Always create a signed tag when tagging a release:
git tag -s vX.Y.Z -m "vX.Y.Z"Do not use lightweight or unsigned tags. Every release tag must be signed with a GPG key.
- Ensure
mainis up to date and includes all release-ready changes. - Bump versions in
package.jsonandpackage-lock.jsonfiles, then commit those changes.
npm run version:bump -- X.Y.Z
git add package.json package-lock.json packages/*/package.json
git commit -m "chore: release vX.Y.Z"- Ensure the repo is clean and the bumped version matches the tag you will create (
X.Y.ZvsvX.Y.Z). - Run the local verification suite before tagging:
npm ci
npm run standards
npm test
npm run build- Create a signed release tag (required):
git tag -s vX.Y.Z -m "vX.Y.Z"- Push the commit and the tag:
git push origin main
git push origin vX.Y.ZPushing a v* tag triggers the GitHub release workflow, which publishes packages and creates the GitHub Release.