AgentsKit Chat Alpha
Releases

Release process

View canonical Markdown

Release process

Stable publishing is intentionally HITL and runs only from .github/workflows/release.yml on a stable v* tag contained in main.

Prepare

  1. Add a Changeset for every public behavior or contract change.
  2. Run pnpm version:packages, review the fixed-group versions/changelogs, and update release/manifest.json plus the release notes.
  3. Run pnpm release:gate, pnpm release:pack, and the full CI matrix.
  4. Obtain architecture, security/privacy, compatibility, and launch review.
  5. Merge the release PR. Create the stable tag only after all required checks and the protected npm environment are ready.

Publish

The workflow verifies tag ancestry and exact fixed-group versions, installs from the lockfile without a dependency cache, runs every quality/conformance, browser, native, PTY, documentation, package, and clean-room gate, then packs both public packages with SHA-256 checksums. The protected publish job uses a GitHub-hosted runner with id-token: write and npm provenance.

The 0.1.0 bootstrap used a short-lived token because the package names did not yet exist. That credential has been removed. Both public packages now trust AgentsKit-io/agentskit-chat, workflow release.yml, environment npm; npm 11 uses GitHub OIDC and every publish requests public access and provenance. A GitHub release is made public only after both npm publishes succeed.

See npm's official guidance for trusted publishing, provenance, and scoped public packages.

Verify

Confirm both npm pages show the version in release/manifest.json and provenance, install the package graph from npm in a clean directory, run npm audit signatures, verify GitHub assets against SHA256SUMS, and smoke the Docs, Registry, and Playbook hosts. Record links and results on issue #30 before closing the milestone.