strands-agents · poshinchen · May 22, 2026 · May 19, 2026
diff --git a/.github/workflows/ci.yml → .github/workflows/ci-python.yml b/.github/workflows/ci.yml → .github/workflows/ci-python.yml
@@ -1,15 +1,25 @@
-name: CI
+name: CI - Python
 
 on:
   pull_request:
     branches: [ main ]
+    paths:
+      - 'python/**'
+      - '.github/workflows/ci-python.yml'
   push:
     branches: [ main ]
+    paths:
+      - 'python/**'
+      - '.github/workflows/ci-python.yml'
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
   cancel-in-progress: true
 
+defaults:
+  run:
+    working-directory: python
+
 jobs:
   test:
     name: Test - Python ${{ matrix.python-version }}

diff --git a/.github/workflows/ci-typescript.yml b/.github/workflows/ci-typescript.yml
@@ -0,0 +1,74 @@
+name: CI - TypeScript
+
+on:
+  pull_request:
+    branches: [ main ]
+    paths:
+      - 'typescript/**'
+      - '.github/workflows/ci-typescript.yml'
+  push:
+    branches: [ main ]
+    paths:
+      - 'typescript/**'
+      - '.github/workflows/ci-typescript.yml'
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+defaults:
+  run:
+    working-directory: typescript
+
+jobs:
+  test:
+    name: Test - Node ${{ matrix.node-version }}
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node-version: ['20', '22']
+      fail-fast: false
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: 'npm'
+          cache-dependency-path: typescript/package-lock.json
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Run tests
+        run: npm test
+
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '22'
+          cache: 'npm'
+          cache-dependency-path: typescript/package-lock.json
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Check formatting
+        run: npm run format:check
+
+      - name: Run linter
+        run: npm run lint
+
+      - name: Type check
+        run: npm run type-check
diff --git a/.github/workflows/publish.yml → .github/workflows/publish-python.yml b/.github/workflows/publish.yml → .github/workflows/publish-python.yml
@@ -1,79 +1,101 @@
-name: Publish to PyPI
+name: Publish Python to PyPI
 
+# Triggered when a release is published with a tag prefixed `python-v`
+# (e.g. `python-v0.1.0`). The prefix is stripped by hatch-vcs so the
+# package version remains a clean SemVer string.
 on:
   release:
     types:
       - published
 
+defaults:
+  run:
+    working-directory: python
+
 jobs:
+  check-tag:
+    name: Check tag is python-v*
+    runs-on: ubuntu-latest
+    outputs:
+      should_publish: ${{ steps.check.outputs.should_publish }}
+    steps:
+      - id: check
+        run: |
+          if [[ "${{ github.event.release.tag_name }}" == python-v* ]]; then
+            echo "should_publish=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "should_publish=false" >> "$GITHUB_OUTPUT"
+          fi
+
   check:
     name: Run checks
+    needs: check-tag
+    if: needs.check-tag.outputs.should_publish == 'true'
     runs-on: ubuntu-latest
-    
+
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      
+
       - name: Set up Python
         uses: actions/setup-python@v5
         with:
           python-version: '3.10'
-      
+
       - name: Install hatch
         run: pip install hatch
-      
+
       - name: Run checks
         run: hatch run prepare
 
   build:
     name: Build distribution
     needs: check
     runs-on: ubuntu-latest
-    
+
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      
+
       - name: Set up Python
         uses: actions/setup-python@v5
         with:
           python-version: '3.10'
-      
+
       - name: Install hatch
         run: pip install hatch twine
-      
+
       - name: Build package
         run: hatch build
-      
+
       - name: Check distribution
         run: twine check dist/*
-      
+
       - name: Upload artifacts
         uses: actions/upload-artifact@v4
         with:
           name: python-package-distributions
-          path: dist/
+          path: python/dist/
 
   publish:
     name: Publish to PyPI
     needs: build
     runs-on: ubuntu-latest
     environment:
       name: pypi
-      url: https://pypi.org/p/${{ github.event.repository.name }}
     permissions:
       id-token: write
-    
+
     steps:
       - name: Download distributions
         uses: actions/download-artifact@v4
         with:
           name: python-package-distributions
           path: dist/
-      
+
       - name: Publish to PyPI
         uses: pypa/gh-action-pypi-publish@release/v1
diff --git a/.github/workflows/publish-typescript.yml b/.github/workflows/publish-typescript.yml
@@ -0,0 +1,82 @@
+name: Publish TypeScript to npm
+
+# Triggered when a release is published with a tag prefixed `typescript-v`
+# (e.g. `typescript-v0.1.0`). The version that gets published is whatever is
+# currently in typescript/package.json — bump it before tagging.
+on:
+  release:
+    types:
+      - published
+
+defaults:
+  run:
+    working-directory: typescript
+
+jobs:
+  check-tag:
+    name: Check tag is typescript-v*
+    runs-on: ubuntu-latest
+    outputs:
+      should_publish: ${{ steps.check.outputs.should_publish }}
+    steps:
+      - id: check
+        run: |
+          if [[ "${{ github.event.release.tag_name }}" == typescript-v* ]]; then
+            echo "should_publish=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "should_publish=false" >> "$GITHUB_OUTPUT"
+          fi
+
+  check:
+    name: Run checks
+    needs: check-tag
+    if: needs.check-tag.outputs.should_publish == 'true'
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '22'
+          cache: 'npm'
+          cache-dependency-path: typescript/package-lock.json
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Run checks
+        run: npm run check
+
+  publish:
+    name: Publish to npm
+    needs: check
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '22'
+          registry-url: 'https://registry.npmjs.org'
+          cache: 'npm'
+          cache-dependency-path: typescript/package-lock.json
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Build
+        run: npm run build
+
+      - name: Publish
+        run: npm publish --access public --provenance
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}