serviceuser
released this
2026-03-21 23:15:26 +00:00
| 0 commits to main since this release
[1.2.0] - 2026-03-21
Breaking
Added
- Extracted
coverage-gate action and tool from Cue for reuse across Æther projects.
- Coverage gate now available as reusable composite action with JSON metrics output (
passes, total_coverage, packages_checked, packages_failed).
- Support for per-package coverage threshold policy via JSON configuration in
coverage-gate tool.
Changed
Removed
Fixed
- Hardened
coverage-gate file input handling by validating and normalizing policy/profile paths before opening files, resolving G304 findings in coverage-gate/parse.go.
- Made release binary builds resilient by installing UPX via
crazy-max/ghaction-upx@v3 and falling back to uncompressed artifacts when UPX is still unavailable in both release.yml and update-release.yml.
Downloads
serviceuser
released this
2026-03-21 20:16:35 +00:00
| 12 commits to main since this release
[1.1.0] - 2026-03-21
Breaking
Added
- Added changelog gate validation to
decorate-pr action for enforcing changelog updates on qualifying code changes.
- Changelog gate modes:
strict (fails job on violation) and soft (warns via PR comment).
- Docs-only PR exemption with customizable glob patterns for documentation files.
- PR label-based exemptions for changelog gate (example:
skip-changelog).
- Precise diff parsing: validates only added lines within the Unreleased section.
- Gate decision outputs:
gate-passed, docs-only, unreleased-additions-count, gate-failure-reason for reuse downstream.
- Integrated remediation guidance in PR comments showing how to add changelog entries.
Changed
- Refactored
internal/vociferate to use a constructor-backed service with injected filesystem, environment, and git dependencies while preserving the existing package-level API.
- Hardened
prepare-release validation to enforce formatting checks, module hygiene, gosec, and govulncheck before preparing a release.
- Added matching local validation targets in
justfile for formatting, module hygiene, tests, and security checks.
decorate-pr now reads Unreleased changelog content through the vociferate Go CLI instead of maintaining separate shell parsing logic in the composite action.publish now extracts tagged release notes through the vociferate Go CLI instead of duplicating changelog section parsing in shell.- Composite actions now share a centralized
run-vociferate orchestration flow, with binary-versus-source execution delegated through shared composite actions and single-use runtime/download logic folded back into run-vociferate.binary.
run-vociferate now contains both binary and source execution flows directly in a single action implementation, removing nested local action wrappers for better runner compatibility.- Release automation now requires
secrets.RELEASE_PAT for prepare/publish/do-release operations instead of defaulting to GITHUB_TOKEN/GITEA_TOKEN.
Removed
Fixed
- Prevented
govulncheck-action from defaulting to setup-go version stable by explicitly setting go-version-file and disabling check-latest, avoiding unauthenticated GitHub API rate-limit failures on self-hosted/act-style runners.
- Made
do-release version resolution resilient to workflow_call input passing issues by adding a separate tag detection step that fetches and discovers the latest tag from origin as a fallback when inputs.tag is empty, enabling proper operation even when Gitea's workflow_call doesn't pass inputs through correctly.
- Fixed version resolution in
do-release workflow by moving version calculation before checkout, resolving from inputs/git tags, and always passing explicit version to publish action.
- Fixed tag detection in
do-release to prioritize the tag at current HEAD (created by prepare-release) over the globally latest tag, ensuring correct version is detected when called from prepare-release workflow.
- Fixed
do-release workflow_call resolution on Teacup runners by explicitly falling back to needs.prepare.outputs.tag and normalizing %!t(string=...) wrapped values before choosing a release tag.
- Fixed release-chain triggering by using a PAT for release commit/tag pushes so downstream release workflows are triggered reliably.
- Made
publish action version resolution more robust with clearer error messages when version input is missing and workflow is not running from a tag push.
- Fixed
do-release workflow to always checkout the resolved release tag, eliminating conditional checkout logic that could skip the checkout when called from prepare-release workflow.
- Pinned
securego/gosec and golang/govulncheck-action to concrete version tags (v2.22.4 and v1.0.4) so self-hosted Gitea runners can resolve them via direct git clone without relying on the GitHub Actions floating-tag API.
- Restored explicit gosec caching by storing a pinned
v2.22.4 binary under ${{ runner.temp }}/gosec-bin with actions/cache@v4, so CI keeps fast security scans while still using the Go 1.26 toolchain from setup-go.
- Replaced
securego/gosec composite action with a direct go install github.com/securego/gosec/v2/cmd/gosec@v2.22.4 && gosec ./... run step so gosec uses the Go 1.26 toolchain installed by setup-go rather than the action's bundled Go 1.24 binary which ignores GOTOOLCHAIN=auto.
- Fixed nested local composite-action references to use repository-local
./run-vociferate paths so strict runners do not misparse parent-directory (../) action references as malformed remote coordinates.
- Consolidated
run-vociferate binary and source execution flows directly into the main run-vociferate action to avoid nested local-action path resolution issues on strict runners.
- Hardened workflow module hygiene by retrying
go mod verify after a module-cache refresh (go clean -modcache + go mod download) when runners report modified cached dependency directories.
Downloads
gitea-actions
released this
2026-03-21 13:35:24 +00:00
| 80 commits to main since this release
[1.0.2] - 2026-03-21
Breaking
Added
Changed
- Documented release/PR-decoration preflight token and API-access checks, including
GITHUB_TOKEN/GITEA_TOKEN behavior for self-hosted Gitea.
Removed
Fixed
Downloads
gitea-actions
released this
2026-03-21 11:33:08 +00:00
| 87 commits to main since this release
[1.0.1] - 2026-03-21
Breaking
Added
Changed
Removed
Fixed
- Enforced explicit
https:// changelog reference links in prepare output for browser-safe markdown links.
Downloads
gitea-actions
released this
2026-03-21 01:13:41 +00:00
| 92 commits to main since this release
[1.0.0] - 2026-03-21
Breaking
Added
Changed
- Canonical changelog filename is now
CHANGELOG.md, and action/code defaults were updated to match.
- README now uses
Æther stylization in prose and corrects released-tag guidance wording.
Removed
Fixed
Downloads
gitea-actions
released this
2026-03-21 00:14:00 +00:00
| 100 commits to main since this release
[0.2.0] - 2026-03-21
Breaking
Added
- Added a project LICENSE file.
- Root and prepare actions now read
${{ vars.VOCIFERATE_REPOSITORY_URL }} and forward it to VOCIFERATE_REPOSITORY_URL for repository URL override.
Changed
Removed
Fixed
- Browser-facing URLs emitted in generated changelog links, workflow summaries, and markdown now use protocol-relative
// forms.
- Release workflows now collect summary markdown into portable temp files and print it in explicit
Summary steps instead of relying on unsupported GITHUB_STEP_SUMMARY output.
- Prepare now recreates the standard
Unreleased section headers after promoting notes into a tagged release entry.
- First-release recommendation remains
v1.0.0 when no prior releases exist in the changelog.
- Do Release smoke validation now expects
--recommend to fail on tagged release checkouts where Unreleased is intentionally empty.
- Changelog reference links now use compare URLs (
previous...current for releases and latest...main for Unreleased), with first release links comparing from the repository's first commit short hash.
- Repository URL derivation now supports
VOCIFERATE_REPOSITORY_URL as the highest-priority base-URL override for changelog link generation.
Downloads
gitea-actions
released this
2026-03-20 23:13:45 +00:00
| 122 commits to main since this release
0.1.0 - 2026-03-20
Changed
- README workflow badges now link to the latest workflow run pages instead of the workflow definition pages.
Fixed
- Publish action falls back to
git describe when inputs.version is empty and GITHUB_REF is not a tag ref, resolving workflow_call input propagation failures in act runner v0.3.0.
Added
- Coverage badge in README linked to S3-hosted main-branch report.
- S3 coverage artefact publishing (HTML report, badge, JSON summary) in push validation pipeline.
- CLI tests and internal helper tests raising total coverage to 84%.
- Test suite isolation against ambient CI environment variables for changelog link generation tests.
- Go CLI for changelog-driven release preparation and semantic version recommendation.
- Version recommendation from changelog release headings, including first-release support (
0.0.0 base -> v1.0.0).
- Automatic
release-version creation/update during release preparation.
- Configurable version source/parsing via
--version-file and --version-pattern.
- Configurable changelog path via
--changelog.
- Recommended-version fallback when
version is omitted in CLI and action flows.
- Major-version recommendation trigger from
Unreleased ### Breaking.
- Root composite action (
action.yml) for recommend/prepare flows.
- Subdirectory composite actions:
prepare/action.yml (prepare/commit/tag/push) and publish/action.yml (extract notes/create-or-update release).
publish outputs for downstream automation: release-id, tag, and version.- Dual execution mode for actions:
go run from source on @main, prebuilt binaries on tagged refs.
- Repository-scoped binary cache keys with workflow-defined fixed token support via
VOCIFERATE_CACHE_TOKEN.
- Tag-driven release publication with idempotent release updates and asset replacement on reruns.
- Release artifacts for
linux/amd64, linux/arm64, and checksums.txt.
- Reusable Gitea workflows (
prepare-release.yml, do-release.yml) with workflow_call support.
- Project/automation rename from
releaseprep to vociferate (entrypoint, package paths, outputs).
- README guidance focused on primary cross-repository reuse workflows.
Downloads