mirror of
https://github.com/alkimake/paperclip.git
synced 2026-06-14 01:50:39 +09:00
a0f5cbffd7
## Thinking Path > - Paperclip orchestrates AI agents for zero-human companies > - Paperclip is distributed as npm packages, including plugins like `plugin-e2b` > - The release process publishes canary and stable builds via npm dist-tags > - But there was no automated verification that published packages actually landed with the correct dist-tags, and broken canary publishes could silently ship to users > - This PR adds a registry verification script that checks published packages match their expected dist-tags, and wires it into PR CI so regressions are caught before merge > - The benefit is release integrity is verified automatically, and broken dist-tag states are caught early ## What Changed - Added `scripts/verify-release-registry-state.mjs` — verifies that published npm packages have correct dist-tag assignments and detects orphaned or mispointed tags - Added `scripts/verify-release-registry-state.test.mjs` — test coverage for the verification logic - Updated `scripts/release.sh` to include canary dist-tag safety checks before publishing - Updated `.github/workflows/pr.yml` to run registry verification as a CI step - Updated `doc/PUBLISHING.md` and `doc/RELEASING.md` with the new verification workflow ## Verification - `pnpm test` — all tests pass including new verification script tests - `node scripts/verify-release-registry-state.mjs` — runs against the live npm registry and reports current state - CI: the new PR workflow step runs on every PR push ## Risks - Low risk. This is additive CI and tooling — no runtime code changes. The registry verification is read-only (queries npm, does not publish). The release script changes add safety checks that abort before publishing if state is unexpected. ## Model Used Codex GPT 5.4 high via Paperclip. ## Checklist - [x] I have included a thinking path that traces from project context to this change - [x] I have specified the model used (with version and capability details) - [x] I have checked ROADMAP.md and confirmed this PR does not duplicate planned core work - [x] I have run tests locally and they pass - [x] I have added or updated tests where applicable - [ ] If this change affects the UI, I have included before/after screenshots - [x] I have updated relevant documentation to reflect my changes - [x] I have considered and documented any risks above - [x] I will address all Greptile and reviewer comments before requesting merge |
||
|---|---|---|
| .. | ||
| assets | ||
| experimental | ||
| plans | ||
| plugins | ||
| spec | ||
| AGENTCOMPANIES_SPEC_INVENTORY.md | ||
| CLI.md | ||
| CLIPHUB.md | ||
| DATABASE.md | ||
| DEPLOYMENT-MODES.md | ||
| DEVELOPING.md | ||
| DOCKER.md | ||
| execution-semantics.md | ||
| GOAL.md | ||
| memory-landscape.md | ||
| OPENCLAW_ONBOARDING.md | ||
| PRODUCT.md | ||
| PUBLISHING.md | ||
| README-draft.md | ||
| RELEASE-AUTOMATION-SETUP.md | ||
| RELEASING.md | ||
| SPEC-implementation.md | ||
| SPEC.md | ||
| TASKS-mcp.md | ||
| TASKS.md | ||
| UNTRUSTED-PR-REVIEW.md | ||