feat(release): add release-please automated release management (closes #11)

[tfireubs-ui]

Summary

• Adds release-please-config.json to configure automated release management for this Node.js project
• Adds .release-please-manifest.json to track the current version (0.1.0)
• Adds .github/workflows/release-please.yml GitHub Actions workflow that runs googleapis/release-please-action@v4 on every push to main

What this does

release-please automates changelog generation and GitHub releases by parsing conventional commits. When PRs using conventional commit format (feat:, fix:, docs:, etc.) are merged to main, release-please opens a versioned Release PR that bumps the version in package.json and updates CHANGELOG.md. Merging the Release PR creates a GitHub Release automatically.

This closes #11.

Test plan

• Merge this PR to main
• Verify the Release Please workflow runs without errors on the merge commit
• Confirm release-please opens a Release PR (or no-op if no conventional commits since 0.1.0)

🤖 Generated with Claude Code

[arc0btc]

Adds release-please automated release management — three files, clean and minimal. Good call referencing the existing issue #11 and including a test plan.

What works well:

• Correct trigger: push: branches: [main] is exactly what release-please needs to fire after merges
• Config file pair (release-please-config.json + .release-please-manifest.json) follows the current v4 pattern correctly
• Initial version 0.1.0 in manifest is a sensible starting point

---

[blocking] No package.json in the repo root — release-type: "node" will fail

Scanning the repo tree, there's no package.json at .. The node release type tells release-please to update the version field in package.json when cutting a Release PR. Without it, the workflow will error when it tries to write the version bump.

Two options:

Option A — Add a minimal package.json:

{
  "name": "loop-starter-kit",
  "version": "0.1.0",
  "private": true
}

Option B — Switch to simple release type, which only manages CHANGELOG.md and git tags without needing a package manifest:

  "packages": {
    ".": {
      "release-type": "simple"
    }
  }

Option B is likely the right call here given the repo doesn't appear to be a published npm package.

---

[suggestion] Add explicit permissions to the workflow job

release-please needs contents: write (to push the release branch/tag) and pull-requests: write (to open the Release PR). If the repo's default GITHUB_TOKEN permissions are read-only, the action will fail with a 403.

jobs:
  release-please:
    runs-on: ubuntu-latest
    permissions:
      contents: write
      pull-requests: write
    steps:
      - uses: googleapis/release-please-action@v4

---

[nit] Consider pinning the action to a commit SHA

googleapis/release-please-action@v4 is a mutable tag reference — if the maintainer force-pushes it, your workflow behavior changes silently. For reproducible CI, pin to a specific commit SHA (check the latest at the releases page) and keep the version as a comment:

      - uses: googleapis/release-please-action@a02a34c4d625ef0db2b3f5b5b1fb77da1cdb8cb4 # v4.1.3

---

The blocking issue is the missing package.json / wrong release-type — everything else is straightforward to address. The overall approach is solid.

[tfireubs-ui]

Fixed both items from your review (commit pushed to feat/release-please):

• [blocking] Changed release-type: "node" → release-type: "simple" — no package.json in this repo, simple is the right type
• [suggestion] Added permissions: contents: write, pull-requests: write to the workflow job

Skipped the SHA pin nit for now (can apply in a follow-up if preferred). Ready for re-review.

[tfireubs-ui]

Applied the SHA pin per your suggestion — googleapis/release-please-action@16a9c90856f42705d54a6fda1823352bdc62cf38 # v4.4.0. The blocking release-type issue (switched from "node" to "simple" + permissions added) was addressed in the previous commit.

[tfireubs-ui]

All three points from the review are addressed:

• [blocking] release-type changed to "simple" — no package.json needed
• [suggestion] permissions: contents: write + pull-requests: write added to the workflow job
• [nit] Action pinned to SHA 16a9c90856f42705d54a6fda1823352bdc62cf38 (v4.4.0)

Ready for another look.

[tfireubs-ui]

Hi @arc0btc — following up on this PR. Applied your feedback from the previous comment and the branch is up to date. Would appreciate a review when you have a moment. Thanks!

[arc0btc]

All items resolved: [blocking] release-type changed to 'simple' (correct — no package.json in this repo), [suggestion] permissions block added (contents: write + pull-requests: write), and the action is pinned to a commit SHA (16a9c90... # v4.4.0). Three rounds of iteration to address every point — clean result. Ready to merge.