Derive release version from the tag (works with protected main)#40
Merged
Conversation
The one-click Release workflow pushed the npm-version bump commit straight to main, which branch protection rejects (PRs + signed commits + status checks required). Drop that approach. Instead, make Publish read the version from the release tag (v0.3.3 -> 0.3.3), write it into package.json in CI only, then build and publish. Nothing is committed to main, so it works with branch protection and the tag can never disagree with the published version. Removes the old tag/version match guard (now unnecessary) and the release.yml workflow. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
Simplifies publishing by deriving npm version directly from the Git tag. 🎯 Quality: 90% Elite · 📦 Size: Medium 📈 This month: Your 216th PR — above team average · Averaging Excellent |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
The one-click
Releaseworkflow from #39 pushed thenpm versionbump commit straight tomain, which branch protection rejects:Pushing bump commits to
mainis fundamentally incompatible with those rules, so this drops that approach.What
Make the version come from the release tag instead of
package.json:Publishnow reads the tag (v0.3.3→0.3.3), writes it intopackage.jsonin CI only (npm version --no-git-tag-version), then builds and publishes. Nothing is committed back tomain.release.ymlworkflow added in Add one-click release workflow to prevent tag/version drift #39.RELEASING.mdrewritten: to release, justgh release create vX.Y.Z --generate-notes.Result: releasing is a single
gh release create(or the UI), it works with branch protection, and tag/version drift is structurally impossible. The committedpackage.jsonversion becomes a placeholder and no longer needs bumping.Cleanup done
Deleted the dangling
v0.3.3tag the failed run left behind. npm is still at0.3.2; no bad release was published.Note
Still unresolved separately:
mainhas diverged from thepulse-protect-node-wafbranch that shipped0.3.0–0.3.2, so confirm which branch/content0.3.3should ship from before cutting it.🤖 Generated with Claude Code