Clarify release validation discipline#26
Merged
GsCommand merged 2 commits intoMar 21, 2026
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
Description
package.jsonscripts to makenpm run validatethe canonical local/no-network gate (validate:current+ checksum verification) and makenpm run validate:releaserun the canonical local gate first and then the release-only checks (node scripts/validate-release.mjs)..github/workflows/validate.ymlby renaming the job to reflect release-readiness, runningnpm run validatebeforenpm run validate:release, and adding aworkflow_dispatchboolean inputrequire_mirrorsthat triggers a publish-time mirror gate (npm run validate:release -- --require-mirrors) only when manually dispatched.README.mdto document the single canonical ceremony and recommended command sequence for a release, includingnpm run generate:dist-pin,node scripts/generate-checksums.mjs,npm run validate,npm run validate:release, tag creation, push, and final public mirror verification withnpm run validate:release -- --require-mirrors.package.json,.github/workflows/validate.yml, andREADME.md; the changes align script names, CI signaling, and documentation with a single clear release path.Testing
npm run validatelocally and it completed successfully (local structure, manifest alignment, andchecksums.txtverified).npm run validate:releaselocally and it exercised the release checks but reported external upstream schema resolution failures (these external failures are expected to remain visible and not be silently masked).Codex Task