fix: nightly resolution to select newest published release by Copilot · Pull Request #562 · goreleaser/goreleaser-action

Copilot · 2026-05-18T01:57:54Z

Nightly resolution could pick a stale release because it assumed GitHub’s /releases response order matched recency. In practice, nightly entries can be out of published_at order, so the first regex match is not always the latest nightly.

Nightly selection logic
- Replaced “first matching nightly in API order” with explicit recency selection by published_at.
- Kept matching constrained to immutable nightly tags (vX.Y.Z-<sha>-nightly).
Refactor for deterministic coverage
- Extracted nightly picking into latestNightlyRelease(releases) to make ordering behavior directly testable.
- resolveNightly now delegates to this helper.
Regression test
- Added a unit test with intentionally misordered nightly releases to verify we always pick the newest published_at nightly.

export const latestNightlyRelease = (releases: Array<GitHubRelease>): GitHubRelease | undefined => {
  return releases
    .filter(r => nightlyTagRegex.test(r.tag_name))
    .sort((a, b) => (b.published_at || '').localeCompare(a.published_at || ''))
    .shift();
};

GitHub's /releases endpoint is not reliably ordered by published_at, so resolveNightly could pick an older nightly than the most recent one. Filter, sort by published_at desc, and take the first.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | action | major | `v6` → `v7` | --- ### Release Notes <details> <summary>goreleaser/goreleaser-action (goreleaser/goreleaser-action)</summary> ### [`v7.2.2`](https://github.com/goreleaser/goreleaser-action/releases/tag/v7.2.2) [Compare Source](goreleaser/goreleaser-action@v7.2.1...v7.2.2) #### What's Changed - ci(deps): bump the actions group with 3 updates by [@dependabot](https://github.com/dependabot)\[bot] in [#560](goreleaser/goreleaser-action#560) - fix: nightly resolution to select newest published release by [@Copilot](https://github.com/Copilot) in [#562](goreleaser/goreleaser-action#562) #### New Contributors - [@Copilot](https://github.com/Copilot) made their first contribution in [#562](goreleaser/goreleaser-action#562) **Full Changelog**: <goreleaser/goreleaser-action@v7...v7.2.2> ### [`v7.2.1`](https://github.com/goreleaser/goreleaser-action/releases/tag/v7.2.1) [Compare Source](goreleaser/goreleaser-action@v7.2.0...v7.2.1) This fully removes the usage of the old `nightly` moving tag. **Full Changelog**: <goreleaser/goreleaser-action@v7.2.0...v7.2.1> ### [`v7.2.0`](https://github.com/goreleaser/goreleaser-action/releases/tag/v7.2.0) [Compare Source](goreleaser/goreleaser-action@v7.1.0...v7.2.0) #### What's Changed - test: cover install across release eras by [@caarlos0](https://github.com/caarlos0) in [#555](goreleaser/goreleaser-action#555) - feat: add `version-file` input by [@caarlos0](https://github.com/caarlos0) in [#556](goreleaser/goreleaser-action#556) - feat: resolve nightly to latest vX.Y.Z-<sha>-nightly release by [@caarlos0](https://github.com/caarlos0) in [#558](goreleaser/goreleaser-action#558) **Full Changelog**: <goreleaser/goreleaser-action@v7...v7.2.0> ### [`v7.1.0`](https://github.com/goreleaser/goreleaser-action/releases/tag/v7.1.0) [Compare Source](goreleaser/goreleaser-action@v7...v7.1.0) #### What's Changed - feat: verify release checksum and cosign signature by [@caarlos0](https://github.com/caarlos0) in [#550](goreleaser/goreleaser-action#550) - docs: document cosign verification in README by [@caarlos0](https://github.com/caarlos0) in [#553](goreleaser/goreleaser-action#553) - docs: Upgrade import GPG action version by [@flecno](https://github.com/flecno) in [#547](goreleaser/goreleaser-action#547) - ci: drop docker-bake in favor of plain npm by [@caarlos0](https://github.com/caarlos0) in [#551](goreleaser/goreleaser-action#551) - ci: add release-major-tag workflow by [@caarlos0](https://github.com/caarlos0) in [#552](goreleaser/goreleaser-action#552) - ci: drop pre-cosign-v3 goreleaser versions from tests by [@caarlos0](https://github.com/caarlos0) in [#554](goreleaser/goreleaser-action#554) - ci(deps): bump the actions group with 2 updates by [@dependabot](https://github.com/dependabot)\[bot] in [#543](goreleaser/goreleaser-action#543) - ci(deps): bump the actions group with 5 updates by [@dependabot](https://github.com/dependabot)\[bot] in [#546](goreleaser/goreleaser-action#546) - chore(deps): bump undici from 6.23.0 to 6.24.1 by [@dependabot](https://github.com/dependabot)\[bot] in [#545](goreleaser/goreleaser-action#545) #### New Contributors - [@flecno](https://github.com/flecno) made their first contribution in [#547](goreleaser/goreleaser-action#547) **Full Changelog**: <goreleaser/goreleaser-action@v7...v7.1.0> ### [`v7.0.0`](https://github.com/goreleaser/goreleaser-action/releases/tag/v7.0.0) [Compare Source](goreleaser/goreleaser-action@v7...v7) #### What's Changed - feat!: node 24, update deps, rm yarn, ESM by [@caarlos0](https://github.com/caarlos0) in [#533](goreleaser/goreleaser-action#533) - sec: pin github action versions by [@caarlos0](https://github.com/caarlos0) in [#514](goreleaser/goreleaser-action#514) - docs: Upgrade checkout GitHub Action in README.md by [@dunglas](https://github.com/dunglas) in [#507](goreleaser/goreleaser-action#507) - chore(deps): bump actions/checkout from 4 to 5 by [@dependabot](https://github.com/dependabot)\[bot] in [#504](goreleaser/goreleaser-action#504) - ci(deps): bump the actions group with 2 updates by [@dependabot](https://github.com/dependabot)\[bot] in [#517](goreleaser/goreleaser-action#517) - ci(deps): bump the actions group with 2 updates by [@dependabot](https://github.com/dependabot)\[bot] in [#523](goreleaser/goreleaser-action#523) - ci(deps): bump docker/bake-action from 6.9.0 to 6.10.0 in the actions group by [@dependabot](https://github.com/dependabot)\[bot] in [#526](goreleaser/goreleaser-action#526) - ci(deps): bump the actions group across 1 directory with 4 updates by [@dependabot](https://github.com/dependabot)\[bot] in [#532](goreleaser/goreleaser-action#532) - ci(deps): bump actions/checkout from 6.0.1 to 6.0.2 in the actions group by [@dependabot](https://github.com/dependabot)\[bot] in [#534](goreleaser/goreleaser-action#534) - chore(deps): bump the npm group across 1 directory with 4 updates by [@dependabot](https://github.com/dependabot)\[bot] in [#536](goreleaser/goreleaser-action#536) - chore(deps): bump [@actions/http-client](https://github.com/actions/http-client) from 3.0.2 to 4.0.0 in the npm group by [@dependabot](https://github.com/dependabot)\[bot] in [#537](goreleaser/goreleaser-action#537) - ci(deps): bump docker/setup-buildx-action from 3.10.0 to 3.12.0 in the actions group by [@dependabot](https://github.com/dependabot)\[bot] in [#538](goreleaser/goreleaser-action#538) - chore(deps): bump semver from 7.7.3 to 7.7.4 in the npm group by [@dependabot](https://github.com/dependabot)\[bot] in [#539](goreleaser/goreleaser-action#539) **Full Changelog**: <goreleaser/goreleaser-action@v6...v7.0.0> ### [`v7`](goreleaser/goreleaser-action@v6.4.0...v7) [Compare Source](goreleaser/goreleaser-action@v6.4.0...v7) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate).  Reviewed-on: https://git.simoncor.net/golang/logger/pulls/3

fix(nightly): pick latest nightly by published_at

ac0749f

GitHub's /releases endpoint is not reliably ordered by published_at, so resolveNightly could pick an older nightly than the most recent one. Filter, sort by published_at desc, and take the first.

Copilot AI assigned Copilot and caarlos0 May 18, 2026

Copilot finished work on behalf of caarlos0 May 18, 2026 01:58

Copilot created this pull request from a session on behalf of caarlos0 May 18, 2026 01:58 View session

Copilot AI requested a review from caarlos0 May 18, 2026 01:58

caarlos0 marked this pull request as ready for review May 18, 2026 13:45

caarlos0 requested a review from crazy-max as a code owner May 18, 2026 13:45

Copilot started work on behalf of caarlos0 May 18, 2026 13:47 View session

test(nightly): add regression coverage for release ordering

92327ec

Copilot AI changed the title ~~fix(nightly): pick latest nightly by published_at~~ Fix nightly resolution to select newest published release May 18, 2026

Copilot finished work on behalf of caarlos0 May 18, 2026 13:53

caarlos0 changed the title ~~Fix nightly resolution to select newest published release~~ fix: nightly resolution to select newest published release May 18, 2026

caarlos0 merged commit 5daf1e9 into master May 19, 2026
34 checks passed

caarlos0 deleted the copilot/investigate-github-ordering-issue branch May 19, 2026 00:38

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

fix: nightly resolution to select newest published release#562

fix: nightly resolution to select newest published release#562
caarlos0 merged 2 commits into
masterfrom
copilot/investigate-github-ordering-issue

Copilot AI commented May 18, 2026 •

edited

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Uh oh!

Conversation

Copilot AI commented May 18, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Copilot AI commented May 18, 2026 •

edited

Loading