Skip to content

ci: add release-please and conventional commit enforcement#1467

Merged
nicknisi merged 6 commits intomainfrom
nicknisi/release-please
Feb 24, 2026
Merged

ci: add release-please and conventional commit enforcement#1467
nicknisi merged 6 commits intomainfrom
nicknisi/release-please

Conversation

@nicknisi
Copy link
Member

@nicknisi nicknisi commented Feb 5, 2026
edited
Loading

Summary

  • Derive SDK version from package.json instead of a hardcoded VERSION constant in src/workos.ts. This is required so release-please can bump the version in a single place (package.json) and have it propagate to the User-Agent header automatically.
  • Add release-please configuration (release-please-config.json, .release-please-manifest.json, .github/workflows/release-please.yml) to automate version bumps, changelog generation, and GitHub Release creation via conventional commits.
  • Add PR title linting (.github/workflows/lint-pr-title.yml) to enforce conventional commit format on PR titles. Since PRs are squash-merged, the PR title becomes the commit message that release-please parses. This check runs on all PRs after this one merges. Consider adding it as a required status check in branch protection for main.
  • Replace ts-jest with the existing babel-jest transformer in jest.config.cjs. The import ... with { type: 'json' } syntax used for the package.json import is incompatible with ts-jest (which overrides module to "commonjs"). The project's existing jest-transform-esm.cjs (babel-jest + @babel/preset-typescript) handles this correctly. ts-jest is removed from devDependencies as it is no longer used anywhere.

How it works

  1. Conventional commits (feat:, fix:, chore:, etc.) are enforced on PR titles via amannn/action-semantic-pull-request
  2. PRs are squash-merged, so the PR title becomes the commit message on main
  3. release-please-action opens (or updates) a release PR with a version bump and CHANGELOG.md entry
  4. Merging the release PR creates a GitHub Release
  5. The existing release.yml workflow triggers on the release: [published] event and publishes to npm

No changes to the existing publish workflow are needed — it already triggers on GitHub Release events.

Files changed

File Change
src/workos.ts Import VERSION from package.json instead of hardcoding
jest.config.cjs Unified transform to jest-transform-esm.cjs for both .ts and .js
package.json Removed ts-jest from devDependencies
package-lock.json Removed ts-jest and its dependency tree
release-please-config.json Release-please config (node type, bump-minor-pre-major)
.release-please-manifest.json Version manifest seeded at 8.2.0
.github/workflows/release-please.yml Workflow to run release-please on push to main
.github/workflows/lint-pr-title.yml Enforce conventional commit format on PR titles

@nicknisi nicknisi requested a review from a team as a code owner February 5, 2026 22:03
@greptile-apps
Copy link
Contributor

greptile-apps bot commented Feb 5, 2026

Greptile Overview

Greptile Summary

Automated release management by integrating release-please to handle version bumps, changelog generation, and GitHub releases based on conventional commits.

Key Changes:

  • Derived SDK version from package.json instead of hardcoded constant in src/workos.ts using import attributes syntax (with { type: 'json' })
  • Unified Jest transformer to use jest-transform-esm.cjs (babel-jest) for both TypeScript and JavaScript files, removing ts-jest dependency
  • Added release-please configuration files and GitHub workflow to automate release process
  • Removed ts-jest from dependencies as it's incompatible with the import attributes syntax

Release Flow:

  1. Conventional commits (feat:, fix:, etc.) trigger release-please to create/update a release PR
  2. Merging the release PR creates a GitHub Release
  3. Existing release.yml workflow publishes to npm on release events

The version in User-Agent headers will automatically reflect the current package version without manual updates.

Confidence Score: 5/5

  • Safe to merge - well-structured automation changes with no breaking modifications to core logic
  • All changes are infrastructure/tooling improvements with no impact on runtime behavior. The version derivation change is straightforward, Jest configuration correctly handles the new import syntax, and release-please is a widely-adopted standard tool.
  • No files require special attention

Important Files Changed

Filename Overview
src/workos.ts Replaced hardcoded VERSION constant with dynamic import from package.json, enabling automated version management
jest.config.cjs Unified transform configuration to use jest-transform-esm.cjs for both .ts and .js files, replacing ts-jest
.github/workflows/release-please.yml Added workflow to automate version bumps and changelog generation using release-please action
release-please-config.json Configured release-please for Node.js package with minor version bumps pre-1.0
.release-please-manifest.json Initialized version manifest at 8.2.0 to track current release state
package.json Removed ts-jest dependency as it's no longer needed with babel-jest transformer
package-lock.json Removed ts-jest and its entire dependency tree from lockfile

Sequence Diagram

sequenceDiagram
    participant Dev as Developer
    participant Git as Git (main branch)
    participant RP as Release Please Action
    participant GH as GitHub Release
    participant NPM as NPM Registry

    Dev->>Git: Push commit with conventional commit message<br/>(feat:, fix:, chore:, etc.)
    Git->>RP: Trigger release-please workflow
    RP->>RP: Parse commits since last release
    RP->>RP: Calculate new version number
    RP->>RP: Generate/update CHANGELOG.md
    RP->>Git: Create or update Release PR<br/>(version bump in package.json)
    
    Dev->>Git: Review and merge Release PR
    Git->>RP: Trigger release-please on merge
    RP->>GH: Create GitHub Release with tag
    
    GH->>NPM: Trigger release.yml workflow
    NPM->>NPM: Install dependencies
    NPM->>NPM: Run build (tsdown)
    NPM->>NPM: Run tests
    NPM->>NPM: Publish to npm registry
    
    Note over Dev,NPM: VERSION in User-Agent derived from package.json<br/>automatically reflects new version
Loading

greptile-apps[bot]
greptile-apps bot reviewed Feb 5, 2026
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

7 files reviewed, no comments

Edit Code Review Agent Settings | Greptile

@nicknisi nicknisi changed the title chore: add release-please for automated releases ci: add release-please and conventional commit enforcement Feb 5, 2026
@nicknisi
feat: derive VERSION from package.json instead of hardcoding
6a29e73 
Imports version directly from package.json so release-please can manage
it from a single source of truth. Switches jest transform from ts-jest
to babel-jest for all files to support import attributes, and removes
the now-unused ts-jest dependency.
@nicknisi
chore: add release-please configuration
871e55e 
Automates version bumps, changelog generation, and GitHub releases
via release-please. The existing release.yml workflow handles npm
publishing when a release is created.
@nicknisi
ci: add PR title linting for conventional commits
e58fa38
@nicknisi
chore: remove bump-minor-pre-major from release-please config
1b663b9 
This option only applies to 0.x versions. At 8.x, breaking changes
already bump major by default.
@nicknisi nicknisi force-pushed the nicknisi/release-please branch from 0bd605a to 1b663b9 Compare February 24, 2026 21:30
@nicknisi
ci: update release workflows for trusted publishing
a35ba13 
Chain release-please directly into the publish workflow via
workflow_call and add id-token: write permission for npm provenance.
Remove pre-release publish logic.
gjtorikian
gjtorikian reviewed Feb 24, 2026
View reviewed changes
.github/workflows/release.yml
contents: read
id-token: write
steps:
- uses: actions/checkout@v6
Copy link
Contributor

@gjtorikian gjtorikian Feb 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- uses: actions/checkout@v6
- uses: actions/checkout@v6

.github/workflows/release-please.yml
- uses: googleapis/release-please-action@v4
id: release
with:
token: ${{ secrets.GITHUB_TOKEN }}
Copy link
Contributor

@gjtorikian gjtorikian Feb 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can't remember why I did it, but I explicitly used the SDK Automation Bot's token here: https://github.com/workos/workos-ruby/blob/f156c799e88269493104628760f94b8abaebf542/.github/workflows/release-please.yml#L16-L21

Granted, there's always been divergence between the Node SDK and all the others. I think it had something to do with permissions, but I see you're defining them up—maybe I was missing id-token? Nothing to change here, just pointing it out in case it does not work!

@nicknisi nicknisi merged commit 23929b6 into main Feb 24, 2026
8 checks passed
@nicknisi nicknisi deleted the nicknisi/release-please branch February 24, 2026 22:16
@gjtorikian gjtorikian mentioned this pull request Mar 4, 2026
Open
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gjtorikian gjtorikian gjtorikian approved these changes

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

@amygdalama amygdalama Awaiting requested review from amygdalama amygdalama is a code owner automatically assigned from workos/typescript

Assignees

No one assigned

Labels

claude-code-assisted

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nicknisi @gjtorikian