climaybe 1.0.0 → 1.3.0

package/src/workflows/preview/reusable-rename-theme.yml

@@ -0,0 +1,73 @@
+name: Rename Theme
+
+on:
+  workflow_call:
+    inputs:
+      theme_id:
+        required: true
+        type: string
+        description: "Theme ID to rename"
+      theme_name:
+        required: true
+        type: string
+        description: "Current theme name"
+      pr_number:
+        required: true
+        type: string
+        description: "PR number to append"
+      store_alias:
+        required: false
+        type: string
+        description: "Store alias for scoped secret lookup"
+      store_alias_secret:
+        required: false
+        type: string
+        description: "Upper snake-case alias for scoped secret lookup"
+    secrets:
+      SHOPIFY_STORE_URL:
+        required: false
+      SHOPIFY_CLI_THEME_TOKEN:
+        required: false
+
+jobs:
+  rename:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install Shopify CLI
+        run: npm install -g @shopify/cli @shopify/theme
+
+      - name: Rename theme
+        env:
+          SHOPIFY_STORE_URL: ${{ secrets.SHOPIFY_STORE_URL }}
+          SHOPIFY_CLI_THEME_TOKEN: ${{ secrets.SHOPIFY_CLI_THEME_TOKEN }}
+          THEME_ID: ${{ inputs.theme_id }}
+          THEME_NAME: ${{ inputs.theme_name }}
+          PR_NUMBER: ${{ inputs.pr_number }}
+        run: |
+          if [ -z "$THEME_ID" ] || [ -z "$THEME_NAME" ]; then
+            echo "Missing theme_id/theme_name."
+            exit 1
+          fi
+          if [ -z "$SHOPIFY_STORE_URL" ] || [ -z "$SHOPIFY_CLI_THEME_TOKEN" ]; then
+            echo "Missing Shopify store URL/token for rename."
+            exit 1
+          fi
+
+          NEW_THEME_NAME="${THEME_NAME}-PR${PR_NUMBER}"
+          echo "Renaming theme $THEME_ID to '$NEW_THEME_NAME'..."
+
+          if shopify theme rename \
+            --store "$SHOPIFY_STORE_URL" \
+            --password "$SHOPIFY_CLI_THEME_TOKEN" \
+            --theme "$THEME_ID" \
+            --name "$NEW_THEME_NAME" 2>&1; then
+            echo "Rename succeeded with password auth."
+          elif shopify theme rename \
+            --store "$SHOPIFY_STORE_URL" \
+            --theme "$THEME_ID" \
+            --name "$NEW_THEME_NAME" 2>&1; then
+            echo "Rename succeeded with authenticated session."
+          else
+            echo "Failed to rename theme."
+            exit 1
+          fi

package/src/workflows/preview/reusable-share-theme.yml

@@ -0,0 +1,94 @@
+name: Share Theme
+
+on:
+  workflow_call:
+    inputs:
+      pr_number:
+        required: false
+        type: string
+        description: "PR number for theme naming context"
+      store_alias:
+        required: false
+        type: string
+        description: "Store alias for scoped secret lookup"
+      store_alias_secret:
+        required: false
+        type: string
+        description: "Upper snake-case alias for scoped secret lookup"
+    outputs:
+      theme_id:
+        description: "Shared theme ID"
+        value: ${{ jobs.share.outputs.theme_id }}
+      theme_name:
+        description: "Shared theme name"
+        value: ${{ jobs.share.outputs.theme_name }}
+      share_output:
+        description: "Raw share command output"
+        value: ${{ jobs.share.outputs.share_output }}
+    secrets:
+      SHOPIFY_STORE_URL:
+        required: false
+      SHOPIFY_CLI_THEME_TOKEN:
+        required: false
+
+jobs:
+  share:
+    runs-on: ubuntu-latest
+    outputs:
+      theme_id: ${{ steps.share.outputs.theme_id }}
+      theme_name: ${{ steps.share.outputs.theme_name }}
+      share_output: ${{ steps.share.outputs.share_output }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Validate theme root
+        run: |
+          if [ ! -f "layout/theme.liquid" ]; then
+            echo "layout/theme.liquid not found. Ensure workflow runs at theme repository root."
+            exit 1
+          fi
+
+      - name: Install Shopify CLI
+        run: npm install -g @shopify/cli @shopify/theme
+
+      - name: Share theme
+        id: share
+        env:
+          SHOPIFY_STORE_URL: ${{ secrets.SHOPIFY_STORE_URL }}
+          SHOPIFY_CLI_THEME_TOKEN: ${{ secrets.SHOPIFY_CLI_THEME_TOKEN }}
+        run: |
+          if [ -z "$SHOPIFY_STORE_URL" ] || [ -z "$SHOPIFY_CLI_THEME_TOKEN" ]; then
+            echo "Missing Shopify secrets."
+            exit 1
+          fi
+
+          OUTPUT=$(shopify theme share \
+            --store "$SHOPIFY_STORE_URL" \
+            --password "$SHOPIFY_CLI_THEME_TOKEN" 2>&1)
+          STATUS=$?
+
+          echo "$OUTPUT"
+          if [ $STATUS -ne 0 ]; then
+            echo "Theme share failed."
+            exit $STATUS
+          fi
+
+          THEME_NAME=$(echo "$OUTPUT" | sed -n "s/.*The theme '\([^']*\)'.*/\1/p" | head -1)
+          THEME_ID=$(echo "$OUTPUT" | sed -n 's/.*#\([0-9]*\).*/\1/p' | head -1)
+
+          if [ -z "$THEME_ID" ]; then
+            echo "Could not parse theme id from share output."
+            exit 1
+          fi
+
+          echo "theme_id=$THEME_ID" >> $GITHUB_OUTPUT
+          if [ -n "$THEME_NAME" ]; then
+            echo "theme_name=$THEME_NAME" >> $GITHUB_OUTPUT
+          fi
+
+          {
+            echo "share_output<<SHARE_EOF"
+            echo "$OUTPUT"
+            echo "SHARE_EOF"
+          } >> $GITHUB_OUTPUT

package/src/workflows/shared/ai-changelog.yml

@@ -1,5 +1,5 @@
 # climaybe — AI Changelog Generator (Reusable Workflow)
-# Uses Google Gemini to classify commits and generate a changelog.
+# Uses Gemini when available, otherwise falls back to GitHub Models.
 
 name: AI Changelog
 
@@ -21,11 +21,14 @@ on:
         value: ${{ jobs.generate.outputs.changelog }}
     secrets:
       GEMINI_API_KEY:
-        required: true
+        required: false
 
 jobs:
   generate:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      models: read
     outputs:
       changelog: ${{ steps.ai.outputs.changelog }}
 
@@ -43,17 +46,23 @@ jobs:
             echo "commits=" >> $GITHUB_OUTPUT
             exit 0
           fi
-          # Escape for JSON
-          COMMITS_ESCAPED=$(echo "$COMMITS" | jq -Rs .)
-          echo "commits=$COMMITS_ESCAPED" >> $GITHUB_OUTPUT
+          # Keep commits as multiline plain text
+          {
+            echo "commits<<COMMITS_EOF"
+            echo "$COMMITS"
+            echo "COMMITS_EOF"
+          } >> $GITHUB_OUTPUT
 
-      - name: Generate changelog with Gemini
+      - name: Generate changelog (Gemini -> GitHub Models fallback)
         id: ai
         if: steps.commits.outputs.commits != ''
         env:
           GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          COMMITS_RAW: ${{ steps.commits.outputs.commits }}
         run: |
-          COMMITS=${{ steps.commits.outputs.commits }}
+          COMMITS="$COMMITS_RAW"
+          PROVIDER="fallback"
 
           PROMPT=$(cat <<'PROMPT_EOF'
           You are a changelog generator for a Shopify theme repository.
@@ -71,30 +80,79 @@ jobs:
           PROMPT_EOF
           )
 
-          PAYLOAD=$(jq -n \
-            --arg prompt "$PROMPT" \
-            --argjson commits "$COMMITS" \
-            '{
-              "contents": [{
-                "parts": [{"text": ($prompt + "\n" + $commits)}]
-              }],
-              "generationConfig": {
+          CHANGELOG=""
+
+          # 1) Gemini path (if secret exists)
+          if [ -n "$GEMINI_API_KEY" ]; then
+            PAYLOAD=$(jq -n \
+              --arg prompt "$PROMPT" \
+              --arg commits "$COMMITS" \
+              '{
+                "contents": [{
+                  "parts": [{"text": ($prompt + "\n" + $commits)}]
+                }],
+                "generationConfig": {
+                  "temperature": 0.3,
+                  "maxOutputTokens": 2048
+                }
+              }')
+
+            RESPONSE=$(curl -s -X POST \
+              "https://generativelanguage.googleapis.com/v1beta/models/gemini-2.0-flash:generateContent?key=${GEMINI_API_KEY}" \
+              -H "Content-Type: application/json" \
+              -d "$PAYLOAD")
+
+            CHANGELOG=$(echo "$RESPONSE" | jq -r '.candidates[0].content.parts[0].text // empty' 2>/dev/null || true)
+            if [ -n "$CHANGELOG" ] && [ "$CHANGELOG" != "null" ]; then
+              PROVIDER="gemini"
+            fi
+          fi
+
+          # 2) GitHub Models path (Copilot-backed models)
+          if [ -z "$CHANGELOG" ] || [ "$CHANGELOG" = "null" ]; then
+            GH_PAYLOAD=$(jq -n \
+              --arg prompt "$PROMPT" \
+              --arg commits "$COMMITS" \
+              '{
+                "model": "gpt-4o-mini",
+                "messages": [
+                  {"role":"system","content":"You are a changelog generator for Shopify theme repos. Output markdown only."},
+                  {"role":"user","content": ($prompt + "\n" + $commits)}
+                ],
                 "temperature": 0.3,
-                "maxOutputTokens": 2048
-              }
-            }')
+                "max_tokens": 1200
+              }')
+
+            GH_RESPONSE=$(curl -s -X POST \
+              "https://models.inference.ai.azure.com/chat/completions" \
+              -H "Content-Type: application/json" \
+              -H "Authorization: Bearer ${GITHUB_TOKEN}" \
+              -d "$GH_PAYLOAD")
 
-          RESPONSE=$(curl -s -X POST \
-            "https://generativelanguage.googleapis.com/v1beta/models/gemini-2.0-flash:generateContent?key=${GEMINI_API_KEY}" \
-            -H "Content-Type: application/json" \
-            -d "$PAYLOAD")
+            CHANGELOG=$(echo "$GH_RESPONSE" | jq -r '.choices[0].message.content // empty' 2>/dev/null || true)
+            if [ -n "$CHANGELOG" ] && [ "$CHANGELOG" != "null" ]; then
+              PROVIDER="github-models"
+            fi
+          fi
+
+          # 3) Safe fallback if both providers fail
+          if [ -z "$CHANGELOG" ] || [ "$CHANGELOG" = "null" ]; then
+            COMMIT_LINES="$COMMITS"
+            CHANGELOG=$(printf "## Chore\n")
+            while IFS= read -r line; do
+              [ -z "$line" ] && continue
+              SUBJECT="${line#* }"
+              CHANGELOG="${CHANGELOG}- ${SUBJECT}\n"
+            done <<< "$COMMIT_LINES"
+            PROVIDER="static-fallback"
+          fi
 
-          CHANGELOG=$(echo "$RESPONSE" | jq -r '.candidates[0].content.parts[0].text // "Changelog generation failed."')
+          echo "Changelog provider: $PROVIDER"
 
           # Write to output (multiline)
           {
             echo "changelog<<CHANGELOG_EOF"
-            echo "$CHANGELOG"
+            printf "%b\n" "$CHANGELOG"
             echo "CHANGELOG_EOF"
           } >> $GITHUB_OUTPUT
 

package/src/workflows/shared/version-bump.yml

@@ -52,8 +52,12 @@ jobs:
           EXPLICIT_VERSION="${{ inputs.version }}"
 
           if [ -n "$EXPLICIT_VERSION" ]; then
-            # Use explicit version, ensure it starts with v
+            # Use explicit version; ensure v prefix and always three-part (e.g. v3.2.0)
             NEW_VERSION="${EXPLICIT_VERSION#v}"
+            PARTS=$(echo "$NEW_VERSION" | tr '.' '\n' | wc -l)
+            if [ "$PARTS" -eq "2" ]; then
+              NEW_VERSION="${NEW_VERSION}.0"
+            fi
             NEW_VERSION="v${NEW_VERSION}"
           else
             # Get latest tag
@@ -102,6 +106,7 @@ jobs:
       - name: Commit and tag
         run: |
           NEW_VERSION="${{ steps.bump.outputs.new_version }}"
+          TAG_CREATED="false"
 
           # Stage changes
           git add -A
@@ -111,12 +116,22 @@ jobs:
             git commit -m "chore(release): bump version to ${NEW_VERSION}"
           fi
 
-          # Create annotated tag
-          CHANGELOG="${{ inputs.changelog }}"
-          if [ -n "$CHANGELOG" ]; then
-            git tag -a "$NEW_VERSION" -m "$CHANGELOG"
+          # Guard against duplicate tag creation (local or remote).
+          if git ls-remote --exit-code --tags origin "refs/tags/${NEW_VERSION}" >/dev/null 2>&1; then
+            echo "Tag ${NEW_VERSION} already exists on origin, reusing."
+          elif git rev-parse -q --verify "refs/tags/${NEW_VERSION}" >/dev/null; then
+            echo "Tag ${NEW_VERSION} already exists locally, reusing."
           else
-            git tag -a "$NEW_VERSION" -m "Release ${NEW_VERSION}"
+            CHANGELOG="${{ inputs.changelog }}"
+            if [ -n "$CHANGELOG" ]; then
+              git tag -a "$NEW_VERSION" -m "$CHANGELOG"
+            else
+              git tag -a "$NEW_VERSION" -m "Release ${NEW_VERSION}"
+            fi
+            TAG_CREATED="true"
           fi
 
-          git push origin HEAD --follow-tags
+          git push origin HEAD
+          if [ "$TAG_CREATED" = "true" ]; then
+            git push origin "$NEW_VERSION"
+          fi

package/src/workflows/single/nightly-hotfix.yml

@@ -30,6 +30,8 @@ jobs:
 
       - name: Check for untagged commits
         id: check
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           LATEST_TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "")
 
@@ -41,8 +43,42 @@ jobs:
 
           echo "last_tag=$LATEST_TAG" >> $GITHUB_OUTPUT
 
-          # Count commits since last tag, excluding version bump commits
-          COMMITS=$(git log ${LATEST_TAG}..HEAD --pretty=format:"%s" | grep -v "chore(release): bump version" | grep -v "\[hotfix-backport\]" || true)
+          # Collect candidate commits since last tag.
+          # Exclude known workflow/system commits first, then exclude commits
+          # that are associated with PRs whose source branch is staging-*.
+          CANDIDATES=$(git log ${LATEST_TAG}..HEAD --pretty=format:"%H%x09%s" | \
+            grep -v "chore(release): bump version" | \
+            grep -v "\[hotfix-backport\]" | \
+            grep -v "\[skip-store-sync\]" | \
+            grep -v "\[stores-to-root\]" | \
+            grep -v "\[root-to-stores\]" || true)
+
+          COMMITS=""
+          SKIPPED_UNKNOWN=0
+          while IFS=$'\t' read -r SHA SUBJECT; do
+            [ -z "$SHA" ] && continue
+
+            HEAD_REF=$(gh api \
+              repos/${{ github.repository }}/commits/$SHA/pulls \
+              --jq '.[0].head.ref // ""' 2>/dev/null || true)
+
+            if [ -z "$HEAD_REF" ]; then
+              SKIPPED_UNKNOWN=$((SKIPPED_UNKNOWN + 1))
+              echo "Skipping commit due to missing PR metadata: $SHA"
+              continue
+            fi
+
+            if [[ "$HEAD_REF" == staging-* ]]; then
+              echo "Skipping store-backport commit from $HEAD_REF: $SHA"
+              continue
+            fi
+
+            COMMITS="${COMMITS}${SUBJECT}"$'\n'
+          done <<< "$CANDIDATES"
+
+          if [ "$SKIPPED_UNKNOWN" -gt 0 ]; then
+            echo "Skipped $SKIPPED_UNKNOWN commit(s) due to missing PR metadata (fail-safe)."
+          fi
 
           if [ -n "$COMMITS" ]; then
             COMMIT_COUNT=$(echo "$COMMITS" | wc -l | tr -d ' ')

package/src/workflows/single/post-merge-tag.yml

@@ -1,7 +1,7 @@
-# climaybe — Post-Merge Tag (Single-store)
-# After a staging → main PR is merged, detects the target version from the PR title
-# and bumps the minor version accordingly.
-# PR title convention: "Release v3.2" or "Release v3.2.0"
+# climaybe — Post-Merge Tag (Single-store & Multi-store)
+# After a staging → main PR is merged: detects target version from PR title, minor bump (e.g. v3.2.0).
+# After staging-<store> or live-<store> is synced to main (multistore-hotfix-to-main): patch bump (e.g. v3.2.1).
+# Version format is always three-part: v3.2.0. PR title convention for release: "Release v3.2" or "Release v3.2.0"
 
 name: Post-Merge Tag
 
@@ -20,8 +20,9 @@ jobs:
     outputs:
       is_release: ${{ steps.check.outputs.is_release }}
       version: ${{ steps.check.outputs.version }}
+      is_hotfix_backport: ${{ steps.check.outputs.is_hotfix_backport }}
     steps:
-      - name: Check if this push is from a merged staging PR
+      - name: Check if this push is from a merged staging PR or hotfix backport
         id: check
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -29,19 +30,23 @@ jobs:
           # Check the commit message for merge indicator
           COMMIT_MSG=$(echo "${{ github.event.head_commit.message }}" | head -1)
 
-          # Skip hotfix backports
-          if echo "$COMMIT_MSG" | grep -q "\[hotfix-backport\]"; then
+          # Skip version bump commits from this workflow (avoid loop)
+          if echo "$COMMIT_MSG" | grep -q "chore(release): bump version"; then
+            echo "Skipping post-merge tag: version bump commit."
             echo "is_release=false" >> $GITHUB_OUTPUT
+            echo "is_hotfix_backport=false" >> $GITHUB_OUTPUT
             exit 0
           fi
 
-          # Skip version bump commits from this workflow
-          if echo "$COMMIT_MSG" | grep -q "chore(release): bump version"; then
+          # Automatic hotfix sync (multistore-hotfix-to-main merge commit)
+          if echo "$COMMIT_MSG" | grep -q "\[hotfix-backport\]"; then
             echo "is_release=false" >> $GITHUB_OUTPUT
+            echo "is_hotfix_backport=true" >> $GITHUB_OUTPUT
+            echo "Detected hotfix backport merge, will trigger patch bump."
             exit 0
           fi
 
-          # Look for merged PR that targeted main from staging
+          # Look for merged PR that targeted main
           PR_NUMBER=$(echo "$COMMIT_MSG" | grep -oP '#\K\d+' | head -1 || true)
 
           if [ -n "$PR_NUMBER" ]; then
@@ -51,27 +56,36 @@ jobs:
               HEAD_REF=$(echo "$PR_DATA" | jq -r '.head.ref')
               TITLE=$(echo "$PR_DATA" | jq -r '.title')
 
+              # Staging → main: release (minor bump)
               if [ "$HEAD_REF" = "staging" ]; then
-                # Extract version from PR title: "Release v3.2" or "Release v3.2.0"
                 VERSION=$(echo "$TITLE" | grep -oP 'v\d+\.\d+(\.\d+)?' || true)
-
                 if [ -n "$VERSION" ]; then
-                  # Ensure it has 3 parts
                   PARTS=$(echo "$VERSION" | tr '.' '\n' | wc -l)
                   if [ "$PARTS" -eq "2" ]; then
                     VERSION="${VERSION}.0"
                   fi
-
                   echo "is_release=true" >> $GITHUB_OUTPUT
                   echo "version=$VERSION" >> $GITHUB_OUTPUT
+                  echo "is_hotfix_backport=false" >> $GITHUB_OUTPUT
                   echo "Detected release version: $VERSION"
                   exit 0
                 fi
+                echo "Skipping post-merge tag: staging PR title missing release version."
+              fi
+
+              # live-<store> → main: hotfix backport (patch bump)
+              if [[ "$HEAD_REF" == live-* ]]; then
+                echo "is_release=false" >> $GITHUB_OUTPUT
+                echo "is_hotfix_backport=true" >> $GITHUB_OUTPUT
+                echo "Detected hotfix backport from $HEAD_REF, will trigger patch bump."
+                exit 0
               fi
             fi
           fi
 
+          echo "Skipping post-merge tag: push is not a merged staging release or hotfix backport PR."
           echo "is_release=false" >> $GITHUB_OUTPUT
+          echo "is_hotfix_backport=false" >> $GITHUB_OUTPUT
 
   # Generate changelog for the release
   changelog:
@@ -84,7 +98,7 @@ jobs:
     secrets:
       GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
 
-  # Apply version bump
+  # Apply version bump (minor for release)
   bump:
     needs: [detect, changelog]
     if: needs.detect.outputs.is_release == 'true'
@@ -94,3 +108,42 @@ jobs:
       version: ${{ needs.detect.outputs.version }}
       changelog: ${{ needs.changelog.outputs.changelog }}
     secrets: inherit
+
+  # Resolve last tag for hotfix changelog (base_ref)
+  hotfix-base:
+    needs: detect
+    if: needs.detect.outputs.is_hotfix_backport == 'true'
+    runs-on: ubuntu-latest
+    outputs:
+      last_tag: ${{ steps.tag.outputs.last_tag }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Get latest tag
+        id: tag
+        run: |
+          LAST_TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "v0.0.0")
+          echo "last_tag=$LAST_TAG" >> $GITHUB_OUTPUT
+          echo "Base ref for hotfix changelog: $LAST_TAG"
+
+  # Generate changelog for hotfix (since last tag)
+  changelog-hotfix:
+    needs: [detect, hotfix-base]
+    if: needs.detect.outputs.is_hotfix_backport == 'true'
+    uses: ./.github/workflows/ai-changelog.yml
+    with:
+      base_ref: ${{ needs.hotfix-base.outputs.last_tag }}
+      head_ref: HEAD
+    secrets:
+      GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
+
+  # Apply patch version bump after hotfix backport merge
+  bump-hotfix:
+    needs: [detect, hotfix-base, changelog-hotfix]
+    if: needs.detect.outputs.is_hotfix_backport == 'true'
+    uses: ./.github/workflows/version-bump.yml
+    with:
+      bump_type: patch
+      changelog: ${{ needs.changelog-hotfix.outputs.changelog }}
+    secrets: inherit

package/src/workflows/single/release-pr-check.yml

@@ -68,10 +68,16 @@ jobs:
             PATCH=$((PATCH + 1))
             NEW_TAG="v${MAJOR}.${MINOR}.${PATCH}"
 
-            git tag -a "$NEW_TAG" -m "Pre-release lock before staging merge"
-            git push origin "$NEW_TAG"
-            echo "new_tag=$NEW_TAG" >> $GITHUB_OUTPUT
-            echo "Created pre-release tag: $NEW_TAG"
+            # Avoid duplicate push attempts when a tag already exists.
+            if git rev-parse -q --verify "refs/tags/$NEW_TAG" >/dev/null; then
+              echo "new_tag=$NEW_TAG" >> $GITHUB_OUTPUT
+              echo "Tag $NEW_TAG already exists, reusing it."
+            else
+              git tag -a "$NEW_TAG" -m "Pre-release lock before staging merge"
+              git push origin "$NEW_TAG"
+              echo "new_tag=$NEW_TAG" >> $GITHUB_OUTPUT
+              echo "Created pre-release tag: $NEW_TAG"
+            fi
           else
             echo "new_tag=$LATEST_TAG" >> $GITHUB_OUTPUT
             echo "No new commits since $LATEST_TAG, skipping tag."
@@ -98,10 +104,14 @@ jobs:
     steps:
       - name: Post changelog comment
         uses: actions/github-script@v7
+        env:
+          PRE_RELEASE_TAG: ${{ needs.pre-release-tag.outputs.new_tag }}
+          CHANGELOG_TEXT: ${{ needs.changelog.outputs.changelog }}
         with:
           script: |
-            const tag = '${{ needs.pre-release-tag.outputs.new_tag }}';
-            const changelog = `${{ needs.changelog.outputs.changelog }}`;
+            const tag = process.env.PRE_RELEASE_TAG || '';
+            const rawChangelog = process.env.CHANGELOG_TEXT || '';
+            const changelog = rawChangelog.trim() ? rawChangelog : 'No changes detected.';
 
             const body = `## Release Changelog\n\n` +
               `**Pre-release tag:** \`${tag}\`\n\n` +