Skip to content

Load Rift v0.2.24

Latest

Choose a tag to compare

@github-actions github-actions released this 02 Jul 04:30

Summary

  • Publishes Load Rift 0.2.24 with app metadata aligned across npm, Cargo, Tauri packaging, and AppStream release metadata.
  • Hardens CI and release workflows by pinning GitHub Actions to commit SHAs instead of mutable version or branch refs.
  • Replaces third-party Tauri release publishing with first-party shell and gh steps so Apple signing and APT signing material stays out of third-party release actions.
  • Splits draft release creation, read-only platform builds, release asset uploads, APT Pages deployment, and final release publication into separate gated jobs.
  • Keeps write-scoped release tokens out of jobs that execute third-party build/cache actions.
  • Preserves completed main CI runs by cancelling only non-main in-progress CI runs.

Downloads

  • macOS Apple Silicon DMG: attached to this GitHub release as Load.Rift_0.2.24_aarch64.dmg
  • macOS Intel DMG: attached to this GitHub release as Load.Rift_0.2.24_x64.dmg
  • Linux AppImage: attached to this GitHub release as Load.Rift_0.2.24_amd64.AppImage
  • Linux .deb: attached to this GitHub release as Load.Rift_0.2.24_amd64.deb
  • Linux .rpm: attached to this GitHub release as Load.Rift-0.2.24-1.x86_64.rpm
  • APT setup script: attached to this GitHub release as install-apt-repo.sh
  • APT setup package: attached to this GitHub release as load-rift-repository-setup_1.0_all.deb

Linux APT Install

Enable the Load Rift APT repository once:

bash <(curl -fsSL https://github.com/ddv1982/load-rift/releases/latest/download/install-apt-repo.sh)

Then install or update normally:

sudo apt update
sudo apt install load-rift

The setup script authenticates the repository setup package checksum with a detached GPG signature and a release-pinned signer fingerprint before installing the repository configuration.

Bundled Third-Party Software

This package bundles Grafana k6 v2.0.0, licensed under AGPL-3.0-only.
Corresponding source: https://github.com/grafana/k6/tree/v2.0.0
Source archive: https://github.com/grafana/k6/archive/refs/tags/v2.0.0.tar.gz
Additional bundled licensing notices are included in the package.

Verification

  • Workflow YAML parse for .github/workflows/ci.yml and .github/workflows/release.yml
  • Static release workflow invariant checks for pinned actions, release gating, secret scope, and write-token job isolation
  • npm run typecheck
  • npm run lint
  • npm test
  • npm run build
  • npm run rust:fmt
  • npm run rust:clippy
  • npm run rust:audit
  • cargo test --manifest-path src-tauri/Cargo.toml
  • cargo check --manifest-path src-tauri/Cargo.toml
  • git diff --check

Lore

Constraint: Release notes are read by the GitHub Actions release workflow from docs/releases/v0.2.24.md when available.
Constraint: Third-party build/cache actions may run with read-only repository access, but release write tokens and signing material must remain scoped to first-party shell or gh steps.
Constraint: A release is created as a draft first and only published after platform assets are uploaded and the APT Pages repository deploy completes.
Rejected: Keeping tauri-apps/tauri-action for build-and-release convenience | direct Tauri builds plus explicit gh release upload make token and secret boundaries auditable.
Rejected: Allowing a rerun to turn an already published release back into a draft | the workflow now refuses that path and requires a new replacement tag.
Confidence: high
Scope-risk: moderate
Directive: Ship release hardening and aligned 0.2.24 metadata without rewriting existing v0.2.x tags.
Tested: Workflow YAML parse; release workflow invariant script; mutable-ref grep; python3 -m py_compile scripts/build_apt_repository.py && sh -n scripts/install-apt-repo.sh && git diff --check; npm exec prettier -- --check ".github/workflows/*.yml"; npm run verify.
Not-tested: Local packaged artifact generation with npm run tauri build; release workflow will build and attach packaged artifacts on tag push.