fix(release): scope MCP publish validation to its own package#7064
Merged
Conversation
publish-engine.yml/publish-miner.yml/publish-ui-kit.yml already validate only their own package (a workspace test run + pack/smoke-test); publish-mcp.yml was the outlier, running the entire npm run test:ci (every workspace, every drift-check, ui:lint/build, migrations) as its gate. This coupled an MCP release to the health of the whole monorepo -- confirmed live when an unrelated packages/loopover-miner env-reference doc going stale blocked MCP's publish outright, despite MCP's own package code being completely unaffected and despite main's required CI already covering whole-repo health on every PR merge (including release-please's own release PRs). Scoped down to match its siblings: MCP's own syntax check (build:mcp) plus its own CLI test suite specifically -- npx vitest run mcp-cli-, i.e. test/unit/mcp-cli-*.test.ts (confirmed via import analysis: these import packages/loopover-mcp/package.json and spawn the built binary), not the sibling test/unit/mcp-*.test.ts files that exercise the Worker's separate remote MCP server (src/mcp/server.ts, a different deployable). Also added the "verify release commit is on main" safety check every other publish workflow already has, which publish-mcp.yml was missing in both its validate and publish jobs.
Contributor
|
Superagent didn't find any vulnerabilities or security issues in this PR. |
mcp-v3.1.0 and miner-v3.1.0 are tagged and merged but stuck: GitHub's tag-protection ruleset rejects moving them to include the release pipeline fixes (#7054, #7060, #7064), and workflow_dispatch resolves a run's YAML from the ref it's dispatched against, so re-running those exact tags would still use the pre-fix workflow definitions. Bumping to fresh, never-tagged versions is the documented human-override path (publish-mcp.yml's own on: comment) around this exact situation. mcp v3.1.1 picks up one real fix that landed after v3.1.0's cut (#6990/#7052). miner v3.1.1 picks up two (bdb11d9, 77ca20f).
Deploying with
|
| Status | Name | Latest Commit | Preview URL | Updated (UTC) |
|---|---|---|---|---|
| ✅ Deployment successful! View logs |
loopover-ui | 541eab3 | Commit Preview URL Branch Preview URL |
Jul 17 2026, 08:31 PM |
This was referenced Jul 17, 2026
Bundle ReportChanges will increase total bundle size by 1.2kB (0.02%) ⬆️. This is within the configured threshold ✅ Detailed changes
Affected Assets, Files, and Routes:view changes for bundle: loopover-uiAssets Changed:
|
3 tasks
❌ 7 Tests Failed:
View the top 3 failed test(s) by shortest run time
To view more test analytics, go to the Test Analytics Dashboard |
This was referenced Jul 17, 2026
Closed
philluiz2323
pushed a commit
to philluiz2323/gittensory
that referenced
this pull request
Jul 17, 2026
…rsions @loopover/mcp and @loopover/miner are both live on npm at 3.1.1 (published via an out-of-band manual release cut, JSONbored#7064), but .release-please-manifest.json was never updated to match -- it still recorded 3.1.0 as the last-released version for both. release-please used that stale baseline to recompute and re-propose "cut v3.1.1" as a brand-new release (JSONbored#7086, JSONbored#7087), which would fail on publish: npm rejects republishing an already-published version.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
1. Scope MCP's publish validation to its own package (
.github/workflows/publish-mcp.yml)publish-engine.yml/publish-miner.yml/publish-ui-kit.ymlalready validate only their own package before publishing (a workspace test run + pack/smoke-test).publish-mcp.ymlwas the outlier: itsvalidatejob rannpm run test:release:mcp, which is literallynpm run test:ci-- the entire monorepo gate (every workspace, every drift-check,ui:lint/ui:build, migrations, the works).packages/loopover-minerenv-reference doc going stale blockedpublish-mcp.ymloutright, even though MCP's own package code was completely unaffected. Main's required CI (including release-please's own release PRs) already re-verifies whole-repo health on every merge, so re-running all of it here was redundant with what already gated the merge -- it just meant MCP uniquely re-litigated that whole-repo health at publish time while its 3 siblings didn't.build:mcp,node --check) plus its own CLI test suite specifically --npx vitest run mcp-cli-, i.e.test/unit/mcp-cli-*.test.ts. Confirmed via import analysis these are the right ~50 files: they importpackages/loopover-mcp/package.jsonand spawn the built binary via a sharedmcp-cli-harness, unlike the siblingtest/unit/mcp-*.test.tsfiles (no-cli-) which import../../src/mcp/server-- the Worker's separate remote MCP server, a different deployable entirely.validateandpublishjobs, whichpublish-mcp.ymlwas missing entirely.2. Cut mcp v3.1.1 and miner v3.1.1
mcp-v3.1.0andminer-v3.1.0are tagged, merged, and GitHub-Released, but never reached npm -- and both tags are now stuck: GitHub's tag-protection ruleset rejects force-moving them to include the fixes above, andworkflow_dispatchresolves a run's YAML from the ref it's dispatched against, so re-running those exact tags would still execute the pre-fix workflow definition.publish-mcp.yml's own header comment: "A bare manual dispatch ... self-tags HEAD from packages/loopover-mcp/package.json's version").npm run changelog:mcp). miner v3.1.1 picks up two (bdb11d9,77ca20f, hand-verified againstgit logsince neither has an associated PR).package-lock.jsonsynced via the existingscripts/sync-release-lockfile-versions.mjs.Test plan
npm run actionlint-- cleannpm run build --workspace @loopover/engine,npm run build:mcp,npm run build:miner-- all passnpx vitest run mcp-cli--- 50 files, 341 tests, all passing (~25s)npm run test:mcp-pack,npm run test:miner-pack-- both passnpm run changelog:check:mcp-- clean (regenerated vianpm run changelog:mcp)npm run miner:env-reference:check,npm run db:migrations:check,npm run typecheck-- all clean