zx-bulk-release 2.20.0 → 2.21.1

package/CHANGELOG.md

@@ -1,3 +1,28 @@
+## [2.21.1](https://github.com/semrel-extra/zx-bulk-release/compare/v2.21.0...v2.21.1) (2026-04-11)
+
+### Fixes & improvements
+* docs: add snapshot flow example ([5b2c2b5](https://github.com/semrel-extra/zx-bulk-release/commit/5b2c2b5faac712892c9feeea7ebae6e1dd36e93f))
+
+## [2.21.0](https://github.com/semrel-extra/zx-bulk-release/compare/v2.20.0...v2.21.0) (2026-04-10)
+
+### Fixes & improvements
+* docs: update badges ([c9fc1af](https://github.com/semrel-extra/zx-bulk-release/commit/c9fc1af8cfb3d177dc328d1934cb7e663c36f0ca))
+* fix: fix memoize store ([7fddefa](https://github.com/semrel-extra/zx-bulk-release/commit/7fddefa590ded43907d059d3b58e235adff6fa17))
+* refactor: enhance logger ([89d9cff](https://github.com/semrel-extra/zx-bulk-release/commit/89d9cff7727e2190e6490d51f759e7039a25cdb2))
+* docs: mention testing along the change graph flow ([44fd065](https://github.com/semrel-extra/zx-bulk-release/commit/44fd06568d552ae19e753c91f6536978a9c1d28e))
+* docs: add cmd tpl usage example ([d228de0](https://github.com/semrel-extra/zx-bulk-release/commit/d228de09e456799c9e113b36b971187ae7c3c1be))
+* refactor: rearrange utils ([8beeab6](https://github.com/semrel-extra/zx-bulk-release/commit/8beeab6906e4500429cc165f05b39fc5d57e5a09))
+* refactor: optimize npm ver assert (oidc) ([e3b5939](https://github.com/semrel-extra/zx-bulk-release/commit/e3b5939cfb26ab2c0d84bc4a09ebf5971eb2a33a))
+* refactor: bind zx pkg mdc with logger ([fd763a4](https://github.com/semrel-extra/zx-bulk-release/commit/fd763a42a2229ccbc902936fbbfa4a38652685e5))
+* refactor: align context injection flow ([6edb11b](https://github.com/semrel-extra/zx-bulk-release/commit/6edb11bfa669ae9519a134383f5299d77bc4f1a6))
+* refactor: rearrange processor layers ([ea7ef42](https://github.com/semrel-extra/zx-bulk-release/commit/ea7ef42e5632691dfee8705a4f4ef73e0c166979))
+* refactor: align internal publishers contract ([c16b6d8](https://github.com/semrel-extra/zx-bulk-release/commit/c16b6d8d11ade2d5d159936a457c43c0a2989141))
+* refactor: ghFetch helper ([fc3517e](https://github.com/semrel-extra/zx-bulk-release/commit/fc3517e24e12cc28a63d1088d93cecb1114ce5b5))
+* refactor: introduce `attempt` helper ([57f0d06](https://github.com/semrel-extra/zx-bulk-release/commit/57f0d06a093136e57600f2362ab46e16165c9b59))
+
+### Features
+* feat: add secrets masker ([fffea8b](https://github.com/semrel-extra/zx-bulk-release/commit/fffea8bfbebd6155e40f318a9303551ec4ae6e52))
+
 ## [2.20.0](https://github.com/semrel-extra/zx-bulk-release/compare/v2.19.1...v2.20.0) (2026-04-05)
 
 ### Features

package/README.md

@@ -1,9 +1,9 @@
 # zx-bulk-release
 > [zx](https://github.com/google/zx)-based alternative for [multi-semantic-release](https://github.com/dhoulb/multi-semantic-release)
 
-[![CI](https://github.com/semrel-extra/zx-bulk-release/workflows/CI/badge.svg)](https://github.com/semrel-extra/zx-bulk-release/actions)
-[![Maintainability](https://api.codeclimate.com/v1/badges/bb94e929b1b6430781b5/maintainability)](https://codeclimate.com/github/semrel-extra/zx-bulk-release/maintainability)
-[![Test Coverage](https://api.codeclimate.com/v1/badges/bb94e929b1b6430781b5/test_coverage)](https://codeclimate.com/github/semrel-extra/zx-bulk-release/test_coverage)
+[![CI](https://github.com/semrel-extra/zx-bulk-release/actions/workflows/ci.yml/badge.svg?branch=master)](https://github.com/semrel-extra/zx-bulk-release/actions/workflows/ci.yml)
+[![Maintainability](https://qlty.sh/gh/semrel-extra/projects/zx-bulk-release/maintainability.svg)](https://qlty.sh/gh/semrel-extra/projects/zx-bulk-release)
+[![Code Coverage](https://qlty.sh/gh/semrel-extra/projects/zx-bulk-release/coverage.svg)](https://qlty.sh/gh/semrel-extra/projects/zx-bulk-release)
 [![npm (tag)](https://img.shields.io/npm/v/zx-bulk-release)](https://www.npmjs.com/package/zx-bulk-release)
 
 ## Key features
@@ -74,7 +74,8 @@ await run({
 Any [cosmiconfig](https://github.com/davidtheclark/cosmiconfig) compliant format: `.releaserc`, `.release.json`, `.release.yaml`, etc in the package root or in the repo root dir.
 ```json
 {
-  "cmd": "yarn && yarn build && yarn test",
+  "buildCmd": "yarn && yarn build",
+  "testCmd": "yarn test",
   "npmFetch": true,
   "changelog": "changelog",
   "ghPages": "gh-pages",
@@ -83,6 +84,17 @@ Any [cosmiconfig](https://github.com/davidtheclark/cosmiconfig) compliant format
 }
 ```
 
+#### Command templating
+`buildCmd`, `testCmd` and `publishCmd` support `${{ variable }}` interpolation. The template context includes all `pkg` fields and the release context (`flags`, `git`, `env`, etc):
+```json
+{
+  "buildCmd": "yarn build --pkg=${{name}} --ver=${{version}}",
+  "testCmd": "yarn test --scope=${{name}}",
+  "publishCmd": "echo releasing ${{name}}@${{version}}"
+}
+```
+Available variables include: `name`, `version`, `absPath`, `relPath`, and anything from `pkg.ctx` (e.g. `git.sha`, `git.root`, `flags.*`).
+
 #### Changelog diff URLs
 By default, changelog entries link to GitHub compare/commit pages. Override `diffTagUrl` and `diffCommitUrl` to customize for other platforms (e.g. Gerrit):
 ```json
@@ -135,62 +147,83 @@ OIDC mode is also auto-detected when `NPM_TOKEN` is not set and `ACTIONS_ID_TOKE
 
 When OIDC is active, `NPM_TOKEN` and `NPMRC` are ignored for publishing and `--provenance` is enabled automatically.
 
+### Snapshot releases from PRs
+The `--snapshot` flag publishes packages to the `snapshot` npm dist-tag with a pre-release version like `1.2.1-snap.a3f0c12`. This is useful for testing changes from a feature branch before merging.
+
+**What snapshot does differently:**
+- Version gets a `-snap.<short-sha>` suffix instead of a clean bump
+- Git release tags are **not** pushed
+- Only `npm` and `publishCmd` publishers run (no gh-release, no changelog, no gh-pages, no meta)
+- npm tag is `snapshot` instead of `latest`
+
+**Workflow example** (`.github/workflows/snapshot.yml`):
+```yaml
+name: Snapshot
+on:
+  pull_request:
+    types: [labeled]
+
+jobs:
+  snapshot:
+    if: github.event.label.name == 'snapshot'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write    # for OIDC trusted publishing
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+      - run: yarn install
+      - run: npx zx-bulk-release --snapshot
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+```
+
+**How to use:**
+1. Push a feature branch and open a PR.
+2. Add the `snapshot` label to the PR.
+3. The workflow publishes snapshot versions to npm.
+4. Consumers install snapshots via `npm install yourpkg@snapshot`.
+5. After merge, the regular release flow on `master` publishes clean versions to `latest`.
+
+### Selective testing along the change graph
+In a monorepo, `--dry-run` combined with `--no-build` lets you run tests only for packages affected by the current changes — following the dependency graph, without publishing anything. This gives you a precise CI check scoped to what actually changed:
+```shell
+npx zx-bulk-release --dry-run --no-build
+```
+See [antongolub/misc](https://github.com/antongolub/misc) for a real-world example of this pattern.
+
 ## Demo
 * [demo-zx-bulk-release](https://github.com/semrel-extra/demo-zx-bulk-release)
 * [qiwi/pijma](https://github.com/qiwi/pijma)
+* [antongolub/misc](https://github.com/antongolub/misc)
 
 ## Implementation notes
 ### Flow
-```js
-try {
-  const {packages, queue, root} = await topo({cwd, flags})
-  console.log('queue:', queue)
-
-  for (let name of queue) {
-    const pkg = packages[name]
-
-    await analyze(pkg, packages, root)
-
-    if (pkg.changes.length === 0) continue
-
-    await build(pkg, packages)
-
-    if (flags.dryRun) continue
-
-    await publish(pkg)
-  }
-} catch (e) {
-  console.error(e)
-  throw e
-}
 ```
+topo ─► contextify ─► analyze ──► build ──► test ──► publish ─► clean
+         (per pkg)    (per pkg)   (per pkg)  (per pkg) (per pkg)
+```
+[`@semrel-extra/topo`](https://github.com/semrel-extra/topo) resolves the release queue respecting dependency graphs. The graph allows parallel execution where the dependency tree permits; `memoizeBy` prevents duplicate work when a package is reached by multiple paths.
 
-### `topo`
-[Toposort](https://github.com/semrel-extra/topo) is used to resolve the pkg release queue.
-By default, it omits the packages marked as `private`. You can override this by setting the `--include-private` flag.
-
-### `analyze`
-Determines pkg changes, release type, next version etc.
-
-```js
-export const analyze = async (pkg, packages, root) => {
-  pkg.config = await getPkgConfig(pkg.absPath, root.absPath)
-  pkg.latest = await getLatest(pkg)
-
-  const semanticChanges = await getSemanticChanges(pkg.absPath, pkg.latest.tag?.ref)
-  const depsChanges = await updateDeps(pkg, packages)
-  const changes = [...semanticChanges, ...depsChanges]
-
-  pkg.changes = changes
-  pkg.version = resolvePkgVersion(changes, pkg.latest.tag?.version || pkg.manifest.version)
-  pkg.manifest.version = pkg.version
+By default, packages marked as `private` are omitted. Override with `--include-private`.
 
-  console.log(`[${pkg.name}] semantic changes`, changes)
-}
-```
+### Steps
+Each step has a uniform signature `(pkg, ctx)`:
+- **`contextify`** — resolves per-package config, latest release metadata, and git context.
+- **`analyze`** — determines semantic changes, release type, and next version.
+- **`build`** — runs `buildCmd` (with dep traversal and optional npm artifact fetch).
+- **`test`** — runs `testCmd`.
+- **`publish`** — orchestrates the publisher registry: prepare (serial) → run (parallel) → rollback on failure.
+- **`clean`** — restores `package.json` files and unsets git user config.
 
 Set `config.releaseRules` to override the default rules preset:
-```ts
+```js
 [
   {group: 'Features', releaseType: 'minor', prefixes: ['feat']},
   {group: 'Fixes & improvements', releaseType: 'patch', prefixes: ['fix', 'perf', 'refactor', 'docs', 'patch']},
@@ -198,32 +231,16 @@ Set `config.releaseRules` to override the default rules preset:
 ]
 ```
 
-### `build`
-Applies `config.cmd` to build pkg assets: bundles, docs, etc.
-```js
-export const build = async (pkg, packages) => {
-  // ...
-  if (!pkg.fetched && config.cmd) {
-    console.log(`[${pkg.name}] run cmd '${config.cmd}'`)
-    await $.o({cwd: pkg.absPath, quote: v => v})`${config.cmd}`
-  }
-  // ...
-}
-```
+### Publishers
+Publish targets are a registry of `{name, when, prepare?, run, undo?, snapshot?}` objects:
+- **meta** — pushes release metadata to the `meta` branch (or as a GH release asset).
+- **npm** — publishes to the npm registry.
+- **gh-release** — creates a GitHub release with optional file assets.
+- **gh-pages** — pushes docs to a `gh-pages` branch.
+- **changelog** — pushes a changelog entry to a `changelog` branch.
+- **cmd** — runs a custom `publishCmd`.
 
-### `publish`
-Publish the pkg to git, npm, gh-pages, gh-release, etc.
-```js
-export const publish = async (pkg) => {
-  await fs.writeJson(pkg.manifestPath, pkg.manifest, {spaces: 2})
-  await pushTag(pkg)
-  await pushMeta(pkg)
-  await pushChangelog(pkg)
-  await npmPublish(pkg)
-  await ghRelease(pkg)
-  await ghPages(pkg)
-}
-```
+Teardown walks the registry in reverse, calling `undo()` on each publisher for rollback/recovery.
 
 ### Tags
 [Lerna](https://github.com/lerna/lerna) tags (like `@pkg/name@v1.0.0-beta.0`) are suitable for monorepos, but they don’t follow [semver spec](https://semver.org/). Therefore, we propose another contract:

package/package.json

@@ -1,25 +1,27 @@
 {
   "name": "zx-bulk-release",
   "alias": "bulk-release",
-  "version": "2.20.0",
+  "version": "2.21.1",
   "description": "zx-based alternative for multi-semantic-release",
   "type": "module",
   "exports": {
     ".": "./src/main/js/index.js",
-    "./test-utils": "./src/test/js/test-utils.js",
-    "./meta": "./src/main/js/meta.js"
+    "./test-utils": "./src/test/js/utils/repo.js",
+    "./meta": "./src/main/js/processor/generators/meta.js"
   },
   "bin": "./src/main/js/cli.js",
   "files": [
     "src/main/js",
-    "src/test/js/test-utils.js",
+    "src/test/js/utils",
     "CHANGELOG.md",
     "LICENSE",
     "README.md"
   ],
   "scripts": {
-    "test": "c8 uvu ./src/test -i fixtures -i utils && c8 report -r lcov",
+    "test": "npm run test:unit",
+    "test:unit": "uvu ./src/test -i fixtures -i utils -i integration",
     "test:it": "node ./src/test/js/integration.test.js",
+    "test:cov": "c8 sh -c 'npx uvu ./src/test -i fixtures -i utils -i integration && node ./src/test/js/integration.test.js' && c8 report -r lcov",
     "docs": "mkdir -p docs && cp ./README.md ./docs/README.md",
     "publish:beta": "npm publish --tag beta --no-git-tag-version",
     "build": "esbuild src/main/js/index.js --platform=node --outdir=target --bundle --format=esm --external:typescript"
@@ -35,7 +37,7 @@
     "c8": "^11.0.0",
     "esbuild": "^0.28.0",
     "uvu": "^0.5.6",
-    "verdaccio": "6.3.2"
+    "verdaccio": "6.4.0"
   },
   "publishConfig": {
     "access": "public"
@@ -45,5 +47,10 @@
     "url": "git+https://github.com/semrel-extra/zx-bulk-release.git"
   },
   "author": "Anton Golub <antongolub@antongolub.com>",
-  "license": "MIT"
+  "license": "MIT",
+  "c8": {
+    "exclude": [
+      "src/test/**"
+    ]
+  }
 }

package/src/main/js/index.js

@@ -1,7 +1 @@
-import process from 'node:process'
-import { $ } from 'zx-extra'
-
-$.quiet = !process.env.DEBUG
-$.verbose = !!process.env.DEBUG
-
 export {run} from './processor/release.js'

package/src/main/js/processor/api/gh.js

@@ -0,0 +1,111 @@
+// Low-level GitHub API primitives. No domain knowledge, no imports from processor/ or steps/.
+
+import {$, path, tempy, glob, fs, fetch} from 'zx-extra'
+import {asArray, attempt2} from '../../util.js'
+
+export const getCommonPath = files => {
+  const f0 = files[0]
+  const common = files.length === 1
+    ? f0.lastIndexOf('/') + 1
+    : [...f0].findIndex((c, i) => files.some(f => f.charAt(i) !== c))
+  const p = f0.slice(0, common)
+  return p.endsWith('/') ? p : p.slice(0, p.lastIndexOf('/') + 1)
+}
+
+export const GH_API_VERSION = '2022-11-28'
+export const GH_ACCEPT = 'application/vnd.github.v3+json'
+
+export const ghFetch = (url, {ghToken, method = 'GET', headers, body} = {}) => fetch(url, {
+  method,
+  headers: {
+    Accept: GH_ACCEPT,
+    'X-GitHub-Api-Version': GH_API_VERSION,
+    ...(ghToken ? {Authorization: `token ${ghToken}`} : {}),
+    ...headers,
+  },
+  body,
+})
+
+// https://docs.github.com/en/rest/releases/releases?apiVersion=2022-11-28#create-a-release
+export const ghCreateRelease = async ({ghApiUrl, ghToken, repoName, tag, body}) => {
+  const res = await (await ghFetch(`${ghApiUrl}/repos/${repoName}/releases`, {
+    ghToken,
+    method: 'POST',
+    body: JSON.stringify({name: tag, tag_name: tag, body}),
+  })).json()
+
+  if (!res.upload_url) {
+    throw new Error(`gh release failed: ${JSON.stringify(res)}`)
+  }
+  return res
+}
+
+// https://docs.github.com/en/rest/releases/releases?apiVersion=2022-11-28#delete-a-release
+export const ghDeleteReleaseByTag = async ({ghApiUrl, ghToken, repoName, tag}) => {
+  const res = await attempt2(() => ghFetch(`${ghApiUrl}/repos/${repoName}/releases/tags/${tag}`, {ghToken}))
+  if (!res.ok) return false
+  const {id} = await res.json()
+  await attempt2(() => ghFetch(`${ghApiUrl}/repos/${repoName}/releases/${id}`, {ghToken, method: 'DELETE'}))
+  return true
+}
+
+// https://docs.github.com/en/rest/releases/assets?apiVersion=2022-11-28#upload-a-release-asset
+export const ghPrepareAssets = async (assets, _cwd) => {
+  const temp = tempy.temporaryDirectory()
+
+  await Promise.all(assets.map(async ({name, contents, source = 'target/**/*', zip, cwd = _cwd, strip = true}) => {
+    const target = path.join(temp, name)
+
+    if (contents) {
+      await fs.outputFile(target, contents, 'utf8')
+      return
+    }
+
+    const patterns = asArray(source)
+    if (patterns.some(s => s.includes('*'))) {
+      zip = true
+    }
+    const files = await glob(patterns, {cwd, absolute: false, onlyFiles: true})
+
+    if (files.length === 0) {
+      throw new Error(`gh asset not found: ${name} ${source}`)
+    }
+
+    if (!zip && files.length === 1) {
+      await fs.copy(path.join(cwd, files[0]), target)
+      return
+    }
+    const prefix = getCommonPath(files)
+
+    return $.raw`tar -C ${path.join(cwd, prefix)} -cv${zip ? 'z' : ''}f ${target} ${files.map(f => f.slice(prefix.length)).join(' ')}`
+  }))
+
+  return temp
+}
+
+export const ghUploadAssets = async ({ghToken, ghAssets, uploadUrl, cwd}) => {
+  const temp = await ghPrepareAssets(ghAssets, cwd)
+
+  return Promise.all(ghAssets.map(async ({name}) => {
+    const url = `${uploadUrl}?name=${name}`
+    const res = await ghFetch(url, {
+      ghToken,
+      method: 'POST',
+      headers: {'Content-Type': 'application/octet-stream'},
+      body: await fs.readFile(path.join(temp, name)),
+    })
+    if (!res.ok) {
+      throw new Error(`gh asset upload failed for '${name}': ${res.status}`)
+    }
+    return res
+  }))
+}
+
+export const ghGetAsset = async ({repoName, tag, name, ghUrl}) => {
+  const url = `${ghUrl || 'https://github.com'}/${repoName}/releases/download/${tag.ref || tag}/${name}`
+  const res = await attempt2(() => fetch(url))
+  if (!res.ok) {
+    throw new Error(`gh asset fetch failed for '${name}': ${res.status} ${url}`)
+  }
+  return res.text()
+}

package/src/main/js/{api → processor/api}/git.js

@@ -1,6 +1,6 @@
 import {$, fs, path, tempy, copy} from 'zx-extra'
 import {log} from '../log.js'
-import {memoizeBy} from '../util.js'
+import {attempt2, attempt3, memoizeBy} from '../../util.js'
 
 export const fetchRepo = memoizeBy(async ({cwd: _cwd, branch, origin: _origin, basicAuth}) => {
   const origin = _origin || (await getRepo(_cwd, {basicAuth})).repoAuthedUrl
@@ -9,7 +9,7 @@ export const fetchRepo = memoizeBy(async ({cwd: _cwd, branch, origin: _origin, b
   try {
     await _$`git clone --single-branch --branch ${branch} --depth 1 ${origin} .`
   } catch (e) {
-    log({level: 'warn'})(`ref '${branch}' does not exist in ${origin}`)
+    log.warn(`ref '${branch}' does not exist in ${origin}`)
     await _$`git init . &&
             git remote add origin ${origin}`
   }
@@ -18,8 +18,6 @@ export const fetchRepo = memoizeBy(async ({cwd: _cwd, branch, origin: _origin, b
 }, async ({cwd, branch}) => `${await getRoot(cwd)}:${branch}`)
 
 export const pushCommit = async ({cwd, from, to, branch, origin, msg, ignoreFiles, files = [], basicAuth, gitCommitterEmail, gitCommitterName}) => {
-  let retries = 3
-
   const _cwd = await fetchRepo({cwd, branch, origin, basicAuth})
   const _$ = $({cwd: _cwd})
 
@@ -34,31 +32,24 @@ export const pushCommit = async ({cwd, from, to, branch, origin, msg, ignoreFile
     await _$`git add . &&
             git commit -m ${msg}`
   } catch {
-    log({level: 'warn'})(`no changes to commit to ${branch}`)
+    log.warn(`no changes to commit to ${branch}`)
     return
   }
 
-  while (retries > 0) {
-    try {
-      return await _$`git push origin HEAD:refs/heads/${branch}`
-    } catch (e) {
-      retries -= 1
-      log({level: 'error'})('git push failed', 'branch', branch, 'retries left', retries, e)
-
-      if (retries === 0) {
-        throw e
-      }
-
-      await _$`git fetch origin ${branch} &&
-              git rebase origin/${branch}`
+  return attempt3(
+    () => _$`git push origin HEAD:refs/heads/${branch}`,
+    (e) => {
+      log.warn('git push failed, rebasing', 'branch', branch, e)
+      return attempt2(() => _$`git fetch origin ${branch} &&
+              git rebase origin/${branch}`)
     }
-  }
+  )
 }
 
-export const getSha = async (cwd) => (await $({cwd})`git rev-parse HEAD`).toString().trim()
-
 export const getRoot = memoizeBy(async (cwd) => (await $({cwd})`git rev-parse --show-toplevel`).toString().trim())
 
+export const getSha = memoizeBy(async (cwd) => (await $({cwd})`git rev-parse HEAD`).toString().trim(), getRoot)
+
 export const parseOrigin = (originUrl) => {
   const [, , repoHost, repoName] = originUrl.replace(':', '/').replace(/\.git/, '').match(/.+(@|\/\/)([^/]+)\/(.+)$/) || []
 
@@ -102,10 +93,10 @@ export const getCommits = async (cwd, from, to = 'HEAD') => {
     })
 }
 
-export const getTags = async (cwd, ref) =>
-  (await $({cwd})`git tag -l ${ref || '*'}`)
-    .toString()
-    .split('\n')
+export const getTags = memoizeBy(
+  async (cwd, ref = '*') => (await $({cwd})`git tag -l ${ref}`).toString().split('\n'),
+  async (cwd, ref = '*') => `${await getRoot(cwd)}:${ref}`,
+)
 
 export const pushTag = async ({cwd, tag, gitCommitterName, gitCommitterEmail}) => {
   await setUserConfig(cwd, gitCommitterName, gitCommitterEmail)
@@ -119,7 +110,7 @@ export const fetchTags = async (cwd) =>
   $({cwd})`git fetch --tags`
 
 export const deleteRemoteTag = async ({cwd, tag}) => {
-  log()(`rolling back remote tag '${tag}'`)
+  log.info(`rolling back remote tag '${tag}'`)
   await $({cwd, nothrow: true})`git push origin :refs/tags/${tag}`
   await $({cwd, nothrow: true})`git tag -d ${tag}`
 }