refactor: simplify release workflow to version bump only#4473
Conversation
- Add workflow_dispatch triggered release.yml with major/minor/patch options - Auto-update version in App.php, package.json, docker-compose.nginx.yml - Auto-update README.md and SECURITY.md version references - Auto-update issue templates with new version dropdowns - Generate CHANGELOG.md from git commits since last version - Build distribution archives and create draft GitHub release - Add draft_only input for testing without pushing changes Issue templates improvements: - Remove deprecated update-issue-templates.yml cron workflow - Reorganize with clear sections and visual hierarchy - Add emojis and improve placeholder text with examples - Add new fields: logs, screenshots, acceptance criteria - Add note about automatic version updates
There was a problem hiding this comment.
Actionable comments posted: 4
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.github/ISSUE_TEMPLATE/feature_request.yml:
- Around line 21-22: The link target "../.github/workflows/release.yml" in the
note line "📝 **Note:** The version list is automatically updated when a new
release is created. See
[`.github/workflows/release.yml`](../.github/workflows/release.yml) for
details." is incorrect; update the markdown link target to the correct relative
path "./workflows/release.yml" (or simply ".github/workflows/release.yml" as
appropriate) in the same note in both the feature_request.yml and bug report.yml
templates so the `[`.github/workflows/release.yml`]` link points to the actual
release workflow file.
In @.github/workflows/release.yml:
- Around line 112-130: The "Update version in issue templates" step is
inserting/removing the wrong lowercase token and uses stale hard-coded versions;
update the sed operations to use the exact "OpenSourcePOS ${NEW_VERSION}" casing
(reference BUG_TEMPLATE and FEATURE_TEMPLATE and the sed insertions) and make
the cleanup/remove targets dynamic instead of fixed numbers—use patterns that
remove duplicates/older entries by matching "OpenSourcePOS" regardless of
previous numeric value (or derive the previous versions from NEW_VERSION) so the
insertions and deletions operate on the same exact token and no stale hard-coded
versions remain.
- Around line 211-218: The workflow captures SHORT_SHA too early causing the
release archive to be unreproducible; update the build_version step (and the
equivalent steps at 225-228 and 254-257) to compute SHORT_SHA only after the
release commit/tag that includes the final packaged files exists (i.e., after
any git add/git commit for modified files and after creating the release tag),
or derive the short SHA from the final tag/commit (git rev-parse --short=6
<tag-or-final-commit>) so the recorded short-sha and version-tag match the exact
commit used to build the archive.
- Around line 151-155: The script adds NEW_LINK but doesn't update the
[unreleased] comparison, leaving it pointed at PREVIOUS_VERSION; after creating
NEW_LINK you should update the [unreleased] link (CHANGELOG_FILE) to compare
from ${NEW_VERSION} to HEAD (e.g. set the [unreleased] link to
"https://github.com/opensourcepos/opensourcepos/compare/${NEW_VERSION}...HEAD");
implement this by adding a sed (or similar) step that locates the line starting
with "[unreleased]:" or the existing [unreleased] link and replaces its URL to
use ${NEW_VERSION}...HEAD so Unreleased no longer includes already released
commits.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: eb52b00f-f8a8-4ba7-8650-942436714236
📒 Files selected for processing (4)
.github/ISSUE_TEMPLATE/bug report.yml.github/ISSUE_TEMPLATE/feature_request.yml.github/workflows/release.yml.github/workflows/update-issue-templates.yml
💤 Files with no reviewable changes (1)
- .github/workflows/update-issue-templates.yml
| > 📝 **Note:** The version list is automatically updated when a new release is created. | ||
| > See [`.github/workflows/release.yml`](../.github/workflows/release.yml) for details. |
There was a problem hiding this comment.
Fix the workflow link target.
../.github/workflows/release.yml goes up to .github/ and then adds .github/ again, so this note points at the wrong file. The same link appears in .github/ISSUE_TEMPLATE/bug report.yml.
💡 Suggested fix
- > See [`.github/workflows/release.yml`](../.github/workflows/release.yml) for details.
+ > See [`.github/workflows/release.yml`](../workflows/release.yml) for details.📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| > 📝 **Note:** The version list is automatically updated when a new release is created. | |
| > See [`.github/workflows/release.yml`](../.github/workflows/release.yml) for details. | |
| > 📝 **Note:** The version list is automatically updated when a new release is created. | |
| > See [`.github/workflows/release.yml`](../workflows/release.yml) for details. |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.github/ISSUE_TEMPLATE/feature_request.yml around lines 21 - 22, The link
target "../.github/workflows/release.yml" in the note line "📝 **Note:** The
version list is automatically updated when a new release is created. See
[`.github/workflows/release.yml`](../.github/workflows/release.yml) for
details." is incorrect; update the markdown link target to the correct relative
path "./workflows/release.yml" (or simply ".github/workflows/release.yml" as
appropriate) in the same note in both the feature_request.yml and bug report.yml
templates so the `[`.github/workflows/release.yml`]` link points to the actual
release workflow file.
There was a problem hiding this comment.
The issue-template bump step won't update the templates in this PR correctly.
Both templates now use OpenSourcePOS ..., but these commands insert/remove lowercase opensourcepos .... That means the bug template will accumulate a stray lowercase option, the feature template will not insert anything at all, and the hard-coded cleanup targets are already stale against the current files (3.3.7/3.3.8 vs. 3.3.8/3.3.9).
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.github/workflows/release.yml around lines 112 - 130, The "Update version in
issue templates" step is inserting/removing the wrong lowercase token and uses
stale hard-coded versions; update the sed operations to use the exact
"OpenSourcePOS ${NEW_VERSION}" casing (reference BUG_TEMPLATE and
FEATURE_TEMPLATE and the sed insertions) and make the cleanup/remove targets
dynamic instead of fixed numbers—use patterns that remove duplicates/older
entries by matching "OpenSourcePOS" regardless of previous numeric value (or
derive the previous versions from NEW_VERSION) so the insertions and deletions
operate on the same exact token and no stale hard-coded versions remain.
- Remove build steps (handled by build-release.yml on push) - Remove tag creation (create tag from unstable release later) - Remove draft release creation - Remove SECURITY.md and issue template updates - Keep version bumps in: App.php, package.json, docker-compose.nginx.yml, README.md, CHANGELOG.md Workflow now: 1. Bumps version in source files 2. Commits and pushes to master 3. build-release.yml picks up the push and creates unstable release
- Update [unreleased] changelog link to start from new version - Remove misleading notes about automatic version updates from issue templates (release workflow no longer auto-updates template version lists)
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (2)
.github/workflows/release.yml (2)
31-36: Add validation for extracted version.If
grepreturns no matches or the file format changes,CURRENT_VERSIONwill be empty or malformed, causing silent failures in downstream arithmetic operations and file updates.🛡️ Proposed fix to add validation
- name: Get current version id: current_version run: | CURRENT_VERSION=$(grep "application_version" app/Config/App.php | sed "s/.*= '\(.*\)';/\1/g") + if [[ -z "$CURRENT_VERSION" || ! "$CURRENT_VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + echo "::error::Failed to extract valid version from App.php (got: '$CURRENT_VERSION')" + exit 1 + fi echo "current_version=$CURRENT_VERSION" >> $GITHUB_OUTPUT echo "Current version: $CURRENT_VERSION"🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/release.yml around lines 31 - 36, Validate the extracted CURRENT_VERSION after the grep/sed step in the "Get current version" job (id: current_version) to ensure it's non-empty and matches the expected version pattern; if validation fails, emit a clear error with process output and exit non-zero so downstream steps do not run. Specifically, after assigning CURRENT_VERSION (from the grep/sed pipeline) check for emptiness and optionally match a semantic version regex (e.g., digits and dots), log "Invalid or empty CURRENT_VERSION: $CURRENT_VERSION" to the workflow output, and fail the step immediately to prevent silent arithmetic/file-update errors.
139-141: Consider handling the "nothing to commit" case.If the workflow is accidentally re-run with the same version, or if files are already at the target version,
git commitwill fail because there are no staged changes. This might be intentional (fail-fast), but could also be confusing.💡 Optional: Allow graceful handling of no changes
git add app/Config/App.php package.json docker-compose.nginx.yml CHANGELOG.md README.md - git commit -m "chore: release version $NEW_VERSION" + if git diff --cached --quiet; then + echo "::warning::No changes to commit - version may already be at $NEW_VERSION" + else + git commit -m "chore: release version $NEW_VERSION" + fi git push origin HEAD🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/release.yml around lines 139 - 141, The release job currently runs git add followed by git commit -m "chore: release version $NEW_VERSION" and git push origin HEAD, which will fail when there are no staged changes; update the workflow to detect whether there are staged changes before committing (e.g., run a check like git diff --cached --quiet or inspect git status --porcelain) and only run git commit and git push when changes exist, otherwise skip/echo a clear message; ensure the check is placed around the existing git add / git commit / git push sequence so the steps referencing those symbols (git add, git commit -m "chore: release version $NEW_VERSION", git push origin HEAD) are conditionally executed.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.github/ISSUE_TEMPLATE/feature_request.yml:
- Around line 39-50: The dropdown for id "ospos-version" in the feature_request
template is missing "OpenSourcePOS 3.3.8" and now diverges from the bug report
template; update the options array for the ospos-version dropdown to include
"OpenSourcePOS 3.3.8" (matching the bug report.yml) and verify both templates'
option lists are kept in sync (or centralize the version list) so future edits
don't diverge.
In @.github/workflows/release.yml:
- Around line 121-126: The sed invocation expands $COMMITS directly which can
contain sed metacharacters and break the command; instead write the safe content
(VERSION_HEADER, a blank line, and $COMMITS) to a temp file using a quoted
redirection (e.g. via mktemp and printf '%s\n' "$VERSION_HEADER" "" "$COMMITS" >
"$TMP"), then use sed's file-insert action to read that file into CHANGELOG_FILE
(e.g. sed -i '/^## \[Unreleased\]/r '"$TMP" ' "$CHANGELOG_FILE"') so sed never
interprets commit text as script, and finally rm the temp file to clean up.
---
Nitpick comments:
In @.github/workflows/release.yml:
- Around line 31-36: Validate the extracted CURRENT_VERSION after the grep/sed
step in the "Get current version" job (id: current_version) to ensure it's
non-empty and matches the expected version pattern; if validation fails, emit a
clear error with process output and exit non-zero so downstream steps do not
run. Specifically, after assigning CURRENT_VERSION (from the grep/sed pipeline)
check for emptiness and optionally match a semantic version regex (e.g., digits
and dots), log "Invalid or empty CURRENT_VERSION: $CURRENT_VERSION" to the
workflow output, and fail the step immediately to prevent silent
arithmetic/file-update errors.
- Around line 139-141: The release job currently runs git add followed by git
commit -m "chore: release version $NEW_VERSION" and git push origin HEAD, which
will fail when there are no staged changes; update the workflow to detect
whether there are staged changes before committing (e.g., run a check like git
diff --cached --quiet or inspect git status --porcelain) and only run git commit
and git push when changes exist, otherwise skip/echo a clear message; ensure the
check is placed around the existing git add / git commit / git push sequence so
the steps referencing those symbols (git add, git commit -m "chore: release
version $NEW_VERSION", git push origin HEAD) are conditionally executed.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 55d82f56-83ef-4c88-8027-12250eb1f136
📒 Files selected for processing (3)
.github/ISSUE_TEMPLATE/bug report.yml.github/ISSUE_TEMPLATE/feature_request.yml.github/workflows/release.yml
🚧 Files skipped from review as they are similar to previous changes (1)
- .github/ISSUE_TEMPLATE/bug report.yml
…pdate - Add issue template version update back with correct 'OpenSourcePOS' casing - Fix version list inconsistency (add 3.3.8 to feature_request.yml, align with bug report.yml) - Fix changelog special characters issue by using temp file instead of inline sed - Keep versions in sync between both templates
There was a problem hiding this comment.
🧹 Nitpick comments (1)
.github/ISSUE_TEMPLATE/feature_request.yml (1)
45-50: Make version rotation dynamic in the release automation.This list is now correct, but
.github/workflows/release.ymlLine 160 still removes a hardcodedOpenSourcePOS 3.3.7. Since Line 50 here is alreadyOpenSourcePOS 3.3.8, future bumps will keep appending without trimming the oldest version.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/ISSUE_TEMPLATE/feature_request.yml around lines 45 - 50, The release workflow currently hardcodes removal of "OpenSourcePOS 3.3.7" which prevents proper rotation; update the step in the release workflow that trims the changelog/version list so it computes and removes the oldest entry dynamically (e.g., split the list by lines, keep only the N newest entries or remove the last line) instead of matching a specific version string; modify the script/command used in the workflow job (the step that runs the sed/awk/bash trimming command) to use a robust regex or array slicing approach that always retains the top N versions and drops the rest so future version bumps don’t append without trimming.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Nitpick comments:
In @.github/ISSUE_TEMPLATE/feature_request.yml:
- Around line 45-50: The release workflow currently hardcodes removal of
"OpenSourcePOS 3.3.7" which prevents proper rotation; update the step in the
release workflow that trims the changelog/version list so it computes and
removes the oldest entry dynamically (e.g., split the list by lines, keep only
the N newest entries or remove the last line) instead of matching a specific
version string; modify the script/command used in the workflow job (the step
that runs the sed/awk/bash trimming command) to use a robust regex or array
slicing approach that always retains the top N versions and drops the rest so
future version bumps don’t append without trimming.
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 02ca669b-0983-493e-888a-d0b12b524c31
📒 Files selected for processing (2)
.github/ISSUE_TEMPLATE/feature_request.yml.github/workflows/release.yml
🚧 Files skipped from review as they are similar to previous changes (1)
- .github/workflows/release.yml

Summary
Workflow Flow
Removed
draft_onlyinput parameterSummary by CodeRabbit
New Features
Improvements
Chores