feat: add per-author tracked change colors (#3559) #749
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Auto-releases CLI on push to main (@next channel). | |
| # Stable releases are orchestrated centrally by release-stable.yml. | |
| name: 📦 Release CLI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| # Keep in sync with apps/cli/.releaserc.cjs includePaths (patch-commit-filter). | |
| # Workflow paths trigger CI; includePaths control semantic-release commit analysis. | |
| - 'apps/cli/**' | |
| - 'packages/document-api/**' | |
| - 'packages/superdoc/**' | |
| - 'packages/super-editor/**' | |
| - 'packages/layout-engine/**' | |
| - 'packages/word-layout/**' | |
| - 'packages/preset-geometry/**' | |
| - 'shared/**' | |
| - 'scripts/semantic-release/**' | |
| - 'pnpm-workspace.yaml' | |
| - '!**/*.md' | |
| workflow_dispatch: | |
| permissions: | |
| contents: write | |
| packages: write | |
| concurrency: | |
| # Release runs never cancel an in-progress release (each merge is a release-worthy | |
| # state). queue: max keeps GitHub from dropping older pending stable releases when | |
| # a stable push touches multiple wrapper packages in the shared release-stable group; | |
| # default queue: single only allows one pending. queue: max requires | |
| # cancel-in-progress: false (cannot be combined with true). | |
| group: ${{ github.ref_name == 'stable' && 'release-stable' || format('{0}-{1}', github.workflow, github.ref) }} | |
| cancel-in-progress: false | |
| queue: max | |
| jobs: | |
| release: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Generate token | |
| id: generate_token | |
| uses: actions/create-github-app-token@v2 | |
| with: | |
| app-id: ${{ secrets.APP_ID }} | |
| private-key: ${{ secrets.APP_PRIVATE_KEY }} | |
| - uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ steps.generate_token.outputs.token }} | |
| - name: Refresh branch head | |
| # Queued release runs may start against a stale checkout (queue: max | |
| # plus cancel-in-progress: false). Refresh to the current branch head | |
| # so @semantic-release/git pushes fast-forward; semantic-release no-ops | |
| # if no new commits were added since the previous queued run released. | |
| run: | | |
| git fetch origin "${{ github.ref_name }}" --tags | |
| git checkout -B "${{ github.ref_name }}" "origin/${{ github.ref_name }}" | |
| - uses: pnpm/action-setup@v4 | |
| - uses: actions/setup-node@v6 | |
| with: | |
| node-version-file: .nvmrc | |
| cache: pnpm | |
| registry-url: 'https://registry.npmjs.org' | |
| - uses: oven-sh/setup-bun@v2 | |
| with: | |
| # DO NOT BUMP without verifying macOS darwin-arm64 binary signing. | |
| # Bun 1.3.12+ regressed `bun build --compile` macOS code signing | |
| # (oven-sh/bun#29120, oven-sh/bun#29361), which causes the embedded | |
| # CLI in the Python SDK wheel to be SIGKILL'd by Gatekeeper on macOS. | |
| # Tracked in SD-2784 — unpin once explicit codesign step lands. | |
| bun-version: 1.3.11 | |
| - name: Cache apt packages | |
| uses: actions/cache@v5 | |
| with: | |
| path: ~/apt-cache | |
| key: apt-canvas-${{ runner.os }}-v1 | |
| - name: Install canvas system dependencies | |
| run: | | |
| mkdir -p ~/apt-cache | |
| sudo apt-get update | |
| sudo apt-get install -y -o Dir::Cache::Archives="$HOME/apt-cache" \ | |
| build-essential \ | |
| libcairo2-dev \ | |
| libpango1.0-dev \ | |
| libjpeg-dev \ | |
| libgif-dev \ | |
| librsvg2-dev \ | |
| libpixman-1-dev | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Build packages | |
| run: pnpm run build | |
| - name: Release CLI | |
| env: | |
| GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| LINEAR_TOKEN: ${{ secrets.LINEAR_TOKEN }} | |
| ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} | |
| working-directory: apps/cli | |
| run: pnpx semantic-release |