gentle-pi 0.3.7 → 0.3.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -462,12 +462,17 @@ node --experimental-strip-types --check extensions/startup-banner.ts
462
462
  npm pack --dry-run
463
463
  ```
464
464
 
465
- Publish:
465
+ Publish npm through GitHub Actions only:
466
466
 
467
467
  ```bash
468
- npm publish
468
+ gh workflow run publish.yml --repo Gentleman-Programming/gentle-pi --ref main -f dist-tag=latest
469
+ gh run watch <run-id> --repo Gentleman-Programming/gentle-pi --exit-status
470
+ npm view gentle-pi@<version> version --registry=https://registry.npmjs.org/
471
+ npm dist-tag ls gentle-pi --registry=https://registry.npmjs.org/
469
472
  ```
470
473
 
474
+ Do not run `npm publish` locally for `gentle-pi`; the GitHub workflow provides provenance, environment protection, and registry credentials.
475
+
471
476
  ## Principles
472
477
 
473
478
  - Human control over agent momentum.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "gentle-pi",
3
- "version": "0.3.7",
3
+ "version": "0.3.8",
4
4
  "description": "Turn Pi into el Gentleman: a senior-architect development harness with SDD/OpenSpec, subagents, strict TDD evidence, review guardrails, and skill discovery.",
5
5
  "license": "MIT",
6
6
  "type": "module",
@@ -0,0 +1,108 @@
1
+ ---
2
+ name: release
3
+ description: "Release gentle-pi through GitHub and npm. Trigger: release, publish, npm publish, GitHub release, version bump."
4
+ license: Apache-2.0
5
+ metadata:
6
+ author: gentleman-programming
7
+ version: "1.0"
8
+ ---
9
+
10
+ ## When to Use
11
+
12
+ Use this skill when preparing, publishing, or verifying a `gentle-pi` release.
13
+
14
+ ## Hard Rules
15
+
16
+ - Do not publish `gentle-pi` to npm from a local machine.
17
+ - npm publishing MUST go through the GitHub Actions workflow `.github/workflows/publish.yml` so provenance, environment protection, and registry credentials are controlled by GitHub.
18
+ - Use a clean worktree for release commits. Do not package unrelated local files or scratch artifacts.
19
+ - Run a fresh review before pushing a code release unless the change is trivial docs-only.
20
+ - Never skip package verification. The publish workflow runs verification again, but local validation should still pass before tagging.
21
+
22
+ ## Release Procedure
23
+
24
+ 1. **Inspect state**
25
+
26
+ ```bash
27
+ git status --short
28
+ git fetch origin main --tags
29
+ git log --oneline --decorate --max-count=5 origin/main
30
+ ```
31
+
32
+ 2. **Prepare the release commit**
33
+
34
+ - Apply only intended changes.
35
+ - Bump `package.json` to the next semver version.
36
+ - Keep lockfile changes out unless dependency resolution actually changed.
37
+
38
+ 3. **Verify locally**
39
+
40
+ ```bash
41
+ pnpm test
42
+ pnpm publish --dry-run --no-git-checks
43
+ ```
44
+
45
+ The dry run is allowed because it does not publish. It verifies package contents and lifecycle scripts.
46
+
47
+ 4. **Commit and push**
48
+
49
+ ```bash
50
+ git add <intended-files>
51
+ git commit -m "<type(scope): release-ready change>"
52
+ git push origin HEAD:main
53
+ ```
54
+
55
+ 5. **Create the GitHub release**
56
+
57
+ ```bash
58
+ git tag -a v<version> -m "gentle-pi v<version>"
59
+ git push origin v<version>
60
+ gh release create v<version> \
61
+ --repo Gentleman-Programming/gentle-pi \
62
+ --title "gentle-pi v<version>" \
63
+ --notes "<release notes>"
64
+ ```
65
+
66
+ 6. **Publish npm through GitHub Actions**
67
+
68
+ ```bash
69
+ gh workflow run publish.yml \
70
+ --repo Gentleman-Programming/gentle-pi \
71
+ --ref main \
72
+ -f dist-tag=latest
73
+ ```
74
+
75
+ Watch the run and fail the release if it fails:
76
+
77
+ ```bash
78
+ gh run list --repo Gentleman-Programming/gentle-pi --workflow publish.yml --limit 3
79
+ gh run watch <run-id> --repo Gentleman-Programming/gentle-pi --exit-status
80
+ ```
81
+
82
+ 7. **Verify npm**
83
+
84
+ ```bash
85
+ npm view gentle-pi@<version> version --registry=https://registry.npmjs.org/
86
+ npm dist-tag ls gentle-pi --registry=https://registry.npmjs.org/
87
+ ```
88
+
89
+ ## Failure Handling
90
+
91
+ - If a local `npm publish` fails, do not retry locally. Use the GitHub workflow instead.
92
+ - If the workflow fails, inspect logs with:
93
+
94
+ ```bash
95
+ gh run view <run-id> --repo Gentleman-Programming/gentle-pi --log
96
+ ```
97
+
98
+ - If npm verification is briefly stale after a successful workflow, check the exact version first (`npm view gentle-pi@<version> version`) before assuming publish failed.
99
+
100
+ ## Output Contract
101
+
102
+ Report:
103
+
104
+ - Commit SHA pushed to `main`.
105
+ - GitHub release URL.
106
+ - Publish workflow run URL and conclusion.
107
+ - npm exact version and `latest` dist-tag.
108
+ - Any remaining follow-up or warnings.