Before creating any release PR, verify ALL of the following are updated:
-
Cargo.toml— version bump - All target issues merged to
develop -
cargo test— all 567+ tests pass -
cargo clippy --all-targets -- -D warnings— clean -
cargo fmt --all -- --check— clean -
cargo build --release— no errors - Binary smoke test:
cora --version,cora mcp --help,cora review --staged
-
README.md— feature list, commands table, config examples, all links tocodecora.dev -
CHANGELOG.md— new version entry with ALL changes -
docs/changelog.md— mirrorsCHANGELOG.mdexactly -
docs/roadmap.md— completed items ✓ Done, future items accurate -
docs/getting-started.md— new major features mentioned, links valid -
docs/configuration.md— all new config sections present -
docs/cli-reference.md— all commands listed including new subcommands -
docs/usage.md— exit codes, sections up to date -
docs/examples.md— CI examples work, marketplace action reference correct -
docs/providers.md— provider list and env vars accurate -
docs/installation.md— version pin example uses latest -
AGENT.md— code structure, test count, features list current
- Feature coverage: every feature in README + CHANGELOG + config docs + roadmap
- Consistent terminology across all files
- No broken links (all
codecora.devlinks resolve) - Version numbers consistent across all docs
- Star History chart includes all relevant repos
- CI: 10/10 checks green on develop
- Code Scanning: 0 open alerts
- No open PRs blocking release
- Pre-commit hook passes (
cora review --staged)
-
release.ymltriggers onv*tag - 4 platform binaries on GitHub Releases
-
crates.iopublish succeeds -
codecora.devreflects new docs - Marketplace action still works
Owner approval required before ANY release. Agent must:
- Complete Pre-Release Checklist (all green)
- Generate validation report
- Present to owner
- Wait for explicit approval ("oke kerjakan" / "go ahead" / "rilis")
- Only then: bump version + tag + push
Agent must NEVER trigger release without owner approval.
- All PRs target
develop(notmain) - Feature branches:
feat/<issue-number>-<description> - Fix branches:
fix/<description> - Release branches:
release/vX.Y.Z - Pre-commit hook must pass before each commit
- One issue = one branch = one PR = wait CI green = merge = next
| File | Contents |
|---|---|
~/.cora/auth.toml |
API key only (secret, chmod 600) |
~/.cora/config.yaml |
Provider, model, base_url, settings (global) |
.cora.yaml |
Per-project overrides |
- License: MIT (Rust CLI ecosystem standard)
- CORA_API_KEY env var: CI use only, not for local dev
- Provider info auto-migrated from auth.toml → config.yaml
- Config priority: CLI flags → env vars → .cora.yaml → config.yaml → auto-detect → defaults
- Marketplace action: separate repo
codecoradev/cora-review-action(not in-tree) - Quality gate: exit code 2 on failure (1 = error, 0 = success)
merge_into()returnsResult<(), CoraError>— fail-fast on invalid profile config- MCP server: JSON-RPC 2.0 over stdio, 5 tools
Check, Format, Clippy, Test, Build, Security Audit (CVE), Website Build, NPM Audit, Cargo Outdated, Cora Review
config/ → engine/ → formatters/
↗ ↘
main.rs → commands/ → output
↘ ↗
git/ → engine/review
mcp/ → engine/* (rules, security_scanner, secrets_scanner, profiles, diff_parser)
hook/
Key: engine modules should NOT depend on commands or config/loader directly.
mcp/tools uses engine internals via crate::engine::*.