rlsbl 0.38.2 → 0.40.0

package/README.md

@@ -1,10 +1,12 @@
+<!-- Auto-generated by selfdoc from docs/_README.md — do not edit -->
+
 <p align="center">
   <img src="logo.svg" alt="rlsbl" width="336" height="105">
 </p>
 
 # rlsbl
 
-Release orchestration and project scaffolding CLI for npm, PyPI, and Go. Pure Python, one dependency (tomlkit).
+Release orchestration and project scaffolding for npm, PyPI, and Go
 
 ## Install
 
@@ -25,7 +27,9 @@ npm i -g rlsbl
 ```
 rlsbl scaffold          # set up CI/CD, hooks, changelog
 # ... develop, commit ...
-rlsbl release minor     # bump, tag, push, create GitHub Release
+rlsbl release-init      # scaffold .rlsbl/releases/unreleased.toml
+# ... edit bump type, targets ...
+rlsbl release           # bump, tag, push, create GitHub Release
 rlsbl watch <sha>       # monitor CI for that release
 ```
 
@@ -34,51 +38,72 @@ rlsbl watch <sha>       # monitor CI for that release
 All commands auto-detect registries from project files (`package.json`, `pyproject.toml`, `go.mod`). Use `--target <npm|pypi|go>` to target a specific one.
 
 | Command | Description |
-|---------|-------------|
-| `release [patch\|minor\|major]` | Bump version, commit, tag, push, create GitHub Release |
-| `scaffold [--force] [--update]` | Scaffold CI/CD, hooks, and release infrastructure |
-| `status` | Show version, branch, last tag, changelog coverage, CI presence |
-| `check <name>` | Check name availability on npm/PyPI/GitHub (parallel variant queries) |
-| `config [show\|init\|migrate\|status]` | Manage project configuration and schema migrations |
-| `undo [--yes]` | Revert the last release (tag, commit, GitHub Release) |
-| `discover [--mine]` | List rlsbl ecosystem projects via GitHub topic search |
-| `watch [<sha>]` | Monitor CI runs for a commit (parallel polling), print workflow audit summary, notify on completion |
-| `unreleased [--json]` | List commits since last tag, report changelog coverage |
-| `prs` | List open pull requests for the current repo |
-| `targets` | List available release targets with detection status |
-| `record-gif` | Record a demo GIF with vhs |
-| `pre-push-check` | Verify CHANGELOG entry exists for the current version |
-
-Global flags: `--help`, `--version`, `--target <npm|pypi|go>`, `--no-tag`.
+| --- | --- |
+| `release` | Bump the project version, validate the changelog, commit, tag, push, and create a GitHub Release. Supports patch, minor, and major bumps with dry-run preview and non-interactive mode for CI. |
+| `status` | Display the current project version, branch, last release tag, unreleased commit count, and changelog coverage. Outputs plain text by default or structured JSON with the --json flag. |
+| `scaffold` | Generate or update CI/CD workflows, git hooks, changelog, and license files for the detected release target. Use --update for three-way merge preserving customizations, or --force to overwrite all files. |
+| `check` | Query npm, PyPI, or other registries to check whether one or more package names are available. Accepts multiple names as positional arguments and respects a configurable delay between checks. |
+| `edit-release` | Sync the GitHub Release notes for a given version with the corresponding CHANGELOG.md entry. Defaults to the current version if none is specified. Use --dry-run to preview changes without updating GitHub. |
+| `undo` | Revert the most recent release by deleting the GitHub Release, removing the git tag from local and remote, and reverting the version bump commit. Requires a manual git push afterward to finalize. |
+| `yank` | Mark a past release as deprecated (soft yank) or delete it (hard yank). Soft yank marks the GitHub Release as pre-release and prepends a deprecation notice. Hard yank deletes the release entirely while preserving the git tag. |
+| `discover` | Search GitHub for repositories tagged with the rlsbl topic and list them. Use --mine to filter results to only your own repositories. Requires the gh CLI to be authenticated. |
+| `watch` | Poll GitHub Actions CI workflow runs for a specific commit SHA and report pass or fail status. Defaults to HEAD if no SHA is provided. Useful after rlsbl release to monitor the publish pipeline. |
+| `pre-push-check` | Verify that CHANGELOG.md contains an entry matching the current project version. Designed to run as a git pre-push hook to prevent pushing releases without documented changes. |
+| `prs` | List all open pull requests for the current repository using the GitHub CLI. Shows PR number, title, author, and branch for a quick overview of pending work. |
+| `unreleased` | List commits between the latest release tag and HEAD, and check whether each has a corresponding changelog entry. Outputs a coverage report in plain text or JSON to help prepare the next release. |
+| `targets` | List all release targets detected in the current project directory, showing which ecosystems (npm, PyPI, Go, Cargo, etc.) are active based on manifest files found. |
+| `record-gif` | Record an animated GIF demo of rlsbl commands using the vhs terminal recorder. Configurable width, height, font size, and duration for consistent, reproducible demo recordings. |
+| `migrate` | Run pending configuration migrations to update .rlsbl config files to the latest schema. Use --dry-run to preview changes without applying, or --status to see which migrations are pending. |
+| `doctor` | Run diagnostic checks on the project release state, including version consistency, tag alignment, changelog coverage, and config validity. Use --fix to auto-repair issues where possible. |
+| `deploy` | Run the configured deployment pipeline for the project. Supports named deploy targets, dry-run preview of what would be deployed, and a --force flag to override branch restrictions. |
+| `commit` | Commit one or more files with an Autogenerated trailer, marking the commit as machine-generated so it is automatically exempted from changelog coverage checks. |
+| **changelog** | Structured changelog management using JSONL entries. Add, validate, and generate CHANGELOG.md from per-commit changelog entries stored in unreleased.jsonl for precise, auditable release notes. |
+| `changelog add` | Append a structured changelog entry to the project's unreleased.jsonl file. Each entry includes a human-readable description, an entry type (feature, fix, or breaking), and optional commit hashes linking it to specific changes. The file is auto-committed unless --no-commit is passed. Use --no-user-facing to mark internal changes that should not appear in the published changelog. |
+| `changelog validate` | Parse and validate all entries in the project's unreleased.jsonl file. Checks each entry for schema conformance, verifies that required fields like description and type are present and well-formed, ensures entry types are one of the allowed values (feature, fix, breaking), and validates referential integrity of any attached commit hashes against the git history. |
+| `changelog generate` | Compile all validated JSONL changelog entries into a formatted CHANGELOG.md file. Groups entries by type (features, fixes, breaking changes) under the appropriate version heading, preserving existing changelog content for previous releases. Use --dry-run to preview the generated Markdown output without writing to disk, which is useful for reviewing before committing. |
+| **monorepo** | Manage monorepo workspaces with multiple independently-versioned projects. Initialize workspaces, add or remove projects, sync CI workflows, check name availability, and analyze dependency graphs. Provides 10 monorepo subcommands and supports all 14 release targets in a single workspace.toml. |
+| `monorepo init` | Create a new monorepo workspace by generating the .rlsbl-monorepo directory and an empty workspace.toml configuration file at the current directory. This must be run at the repository root before adding individual projects with the add subcommand. Each workspace tracks multiple independently-versioned projects that share a single git repository. |
+| `monorepo add` | Register a project directory in the monorepo workspace.toml configuration. The path argument specifies the project's location relative to the repo root. Optionally set a display name, target registry for publishing, glob patterns for change detection, a subtree remote URL for split publishing, inter-project dependencies, and a library flag to mark shared code packages. |
+| `monorepo remove` | Unregister a project from the monorepo workspace.toml by its path. This removes the project entry from the workspace configuration file but does not delete any files, directories, or git history on disk. The project's code remains intact and can be re-added later with the add subcommand if needed. |
+| `monorepo list` | Display all projects registered in the monorepo workspace.toml file. For each project, shows the project name, relative path from the repo root, target registry for publishing, and any configured options such as watch patterns, subtree remotes, inter-project dependencies, and whether the project is marked as a library. |
+| `monorepo sync` | Copy and merge CI workflow files from each project's individual scaffold into the shared .github/workflows directory at the repository root. This ensures that every project in the workspace has its publish and test pipelines properly configured as GitHub Actions workflows, even when projects use different target registries or have custom workflow steps. |
+| `monorepo status` | Show the current version, last release tag, and number of unreleased commits for every project in the monorepo workspace. Provides a quick overview of which projects have pending changes and are ready for their next release. Projects with zero unreleased commits are shown as up-to-date. |
+| `monorepo check-names` | Check package name availability on a target registry for all projects in the monorepo workspace. Queries the registry API for each project name and reports whether it is available or already taken. Supports optional prefix and suffix arguments to test naming conventions like scoped packages, with a configurable delay between registry queries to avoid rate limiting. |
+| `monorepo release-order` | Compute and display the topological release order for all projects in the monorepo workspace based on their declared depends-on relationships. Projects with no dependencies are listed first, followed by projects that depend on them, ensuring each project is released only after its dependencies. Detects and reports circular dependency errors. |
+| `monorepo outdated` | Scan all projects in the monorepo workspace for intra-workspace dependencies that reference older versions than what is currently available in the workspace. Lists each outdated dependency with the referenced version and the latest available version, helping identify which downstream projects need a version bump after upstream releases. |
+| `monorepo lint` | Detect unregistered projects and stale workspace entries in your monorepo. Scans first-level directories for recognized project manifests across all 14 supported targets (npm, PyPI, Go, Cargo, etc.) and compares against workspace.toml. Reports unregistered projects on disk and registered entries pointing to missing directories. Exits non-zero if issues are found, suitable for CI gating. |
+| **dev** | Developer utilities for locally working with rlsbl projects, including editable installs that mirror the project's release target (pypi -> uv tool install -e, npm -> npm link, go -> go install). |
+| `dev install` | Install the project locally for development using the detected target's editable install command. --global (default) installs system-wide across 8 supported targets (pypi, npm, go, cargo, zig, swift, deno, hex), while --venv installs into the project's local environment instead. In monorepo mode, pair with --all, --include, or --exclude. Use --uninstall to reverse a previous install. |
+
+Global flags: `--help`, `--version`, `--dry-run`, `--yes`, `--quiet`.
 
 ## Release flow
 
-When you run `rlsbl release [patch|minor|major]`:
-
-1. Verifies `gh` CLI is installed and authenticated
-2. Checks working tree is clean
-3. Fetches origin and verifies local branch is not behind remote (use `--skip-remote-check` for offline releases)
-4. Reads the current version from the primary project file
-5. Computes the new version; confirms the tag does not already exist
-6. Validates `CHANGELOG.md` contains a `## <new-version>` section
-7. Runs `.rlsbl/hooks/pre-release.sh` if present (non-zero exit aborts; receives `RLSBL_VERSION`)
-8. Acquires advisory lockfile (`.rlsbl/lock`) to prevent concurrent operations
-9. Writes the new version to all detected project files and `.rlsbl/version`
-10. Adds `rlsbl` keyword to manifests if ecosystem tagging is enabled
-11. Verifies no unexpected files were modified (race condition guard)
-12. Commits the version bump (uses `safegit` if available)
-13. Tags and pushes to `origin`
-14. Creates a GitHub Release with the changelog entry as notes
-15. Adds `rlsbl` topic to the GitHub repo (if tagging enabled)
-16. Runs secondary release targets (e.g., docs via selfdoc); use `--include`/`--exclude` to control
-17. Runs `.rlsbl/hooks/post-release.sh` if present (non-fatal; receives `RLSBL_VERSION`)
-18. Prints `Watch CI: rlsbl watch <sha>`
-
-Use `--dry-run` to preview without changes. Use `--yes` for non-interactive mode (CI, AI agents). Use `--skip-remote-check` for offline releases.
-
-**Multi-target releases:** Secondary targets (e.g., docs) run automatically during release. Control which targets run with `--include <target>` and `--exclude <target>` (comma-separated). Configure defaults in `.rlsbl/config.json` via the `release_targets` list. Use `rlsbl targets` to see all available targets.
-
-**Documentation:** Use [selfdoc](https://github.com/smm-h/selfdoc) for documentation generation. rlsbl auto-triggers selfdoc during releases when `selfdoc.json` is detected.
+When you run `rlsbl release`:
+
+1. Reads `.rlsbl/releases/unreleased.toml` for bump type (patch/minor/major) and target selection
+2. Verifies `gh` CLI is installed and authenticated
+3. Checks working tree is clean (use `--allow-dirty` to override)
+4. Fetches origin and verifies local branch is not behind remote
+5. Reads the current version from the primary project file
+6. Computes the new version; confirms the tag does not already exist
+7. Validates JSONL changelog via the check system
+8. Runs `.rlsbl/hooks/pre-checks.sh` if present (user-owned, non-zero aborts)
+9. Runs built-in tests and lint
+10. Runs `.rlsbl/hooks/pre-release.sh` if present (scaffold-managed, non-zero aborts)
+11. Acquires advisory lockfile (`.rlsbl/lock`) to prevent concurrent operations
+12. Writes the new version to all detected project files and `.rlsbl/version`
+13. Commits the version bump (uses `safegit` if available)
+14. Tags and pushes to `origin`
+15. Finalizes JSONL changelog (renames `unreleased.jsonl`, generates CHANGELOG.md)
+16. Creates a GitHub Release with the changelog entry as notes
+17. Runs secondary release targets (e.g., docs via selfdoc)
+18. Runs `.rlsbl/hooks/post-release.sh` if present (non-fatal)
+19. Prints `Watch CI: rlsbl watch <sha>`
+
+Use `--dry-run` to preview without changes. Use `--yes` for non-interactive mode (CI, AI agents).
+
+Create the release file with `rlsbl release-init`, which auto-detects project targets and scaffolds the TOML file.
 
 First release: if the current version has never been tagged, `release` publishes it as-is (bump type is ignored).
 
@@ -104,6 +129,7 @@ Created files are committed automatically by default.
 | `.gitignore` | Standard ignores for the ecosystem |
 | `CLAUDE.md` | AI assistant instructions |
 | `.claude/settings.json` | Claude Code settings |
+| `.rlsbl/hooks/pre-checks.sh` | User-customizable pre-checks validation |
 | `.rlsbl/hooks/pre-release.sh` | User-customizable pre-release validation |
 | `.rlsbl/hooks/post-release.sh` | User-customizable post-release actions |
 | `.git/hooks/pre-push` | One-liner: `exec rlsbl pre-push-check "$@"` |
@@ -122,19 +148,35 @@ See [docs/ci-customization.md](docs/ci-customization.md) for an example.
 
 **Runs config migrations** when `.rlsbl/config-schema.json` exists.
 
+## Check system
+
+28 project checks organized by tag:
+
+| Tag | Checks | Description |
+|-----|--------|-------------|
+| `project` | 5 | Version, name, license, description consistency; lockfile presence |
+| `release` | 4 | Local/remote tag, GitHub Release, branch sync |
+| `changelog` | 8 | Hash resolution, range, coverage, orphans, schema, batch limits, entry |
+| `workspace` | 5 | CI router, CI sync, targets, unregistered, stale entries |
+| `quality` | 1 | Library lint |
+| (untagged) | 5 | Layer violations, dependency validation (unused/undeclared/stale) |
+
+```
+rlsbl check --all              # run all 28 checks
+rlsbl check --tag changelog    # run checks by tag
+rlsbl check --name lock        # run a single check
+```
+
 ## Config management
 
 Schema-driven configuration migration system for projects that ship user-facing config files.
 
 ```
-rlsbl config init      # scaffold config migration infrastructure
-rlsbl config migrate   # run pending migrations
-rlsbl config status    # show migration status
-rlsbl config show      # show resolved project configuration
+rlsbl migrate              # run pending migrations
+rlsbl migrate --status     # show migration status
+rlsbl migrate --dry-run    # preview changes
 ```
 
-`config init` creates `.rlsbl/config-schema.json` and a `defaults/` directory. Migrations support deep merge, flat merge, and list-by-key merge strategies with versioned schema tracking and atomic writes.
-
 ### Library API
 
 ```python
@@ -187,6 +229,19 @@ To disable:
 | `{"tag": false}` in `.rlsbl/config.json` | This project |
 | `{"tag": false}` in `~/.rlsbl/config.json` | All projects |
 
+## Monorepo
+
+Manage multi-package workspaces with `rlsbl monorepo`:
+
+- `monorepo init` / `monorepo add` / `monorepo remove` -- workspace management
+- `monorepo sync` -- synchronize CI workflows
+- `monorepo graph` -- export dependency graph (JSON, DOT, text)
+- `monorepo snapshot` -- committed JSON artifact of workspace state
+- `monorepo impact` -- change analysis across the dependency graph
+- `monorepo release` -- batch release in topological order
+
+Supports architectural layer rules via `[layers]` in `workspace.toml` for enforcing dependency direction.
+
 ## Environment variables
 
 | Variable | Default | Description |
@@ -200,7 +255,7 @@ To disable:
 | Registry | Setup | Then |
 |----------|-------|------|
 | npm | Add `NPM_TOKEN` secret to GitHub repo (Settings > Secrets > Actions) | CI publishes on GitHub Release |
-| PyPI | Run `uv publish` once, then set up [Trusted Publishing](https://docs.pypi.org/trusted-publishers/) | CI publishes via OIDC |
+| PyPI | Set up [Trusted Publishing](https://docs.pypi.org/trusted-publishers/) (OIDC, no tokens needed) | CI publishes via OIDC |
 | Go | Push tag -- Go modules are published by the tag itself | `pkg.go.dev` indexes automatically |
 
 ## Requirements

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "rlsbl",
-  "version": "0.38.2",
+  "version": "0.40.0",
   "description": "Release orchestration and project scaffolding for npm, PyPI, and Go",
   "license": "MIT",
   "bin": {