Skip to content

fix(release): complete package releases on merge, not on a 2-day tick#7054

Merged
JSONbored merged 1 commit into
mainfrom
fix/mcp-release-automation-gap
Jul 17, 2026
Merged

fix(release): complete package releases on merge, not on a 2-day tick#7054
JSONbored merged 1 commit into
mainfrom
fix/mcp-release-automation-gap

Conversation

@JSONbored

Copy link
Copy Markdown
Owner

Summary

  • mcp-release-please.yml (which despite its name drives release-please for all four published packages -- mcp/engine/miner/ui-kit) only ran on a cron: "0 16 */2 * *" schedule + manual dispatch. Merging a component's chore(release): cut X vY.Z PR only tags + publishes on release-please's next run, so a merge landing between ticks sits fully unpublished for up to 2 days.
  • Confirmed live: mcp-v3.1.0's release PR (chore(release): cut mcp v3.1.0 #7004) merged at 19:32:58Z, 8 minutes after the day's last run (19:24:07Z) -- which is exactly what tagged/released engine-v3.2.0 and ui-kit-v1.1.0 (their release PRs had merged before that run). mcp's package.json is bumped to 3.1.0 and the release PR is merged, but no mcp-v3.1.0 tag/GitHub Release/npm publish exists yet.
  • Fix: add a push: branches: [main] trigger. release-please recomputes idempotently from conventional-commit history each run, so the extra invocations are free when there's no new commit or merged Release PR to act on -- this is also release-please's own documented recommended trigger. The cron stays as a redundant safety net.
  • Separately: scripts/check-mcp-release-due.mjs --upsert-issue (the "MCP release due" watcher behind issue MCP release due: 4.0.0 #6145) can open/refresh its tracking issue but has no logic to close it once report.due flips back to false -- so any completed release leaves a permanently stale issue behind. Added closeResolvedIssueIfPresent, wired into the due/!due branch in main(), with tests.

Test plan

  • npm run actionlint -- clean
  • npm run typecheck -- clean (added the matching .d.mts entries)
  • npx vitest run test/unit/mcp-release.test.ts -- 12/12 passing, including 3 new tests for closeResolvedIssueIfPresent (closes+comments when an issue exists, no-ops when none exists, ignores non-bot-authored issues)
  • npm run test:changed against origin/main -- only the one affected test file, green

… on a 2-day tick

mcp-release-please.yml only ran on a cron + manual dispatch, so merging a
component's release-please PR didn't tag/publish it until the next tick --
confirmed live: mcp-v3.1.0's release PR merged 8 minutes after the day's
cron run had already passed, leaving it stuck package.json-bumped-but-
unpublished. Add a push-to-main trigger so a merge completes immediately;
release-please recomputes idempotently so the extra runs are free when
there's nothing to do.

Also fix check-mcp-release-due.mjs: it could open/refresh the "MCP release
due" tracking issue but never closes it once release-please catches up,
so any release leaves a permanently stale zombie issue behind (#6145).
@superagent-security

Copy link
Copy Markdown
Contributor

Superagent didn't find any vulnerabilities or security issues in this PR.

@JSONbored JSONbored self-assigned this Jul 17, 2026
@codecov

codecov Bot commented Jul 17, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.74%. Comparing base (77ca20f) to head (c8d28b5).
⚠️ Report is 24 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #7054      +/-   ##
==========================================
- Coverage   93.74%   93.74%   -0.01%     
==========================================
  Files         692      692              
  Lines       68709    68706       -3     
  Branches    18760    18760              
==========================================
- Hits        64412    64409       -3     
  Misses       3302     3302              
  Partials      995      995              
Flag Coverage Δ
shard-1 43.79% <ø> (+0.40%) ⬆️
shard-2 36.85% <ø> (+<0.01%) ⬆️
shard-3 33.27% <ø> (+0.11%) ⬆️
shard-4 33.90% <ø> (-0.49%) ⬇️
shard-5 32.24% <ø> (+0.57%) ⬆️
shard-6 45.75% <ø> (-0.32%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.
see 1 file with indirect coverage changes

@loopover-orb loopover-orb Bot added the gittensor:bug Gittensor-scored bug fix — scores a 0.05x multiplier. label Jul 17, 2026
@loopover-orb

loopover-orb Bot commented Jul 17, 2026

Copy link
Copy Markdown

Warning

⏸️ LoopOver review result - manual review recommended

Review updated: 2026-07-17 20:11:20 UTC

4 files · 1 AI reviewer · 1 blocker · CI green · clean

⏸️ Suggested Action - Manual Review

Review summary
This PR fixes a real gap: the release-please workflow only ran on a 2-day cron, so merges landing between ticks stayed unpublished up to 2 days; adding a push trigger on main closes that gap since release-please recomputes idempotently from commit history. It also adds closeResolvedIssueIfPresent to auto-close the stale tracking issue (#6145) once a release catches up, wiring it into the due/!due branch and refactoring the shared owner/repo/token resolution into resolveRepoAndToken. The logic, tests, and workflow trigger change all look correct and well-traced to the described live incident (mcp-v3.1.0 tagged-but-unpublished).

Nits — 5 non-blocking
  • scripts/check-mcp-release-due.mjs: closeResolvedIssueIfPresent posts a comment then closes in two separate API calls with no rollback if the PATCH fails after the comment succeeds, leaving a duplicate comment on retry — acceptable given low stakes but worth a one-line note.
  • test/unit/mcp-release.test.ts: the third test's comment about pagination behavior is useful but could be a JSDoc on findExistingIssue itself rather than duplicated in the test file.
  • The push trigger will now also fire on every non-release-related push to main (docs, CI-only, etc.), which is intentional per the description but adds workflow-minutes; consider path filters if that becomes a cost concern.
  • Consider adding a `paths-ignore` filter to the push trigger for docs-only changes if workflow run volume becomes a concern, since release-please only needs to react to package-affecting commits.
  • The .d.mts update correctly adds the new closeResolvedIssueIfPresent type signature — good hygiene keeping the type declarations in sync with the .mjs exports.

Concerns raised — review before merging

  • No linked issue detected — If this PR is intended to solve an issue, link it explicitly in the PR body.
📋 Copy for AI agents — paste into your coding agent
Fix the following blocker(s) from this PR review:

1. No linked issue detected — If this PR is intended to solve an issue, link it explicitly in the PR body.

Decision drivers

  • ❌ Code review — 1 blocker (1 reviewer)
  • ❌ Gate result — Blocking (Repo-configured hard blocker found.)
Context & advisory signals — never blocks the verdict
Signal Result Evidence
Linked issue ✅ No-issue rationale PR body explains why no issue is linked.
Related work ✅ No active overlap found No same-issue or scoped active PR overlap found.
Change scope ✅ 20/20 Low review scope from cached public metadata (no linked issue context).
Validation posture ✅ 25/25 PR body includes validation/test evidence.
Contributor workload ✅ 10/10 Author activity: 33 registered-repo PR(s), 26 merged, 336 issue(s).
Contributor context ✅ Confirmed Gittensor contributor JSONbored; Gittensor profile; 33 PR(s), 336 issue(s).
Improvement ✅ Minor risk: clean · value: minor
Review context
  • Author: JSONbored
  • Role context: owner (maintainer lane)
  • Public audience mode: oss maintainer
  • Lane context: Repository is configured for direct PR review.
  • Public profile languages: not available
  • Official Gittensor activity: 33 PR(s), 336 issue(s).
  • PR-specific overlap: none found.
Contributor next steps
  • Start here: Treat this as maintainer-lane context rather than normal contributor-lane activity.
Signal definitions
  • Related work = same linked issue, overlapping active PRs, or title/path similarity.
  • Change scope = cached public metadata such as size labels, draft state, and review-burden hints.
  • Validation posture = whether the PR provides enough public validation/test evidence for maintainer review.
  • Contributor workload = public contributor activity and cleanup pressure, not a repo-wide quality failure.
  • Contributor context = public GitHub/Gittensor identity context; non-Gittensor status is not a blocker.
🧪 Chat with LoopOver

Ask LoopOver a question about this PR directly in a comment — grounded only in the same cached, public-safe facts shown above, never a new claim.

  • @loopover ask &lt;question&gt; answers contribution-quality Q&A with source citations and freshness.
  • @loopover chat &lt;question&gt; answers in natural prose from cached decision-pack facts via local inference (maintainer/collaborator; read-only).
  • A plain-language @loopover mention with a real question is routed to the closest matching read-only command automatically — no exact syntax required.

Full command reference: https://loopover.ai/docs/loopover-commands

🧪 Experimental — new and may change.

🟩 Safe / merged · 🟦 Advisory · 🟨 Held for review · 🟥 Blocked / closed


💰 Earn for open-source contributions like this. Gittensor lets GitHub contributors earn for the work they already do — register to start earning →.

Checked by LoopOver, a quiet PR intelligence layer for OSS maintainers.

  • Re-run LoopOver review

@loopover-orb loopover-orb Bot added the manual-review Gittensor contributor context label Jul 17, 2026
@JSONbored
JSONbored merged commit 050a327 into main Jul 17, 2026
17 checks passed
@JSONbored
JSONbored deleted the fix/mcp-release-automation-gap branch July 17, 2026 20:11
JSONbored added a commit that referenced this pull request Jul 17, 2026
mcp-v3.1.0 and miner-v3.1.0 are tagged and merged but stuck: GitHub's
tag-protection ruleset rejects moving them to include the release
pipeline fixes (#7054, #7060, #7064), and workflow_dispatch resolves a
run's YAML from the ref it's dispatched against, so re-running those
exact tags would still use the pre-fix workflow definitions. Bumping to
fresh, never-tagged versions is the documented human-override path
(publish-mcp.yml's own on: comment) around this exact situation.

mcp v3.1.1 picks up one real fix that landed after v3.1.0's cut
(#6990/#7052). miner v3.1.1 picks up two (bdb11d9, 77ca20f).
This was referenced Jul 17, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

gittensor:bug Gittensor-scored bug fix — scores a 0.05x multiplier. manual-review Gittensor contributor context

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant