feat(release): publish uipro-cli to npm on release (#353)#384
Merged
mrgoonie merged 1 commit intoJun 25, 2026
Merged
Conversation
mrgoonie
approved these changes
Jun 25, 2026
mrgoonie
left a comment
Contributor
There was a problem hiding this comment.
Reviewed the npm-publish slice for #353. This is the narrow missing step after the merged semantic-release workflow: it adds @semantic-release/npm with pkgRoot=cli, passes NPM_TOKEN to the release step, and keeps the existing GitHub release behavior intact.
Checks performed:
- Compared against current release workflow/config on main and merged PR #375. #375 explicitly left npm publishing out; this PR fills that gap rather than duplicating it.
- Cross-checked issue #353 and recent release-lane comments: PR #355 covers asset sync; this PR covers the remaining npm publish/tag path.
- Verified changed JSON parses and the workflow only adds the npm plugin/env needed for semantic-release.
No blocking code findings. Maintainer setup is still required: add an npm automation token as repository credential NPM_TOKEN with publish rights for uipro-cli before the next release run, otherwise semantic-release/npm will fail verifyConditions.
semantic-release currently only creates GitHub releases/tags, so npm has been stuck on 2.2.3 while tags advanced to v2.7.0. `uipro init` / `uipro update` users therefore receive stale 2.2.3-era assets (issue nextlevelbuilder#353). Add @semantic-release/npm (pkgRoot: cli) to the release pipeline so each release also publishes the uipro-cli package at the tagged version. The package's prepublishOnly already re-syncs cli/assets from the source of truth, so the published tarball always carries current assets. Requires a repo secret NPM_TOKEN (npm automation token with publish rights to uipro-cli). Addresses nextlevelbuilder#353 (npm-publish slice of the release lane; leaving the issue open until the full distribution path lands, per maintainer).
03b6f12 to
d5661b4
Compare
This was referenced Jun 25, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What & why
uipro init/uipro updateusers still receive 2.2.3-era assets even though the repo has advanced to v2.7.0 (issue #353). Root cause: theReleaseworkflow runs semantic-release with only the github plugin, so it creates GitHub releases/tags but never publishes theuipro-clipackage to npm.uipro-cli(what users install)Change
Add
@semantic-release/npmto the release pipeline so every release also publishes the CLI package at the tagged version:.releaserc.json— add@semantic-release/npmwithpkgRoot: "cli"(betweenrelease-notes-generatorandgithub)..github/workflows/release.yml— add-p @semantic-release/npmto thenpxinvocation andNPM_TOKENto the step env.The package's existing
prepublishOnly(sync:assets && typecheck && build) runs on publish, so the tarball always ships current, in-sync assets.Required maintainer setup
NPM_TOKEN— an npm automation token with publish rights touipro-cli. Without it, the npm step fails atverifyConditions.After this merges and a release runs, npm will receive the current version (e.g.
2.7.x/2.8.0) instead of2.2.3.Scope
This is the npm-publish slice of the release lane mrgoonie outlined (synced assets ✅ #355 · working release workflow ✅ on main · npm publish/tag → this PR · safe updater command → #326). Intentionally leaves #353 open until the full distribution path lands.
Notes / optional follow-up
cli/package.json(stays cosmetic at 2.5.0). If you want the repo'spackage.json/skill.jsonversion to track the published version, add@semantic-release/gitin a follow-up.id-token: writeis already granted, so npm provenance (NPM_CONFIG_PROVENANCE: true) can be enabled later if desired.