ci(swift): reference staged package by its SPM identity in verify smoke

[kixelated]

Summary

• Fixes the Verify staged package resolves job in release-swift.yml, which failed on the moq-ffi-v0.2.14 tag run with unknown package 'Moq' (run 26413362356).
• The smoke project referenced the staged package as .product(package: "Moq"), but SPM derives a path-based package's identity from the final path component (moq-ffi-0.2.14-swift), not from the manifest's name: field. So the dependency was never findable under the name "Moq".
• Symlink the staged dir to $WORK/moq-swift and reference moq-swift as the package identity. Matching the published mirror name (moq-dev/moq-swift) means the smoke test now exercises the same SPM identity real consumers see.

Why this matters

The verify step gates the mirror publish, so the moq-ffi-v0.2.14 release never actually shipped to the Swift mirror. Once this lands the release workflow will need to be retriggered (or a fresh patch tag cut) to publish the artifacts.

Test plan

• Re-run release-swift workflow on a tag (or wait for the next moq-ffi release) and confirm the Verify staged package resolves job passes.

🤖 Generated with Claude Code

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: d02b9a55-84db-435b-8ccc-36ce551937b5

📥 Commits

Reviewing files that changed from the base of the PR and between b8e3f38 and 7b75016.

📒 Files selected for processing (1)

• swift/scripts/verify.sh

---

Walkthrough

The PR updates swift/scripts/verify.sh to set PKG_IDENTITY="moq-swift", create a symlink PKG_LINK="$WORK/$PKG_IDENTITY" pointing at the staged package, and generate a smoke-test Package.swift that depends on the package via .package(path: "$PKG_LINK") and references the product using package: "$PKG_IDENTITY". The existing verification flow (input checks, tarball extraction, manifest presence, swift package resolve, swift build) is unchanged.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: fixing the verify script to reference the staged package by its correct SPM identity (moq-swift) in the smoke test.
Description check	✅ Passed	The description is directly related to the changeset, explaining the bug (SPM deriving identity from path, not manifest name), the fix (symlinking to moq-swift), and its impact on the release workflow.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch claude/zen-swirles-1cfff7

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

swift/scripts/verify.sh (1)

77-77: ⚡ Quick win

Extract the package identity to a variable for maintainability.

The string "moq-swift" appears in both the symlink path (line 77) and the product package reference (line 96). These must remain synchronized for the smoke test to work. Consider extracting to a variable to make this coupling explicit and reduce the risk of future desynchronization.

♻️ Proposed refactor

+# Package identity that matches the published moq-dev/moq-swift mirror
+PKG_IDENTITY="moq-swift"
+PKG_LINK="$WORK/$PKG_IDENTITY"
-PKG_LINK="$WORK/moq-swift"
 ln -s "$STAGED_DIR" "$PKG_LINK"

And update the generated Package.swift:

         .executableTarget(
             name: "Smoke",
-            dependencies: [.product(name: "Moq", package: "moq-swift")],
+            dependencies: [.product(name: "Moq", package: "$PKG_IDENTITY")],
             path: "Sources/Smoke"
         ),

Also applies to: 96-96

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@swift/scripts/verify.sh` at line 77, The hardcoded package name "moq-swift"
is duplicated and should be centralized; introduce a single shell variable
(e.g., PKG_NAME or PACKAGE_ID) and use it to build PKG_LINK (replace
PKG_LINK="$WORK/moq-swift" with PKG_LINK="$WORK/$PKG_NAME") and also use that
variable when emitting or updating the Package.swift product/package reference
(ensure any generation or sed/template that writes the product name uses the
same PKG_NAME variable) so both references stay synchronized.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@swift/scripts/verify.sh`:
- Line 77: The hardcoded package name "moq-swift" is duplicated and should be
centralized; introduce a single shell variable (e.g., PKG_NAME or PACKAGE_ID)
and use it to build PKG_LINK (replace PKG_LINK="$WORK/moq-swift" with
PKG_LINK="$WORK/$PKG_NAME") and also use that variable when emitting or updating
the Package.swift product/package reference (ensure any generation or
sed/template that writes the product name uses the same PKG_NAME variable) so
both references stay synchronized.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 1ae5c7e8-c66d-43d6-a2f5-15b4718fed3c

📥 Commits

Reviewing files that changed from the base of the PR and between 6365a0d and b8e3f38.

📒 Files selected for processing (1)

• swift/scripts/verify.sh