obsidian-dev-skills 1.2.1 → 1.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/obsidian-ops/references/scorecard-compliance.md +17 -4
  2. package/obsidian-ops/references/versioning-releases.md +26 -5
  3. package/package.json +1 -1
package/obsidian-ops/references/scorecard-compliance.md CHANGED
@@ -92,6 +92,7 @@ on:
92
92
  push:
93
93
  tags:
94
94
  - "*"
95
+ workflow_dispatch:
95
96
 
96
97
  permissions:
97
98
  contents: write
@@ -103,6 +104,8 @@ jobs:
103
104
  runs-on: ubuntu-latest
104
105
  steps:
105
106
  - uses: actions/checkout@v4
107
+ with:
108
+ fetch-depth: 0
106
109
  - uses: pnpm/action-setup@v4
107
110
  - uses: actions/setup-node@v4
108
111
  with:
@@ -110,6 +113,8 @@ jobs:
110
113
  cache: "pnpm"
111
114
  - run: pnpm install --frozen-lockfile
112
115
  - run: pnpm build
116
+ - id: version
117
+ run: echo "version=$(jq -r .version manifest.json)" >> "$GITHUB_OUTPUT"
113
118
  - uses: actions/attest-build-provenance@v2
114
119
  with:
115
120
  subject-path: |
@@ -118,11 +123,19 @@ jobs:
118
123
  manifest.json
119
124
  - env:
120
125
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
121
- TAG: ${{ github.ref_name }}
126
+ VERSION: ${{ steps.version.outputs.version }}
122
127
  run: |
123
- gh release create "$TAG" \
124
- --title="$TAG" \
125
- --generate-notes \
128
+ COMMIT_NOTES=$(git log -1 --pretty=format:%B)
129
+ PREV_TAG=$(git tag --sort=-creatordate --merged HEAD | grep -v "^${VERSION}$" | head -n 1 || true)
130
+ if [ -n "$PREV_TAG" ]; then
131
+ COMPARE="**Full Changelog**: https://github.com/${GITHUB_REPOSITORY}/compare/${PREV_TAG}...${VERSION}"
132
+ else
133
+ COMPARE="**Full Changelog**: https://github.com/${GITHUB_REPOSITORY}/commits/${VERSION}"
134
+ fi
135
+ NOTES=$(printf "%s\n\n---\n\n%s\n" "$COMMIT_NOTES" "$COMPARE")
136
+ gh release create "$VERSION" \
137
+ --title="$VERSION" \
138
+ --notes "$NOTES" \
126
139
  main.js styles.css manifest.json
127
140
  ```
128
141
 
package/obsidian-ops/references/versioning-releases.md CHANGED
@@ -31,6 +31,7 @@ on:
31
31
  push:
32
32
  tags:
33
33
  - "*"
34
+ workflow_dispatch:
34
35
 
35
36
  permissions:
36
37
  contents: write
@@ -42,6 +43,8 @@ jobs:
42
43
  runs-on: ubuntu-latest
43
44
  steps:
44
45
  - uses: actions/checkout@v4
46
+ with:
47
+ fetch-depth: 0
45
48
  - uses: pnpm/action-setup@v4
46
49
  - uses: actions/setup-node@v4
47
50
  with:
@@ -49,6 +52,8 @@ jobs:
49
52
  cache: "pnpm"
50
53
  - run: pnpm install --frozen-lockfile
51
54
  - run: pnpm build
55
+ - id: version
56
+ run: echo "version=$(jq -r .version manifest.json)" >> "$GITHUB_OUTPUT"
52
57
  - uses: actions/attest-build-provenance@v2
53
58
  with:
54
59
  subject-path: |
@@ -57,14 +62,30 @@ jobs:
57
62
  manifest.json
58
63
  - env:
59
64
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
60
- TAG: ${{ github.ref_name }}
65
+ VERSION: ${{ steps.version.outputs.version }}
61
66
  run: |
62
- gh release create "$TAG" \
63
- --title="$TAG" \
64
- --generate-notes \
65
- main.js styles.css manifest.json
67
+ if gh release view "$VERSION" >/dev/null 2>&1; then
68
+ gh release upload "$VERSION" main.js styles.css manifest.json --clobber
69
+ else
70
+ COMMIT_NOTES=$(git log -1 --pretty=format:%B)
71
+ PREV_TAG=$(git tag --sort=-creatordate --merged HEAD | grep -v "^${VERSION}$" | head -n 1 || true)
72
+ if [ -n "$PREV_TAG" ]; then
73
+ COMPARE="**Full Changelog**: https://github.com/${GITHUB_REPOSITORY}/compare/${PREV_TAG}...${VERSION}"
74
+ else
75
+ COMPARE="**Full Changelog**: https://github.com/${GITHUB_REPOSITORY}/commits/${VERSION}"
76
+ fi
77
+ NOTES=$(printf "%s\n\n---\n\n%s\n" "$COMMIT_NOTES" "$COMPARE")
78
+ gh release create "$VERSION" \
79
+ --title="$VERSION" \
80
+ --notes "$NOTES" \
81
+ main.js styles.css manifest.json
82
+ fi
66
83
  ```
67
84
 
85
+ **Why read the version from `manifest.json`**: the workflow runs from either a tag push (where `github.ref_name` is the tag) or a `workflow_dispatch` from a branch (where `github.ref_name` is the branch name, e.g. `master`). Using `github.ref_name` directly would title a manually-triggered release after the branch. Reading from `manifest.json` is consistent across both triggers and matches what Obsidian's plugin loader actually reads.
86
+
87
+ **Why build the release notes manually instead of `--generate-notes`**: `--generate-notes` produces an auto-changelog headed by a "What's Changed" PR list and a "Full Changelog" compare link. For plugins maintained by a single person without a PR workflow, that auto-generated body is usually just the compare link with no context. Reading the latest commit message gives the reader the actual "what changed and why" up front. The compare link is still appended underneath for the full diff. `fetch-depth: 0` is required so `git tag --merged HEAD` has the tag history to find the previous version.
88
+
68
89
  Cut releases by pushing a tag (`git tag 0.1.0 && git push origin 0.1.0`). The workflow attaches the three required assets and registers the attestation. The scorecard's "Build verified" signal also fires once the workflow has run, because the attested artifacts can be reproduced byte-for-byte from source.
69
90
 
70
91
  For the full set of scorecard signals and their fixes, see [scorecard-compliance.md](scorecard-compliance.md).
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "obsidian-dev-skills",
3
- "version": "1.2.1",
3
+ "version": "1.2.3",
4
4
  "description": "Agent skills for Obsidian plugin and theme development, including community scorecard compliance, release workflow attestation, and dependency vulnerability hygiene.",
5
5
  "keywords": [
6
6
  "obsidian",