npm - @async/db - Versions diffs - 0.2.0 → 0.2.1 - Mend

@async/db 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,12 @@
 # Changelog
+## [0.2.1](https://github.com/async-framework/async-db/releases/tag/v0.2.1) - 2026-06-01
+### Fixed
+- Made the tag release workflow retry-safe by skipping npm publish when the package version already exists, while still creating or updating the GitHub release asset.
+- Updated release documentation to match the built `dist/` package allowlist, gated Release Please behavior, and manual/tag release flow.
 ## [0.2.0](https://github.com/async-framework/async-db/releases/tag/v0.2.0) - 2026-06-01
 ### Added

package/docs/ci-and-release.md CHANGED Viewed

@@ -68,9 +68,9 @@ npm run db -- serve --cwd ./examples/basic
 `package.json` includes:
 ```txt
-src/**/*.js
-src/**/*.d.ts
-scripts
+dist/**/*.js
+dist/**/*.d.ts
+!dist/**/*.test.js
 examples/*/README.md
 examples/*/example.json
 examples/*/package.json
@@ -130,11 +130,11 @@ The first check confirms the README stayed compact. The second highlights same-p
 Release pull requests and npm publication are handled by `.github/workflows/release.yml`.
-- Every push to `main` runs Release Please.
-- After `0.1.0`, Release Please opens or updates a release PR with the next version, `package.json`, `.release-please-manifest.json`, and `CHANGELOG.md`.
-- Merging a release PR creates the GitHub release.
-- When a Release Please release is created, the same workflow checks out the release commit, runs `npm run release:check`, packs the package, publishes `@async/db` to npm, and uploads the tarball to the GitHub release.
-- The first `0.1.0` release is seeded in `.release-please-manifest.json`; publish it by pushing the existing `v0.1.0` tag, or by running the `Release` workflow manually with `v0.1.0` after the tag exists.
+- The Release Please job is opt-in behind the repository variable `RELEASE_PLEASE_CREATE_PR=true`. Keep it disabled when the organization blocks GitHub Actions from creating pull requests.
+- When enabled, Release Please opens or updates a release PR with the next version, `package.json`, `.release-please-manifest.json`, and `CHANGELOG.md`.
+- The tag path runs when a `v*.*.*` tag is pushed, or when the workflow is dispatched with an existing tag.
+- The tag path validates that `package.json` matches the tag, runs `npm run release:check`, packs the package, publishes `@async/db` to npm when that exact version is not already present, creates the GitHub release if needed, and uploads the tarball.
+- Rerunning a partially completed tag release is safe: if npm already has the package version, the workflow skips `npm publish` and still reconciles the GitHub release asset.
 The release workflow uses npm Trusted Publishing through GitHub Actions OIDC. Before the first automated publish, configure npm for:
@@ -153,16 +153,25 @@ npm publish --access public
 If Trusted Publishing is not configured yet, the release workflow can create the release PR and GitHub release, but npm publish will fail until npm trusts this repository and workflow.
-## First Release
+If Trusted Publishing is not configured and the npm publish step fails, publish manually from an npm account with `@async` scope write access, then rerun the tag workflow to reconcile the GitHub release:
-The first public package version is already recorded as `0.1.0` in `package.json`, `CHANGELOG.md`, and `.release-please-manifest.json`. After npm Trusted Publishing is configured:
+```bash
+npm login --scope=@async --registry=https://registry.npmjs.org --auth-type=web
+npm run release:check
+npm pack
+npm publish --access public async-db-<version>.tgz
+```
+## Tag Release
+For a manual patch release, update `package.json`, `.release-please-manifest.json`, and `CHANGELOG.md`, then merge to `main` and tag the release commit:
 ```bash
-git tag v0.1.0
-git push origin v0.1.0
+git tag v<version>
+git push origin v<version>
 ```
-The tag publish path validates that the tag matches `package.json`, runs `npm run release:check`, publishes the tarball, creates the GitHub release if needed, and uploads the tarball as a release asset.
+Use `NPM_CONFIG_USERCONFIG=/dev/null npm view @async/db version` when checking public npm visibility from this machine, because local npm user config may set conservative install cutoffs.
 ## Manual Release Checks

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@async/db",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "The Async data workflow package for fixtures, generated types, local APIs, runtime stores, and database-backed graduation.",
   "packageManager": "pnpm@10.20.0",
   "scripts": {