Keep active CCS workflows on self-hosted runners, gate self-hosted PR execution to trusted authors, and scope privileged release credentials to the exact git operations that need them.
- align dev-release workflow with protected-branch bypass used by release.yml
- add a workflow regression test so checkout and release auth do not drift back to github.token
The maintainability gate (process.exit count + sync FS API count) was
a raw grep counter that provided no actionable signal for a CLI tool.
It blocked the v7.53.0 stable release because new features naturally
increased the counts beyond the baseline.
Removed:
- scripts/maintainability-baseline.js
- scripts/maintainability-check.js
- docs/metrics/maintainability-baseline.json
- All maintainability:* npm scripts
- Gate references from release, dev-release, and CI workflows
Quality gates retained: typecheck, eslint, prettier, full test suite.
- dev versions (X.Y.Z-dev.N) now treated as newer than base release (X.Y.Z)
- reflects convention that dev work is AFTER the release, not before
- update GH Actions message to use 'ccs update --dev' instead of npm install
- update tests to match new semantic
Replaces semantic-release for dev branch with custom script that:
- Bases dev versions on current stable (e.g., 6.7.1-dev.N)
- Increments only the dev number, not the base version
- Keeps GitHub releases, issue tagging, Discord notifications
Changes semantic-release to use the built-in GITHUB_TOKEN instead of
PAT_TOKEN so that release comments appear from github-actions[bot]
instead of the repository owner's personal account.
PAT_TOKEN is still used for checkout to ensure downstream workflows
can be triggered by the release commits.
- stable releases: fetch GH release, post green embed with changelog
- dev releases: post orange embed with version info
- graceful skip if webhook not configured
The native shell installers (install.sh, install.ps1) were removed in the
recent refactor, but the dev-release workflow still tried to update and
commit them, causing CI failures.
- Remove tests from pre-commit hook (keep typecheck+lint only)
- Remove build+validate from prepublishOnly/prepack (CI handles it)
- Add HUSKY=0 to CI commit step to skip hooks
Before: 4 test runs per release (pre-commit, CI validate, prepublishOnly, prepack)
After: 1 test run (CI validate only)
- Add label-pending-release.yml workflow to tag issues when PR created
- Update dev-release.yml to comment and label issues after npm publish
- Labels: pending-release (yellow), released-dev (blue)
- Auto-removes pending-release when released-dev is applied
- validate now uses test:all directly (build already done)
- Added test:ci script for explicit CI usage
- ci.yml now builds UI deps and uses build:all
- dev-release.yml separates build and validate steps
- Reduces build count from 3-4 to 1 per release cycle
- Remove dev branch from semantic-release (main only)
- Add dev-release.yml: simple X.Y.Z-dev.N bump workflow
- Update sync workflow: handle merge conflicts for version files
- Update release.yml: trigger only on main branch
Dev versions now stay at {stable}-dev.N until merged to main.
PR merge commit type (feat/fix) determines actual version bump.