Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 74b08c23cd
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| uses: ncipollo/release-action@v1 | ||
| with: | ||
| # TODO: remove beta tag before release stable | ||
| tag: beta |
There was a problem hiding this comment.
The release job is triggered by pushed tags (v*), but this step hardcodes tag: beta, so every run creates/updates a release for beta instead of the actual tag that triggered the workflow (for example v1.6.3). That disconnects the GitHub release from the published package version and will cause repeated collisions on the same beta tag across releases.
Useful? React with 👍 / 👎.
| - name: Publish | ||
| uses: JS-DevTools/npm-publish@v4 | ||
| with: | ||
| token: empty |
There was a problem hiding this comment.
The publish step passes a literal placeholder token (empty) into JS-DevTools/npm-publish, so npm publication will run without valid credentials and fail when attempting to publish this scoped package. This makes the release workflow non-functional in production unless a real auth mechanism is wired in for this input.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
Pull request overview
Refactors the project’s release process by removing the custom Node-based release script and shifting publishing/releasing responsibilities into a GitHub Actions workflow.
Changes:
- Removed
scripts/release.jsand its CLI dependencies (cac,execa). - Updated the release workflow to run on pushed version tags (
v*) and to use third-party GitHub Actions for npm publishing and GitHub release creation. - Pruned the lockfile to reflect removed dependencies.
Reviewed changes
Copilot reviewed 3 out of 4 changed files in this pull request and generated 6 comments.
| File | Description |
|---|---|
scripts/release.js |
Deletes the custom release script that previously published to npm and pushed git tags. |
package.json |
Removes release-script-related devDependencies (cac, execa). |
pnpm-lock.yaml |
Removes lock entries corresponding to cac, execa, and their transitive deps. |
.github/workflows/release.yml |
Reworks release automation to publish on tag pushes and create GitHub releases via Actions. |
Files not reviewed (1)
- pnpm-lock.yaml: Language not supported
Comments suppressed due to low confidence (1)
scripts/release.js:1
- This script is deleted, but
package.jsonstill has"release": "node ./scripts/release.js". Unless that script entry is updated/removed in this PR,npm run releasewill break for anyone using it locally or in automation.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Refactors the release process to simplify and modernize it by removing the custom release script and switching to standard GitHub Actions for publishing and releasing.