maiass 5.15.8 → 5.15.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -16,6 +16,11 @@ function renderTemplate(src) {
16
16
  // .trim() guards against a stray newline or whitespace from a mis-quoted
17
17
  // .env.maiass entry silently breaking the YAML trigger filter
18
18
  const developBranch = (process.env.MAIASS_DEVELOPBRANCH || 'develop').trim() || 'develop';
19
+ // Note: the develop branch MUST be baked in here because the CI trigger
20
+ // filter has to be a YAML literal. The credential-missing behaviour
21
+ // (MAIASS_CI_FAIL_SILENTLY) is deliberately NOT baked — it lives as an
22
+ // editable env var inside the generated workflow, so it has a single source
23
+ // of truth (the YAML) rather than a stale copy in .env.maiass.
19
24
  return fs.readFileSync(src, 'utf8').replaceAll('__MAIASS_DEVELOPBRANCH__', developBranch);
20
25
  }
21
26
 
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "maiass",
3
3
  "type": "module",
4
- "version": "5.15.8",
4
+ "version": "5.15.13",
5
5
  "description": "AI commit messages, version bumps, and changelogs from one command. Stages, commits, merges, tags. Anonymous on first run — no email, no card.",
6
6
  "main": "maiass.mjs",
7
7
  "bin": {
@@ -21,6 +21,11 @@
21
21
  # - Create an app password with Repositories: Read & Write scope
22
22
  # - Add it as a repository variable named BB_APP_PASSWORD (secured)
23
23
  # - Add your Bitbucket username as BB_USERNAME
24
+ #
25
+ # Missing-credential behaviour:
26
+ # If BB_USERNAME / BB_APP_PASSWORD are not set, a preflight (by default) fails
27
+ # the step with a clear message. To instead skip with a warning and pass, set
28
+ # MAIASS_CI_FAIL_SILENTLY to "true" on the first line of the script below.
24
29
 
25
30
  pipelines:
26
31
  branches:
@@ -29,6 +34,29 @@ pipelines:
29
34
  name: MAIASS Version Bump
30
35
  image: node:20
31
36
  script:
37
+ # Bitbucket doesn't reliably export a step-level variables: block to
38
+ # the script, so these are exported here instead.
39
+ # Disable AI so CI runs consume no credits (the CLI also self-guards
40
+ # via CI detection, but keep this explicit and effective).
41
+ - export MAIASS_AI_MODE="off"
42
+ # Edit to "true" to skip with a warning instead of failing when the
43
+ # push credential is missing.
44
+ - export MAIASS_CI_FAIL_SILENTLY="false"
45
+ # Preflight: BB_USERNAME/BB_APP_PASSWORD are required to push the
46
+ # bump back. Behaviour when missing is controlled by
47
+ # MAIASS_CI_FAIL_SILENTLY above: false (default) fails the step;
48
+ # true skips with a warning.
49
+ - |
50
+ if [ -z "$BB_USERNAME" ] || [ -z "$BB_APP_PASSWORD" ]; then
51
+ MSG="BB_USERNAME / BB_APP_PASSWORD repository variables are not set — add them (app password with Repositories: Read & Write) to enable automatic version bumping."
52
+ if [ "$MAIASS_CI_FAIL_SILENTLY" = "true" ]; then
53
+ echo "WARNING: $MSG Skipping version bump."
54
+ exit 0
55
+ else
56
+ echo "ERROR: $MSG"
57
+ exit 1
58
+ fi
59
+ fi
32
60
  # Guard: skip if last commit was already a version bump
33
61
  - |
34
62
  LAST_MSG=$(git log -1 --pretty=format:'%s')
@@ -42,5 +70,3 @@ pipelines:
42
70
  # Authenticate push via app password
43
71
  - git remote set-url origin "https://${BB_USERNAME}:${BB_APP_PASSWORD}@bitbucket.org/${BITBUCKET_REPO_FULL_NAME}.git"
44
72
  - maiass -a patch
45
- variables:
46
- MAIASS_AI_MODE: "off" # Disable AI — no credits used in CI
@@ -17,6 +17,11 @@
17
17
  # 3. Add the PAT as a repository secret named GH_PAT
18
18
  #
19
19
  # Notes:
20
+ # - If the GH_PAT secret is missing, this workflow runs a preflight that, by
21
+ # default, fails with a clear message (the merge itself is unaffected — this
22
+ # runs after merge). To instead skip with a warning and keep the run green,
23
+ # set MAIASS_CI_FAIL_SILENTLY to "true" in the preflight step's env: block
24
+ # below.
20
25
  # - AI is disabled (MAIASS_AI_MODE: off) so no credits are used.
21
26
  # - The branch name below is substituted at install time from
22
27
  # MAIASS_DEVELOPBRANCH. GitHub Actions requires `on.pull_request.branches`
@@ -43,12 +48,46 @@ jobs:
43
48
  contents: write # Required to push the version bump commit
44
49
 
45
50
  steps:
51
+ # Preflight: this workflow runs AFTER the PR is merged, so a missing
52
+ # GH_PAT can't block the merge — but it would fail the checkout/push with
53
+ # a confusing auth error on every merge. Detect the empty secret up front
54
+ # and emit a clear, actionable message. Behaviour is controlled by the
55
+ # MAIASS_CI_FAIL_SILENTLY env var below:
56
+ # false (default) — fail the run so the missing secret is noticed.
57
+ # true — skip with a warning; the run stays green.
58
+ - name: Check GH_PAT secret
59
+ id: preflight
60
+ env:
61
+ GH_PAT: ${{ secrets.GH_PAT }}
62
+ # Edit this to "true" to skip with a warning instead of failing when
63
+ # GH_PAT is missing.
64
+ MAIASS_CI_FAIL_SILENTLY: "false"
65
+ run: |
66
+ if [ -n "$GH_PAT" ]; then
67
+ exit 0
68
+ fi
69
+ MSG="GH_PAT secret is not set, so the version bump cannot be pushed back to the repo. Add a fine-grained PAT as a repo secret named GH_PAT (Settings → Secrets → Actions) with Contents: Read & Write, Metadata: Read-only, Workflows: Read & Write."
70
+ {
71
+ echo "### ⚠️ MAIASS version bump — GH_PAT missing"
72
+ echo ""
73
+ echo "$MSG"
74
+ } >> "$GITHUB_STEP_SUMMARY"
75
+ if [ "$MAIASS_CI_FAIL_SILENTLY" = "true" ]; then
76
+ echo "::warning title=MAIASS version bump skipped::$MSG"
77
+ echo "skip=true" >> "$GITHUB_OUTPUT"
78
+ else
79
+ echo "::error title=MAIASS version bump failed::$MSG"
80
+ exit 1
81
+ fi
82
+
46
83
  - uses: actions/checkout@v4
84
+ if: steps.preflight.outputs.skip != 'true'
47
85
  with:
48
86
  fetch-depth: 0 # Full history needed for changelog generation
49
87
  token: ${{ secrets.GH_PAT }} # PAT allows the bot to push back to the repo
50
88
 
51
89
  - uses: actions/setup-node@v4
90
+ if: steps.preflight.outputs.skip != 'true'
52
91
  with:
53
92
  node-version: '24'
54
93
  # No cache: this workflow only does `npm install -g maiass`, which
@@ -57,9 +96,11 @@ jobs:
57
96
  # WordPress/PHP plugins): "Dependencies lock file is not found".
58
97
 
59
98
  - name: Install maiass
99
+ if: steps.preflight.outputs.skip != 'true'
60
100
  run: npm install -g maiass --no-fund --no-audit
61
101
 
62
102
  - name: Configure git
103
+ if: steps.preflight.outputs.skip != 'true'
63
104
  run: |
64
105
  git config user.name "github-actions[bot]"
65
106
  git config user.email "github-actions[bot]@users.noreply.github.com"
@@ -67,9 +108,11 @@ jobs:
67
108
  # Explicitly check out the develop branch head (the pull_request closed
68
109
  # event checks out a merge ref, not the branch itself)
69
110
  - name: Checkout __MAIASS_DEVELOPBRANCH__
111
+ if: steps.preflight.outputs.skip != 'true'
70
112
  run: git checkout __MAIASS_DEVELOPBRANCH__
71
113
 
72
114
  - name: Bump version
115
+ if: steps.preflight.outputs.skip != 'true'
73
116
  run: maiass -a patch
74
117
  env:
75
118
  # Quoted: unquoted `off` is a YAML boolean that GitHub stringifies to
@@ -17,6 +17,11 @@
17
17
  # Double-bump protection:
18
18
  # The script checks the last commit author and skips if it was already made
19
19
  # by the CI bot — preventing an infinite loop of version bumps.
20
+ #
21
+ # Missing-token behaviour:
22
+ # If GITLAB_TOKEN is not set, a preflight (by default) fails the job with a
23
+ # clear message. To instead skip with a warning and pass, set
24
+ # MAIASS_CI_FAIL_SILENTLY to "true" in the variables: block below.
20
25
 
21
26
  stages:
22
27
  - version
@@ -27,6 +32,20 @@ maiass-version-bump:
27
32
  only:
28
33
  - __MAIASS_DEVELOPBRANCH__
29
34
  script:
35
+ # Preflight: GITLAB_TOKEN is required to push the bump back. Behaviour when
36
+ # it's missing is controlled by MAIASS_CI_FAIL_SILENTLY in the variables:
37
+ # block below: false (default) fails the job; true skips with a warning.
38
+ - |
39
+ if [ -z "$GITLAB_TOKEN" ]; then
40
+ MSG="GITLAB_TOKEN CI/CD variable is not set — add it (masked, protected) with write access to enable automatic version bumping."
41
+ if [ "$MAIASS_CI_FAIL_SILENTLY" = "true" ]; then
42
+ echo "WARNING: $MSG Skipping version bump."
43
+ exit 0
44
+ else
45
+ echo "ERROR: $MSG"
46
+ exit 1
47
+ fi
48
+ fi
30
49
  # Skip if the last commit was already a version bump from this pipeline
31
50
  - |
32
51
  LAST_AUTHOR=$(git log -1 --pretty=format:'%an')
@@ -43,3 +62,5 @@ maiass-version-bump:
43
62
  - maiass -a patch
44
63
  variables:
45
64
  MAIASS_AI_MODE: "off" # Disable AI — no credits used in CI
65
+ # Missing GITLAB_TOKEN: "false" fails the job, "true" skips with a warning.
66
+ MAIASS_CI_FAIL_SILENTLY: "false"