ci(release): make tag-driven release idempotent and npm-optional#51
Merged
Conversation
Hardens the combined PyPI+npm release pipeline so re-runs degrade gracefully instead of hard-failing — the failure modes documented in #34 (run 26680581091 died on the npm leg with an empty NODE_AUTH_TOKEN, and the maintainer flagged that re-running would also fail PyPI because the version was already published). - publish-pypi: upload with `--skip-existing` so re-tagging a version that already exists on PyPI no-ops instead of erroring the release. - publish-npm: skip gracefully (with a warning) when NPM_TOKEN is absent, and expose a `published` job output. The dedicated `npm release` workflow remains the path to repair npm drift once a token is set. - smoke: only run the npm install smoke-check when npm actually published. PyPI distribution of 1.12.1 is published out-of-band; this only makes the automated pipeline safe to re-run. https://claude.ai/code/session_0197tU2pez27S2N3iFekR9Kr
This was referenced May 31, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Hardens the tag-driven
release.ymlpipeline so it degrades gracefully instead of hard-failing, addressing the release fragility documented in #34:release.ymlbecause PyPI was already at1.12.0, so a re-run would hard-fail on the PyPI upload.26680581091died on the npm leg with an emptyNODE_AUTH_TOKEN.Changes (
.github/workflows/release.yml)--skip-existingso re-tagging a version that already exists on PyPI no-ops the existing files instead of erroring the whole release.::warning::) whenNPM_TOKENis absent, and expose apublishedjob output. The dedicatednpm releaseworkflow remains the path to repair npm drift once a token is configured.publish-npmactually published, so it never fails spuriously against the stale registry version.Release status
simplicio-prompt 1.12.1published out-of-band (PyPI was at1.12.0;1.12.1is the Mapper context artifacts release). This PR only makes the automated pipeline safe to re-run.NPM_TOKENsecret (the npm criteria in [Release] Publish 1.12.0 to npm (registry stuck at 1.1.0) #34 cannot be satisfied without it).Tests
npm test— Node suite (CLI + hooks + cache + targets) and Python suite (100 tests, 4 skipped) all green.twine check dist/*— PASSED for both wheel and sdist.release.ymlvalidated as well-formed YAML; job outputs /needswiring confirmed.Generated by Claude Code