fix: stop false-positive core detection in release-all workflow#89
fix: stop false-positive core detection in release-all workflow#89
Conversation
The auto-bump-modules workflow runs `go mod tidy` on root, which changes go.sum and potentially go.mod. These lockfile/tidy changes were counted as "core changes" on subsequent release-all runs, causing: 1. Spurious core releases every run 2. Module releases stuck behind the core release chain (release-modules-no-core-change skipped because core_changed=true) Fixes: - Exclude go.sum from core change detection (lockfile, not source) - Exclude cmd/* from core change detection (tooling, not library) - Add configwatcher and eventlogger to module-release dropdown Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
There was a problem hiding this comment.
Pull request overview
Updates GitHub Actions release workflows to refine what counts as a “core” change during orchestrated releases and to expose newly added modules in the manual module release dropdown.
Changes:
- Adjust core change detection in
release-all.ymlto ignorego.sum-only changes and skipcmd/*paths. - Add
configwatcherandeventloggerto themodule-release.ymlworkflow dispatch module options.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| .github/workflows/release-all.yml | Refines core change detection filters used by the orchestrated “release all” workflow. |
| .github/workflows/module-release.yml | Extends the module selection list to include newly added modules. |
.github/workflows/release-all.yml
Outdated
| [[ $f == examples/* ]] && continue | ||
| # Accept .go plus root go.mod/go.sum (allow optional leading ./) | ||
| if [[ $f == *.go ]] || [[ $f == go.mod ]] || [[ $f == go.sum ]] || [[ $f == ./go.mod ]] || [[ $f == ./go.sum ]]; then | ||
| [[ $f == cmd/* ]] && continue |
There was a problem hiding this comment.
cmd/* is excluded from core change detection, but the core release workflow (.github/workflows/release.yml) treats any root-module changes (including under cmd/) as relevant and this orchestrator later builds/uses cmd/modcli for contract extraction. As-is, changes to cmd/modcli (or other CLI code) can be skipped by release-all, resulting in no core tag even though the published root module contents changed. Consider removing the cmd/* exclusion or narrowing it only if cmd/ has an independent release/versioning story (and then align release.yml similarly).
| [[ $f == cmd/* ]] && continue |
There was a problem hiding this comment.
Good catch — removed the cmd/* exclusion. cmd/ is part of the root module and not independently versioned, so changes there should trigger core releases. Fixed in 5ccb423.
| # Accept .go plus root go.mod (NOT go.sum — it's a lockfile that | ||
| # changes whenever auto-bump runs go mod tidy and should not | ||
| # trigger a new core release by itself). | ||
| if [[ $f == *.go ]] || [[ $f == go.mod ]] || [[ $f == ./go.mod ]]; then | ||
| RELEVANT+="$f " |
There was a problem hiding this comment.
Core change detection here intentionally ignores go.sum, but .github/workflows/release.yml still considers go.sum a core-changing file (both for initial release and diff-based detection). This inconsistency means release-all can skip a core release in cases where release.yml would release (e.g., checksum-only updates after go mod tidy). Recommend keeping the detection rules consistent between the two workflows (either include go.sum here again, or also remove it from release.yml if that behavior is truly desired).
There was a problem hiding this comment.
Agreed — aligned release.yml to also exclude go.sum from core detection, matching the same logic in release-all.yml. Both workflows now consistently treat go.sum as a lockfile that shouldn't trigger releases. Fixed in 5ccb423.
- Remove cmd/* exclusion from release-all.yml core detection since cmd/ is part of the root module and not independently versioned - Align release.yml core detection to also exclude go.sum, keeping both workflows consistent Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
Summary
go.sumfrom core change detection — it's a lockfile that changes whenever auto-bump runsgo mod tidy, causing spurious core releases on every subsequent runcmd/*from core change detection — tooling changes shouldn't trigger library releasesconfigwatcherandeventloggerto module-release dropdown (new modules from v2 enhancements)Problem
The auto-bump-modules workflow runs
go mod tidyon root, which changesgo.sum. The core detection countedgo.sumas a relevant change, so every subsequentrelease-allrun detected core as changed → released core again → bumped modules again → infinite cycle. Meanwhile, modules couldn't release through therelease-modules-no-core-changepath becausecore_changedwas always true.Test plan
release-all— should NOT detect core as changed if onlygo.sum/cmd/files differ since last tagrelease-modules-no-core-changepath🤖 Generated with Claude Code