feat: migrate from semantic-release to release-please

[yacosta738]

• Replaced semantic-release with release-please for version management
• Added release-please-config.json for configuration
• Updated release.yml workflow to use release-please-action
• Removed semantic-release plugins from package.json
• Added release-please CLI as devDependency

[coderabbitai]

Warning

Rate limit exceeded

@yacosta738 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 10 minutes and 29 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: dad33a91-ce42-424e-8e2d-e5013e4d91d8

📥 Commits

Reviewing files that changed from the base of the PR and between be18ed1 and 525c3db.

📒 Files selected for processing (1)

• .github/workflows/ci.yml

📝 Walkthrough

Walkthrough

Switch release automation from semantic-release to google-github-actions/release-please-action; update workflow job outputs/needs/refs/artifact names, adjust checkout/ref and token wiring, add release-please config and manifest, remove semantic-release config and related devDependencies/scripts.

Changes

Cohort / File(s)	Summary
Release Workflow .github/workflows/release.yml	Replaced semantic-release job with google-github-actions/release-please-action; changed job outputs (new_release_published/new_release_version/new_release_git_tag → new_release_created/release_version/release_git_tag); updated downstream needs gates, checkout refs, artifact/archive names embedding the version, release-summary templates, token wiring, and pinned action versions; removed Node/pnpm/ripgrep/semantic-release setup steps; adjusted one Windows checksum move path depth.
NPM Scripts & DevDependencies package.json	Replaced scripts.release from semantic-release → release-please; removed scripts.release:dry-run; removed @semantic-release/* and semantic-release devDependencies; added release-please@^19.0.0.
Release Please Config & Manifest release-please-config.json, .release-please-manifest.json	Added release-please-config.json (type: rust, changelog sections mapping, component mapping root→agentsync, tag/commit templates, no drafts/prereleases). Added .release-please-manifest.json with root version 1.28.0.
Removed Semantic-Release Config .releaserc.json	Deleted entire semantic-release config (branch/tag format, conventional commit rules, changelog and prepare steps, version update script, pnpm/cargo steps, and git publish settings).
CI vulnerability step .github/workflows/ci.yml	Added "Update vulnerabilities database" step running cargo fetch and cargo audit --fetch-index before existing audit-check step.

Sequence Diagram(s)

mermaid
sequenceDiagram
participant Workflow as GitHub Actions Workflow
participant Checkout as Repository Checkout
participant Build as Build/Test Steps
participant ReleasePlease as release-please Action
participant GitHubRelease as GitHub Releases / Artifacts
Workflow->>Checkout: checkout main (ref from release-please output)
Checkout->>Build: run build/tests, create artifacts
Build->>ReleasePlease: provide commit/labels/config (release-please-config.json)
ReleasePlease->>GitHubRelease: create tag/release (release_version, release_git_tag)
ReleasePlease->>Workflow: set job outputs (new_release_created, release_version, release_git_tag)
Workflow->>GitHubRelease: upload artifacts (named with release_version)

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Poem

🐰 I sniffed the tags and found a breeze,
Swapped semantic seas for Release Please,
I hopped through workflows, scripts, and more,
New manifest tucked in my burrowed store,
A tiny cheer — release gates ease! 🎉

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: migrating from semantic-release to release-please for release automation.
Description check	✅ Passed	The description is directly related to the changeset, detailing the specific changes made during the semantic-release to release-please migration.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/release-please

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

✅ Contributor Report

User: @yacosta738
Status: Passed (12/13 metrics passed)

Metric	Description	Value	Threshold	Status
PR Merge Rate	PRs merged vs closed	89%	>= 30%	✅
Repo Quality	Repos with ≥100 stars	0	>= 0	✅
Positive Reactions	Positive reactions received	9	>= 1	✅
Negative Reactions	Negative reactions received	0	<= 5	✅
Account Age	GitHub account age	3067 days	>= 30 days	✅
Activity Consistency	Regular activity over time	108%	>= 0%	✅
Issue Engagement	Issues with community engagement	0	>= 0	✅
Code Reviews	Code reviews given to others	433	>= 0	✅
Merger Diversity	Unique maintainers who merged PRs	2	>= 0	✅
Repo History Merge Rate	Merge rate in this repo	77%	>= 0%	✅
Repo History Min PRs	Previous PRs in this repo	108	>= 0	✅
Profile Completeness	Profile richness (bio, followers)	90	>= 0	✅
Suspicious Patterns	Spam-like activity detection	1	N/A	❌

---

_{Contributor Report evaluates based on public GitHub activity. Analysis period: 2025-03-22 to 2026-03-22}

[coderabbitai]

Actionable comments posted: 6

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/release.yml:
- Around line 173-175: The checksum .sha256 file is being moved one directory
too far by the second mv command; update the move so both files are relocated to
the workspace root consistently from target/<target>/release (i.e. make the mv
for "$ARCHIVE_NAME.tar.gz.sha256" match the same destination used for
"$ARCHIVE_NAME.tar.gz"), adjusting the second mv invocation near the
ARCHIVE_NAME moves (and the analogous group at lines 197-199) so the .sha256
remains inside the repository workspace for the agentsync-*.sha256 artifact glob
to find it.
- Around line 51-61: In the Release Please workflow step (the step with id
"release" that uses google-github-actions/release-please-action@0613c7...),
replace the unsupported inputs: change default-branch: main to target-branch:
main, remove the dry-run input entirely, and remove skip-publish: true (do not
add an undocumented alternative); if you need to control release behavior
instead add the documented inputs skip-github-release or
skip-github-pull-request as appropriate.

In `@package.json`:
- Line 8: Remove the orphaned semantic-release configuration by deleting the
"release" npm script entry ("release": "release-please") from package.json and
removing the obsolete .releaserc.json file from the repo root so there is no
conflicting release configuration; ensure any CI or docs references to the old
semantic-release setup are updated to use the new release-please workflow.
- Line 8: Update the "release" npm script so it supplies the minimal required
release-please flags (e.g., include a subcommand like "release-pr" plus --token
and --repo-url placeholders or environment-variable references) so running "pnpm
run release" from the Makefile works locally, or alternatively add a separate
script (e.g., "release:ci" vs "release:local") to distinguish CI vs developer
usage; also remove the obsolete .releaserc.json file since it's the old
semantic-release config and is no longer used by release-please to avoid
confusion.

In `@release-please-config.json`:
- Around line 20-25: Enable manifest mode by adding the missing companion
manifest file .release-please-manifest.json and initialize it with the current
package version; create .release-please-manifest.json containing a JSON object
mapping the package key "." to the current version (e.g. { ".": "1.28.0" }) so
that the "packages" manifest-mode configuration in release-please-config.json
can succeed (ensure the version matches Cargo.toml).
- Around line 4-18: Update release-please config to match the schema: replace
the "changelog-sections" array of strings with an array of objects each having
"type" and "section" (e.g., { "type": "feat", "section": "Features" }), remove
the unsupported keys "include-void-in-tag", "single-line", "commit-message",
"tag-message", "pull-request-body", "pull-request-title", "indicator", and
"shard-count", ensure any "release-as" entries are string values (not null), and
if you intended a custom PR title pattern rename "pull-request-title" to
"pull-request-title-pattern".

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 85eed7aa-65fa-4d6e-ba9d-8fb384835d98

📥 Commits

Reviewing files that changed from the base of the PR and between 42a4349 and 804b166.

📒 Files selected for processing (3)

• .github/workflows/release.yml
• package.json
• release-please-config.json

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/release.yml:
- Around line 300-302: Update the pinned Node.js version in the GitHub Actions
workflow by changing the node-version value under the
actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 step from "24.13" to
"24.14.0"; locate the uses: actions/setup-node and the with: node-version
entries and update the node-version string accordingly so the workflow runs on
Node.js v24.14.0.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 91b85c76-89d7-4a93-a334-35c7bbeaa807

📥 Commits

Reviewing files that changed from the base of the PR and between 804b166 and 8bb777e.

📒 Files selected for processing (5)

• .github/workflows/release.yml
• .release-please-manifest.json
• .releaserc.json
• package.json
• release-please-config.json

💤 Files with no reviewable changes (1)

• .releaserc.json

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/ci.yml:
- Around line 196-198: The "Update vulnerabilities database" workflow step runs
"cargo fetch && cargo audit --fetch-index" but fails because the cargo-audit
binary isn't installed and "--fetch-index" is not a valid flag; either remove
this entire step and rely on the existing rustsec/audit-check@v2.0.0 step to
perform audits and DB fetching, or modify the step to first install cargo-audit
and then run "cargo audit" (without "--fetch-index"); target the step named
"Update vulnerabilities database" and the command string "cargo fetch && cargo
audit --fetch-index" when making the change.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 5ae6e907-34c5-441c-93bd-f421c86e2fee

📥 Commits

Reviewing files that changed from the base of the PR and between 8bb777e and be18ed1.

📒 Files selected for processing (1)

• .github/workflows/ci.yml