feat(ecc2): finalize rc1 release surface#1607
Conversation
|
ECC bundle files are already tracked in this repository. Skipping generation of another bundle PR. |
…-surface # Conflicts: # docs/fixes/HOOK-FIX-20260421-ADDENDUM.md
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (3)
📝 WalkthroughWalkthroughProject-wide version bump to 2.0.0-rc.1 across manifests and docs; release workflows and scripts updated to support prerelease tags and computed npm dist-tags; extensive rc.1 release documentation and cross-harness architecture added; catalog/CI tooling refactored and tests expanded to validate release and catalog surfaces. Changes
Sequence Diagram(s)sequenceDiagram
participant Dev as Developer (tag push)
participant GH as GitHub Actions
participant Repo as Repository (checkout/ref)
participant Validator as Tag Validator
participant DistTag as Dist-Tag Computer
participant Release as GitHub Release
participant Npm as npm Registry
Dev->>GH: push tag (vX.Y.Z or vX.Y.Z-prerelease)
GH->>Repo: checkout refs/tags/<tag>
GH->>Validator: validate tag (allow prerelease)
Validator-->>GH: valid
GH->>DistTag: read package.json → compute dist-tag (next|latest)
DistTag-->>GH: dist-tag
GH->>Release: create GitHub Release (prerelease if tag contains "-")
Release-->>GH: release created
GH->>Npm: npm publish --tag <computed-dist-tag>
Npm-->>GH: publish result
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Possibly related issues
Possibly related PRs
Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Review rate limit: 3/8 reviews remaining, refill in 34 minutes and 19 seconds.Comment |
|
ECC bundle files are already tracked in this repository. Skipping generation of another bundle PR. |
There was a problem hiding this comment.
2 issues found across 40 files
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="scripts/release.sh">
<violation number="1" location="scripts/release.sh:43">
P2: The semver gate accepts invalid prerelease identifiers (for example `rc..1` or numeric identifiers with leading zeroes), so malformed release versions can pass validation.</violation>
</file>
<file name=".github/workflows/release.yml">
<violation number="1" location=".github/workflows/release.yml:36">
P2: The prerelease tag regex is too permissive and accepts invalid SemVer prerelease strings.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
| if ! [[ "$VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then | ||
| echo "Error: VERSION must be in semver format (e.g., 1.5.0)" | ||
| # Validate VERSION is semver format (X.Y.Z or X.Y.Z-prerelease) | ||
| if ! [[ "$VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z.-]+)?$ ]]; then |
There was a problem hiding this comment.
P2: The semver gate accepts invalid prerelease identifiers (for example rc..1 or numeric identifiers with leading zeroes), so malformed release versions can pass validation.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At scripts/release.sh, line 43:
<comment>The semver gate accepts invalid prerelease identifiers (for example `rc..1` or numeric identifiers with leading zeroes), so malformed release versions can pass validation.</comment>
<file context>
@@ -36,9 +39,9 @@ if [[ -z "$VERSION" ]]; then
-if ! [[ "$VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
- echo "Error: VERSION must be in semver format (e.g., 1.5.0)"
+# Validate VERSION is semver format (X.Y.Z or X.Y.Z-prerelease)
+if ! [[ "$VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z.-]+)?$ ]]; then
+ echo "Error: VERSION must be in semver format (e.g., 1.5.0 or 2.0.0-rc.1)"
exit 1
</file context>
| if ! [[ "$VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z.-]+)?$ ]]; then | |
| if ! [[ "$VERSION" =~ ^(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)(-((0|[1-9][0-9]*|[0-9]*[A-Za-z-][0-9A-Za-z-]*)(\.(0|[1-9][0-9]*|[0-9]*[A-Za-z-][0-9A-Za-z-]*))*))?$ ]]; then |
| run: | | ||
| if ! [[ "${REF_NAME}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then | ||
| echo "Invalid version tag format. Expected vX.Y.Z" | ||
| if ! [[ "${REF_NAME}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z.-]+)?$ ]]; then |
There was a problem hiding this comment.
P2: The prerelease tag regex is too permissive and accepts invalid SemVer prerelease strings.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At .github/workflows/release.yml, line 36:
<comment>The prerelease tag regex is too permissive and accepts invalid SemVer prerelease strings.</comment>
<file context>
@@ -33,8 +33,8 @@ jobs:
run: |
- if ! [[ "${REF_NAME}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
- echo "Invalid version tag format. Expected vX.Y.Z"
+ if ! [[ "${REF_NAME}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z.-]+)?$ ]]; then
+ echo "Invalid version tag format. Expected vX.Y.Z or vX.Y.Z-prerelease"
exit 1
</file context>
|
ECC bundle files are already tracked in this repository. Skipping generation of another bundle PR. |
Greptile SummaryThis PR finalizes the ECC Confidence Score: 4/5Safe to merge; only P2 findings present. All findings are P2: one misleading test name and one potential heading-sync omission for docs/zh-CN/README.md. No logic errors, security issues, or breaking changes in the release automation. scripts/release.sh (update_latest_release_heading call coverage) and tests/scripts/release.test.js (test name vs. actual ordering guarantee). Important Files Changed
Sequence DiagramsequenceDiagram
participant Dev as Developer
participant CI as ci.yml
participant Rel as release.yml
participant RR as reusable-release.yml
participant GH as GitHub Releases
participant NPM as npm registry
Dev->>Dev: ./scripts/release.sh 2.0.0-rc.1
Note over Dev: validates semver (RC suffix OK)<br/>bumps manifests & headings<br/>runs test suite locally<br/>git commit + tag v2.0.0-rc.1 + push
par CI triggers on v* tag
Dev-->>CI: push tag v2.0.0-rc.1
CI->>CI: run full test suite
and Release triggers on v* tag
Dev-->>Rel: push tag v2.0.0-rc.1
Rel->>Rel: checkout HEAD (tagged commit)
Rel->>Rel: validate semver + version match
Rel->>Rel: check npm publish state, dist_tag=next
Rel->>GH: Create GitHub Release (prerelease=true, make_latest=false)
Rel->>NPM: npm publish --tag next
end
Note over Dev: Manual republish path
Dev->>RR: workflow_dispatch(tag=v2.0.0-rc.1)
RR->>RR: checkout ref=inputs.tag
RR->>RR: validate semver + version match
RR->>GH: Create GitHub Release (prerelease=true, make_latest=false)
RR->>NPM: npm publish --tag next
Reviews (1): Last reviewed commit: "Merge remote-tracking branch 'origin/mai..." | Re-trigger Greptile |
| assert.ok(refIndex >= 0, 'reusable-release.yml checkout should use inputs.tag as ref'); | ||
| assert.ok(validateIndex >= 0, 'reusable-release.yml should validate requested tag'); | ||
| assert.ok( | ||
| checkoutIndex < refIndex && refIndex < validateIndex, | ||
| 'reusable release should check out inputs.tag before tag validation and publish steps' | ||
| ); | ||
| })) passed++; else failed++; | ||
|
|
||
| if (test('CI runs for release branches and version tags before release workflows execute', () => { | ||
| const pushBlockMatch = ciWorkflowSource.match(/on:\n\s+push:\n([\s\S]*?)\n\s+pull_request:/); | ||
| const pushBlock = pushBlockMatch ? pushBlockMatch[1] : ''; | ||
|
|
||
| assert.ok(pushBlock, 'ci.yml should define a push trigger block'); | ||
| assert.match( | ||
| pushBlock, | ||
| /branches:\s*\[[^\]]*main[^\]]*['"]release\/\*\*['"][^\]]*\]/, | ||
| 'ci.yml push branches should include release/**' | ||
| ); | ||
| assert.match( | ||
| pushBlock, | ||
| /tags:\s*\[[^\]]*['"]v\*['"][^\]]*\]/, | ||
| 'ci.yml push tags should include v*' | ||
| ); | ||
| })) passed++; else failed++; | ||
|
|
||
| console.log(`\nResults: Passed: ${passed}, Failed: ${failed}`); | ||
| process.exit(failed > 0 ? 1 : 0); |
There was a problem hiding this comment.
The test is named 'CI runs for release branches and version tags before release workflows execute', but it only asserts that the trigger configuration is present — it does not (and cannot) enforce sequencing. When a v* tag is pushed, both ci.yml and release.yml are triggered in parallel. If CI catches a regression on the tagged commit, softprops/action-gh-release and npm publish may have already completed.
The test name should reflect what is actually checked (trigger presence), or the workflow should add a dependency (e.g., needs: ci) to enforce ordering.
| update_opencode_hook_banner_version | ||
| update_readme_version_row "$README_FILE" "Version" "Plugin" "Plugin" "Reference config" | ||
| update_readme_version_row "$ZH_CN_README_FILE" "版本" "插件" "插件" "参考配置" | ||
| update_latest_release_heading "$README_FILE" |
There was a problem hiding this comment.
docs/zh-CN/README.md heading not updated by update_latest_release_heading
The new update_latest_release_heading helper is called for README.md, README.zh-CN.md, docs/tr/README.md, and docs/pt-BR/README.md, but not for docs/zh-CN/README.md ($ZH_CN_README_FILE). If the zh-CN docs readme contains a ### v<version> heading in the same format (the regex /^### v[0-9]+\.[0-9]+\.[0-9]+(?:-[0-9A-Za-z.-]+)?( .*)$/m), it will be skipped silently and left at the old version after a bump.
Summary
2.0.0-rc.1across manifests, package metadata, READMEs, AGENTS docs, OpenCode metadata, and changelog.hermes-importsskill with public/private boundary rules.nextnpm dist-tag, reusable checkout atinputs.tag, and CI on release branches/tags.Validation
git diff --cached --checknode tests/scripts/release.test.jsnode tests/docs/ecc2-release-surface.test.jsnpx markdownlint CHANGELOG.md README.md README.zh-CN.md docs/HERMES-SETUP.md docs/pt-BR/README.md docs/tr/README.md docs/zh-CN/README.md docs/releases/2.0.0-rc.1/*.md docs/architecture/cross-harness.md skills/hermes-imports/SKILL.mdnode tests/plugin-manifest.test.jsnode tests/scripts/release-publish.test.jsnode tests/scripts/build-opencode.test.jsnode tests/scripts/npm-publish-surface.test.jsCoordination
Summary by cubic
Finalizes the ECC v2.0.0-rc.1 public surface, ships the Hermes operator release pack and cross-harness architecture, and hardens prerelease workflows that publish to the
nextdist‑tag and mark GitHub prereleases correctly.New Features
2.0.0-rc.1across manifests, READMEs (EN + zh‑CN + tr + pt‑BR), AGENTS docs, marketplace entries, OpenCode metadata,VERSION, andCHANGELOG.md.docs/releases/2.0.0-rc.1/and linked from README, plus a cross-harness architecture doc and theskills/hermes-importsskill with sanitization rules..opencode/.npmignoreto trim packaging.Refactors
latest/next, mark hyphenated tags as GitHub prereleases without “latest”, and publish to npm after Release creation; CI now runs onrelease/**branches andv*tags; reusable release checks outinputs.tagbefore validation.scripts/ci/catalog.js(exported helpers, root-aware scanning) and added tests: catalog write/sync, rc.1 surface boundary checks (links, no private paths/placeholders), and release workflow ordering/prerelease behavior.Written for commit c7c7d37. Summary will update on new commits. Review in cubic
Summary by CodeRabbit
New Features
Documentation
Chores