This repo ships:
- A crates.io package:
pi_agent_rust(Cargo[package].name) - A library crate:
pi(Cargo[lib].name) - A binary:
pi(Cargo[[bin]].name)
Source of truth: Cargo.toml [package].version.
- Tag format:
vX.Y.Z(SemVer). Example:v0.2.0. - Pre-releases:
vX.Y.Z-rc.1(or similar). Example:v0.2.0-rc.1. - Coupling:
pi_agent_rust(crate),pi(lib), andpi(binary) are all built from the same package, so they share one version number. - Sibling repos:
asupersync,rich_rust,charmed_rust,sqlmodel_rustare versioned independently in their own repos.
.github/workflows/publish.yml is triggered on tag pushes matching v* and will:
- validate the tag is SemVer
- verify
Cargo.tomlversion matches the tag version - run
cargo publish --dry-run --locked - publish to crates.io only when:
- the tag is not a pre-release (workflow checks
tagdoes not contain-) CARGO_REGISTRY_TOKENis configured
- the tag is not a pre-release (workflow checks
Note: dependencies that specify both version and path are expected to publish using the version constraint; ensure those versions exist on crates.io before tagging.
.github/workflows/release.yml is triggered on tag pushes matching v* and will:
- build
pifor Linux/macOS/Windows (release profile) - attach binaries, per-target build manifests, and
SHA256SUMSto a GitHub Release - mark the GitHub Release as a pre-release if the tag contains
-(e.g.-rc.1)
Release notes are extracted from CHANGELOG.md on a best-effort basis; ensure the changelog contains a ## heading with the version string for the tag you are cutting.
Goal: keep packaging and invocation ergonomics compatible enough for frictionless migration from upstream Pi.
- Installer path (
install.sh): default channel for end users; installs GitHub release binary, verifies checksums, and manages migration state. - Release artifact path (GitHub Releases): direct binary download per OS/arch with
SHA256SUMSverification. - Source path (
cargo build --release): deterministic fallback for constrained/air-gapped environments.
- Canonical command is
pi. - If TypeScript
pialready exists, installer supports in-place migration and preserves old command aslegacy-pi. - If migration is declined (
--keep-existing-pi), Rust Pi installs aspi-rustso both CLIs remain callable. - Pinned rollout is supported by
install.sh --version vX.Y.Z.
Run this matrix before declaring distribution parity complete for a release candidate:
- Fresh Linux/macOS install (no prior
pi):curl .../install.sh | bashcommand -v pi && pi --version && pi --help >/dev/null
- Migration host with existing TypeScript
pi:install.sh --adopt(or interactive adopt path)pi --versionreturns Rust buildlegacy-pi --versionstill resolves to preserved TypeScript CLI
- Keep-existing path:
install.sh --keep-existing-pipiremains TypeScript CLI,pi-rust --versionresolves to Rust build
- Pinned enterprise/CI rollout:
install.sh --version vX.Y.Z- binary checksum validation passes against release
SHA256SUMS
Release operations must keep benchmark evidence and shipping artifacts distinct.
- Shipping/distribution artifacts: built with Cargo
releaseprofile and published viarelease.yml+ installer flows (pibinaries +SHA256SUMS). - Benchmark evidence artifacts: produced by PERF-3X lanes (
scripts/perf/orchestrate.sh,scripts/bench_extension_workloads.sh) using benchmark profile labeling (typicallyperf) with run-level provenance (correlation_id, build/profile metadata, allocator/PGO metadata).
Policy constraints:
- Performance and certification claims must cite benchmark evidence artifacts, not release-only binaries.
- Release binaries remain the deployment target and may be used to validate size/startup/install behavior.
- Any release note claiming performance gains should include correlation-linked evidence references from benchmark artifact bundles.
- If profile labels/provenance are missing or contradictory, treat the performance claim as invalid until regenerated.
Before using swarm-scale, drop-in, extension, full-suite, or performance evidence in release-facing copy, generate the read-only readiness report:
python3 scripts/report_swarm_claim_readiness.py --self-test
python3 scripts/report_swarm_claim_readiness.py --jsonThe report emits schema pi.swarm.claim_readiness_report.v1 and groups artifacts by perf, full_suite, dropin, extension, and activity_ledger. Its stable top-level machine fields are overall_status, overall_ready, blocking_issue_count, and blocking_count; overall_ready is the boolean alias for overall_status == "ready", and blocking_count is an exact alias of blocking_issue_count for operator jq ergonomics. It distinguishes release_facing artifacts from historical_snapshot or release_policy records so old planning snapshots remain visible without automatically authorizing current claims.
python3 scripts/report_swarm_claim_readiness.py --json \
| jq '{overall_status, overall_ready, blocking_issue_count, blocking_count}'The same JSON also includes stale_claims with schema pi.swarm.stale_claim_report.v1. This section is report-only: it never reopens, reassigns, or edits Beads. It classifies in_progress beads from .beads/issues.jsonl using --stale-claim-after-hours and can treat fresher coordination evidence from --stale-claim-activity-jsonl rows as active owner evidence within --stale-claim-activity-fresh-hours. Each item names the bead ID, assignee, last update, evidence source, classification, and exact recommended operator action so operators can message the owner or manually reopen only after confirmation.
The JSON also includes hostcall_queue_telemetry with schema pi.swarm.hostcall_queue_readiness.v1. It reads hostcall queue evidence from tests/perf/reports/stress_triage.json and docs/evidence/ext-stress-reactor-queue-coverage.json, then reports stable counters for s3fifo_fallback_transitions, s3fifo_fairness_rejected_total, s3fifo_lane_overflow_rejected_total, queue_overflow_rejected_total, safe_reclamation_fallback_transitions, bravo_transitions_total, and bravo_rollbacks_total. Missing S3-FIFO or BRAVO telemetry is listed in missing_required_fields rather than treated as zero; non-zero fallback, fairness-rejection, lane-overflow, or BRAVO rollback totals make the section fallback_heavy so operators know not to present the run as contention-clean without more triage.
Use gate mode only when a release path must fail on stale or unsupported evidence:
python3 scripts/report_swarm_claim_readiness.py --gateGate mode exits non-zero only for release-facing blockers: missing artifacts, stale generated timestamps, no-data budget summaries, failed verdict fields, schema drift, or mismatched provenance across artifacts that are being used as one claim. Non-gate mode always exits 0 and is suitable for handoff notes, operator dashboards, and stale-evidence triage.
When the report blocks:
- Regenerate the exact artifact path listed when the claim is still intended to be release-facing.
- Split the claim by run when the report identifies multiple provenance values for one category.
- Soften or remove release-facing copy when the only available evidence is a historical snapshot.
- Do not use
docs/parity-certification.jsonto overridedocs/evidence/dropin-certification-verdict.jsonor the report's drop-in blockers.
We call it 1.0.0 when:
- CI is green on Linux/macOS/Windows (
.github/workflows/ci.yml) - Required execution surfaces are parity-stable (interactive + print + JSON mode + RPC + SDK contract) with conformance evidence green
- Extension runtime surface and security policy are stable enough that we can commit to not breaking users without an intentional SemVer bump
- Drop-in certification artifacts report
CERTIFIEDfor strict replacement claims
Until then, 0.x releases may still change behavior to improve correctness/parity, and release messaging must not claim strict drop-in replacement.
- Pick version (SemVer):
- patch: bugfixes / internal refactors
- minor: new user-facing features
- Update version in
Cargo.toml([package].version). - Run quality gates locally:
cargo fmt --checkcargo clippy --all-targets -- -D warningscargo test --all-targets
- Update changelog:
br changelog --since-tag vX.Y.Z(or use--since YYYY-MM-DDif no prior tags)- paste the output into
CHANGELOG.mdunder a new version heading
- Commit (
git commit). - Tag:
git tag vX.Y.Zgit push origin vX.Y.Z
- Verify GitHub Actions:
Publishworkflow (crates.io publish) behaves as expectedRelease (GitHub binaries)workflow creates a GitHub Release with binaries +SHA256SUMS
Use a pre-release tag to exercise CI/publish validation without publishing to crates.io:
git tag vX.Y.Z-rc.1 && git push origin vX.Y.Z-rc.1
This should run the Publish workflow planning step and skip the crates publish step.
Feature-surface pull requests must satisfy the Definition-of-Done evidence checklist before merge:
- Unit evidence link(s)
- E2E evidence link(s)
- Extension evidence link(s)
- Reproduction commands for pass/fail validation paths
CI enforces this via .github/workflows/ci.yml using .github/pull_request_template.md as the
canonical checklist format.
For branches opened before this gate was introduced:
- Rebase onto latest
main. - Replace the PR body with
.github/pull_request_template.md. - Backfill links to current evidence artifacts.
- Include exact rerun commands used to validate fixes for the most recent failing path.
- Re-run CI and merge only after the DoD evidence guard passes.
- CI is green on
main(Linux/macOS/Windows). - Local gates are green:
cargo fmt --checkcargo clippy --all-targets -- -D warningscargo test --all-targets
- Feature PRs merged since the previous tag satisfy the DoD evidence checklist (unit + e2e + extension + repro commands).
CHANGELOG.mdupdated for the version you’re tagging.- Benchmarks run if this release is performance-sensitive (see
BENCHMARKS.md). - Distribution compatibility matrix (above) passes for all required paths.
- GitHub Release exists and includes expected artifacts for each platform.
SHA256SUMSmatches downloaded artifacts.- Crates.io publish succeeded (if configured) and the version matches the tag.
- Smoke test install paths (download binary + run
pi --version).