ci: prevent SNAPSHOT releases; bump to 0.1.6-SNAPSHOT#49
Open
WilliamAGH wants to merge 4 commits intomainfrom
Open
ci: prevent SNAPSHOT releases; bump to 0.1.6-SNAPSHOT#49WilliamAGH wants to merge 4 commits intomainfrom
WilliamAGH wants to merge 4 commits intomainfrom
Conversation
When triggered by release:published events, GitHub Actions checks out the release tag (detached HEAD) rather than a branch. This caused git push to fail with "You are not currently on a branch" error. Fixed by explicitly specifying ref: main in the checkout step, ensuring the workflow always operates on the main branch regardless of trigger.
The repository’s agent guidance needed to be more explicit and linkable, with stable rule hashes that can be cited during reviews and automated changes. This formalizes additional non-negotiables (verification, SRP, LOC ceilings, dependency source inspection) and adds a single “code change contract” so new work follows consistent placement and splitting decisions. - Expand AGENTS rule summary and add missing rule sections/hashes - Add dependency source verification workflow (Gradle cache / sources JAR) - Add LOC ceiling and no-monolith decision rules (new file vs edit) - Add a contracts doc with a decision matrix and verification gates
Docs pages currently lack frontmatter metadata and there is no Mintlify docs configuration to define navigation and site identity. This adds the Mintlify `docs.json` plus per-page titles so the documentation can be rendered and navigated consistently. - Add docs/docs.json with theme, name, and grouped navigation - Add YAML frontmatter titles to core docs pages - Include Contracts navigation entry pointing at the code-change contract page
📝 WalkthroughSummary by CodeRabbit
WalkthroughThis pull request establishes snapshot release infrastructure and governance policies. It updates GitHub Actions workflows to detect and conditionally handle SNAPSHOT versions, bumps the project version to 0.1.6-SNAPSHOT in gradle.properties, adds documentation for snapshot artifacts and code-change policies, and introduces enhanced policy governance rules. Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Possibly related PRs
Poem
🚥 Pre-merge checks | ✅ 3 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing touches🧪 Generate unit tests (beta)
⚔️ Resolve merge conflicts (beta)
Comment |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 3134895ba2
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| } | ||
|
|
||
| dependencies { | ||
| implementation("com.williamcallahan:apple-maps-java:0.1.6-SNAPSHOT") |
There was a problem hiding this comment.
Adding this -SNAPSHOT dependency example introduces a regression with the existing UpdateReadmeVersion workflow: its global regex replacement updates every implementation("com.williamcallahan:apple-maps-java:...") occurrence, so the next scheduled/release run will overwrite this snapshot line to the latest release version and break the snapshot instructions. Scope the replacement to the release-install snippet (or explicitly exclude the snapshot block) so docs stay correct after automation runs.
Useful? React with 👍 / 👎.
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Fix all issues with AI agents
In @.github/workflows/CI.yaml:
- Around line 32-41: The version_check step currently sets VERSION from
gradle.properties but will silently treat a missing or empty VERSION_NAME as
non-snapshot; modify the run block for the step with id version_check to enable
strict shell mode (set -euo pipefail) and add an explicit non-empty check for
VERSION (e.g., if [ -z "$VERSION" ]; then echo "ERROR: VERSION_NAME not found or
empty" >&2; exit 1; fi) before the SNAPSHOT test, so the job fails fast and
loudly when VERSION_NAME is absent.
Comment on lines
+32
to
+41
| - name: Check if SNAPSHOT version | ||
| id: version_check | ||
| run: | | ||
| VERSION=$(grep '^VERSION_NAME=' gradle.properties | cut -d'=' -f2) | ||
| echo "VERSION=${VERSION}-SNAPSHOT" >> $GITHUB_OUTPUT | ||
| echo "Version: $VERSION" | ||
| if [[ "$VERSION" == *-SNAPSHOT ]]; then | ||
| echo "is_snapshot=true" >> $GITHUB_OUTPUT | ||
| else | ||
| echo "is_snapshot=false" >> $GITHUB_OUTPUT | ||
| fi |
There was a problem hiding this comment.
Guard against missing VERSION_NAME to avoid silent skips.
If VERSION_NAME is absent or empty, this step will quietly set is_snapshot=false and skip snapshot publishing. Adding strict mode + a non-empty check makes the failure loud and easy to debug. Tiny CI hygiene win. 🌱
✅ Suggested hardening
- name: Check if SNAPSHOT version
id: version_check
+ shell: bash
run: |
- VERSION=$(grep '^VERSION_NAME=' gradle.properties | cut -d'=' -f2)
+ set -euo pipefail
+ VERSION=$(grep -E '^VERSION_NAME=' gradle.properties | head -n1 | cut -d'=' -f2 | tr -d '\r')
+ if [[ -z "$VERSION" ]]; then
+ echo "::error::VERSION_NAME not found in gradle.properties"
+ exit 1
+ fi
echo "Version: $VERSION"
if [[ "$VERSION" == *-SNAPSHOT ]]; then
- echo "is_snapshot=true" >> $GITHUB_OUTPUT
+ echo "is_snapshot=true" >> "$GITHUB_OUTPUT"
else
- echo "is_snapshot=false" >> $GITHUB_OUTPUT
+ echo "is_snapshot=false" >> "$GITHUB_OUTPUT"
fi🤖 Prompt for AI Agents
In @.github/workflows/CI.yaml around lines 32 - 41, The version_check step
currently sets VERSION from gradle.properties but will silently treat a missing
or empty VERSION_NAME as non-snapshot; modify the run block for the step with id
version_check to enable strict shell mode (set -euo pipefail) and add an
explicit non-empty check for VERSION (e.g., if [ -z "$VERSION" ]; then echo
"ERROR: VERSION_NAME not found or empty" >&2; exit 1; fi) before the SNAPSHOT
test, so the job fails fast and loudly when VERSION_NAME is absent.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Mirrors the Maven Central publishing guardrails used in tui4j.
Changes:
Verification: