dispatch for new-package first-publish + partial-release recovery
.github/workflows/pr-title.yml Enforce conventional PR titles (the squash subject that drives the bump)
CONTRIBUTING.md / CLAUDE.md "Releases & versioning" docs

Bump rules (PR title)

feat:→minor · fix:/perf:/revert:→patch · feat!:/BREAKING CHANGE:→major · docs:/chore:/ci:/…→no release. Pre-1.0: avoid ! (jumps to 1.0.0).

Merging this PR

Titled ci: on purpose, so merging it will not cut a release. After merge:

  • Add lint-title as a required status check:
    gh api --method POST repos/sharpTrick/parley/branches/main/protection/required_status_checks/contexts -f 'contexts[]=lint-title'
  • Prereqs already done: v0.1.0 baseline tag pushed, all 12 packages on npm, branch protection + squash-only enforced. Remaining: configure the trusted publisher for each of the 12 packages on npmjs.com (repo sharpTrick/parley, workflow release.yml) before the first real release.

🤖 Generated with Claude Code

On every push to main, gate on the full test suite, then run
semantic-release: it reads the conventional-commit PR title since the
last vX.Y.Z tag, decides the lockstep version bump, tags + creates a
GitHub Release, stamps that version across all workspaces (rewriting
internal @sharptrick/parley-* ranges), and publishes every public
package to npm with provenance via trusted publishing (OIDC, no token).

- .releaserc.json + scripts/stamp-version.mjs + scripts/publish-workspaces.mjs
  (idempotent: skips versions already on the registry)
- publish-manual.yml: workflow_dispatch escape hatch for new-package
  first-publish and partial-release recovery
- pr-title.yml: enforce conventional PR titles (the squash subject that
  drives the bump)
- docs: "Releases & versioning" in CONTRIBUTING.md, "Releases" note in CLAUDE.md

No version is committed back; the git tag + npm are the source of truth.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@sharpTrick sharpTrick merged commit 9764e6a into main Jul 3, 2026
3 checks passed
@sharpTrick sharpTrick deleted the ci/automated-releases branch July 3, 2026 11:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant