@launch77-shared/plugin-release 1.0.0

package/dist/commands/connect.js

@@ -0,0 +1,285 @@
+#!/usr/bin/env node
+
+// src/commands/connect.ts
+import { execSync } from "child_process";
+import { readFileSync, writeFileSync, existsSync, unlinkSync } from "fs";
+import { join } from "path";
+import readline from "readline";
+import { select } from "@inquirer/prompts";
+import { detectLaunch77Context } from "@launch77/plugin-runtime";
+var colors = {
+  reset: "\x1B[0m",
+  red: "\x1B[31m",
+  green: "\x1B[32m",
+  yellow: "\x1B[33m",
+  cyan: "\x1B[36m",
+  gray: "\x1B[90m"
+};
+function log(message, color = "reset") {
+  console.log(`${colors[color]}${message}${colors.reset}`);
+}
+function prompt(question) {
+  const rl = readline.createInterface({
+    input: process.stdin,
+    output: process.stdout
+  });
+  return new Promise((resolve) => {
+    rl.question(`${colors.cyan}${question}${colors.reset} `, (answer) => {
+      rl.close();
+      resolve(answer.trim().toLowerCase());
+    });
+  });
+}
+async function main() {
+  log("\n\u{1F680} Release Connect - Setup npm Package Publishing\n", "cyan");
+  const context = await detectLaunch77Context(process.cwd());
+  if (!context.isValid || context.locationType === "workspace-root" || !context.appName) {
+    log("\u274C Error: Must be run from within an app directory", "red");
+    log("   Run this command from inside your app (e.g., apps/my-app)\n", "gray");
+    process.exit(1);
+  }
+  const dirMap = {
+    "workspace-app": "apps",
+    "workspace-library": "libraries",
+    "workspace-plugin": "plugins",
+    "workspace-app-template": "app-templates"
+  };
+  const dir = dirMap[context.locationType];
+  if (!dir) {
+    log("\u274C Error: Unsupported location type", "red");
+    log(`   Location type: ${context.locationType}
+`, "gray");
+    process.exit(1);
+  }
+  const packageRoot = join(context.workspaceRoot, dir, context.appName);
+  const packageJsonPath = join(packageRoot, "package.json");
+  if (!existsSync(packageJsonPath)) {
+    log("\u274C Error: package.json not found", "red");
+    log(`   Looking in: ${packageRoot}
+`, "gray");
+    process.exit(1);
+  }
+  let packageJson;
+  try {
+    packageJson = JSON.parse(readFileSync(packageJsonPath, "utf-8"));
+  } catch (error) {
+    log("\u274C Error: Could not parse package.json", "red");
+    log(`   ${error instanceof Error ? error.message : "Unknown error"}
+`, "gray");
+    process.exit(1);
+  }
+  const packageName = packageJson.name;
+  log(`\u{1F4E6} Package: ${packageName}
+`);
+  log("Step 1: Validating package.json configuration", "cyan");
+  const validations = [];
+  if (packageJson.private === true) {
+    log("   \u2139 Package is currently private (will be changed during setup)", "gray");
+  } else if (packageJson.private === false) {
+    log("   \u26A0\uFE0F  Package is already marked as non-private", "yellow");
+  }
+  if (packageJson.license) {
+    log(`   \u2139 Current license: ${packageJson.license}`, "gray");
+  } else {
+    log("   \u2139 No license set", "gray");
+  }
+  if (packageJson.publishConfig?.access === "public") {
+    log("   \u2713 publishConfig.access: public", "green");
+  } else {
+    log('   \u2139 publishConfig.access will be set to "public"', "gray");
+  }
+  if (validations.length > 0) {
+    log("\n\u26A0\uFE0F  Configuration issues found:", "yellow");
+    validations.forEach((v) => log(`   - ${v}`, "gray"));
+    log("");
+    const answer = await prompt("Continue anyway? (y/N)");
+    if (answer !== "y" && answer !== "yes") {
+      log("Aborted.\n", "gray");
+      process.exit(0);
+    }
+  }
+  log("");
+  log("Step 1.5: Select package license", "cyan");
+  log("   Learn more about licenses: https://spdx.org/licenses/", "gray");
+  log("");
+  const selectedLicense = await select({
+    message: "Select package license:",
+    choices: [
+      {
+        name: "UNLICENSED (proprietary, no permission to use)",
+        value: "UNLICENSED",
+        description: "For proprietary/closed-source software. Launch77 default."
+      },
+      {
+        name: "MIT (permissive, most popular open source)",
+        value: "MIT",
+        description: "Allows commercial use with minimal restrictions."
+      },
+      {
+        name: "ISC (permissive, similar to MIT)",
+        value: "ISC",
+        description: "Functionally identical to MIT with simpler wording."
+      },
+      {
+        name: "Apache-2.0 (permissive with patent protection)",
+        value: "Apache-2.0",
+        description: "Like MIT but includes explicit patent rights."
+      },
+      {
+        name: "GPL-3.0 (copyleft, derivatives must be GPL)",
+        value: "GPL-3.0",
+        description: "Requires derivative works to also be open source."
+      },
+      {
+        name: "BSD-3-Clause (permissive with attribution)",
+        value: "BSD-3-Clause",
+        description: "Simple permissive license with name protection."
+      }
+    ],
+    default: packageJson.license || "UNLICENSED"
+  });
+  log("");
+  log("\u2139\uFE0F  Note: License choice is separate from npm package visibility.", "cyan");
+  log("   \u2022 License = what others can legally do with your code", "gray");
+  log("   \u2022 Package access = who can download from npm (public vs private)", "gray");
+  log("   \u2022 This package will be published as PUBLIC on npm", "gray");
+  log("");
+  log("Step 2: Building the package", "cyan");
+  if (packageJson.scripts?.build) {
+    try {
+      execSync("npm run build", { cwd: packageRoot, stdio: "inherit" });
+      log("   \u2713 Build succeeded\n", "green");
+    } catch (error) {
+      log("   \u2717 Build failed", "red");
+      log("   Fix build errors before publishing\n", "gray");
+      process.exit(1);
+    }
+  } else {
+    log("   \u2139 No build script - skipping build step", "yellow");
+    log("   This is normal for app-templates and some packages\n", "gray");
+  }
+  log("Step 3: Creating test tarball", "cyan");
+  let tarballPath;
+  try {
+    const output = execSync("npm pack", { cwd: packageRoot, encoding: "utf-8" });
+    tarballPath = join(packageRoot, output.trim());
+    log(`   \u2713 Created: ${tarballPath}
+`, "green");
+  } catch (error) {
+    log("   \u2717 Failed to create tarball", "red");
+    log(`   ${error instanceof Error ? error.message : "Unknown error"}
+`, "gray");
+    process.exit(1);
+  }
+  log("Step 4: Preparing package.json for publishing", "cyan");
+  let packageJsonModified = false;
+  if (packageJson.license !== selectedLicense) {
+    packageJson.license = selectedLicense;
+    log(`   \u2713 Set license to "${selectedLicense}"`, "green");
+    packageJsonModified = true;
+  } else {
+    log(`   \u2713 License already set to "${selectedLicense}"`, "green");
+  }
+  if (packageJson.private === true) {
+    delete packageJson.private;
+    log('   \u2713 Removed "private": true', "green");
+    packageJsonModified = true;
+  }
+  if (!packageJson.publishConfig) {
+    packageJson.publishConfig = {};
+  }
+  if (packageJson.publishConfig.access !== "public") {
+    packageJson.publishConfig.access = "public";
+    log('   \u2713 Set publishConfig.access to "public"', "green");
+    packageJsonModified = true;
+  }
+  if (packageJsonModified) {
+    try {
+      writeFileSync(packageJsonPath, JSON.stringify(packageJson, null, 2) + "\n");
+      log("   \u2713 Updated package.json\n", "green");
+    } catch (error) {
+      log("   \u2717 Failed to update package.json", "red");
+      log(`   ${error instanceof Error ? error.message : "Unknown error"}
+`, "gray");
+      process.exit(1);
+    }
+  } else {
+    log("   \u2713 package.json already configured\n", "green");
+  }
+  log("Step 5: Checking if package is published to npm", "cyan");
+  let isPublished = false;
+  try {
+    execSync(`npm view ${packageName}`, { stdio: "pipe" });
+    isPublished = true;
+    log(`   \u2713 Package is already published to npm
+`, "green");
+  } catch (error) {
+    const errorMessage = error instanceof Error ? error.message : String(error);
+    const is404 = errorMessage.includes("404") || errorMessage.includes("Not Found") || errorMessage.includes("code E404");
+    if (is404) {
+      log(`   \u2139 Package not yet published to npm
+`, "gray");
+    } else {
+      log(`   \u26A0\uFE0F  Error checking npm publication status
+`, "yellow");
+      log(`   ${errorMessage}
+`, "gray");
+    }
+  }
+  if (!isPublished) {
+    log("Step 6: Publishing package to npm", "cyan");
+    log("   This is the initial publish required for Trusted Publishers setup.", "gray");
+    log("");
+    const answer = await prompt("Run npm publish now? (Y/n)");
+    if (answer === "" || answer === "y" || answer === "yes") {
+      try {
+        execSync("npm publish", { cwd: packageRoot, stdio: "inherit" });
+        log("\n   \u2713 Package published successfully!\n", "green");
+        isPublished = true;
+      } catch (error) {
+        log("\n   \u2717 Publish failed", "red");
+        log("   You may need to:\n", "gray");
+        log("   - Create the npm organization first: https://www.npmjs.com/org/create", "gray");
+        log("   - Log in to npm: npm login\n", "gray");
+        process.exit(1);
+      }
+    } else {
+      log("   Skipped. You can publish manually later with: npm publish\n", "gray");
+    }
+  }
+  if (isPublished) {
+    log("Step 7: Configure npm Trusted Publishing", "cyan");
+    log("\n   Next, you need to configure Trusted Publishing on npm:\n", "gray");
+    log("   1. Visit your package access page:", "gray");
+    log(`      https://www.npmjs.com/package/${packageName}/access
+`, "cyan");
+    log('   2. Scroll to "Trusted Publisher" section', "gray");
+    log('   3. Select "Github Actions" as the publisher', "gray");
+    log("   4. Configure Github Actions publisher with:", "gray");
+    log("      - Organization or owner: <your-github-org>", "gray");
+    log("      - Repository: <your-repo-name>", "gray");
+    log("      - Workflow filename: ci.yml", "gray");
+    log("      - Environment: (leave empty)\n", "gray");
+    log("   Full documentation: https://docs.npmjs.com/trusted-publishers\n", "gray");
+    await prompt("Press Enter when you have completed the Trusted Publisher setup...");
+  }
+  if (tarballPath && existsSync(tarballPath)) {
+    try {
+      unlinkSync(tarballPath);
+      log(`
+\u2713 Cleaned up tarball: ${tarballPath}`, "gray");
+    } catch (error) {
+    }
+  }
+  log("\n\u2705 Release setup complete!\n", "green");
+  log("Next steps:", "cyan");
+  log("1. Verify setup with: npm run release:verify", "gray");
+  log("2. Create a changeset: npm run changeset", "gray");
+  log("3. Push to GitHub - CI will handle automated publishing\n", "gray");
+}
+main().catch((error) => {
+  log(`
+\u274C Unexpected error: ${error.message}
+`, "red");
+  process.exit(1);
+});

package/dist/commands/verify.js

@@ -0,0 +1,168 @@
+#!/usr/bin/env node
+
+// src/commands/verify.ts
+import { execSync } from "child_process";
+import { readFileSync, existsSync } from "fs";
+import { join } from "path";
+import { detectLaunch77Context } from "@launch77/plugin-runtime";
+var colors = {
+  reset: "\x1B[0m",
+  red: "\x1B[31m",
+  green: "\x1B[32m",
+  yellow: "\x1B[33m",
+  cyan: "\x1B[36m",
+  gray: "\x1B[90m"
+};
+function log(message, color = "reset") {
+  console.log(`${colors[color]}${message}${colors.reset}`);
+}
+async function main() {
+  log("\n\u{1F50D} Release Verify - Check npm Package Setup\n", "cyan");
+  const context = await detectLaunch77Context(process.cwd());
+  if (!context.isValid || context.locationType === "workspace-root" || !context.appName) {
+    log("\u274C Error: Must be run from within an app directory", "red");
+    log("   Run this command from inside your app (e.g., apps/my-app)\n", "gray");
+    process.exit(1);
+  }
+  const dirMap = {
+    "workspace-app": "apps",
+    "workspace-library": "libraries",
+    "workspace-plugin": "plugins",
+    "workspace-app-template": "app-templates"
+  };
+  const dir = dirMap[context.locationType];
+  if (!dir) {
+    log("\u274C Error: Unsupported location type", "red");
+    log(`   Location type: ${context.locationType}
+`, "gray");
+    process.exit(1);
+  }
+  const packageRoot = join(context.workspaceRoot, dir, context.appName);
+  const packageJsonPath = join(packageRoot, "package.json");
+  if (!existsSync(packageJsonPath)) {
+    log("\u274C Error: package.json not found", "red");
+    log(`   Looking in: ${packageRoot}
+`, "gray");
+    process.exit(1);
+  }
+  let packageJson;
+  try {
+    packageJson = JSON.parse(readFileSync(packageJsonPath, "utf-8"));
+  } catch (error) {
+    log("\u274C Error: Could not parse package.json", "red");
+    log(`   ${error instanceof Error ? error.message : "Unknown error"}
+`, "gray");
+    process.exit(1);
+  }
+  const packageName = packageJson.name;
+  log(`\u{1F4E6} Package: ${packageName}
+`);
+  const checks = [];
+  let allPassed = true;
+  log("Checking package.json configuration...", "cyan");
+  if (packageJson.private === true) {
+    log("   \u2717 Package is marked as private", "red");
+    log("     This prevents publishing to npm", "gray");
+    checks.push({ name: "Package not private", passed: false, action: "Run: npm run release:connect" });
+    allPassed = false;
+  } else {
+    log("   \u2713 Package is not private", "green");
+    checks.push({ name: "Package not private", passed: true });
+  }
+  if (packageJson.license === "UNLICENSED") {
+    log("   \u2713 License: UNLICENSED", "green");
+    checks.push({ name: "License field", passed: true });
+  } else {
+    log('   \u2717 License should be "UNLICENSED"', "red");
+    log("     Current: " + (packageJson.license || "not set"), "gray");
+    checks.push({ name: "License field", passed: false, action: 'Set "license": "UNLICENSED"' });
+    allPassed = false;
+  }
+  if (packageJson.publishConfig?.access === "public") {
+    log("   \u2713 publishConfig.access: public", "green");
+    checks.push({ name: "PublishConfig.access", passed: true });
+  } else {
+    log('   \u2717 publishConfig.access should be "public"', "red");
+    log("     Current: " + (packageJson.publishConfig?.access || "not set"), "gray");
+    checks.push({ name: "PublishConfig.access", passed: false, action: 'Add "publishConfig": { "access": "public" }' });
+    allPassed = false;
+  }
+  if (packageJson.main) {
+    log("   \u2713 Main entry point defined", "green");
+    checks.push({ name: "Main entry point", passed: true });
+  } else {
+    log("   \u2717 Main entry point not defined", "yellow");
+    checks.push({ name: "Main entry point", passed: false, action: 'Add "main" field if needed' });
+  }
+  log("");
+  log("Checking npm publication status...", "cyan");
+  let isPublished = false;
+  try {
+    execSync(`npm view ${packageName}`, { stdio: "pipe" });
+    isPublished = true;
+    log("   \u2713 Package is published to npm", "green");
+    checks.push({ name: "Published to npm", passed: true });
+  } catch (error) {
+    const errorMessage = error instanceof Error ? error.message : String(error);
+    const is404 = errorMessage.includes("404") || errorMessage.includes("Not Found") || errorMessage.includes("code E404");
+    if (is404) {
+      log("   \u2717 Package not found on npm", "red");
+      log("     Note: New packages can take several minutes to propagate through npm's CDN", "gray");
+    } else {
+      log("   \u2717 Error checking npm publication status", "red");
+      log(`     ${errorMessage}`, "gray");
+    }
+    checks.push({ name: "Published to npm", passed: false, action: "Run: npm run release:connect" });
+    allPassed = false;
+  }
+  log("");
+  log("Checking build...", "cyan");
+  if (packageJson.scripts?.build) {
+    try {
+      execSync("npm run build", { cwd: packageRoot, stdio: "pipe" });
+      log("   \u2713 Build succeeds", "green");
+      checks.push({ name: "Build succeeds", passed: true });
+    } catch (error) {
+      log("   \u2717 Build fails", "red");
+      checks.push({ name: "Build succeeds", passed: false, action: "Fix build errors" });
+      allPassed = false;
+    }
+  } else {
+    log("   \u26A0 No build script defined", "yellow");
+    checks.push({ name: "Build script", passed: true, warning: true });
+  }
+  log("");
+  log("\u2500".repeat(60), "gray");
+  log("\nSummary:\n", "cyan");
+  const passedChecks = checks.filter((c) => c.passed).length;
+  const totalChecks = checks.length;
+  if (allPassed) {
+    log(`\u2705 All checks passed! (${passedChecks}/${totalChecks})
+`, "green");
+    log("Your package is ready for automated publishing via GitHub Actions.\n", "gray");
+    log("Next steps:", "cyan");
+    log("1. Create a changeset: npm run changeset", "gray");
+    log("2. Commit and push to main branch", "gray");
+    log('3. CI will automatically create a "Version Packages" PR', "gray");
+    log("4. Merge the PR to publish to npm\n", "gray");
+  } else {
+    log(`\u26A0\uFE0F  Some checks failed (${passedChecks}/${totalChecks} passed)
+`, "yellow");
+    log("Action items:\n", "cyan");
+    checks.filter((c) => !c.passed).forEach((c) => {
+      log(`\u2022 ${c.name}:`, "red");
+      log(`  ${c.action}
+`, "gray");
+    });
+    if (!isPublished) {
+      log("To complete setup, run:", "cyan");
+      log("  npm run release:connect\n", "gray");
+    }
+  }
+}
+main().catch((error) => {
+  log(`
+\u274C Unexpected error: ${error.message}
+`, "red");
+  process.exit(1);
+});

package/dist/generator.js

@@ -0,0 +1,74 @@
+#!/usr/bin/env node
+
+// src/generator.ts
+import * as fs from "fs";
+import * as path from "path";
+import chalk from "chalk";
+import { StandardGenerator } from "@launch77/plugin-runtime";
+var ReleaseGenerator = class extends StandardGenerator {
+  constructor(context) {
+    super(context);
+  }
+  async injectCode() {
+    console.log(chalk.cyan("\u{1F527} Configuring release automation...\n"));
+    await this.addReleaseScripts();
+  }
+  async addReleaseScripts() {
+    const packageJsonPath = path.join(this.context.appPath, "package.json");
+    try {
+      const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, "utf-8"));
+      const releaseScripts = {
+        "release:connect": "launch77-release-connect",
+        "release:verify": "launch77-release-verify"
+      };
+      packageJson.scripts = {
+        ...packageJson.scripts,
+        ...releaseScripts
+      };
+      fs.writeFileSync(packageJsonPath, JSON.stringify(packageJson, null, 2) + "\n");
+      console.log(chalk.green("   \u2713 Added release scripts to package.json"));
+      console.log(chalk.gray("     - release:connect (setup npm publishing)"));
+      console.log(chalk.gray("     - release:verify (verify setup)\n"));
+    } catch (error) {
+      console.log(chalk.yellow(`   \u26A0\uFE0F  Could not update package.json: ${error instanceof Error ? error.message : "Unknown error"}`));
+      console.log(chalk.gray("   You may need to add the scripts manually.\n"));
+    }
+  }
+  showNextSteps() {
+    console.log(chalk.white("\n" + "\u2500".repeat(60) + "\n"));
+    console.log(chalk.cyan("\u{1F4CB} Release Plugin Installed!\n"));
+    console.log(chalk.white("Next Steps:\n"));
+    console.log(chalk.gray("1. Set up this package for npm publishing:"));
+    console.log(chalk.cyan("   npm run release:connect\n"));
+    console.log(chalk.gray("2. Verify your setup anytime with:"));
+    console.log(chalk.cyan("   npm run release:verify\n"));
+    console.log(chalk.gray("3. After setup, create changesets for releases:"));
+    console.log(chalk.cyan("   npm run changeset\n"));
+    console.log(chalk.white("Documentation:\n"));
+    console.log(chalk.gray("See src/modules/release/README.md for detailed instructions.\n"));
+  }
+};
+async function main() {
+  const args = process.argv.slice(2);
+  const appPath = args.find((arg) => arg.startsWith("--appPath="))?.split("=")[1];
+  const appName = args.find((arg) => arg.startsWith("--appName="))?.split("=")[1];
+  const workspaceName = args.find((arg) => arg.startsWith("--workspaceName="))?.split("=")[1];
+  const pluginPath = args.find((arg) => arg.startsWith("--pluginPath="))?.split("=")[1];
+  if (!appPath || !appName || !workspaceName || !pluginPath) {
+    console.error(chalk.red("Error: Missing required arguments"));
+    console.error(chalk.gray("Usage: --appPath=<path> --appName=<name> --workspaceName=<name> --pluginPath=<path>"));
+    process.exit(1);
+  }
+  const generator = new ReleaseGenerator({ appPath, appName, workspaceName, pluginPath });
+  await generator.run();
+}
+if (import.meta.url === `file://${process.argv[1]}`) {
+  main().catch((error) => {
+    console.error(chalk.red("\n\u274C Error during release plugin setup:"));
+    console.error(error);
+    process.exit(1);
+  });
+}
+export {
+  ReleaseGenerator
+};

package/package.json

@@ -0,0 +1,53 @@
+{
+  "name": "@launch77-shared/plugin-release",
+  "version": "1.0.0",
+  "description": "Launch77 release plugin - Setup npm packages for automated publishing",
+  "license": "UNLICENSED",
+  "type": "module",
+  "main": "dist/generator.js",
+  "bin": {
+    "generate": "./dist/generator.js",
+    "launch77-release-connect": "./dist/commands/connect.js",
+    "launch77-release-verify": "./dist/commands/verify.js"
+  },
+  "files": [
+    "dist/",
+    "templates/",
+    "plugin.json"
+  ],
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "typecheck": "tsc --noEmit",
+    "lint": "eslint src/**/*.ts",
+    "test:integration": "vitest run --config vitest.integration.config.ts",
+    "release:connect": "launch77-release-connect",
+    "release:verify": "launch77-release-verify"
+  },
+  "dependencies": {
+    "@inquirer/prompts": "^8.0.0",
+    "@launch77/plugin-runtime": "^0.3.0",
+    "chalk": "^5.3.0"
+  },
+  "devDependencies": {
+    "@types/node": "^20.10.0",
+    "execa": "^9.0.0",
+    "fs-extra": "^11.2.0",
+    "tsup": "^8.0.0",
+    "typescript": "^5.3.0",
+    "vitest": "^4.0.16"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "launch77": {
+    "installedPlugins": {
+      "release": {
+        "package": "release",
+        "version": "1.0.0",
+        "installedAt": "2026-01-23T16:49:37.475Z",
+        "source": "local"
+      }
+    }
+  }
+}

package/plugin.json

@@ -0,0 +1,5 @@
+{
+  "targets": ["app", "library", "plugin", "app-template"],
+  "pluginDependencies": {},
+  "libraryDependencies": {}
+}

package/templates/src/modules/release/README.md

@@ -0,0 +1,164 @@
+# Release Module
+
+This module provides tools to set up and verify npm package publishing with Trusted Publishers.
+
+## Overview
+
+The release module automates the setup process for publishing packages to npm using GitHub Actions with Trusted Publishers (OIDC). This eliminates the need for NPM_TOKEN secrets and provides a more secure publishing workflow.
+
+**Important:** All packages start as `"private": true` by default. This prevents changesets from attempting to publish unprepared packages. Running `release:connect` removes the private flag and configures the package for publishing.
+
+## Available Scripts
+
+### `npm run release:connect`
+
+Interactive script that guides you through the initial npm publishing setup:
+
+1. **Validates package.json** - Checks that license and publishConfig are correct
+2. **Builds the package** - Runs `npm run build` to ensure it compiles
+3. **Creates test tarball** - Runs `npm pack` to create a .tgz file
+4. **Prepares for publishing** - Removes `"private": true` and sets `"publishConfig.access": "public"`
+5. **Publishes to npm** - Performs the initial `npm publish` (required for Trusted Publishers)
+6. **Guides Trusted Publisher setup** - Provides step-by-step instructions
+
+**When to run:** Once per package, before setting up automated releases.
+
+```bash
+npm run release:connect
+```
+
+### `npm run release:verify`
+
+Verification script that checks if your package is properly configured:
+
+- ✓ Checks package is not private
+- ✓ Checks package.json configuration
+- ✓ Verifies package is published to npm
+- ✓ Validates build succeeds
+- ✓ Shows action items if anything is missing
+
+**When to run:** Anytime you want to verify your package is ready for publishing.
+
+```bash
+npm run release:verify
+```
+
+## Setup Process
+
+### Prerequisites
+
+Before running `release:connect`, ensure:
+
+1. **npm organization exists** - Create at https://www.npmjs.com/org/create
+2. **Workspace is connected to GitHub** - Run `launch77 git:connect`
+3. **Release workflow initialized** - Run `launch77 release:init`
+4. **You're logged into npm** - Run `npm login`
+
+### Initial Setup
+
+1. Navigate to your package directory:
+
+   ```bash
+   cd apps/my-app
+   ```
+
+2. Run the connect script:
+
+   ```bash
+   npm run release:connect
+   ```
+
+3. Follow the interactive prompts:
+   - Confirm package.json settings
+   - Build the package
+   - Publish to npm
+   - Configure Trusted Publisher on npm website
+
+4. Verify setup:
+   ```bash
+   npm run release:verify
+   ```
+
+## Trusted Publishers Setup
+
+After running `release:connect`, you need to configure Trusted Publishers on the npm website:
+
+1. Visit your package access page:
+
+   ```
+   https://www.npmjs.com/package/<your-package-name>/access
+   ```
+
+2. Scroll to "Publishing Access" section
+
+3. Click "Configure Trusted Publishers"
+
+4. Add GitHub Actions as a trusted publisher:
+   - **Provider:** GitHub Actions
+   - **Repository owner:** your-github-org
+   - **Repository name:** your-repo-name
+   - **Workflow:** .github/workflows/ci.yml
+   - **Environment:** (leave empty for any)
+
+5. Save the configuration
+
+Full documentation: https://docs.npmjs.com/trusted-publishers
+
+## Publishing Workflow
+
+Once setup is complete, use changesets for version management:
+
+```bash
+# Create a changeset (describe what changed)
+npm run changeset
+
+# Commit and push to main
+git add .
+git commit -m "Add changeset"
+git push
+
+# CI will automatically:
+# 1. Create a "Version Packages" PR
+# 2. When merged, publish to npm via Trusted Publishers
+```
+
+## Troubleshooting
+
+### Build Fails
+
+If `npm run build` fails:
+
+- Fix TypeScript/build errors
+- Ensure all dependencies are installed
+- Check tsconfig.json configuration
+
+### Publish Fails (Organization Not Found)
+
+If `npm publish` fails with "organization not found":
+
+- Create the npm organization first: https://www.npmjs.com/org/create
+- Make sure you're logged in: `npm login`
+- Verify your npm account has access to the organization
+
+### Trusted Publisher Not Working
+
+If GitHub Actions can't publish after Trusted Publisher setup:
+
+- Verify repository owner/name match exactly
+- Check workflow path is correct (.github/workflows/ci.yml)
+- Ensure workflow has `id-token: write` permission
+- Wait a few minutes for npm to propagate changes
+
+### Package.json Validation Fails
+
+Common fixes:
+
+- Set `"license": "UNLICENSED"` for proprietary packages
+- Add `"publishConfig": { "access": "public" }` for scoped packages
+- Ensure `"main"` field points to built output (e.g., "dist/index.js")
+
+## Additional Resources
+
+- [npm Trusted Publishers Documentation](https://docs.npmjs.com/trusted-publishers)
+- [Changesets Documentation](https://github.com/changesets/changesets)
+- [GitHub Actions OIDC](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect)