Skip to content

Commit 58be8df

Browse files
indexzeroclaude
andcommitted
doc(release) document release process and remove broken release script
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1 parent c44377b commit 58be8df

2 files changed

Lines changed: 45 additions & 2 deletions

File tree

doc/RELEASE.md

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
# Release Process
2+
3+
Releases are automated via [release-it](https://github.com/release-it/release-it) running in GitHub Actions. The workflow bumps `package.json`, updates `doc/CHANGELOG.md`, creates a bare semver git tag, and publishes to npm with OIDC provenance. The tag push triggers a separate workflow that builds ncc binaries for three platforms and creates the GitHub Release.
4+
5+
## Cutting a release
6+
7+
### From the CLI
8+
9+
```bash
10+
gh workflow run release.yml --repo indexzero/flatlock -f increment=minor
11+
```
12+
13+
Replace `minor` with `patch` or `major` as appropriate.
14+
15+
### From the GitHub UI
16+
17+
1. Go to **Actions > Release > Run workflow**
18+
2. Select the increment type (patch, minor, or major)
19+
3. Click **Run workflow**
20+
21+
## What happens
22+
23+
1. `release-it --ci --increment <type>` runs on `ubuntu-latest`
24+
2. Determines the new version from the latest git tag + increment
25+
3. Moves `[Unreleased]` content in `doc/CHANGELOG.md` into a versioned section
26+
4. Bumps `version` in `package.json`
27+
5. Commits `chore: release <version>`, tags with bare semver (e.g. `1.6.0`)
28+
6. Publishes to npm (triggers `prepublishOnly``build:types` automatically)
29+
7. Pushes commit and tag to `main`
30+
8. Tag push triggers `ncc-release.yaml` which builds binaries (linux-x64, linux-arm64, darwin-arm64) and creates the GitHub Release with assets
31+
32+
## npm authentication
33+
34+
npm publishing uses [Trusted Publishers](https://docs.npmjs.com/trusted-publishers/) (OIDC) — the `Release` workflow in `indexzero/flatlock` is linked as a trusted publisher for the `flatlock` package. No `NPM_TOKEN` secret is needed.
35+
36+
## Changelog
37+
38+
The `@release-it/keep-a-changelog` plugin manages `doc/CHANGELOG.md`. When writing changes, add entries under the `## [Unreleased]` heading. The plugin converts this to a versioned heading at release time.
39+
40+
## Configuration
41+
42+
- `.release-it.json` — release-it config (tag format, changelog path, npm settings)
43+
- `.github/workflows/release.yml` — release workflow (workflow_dispatch)
44+
- `.github/workflows/ncc-release.yaml` — binary build workflow (tag-triggered)

package.json

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -61,8 +61,7 @@
6161
"check": "biome check src test && pnpm run build:types",
6262
"check:fix": "biome check --write src test",
6363
"build:ncc": "./bin/ncc.sh",
64-
"prepublishOnly": "pnpm run build:types",
65-
"release": "gh workflow run release.yml --repo indexzero/flatlock -f increment="
64+
"prepublishOnly": "pnpm run build:types"
6665
},
6766
"dependencies": {
6867
"@yarnpkg/lockfile": "^1.1.0",

0 commit comments

Comments
 (0)