From 8f2dfc06362ffa5a7e810020726ac9be1d9be1df Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 1 May 2026 12:52:35 +0000 Subject: [PATCH 1/3] ci: Add release-plz workflow with OIDC and cargo-semver-checks Two jobs run on every push to main: - release-pr: opens/updates a "Release vX.Y.Z" PR with the Cargo.toml bump and changelog. Merging that PR ships the release. - release: when the merged commit's Cargo.toml version is unreleased, tags it, creates a GitHub Release, and publishes to crates.io via OIDC trusted publishing. semver_check = true uses cargo-semver-checks (rustdoc JSON diff) to force a major bump if breaking changes are detected. Workflow filename kept as release.yml to match the existing crates.io trusted publisher configuration. --- .github/workflows/release.yml | 43 +++++++++++++++++++++++++++++++++++ release-plz.toml | 2 ++ 2 files changed, 45 insertions(+) create mode 100644 .github/workflows/release.yml create mode 100644 release-plz.toml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..578362e --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,43 @@ +name: Release + +on: + push: + branches: [main] + +permissions: + pull-requests: write + contents: write + +jobs: + release-plz-release: + name: Release-plz release + runs-on: ubuntu-latest + permissions: + contents: write + id-token: write + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: dtolnay/rust-toolchain@stable + - uses: MarcoIeni/release-plz-action@v0.5 + with: + command: release + + release-plz-pr: + name: Release-plz PR + runs-on: ubuntu-latest + permissions: + contents: write + pull-requests: write + concurrency: + group: release-plz-${{ github.ref }} + cancel-in-progress: false + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: dtolnay/rust-toolchain@stable + - uses: MarcoIeni/release-plz-action@v0.5 + with: + command: release-pr diff --git a/release-plz.toml b/release-plz.toml new file mode 100644 index 0000000..ea2b198 --- /dev/null +++ b/release-plz.toml @@ -0,0 +1,2 @@ +[workspace] +semver_check = true From ff730c915aaca402874038987740c9a7b084882b Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 1 May 2026 12:56:57 +0000 Subject: [PATCH 2/3] ci: Collapse release-plz into single job --- .github/workflows/release.yml | 27 +++------------------------ 1 file changed, 3 insertions(+), 24 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 578362e..00ce79d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -4,34 +4,15 @@ on: push: branches: [main] -permissions: - pull-requests: write - contents: write - jobs: - release-plz-release: - name: Release-plz release - runs-on: ubuntu-latest - permissions: - contents: write - id-token: write - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - uses: dtolnay/rust-toolchain@stable - - uses: MarcoIeni/release-plz-action@v0.5 - with: - command: release - - release-plz-pr: - name: Release-plz PR + release-plz: runs-on: ubuntu-latest permissions: contents: write pull-requests: write + id-token: write concurrency: - group: release-plz-${{ github.ref }} + group: release-plz cancel-in-progress: false steps: - uses: actions/checkout@v4 @@ -39,5 +20,3 @@ jobs: fetch-depth: 0 - uses: dtolnay/rust-toolchain@stable - uses: MarcoIeni/release-plz-action@v0.5 - with: - command: release-pr From a13b23fe8e45276e153764bddd2dd9bcddb5ece2 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 1 May 2026 12:57:58 +0000 Subject: [PATCH 3/3] ci: Drop redundant rust-toolchain step --- .github/workflows/release.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 00ce79d..cf6f2d8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,5 +18,4 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 - - uses: dtolnay/rust-toolchain@stable - uses: MarcoIeni/release-plz-action@v0.5