fix(publish_release): add contents: write permissions

[saltenasl]

Summary by CodeRabbit

• Chores
  • Updated release workflow permissions to support necessary publishing operations.

[coderabbitai]

📝 Walkthrough

Walkthrough

Added the contents: write permission to the publish_release job in .github/workflows/publish-release.yml. This permission grants write access to repository contents during workflow execution. No other modifications were made to the workflow structure or logic.

Possibly related PRs

• fix(publish_release): add packages: read permissions #59: Also modifies permissions in .github/workflows/publish-release.yml (adds packages: read permission)

Suggested reviewers

• dinohamzic

Pre-merge checks

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title "fix(publish_release): add contents: write permissions" directly and accurately describes the primary change in the pull request. The modification adds the contents: write permission to the publish_release job's permissions in the workflow file, which is exactly what the title states. It follows conventional commit format, is concise and specific, and would be immediately clear to someone reviewing the repository history.

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between fe51b5d and 40c485d.

📒 Files selected for processing (1)

• .github/workflows/publish-release.yml (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: build
• GitHub Check: check_release

🔇 Additional comments (1)

.github/workflows/publish-release.yml (1)

19-22: Permission addition looks good for a release workflow.

Adding contents: write is appropriate since the populate-release and finalize-release actions need write access to publish releases, create tags, and modify repository state.

One question: the workflow passes an app token to these actions rather than using GITHUB_TOKEN directly. Verify that the contents: write permission on the workflow itself is actually required by the actions, or if all writes are performed via the app token.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 69.56%. Comparing base (fe51b5d) to head (40c485d).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #60   +/-   ##
=======================================
  Coverage   69.56%   69.56%           
=======================================
  Files          13       13           
  Lines         253      253           
  Branches       28       28           
=======================================
  Hits          176      176           
  Misses         73       73           
  Partials        4        4           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.