chore: release v5#55
Closed
finalerock44 wants to merge 22 commits into
Closed
Conversation
`isOutdated` stripped the prerelease suffix before comparing, so beta-to-beta bumps like 5.0.0-beta.0 -> 5.0.0-beta.1 both collapsed to [5,0,0], compared equal, and `dcd upgrade` reported "Already on the latest version". Same nudge in cloud.ts was affected. Replace the naive major.minor.patch compare with a SemVer 2.0.0 `compareSemver` helper that handles prerelease precedence (a prerelease ranks below its final release; identifiers compare dot-by-dot, numeric numerically and below alphanumeric). Add unit coverage for the regression and related cases. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
When --quiet is passed (geared at CI), the live results footer no longer renders the "next refresh in Ns" / "refreshing…" countdown. The realtime connection indicator is still shown. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…mparison fix(upgrade): compare prerelease versions per SemVer
…h-countdown fix: suppress refresh countdown in quiet mode
feat(cloud): warn on deprecated iOS 16 (removal 2026-08-23)
… deprecated 1.39.5/1.41.0
feat(cloud): Maestro deprecation — drop legacy hard-block, soft-warn 1.39.5/1.41.0
The install scripts resolved the version from /latest.json, which (until a stable release exists) synthesized the newest prerelease — so the default `curl … | sh` was silently installing betas. Pair the proxy's new channel support (get.devicecloud.dev now serves stable on /latest.json and prereleases on ?channel=beta) with explicit opt-ins: - DCD_BETA — request the beta channel (latest prerelease). - DCD_VERSION — already pins an exact version; documented for rollback. - Default (no opt-in) installs the latest *stable* only. When no stable release exists yet, the installer errors with guidance pointing at DCD_BETA / DCD_VERSION instead of falling back to a beta. The manifest fetch is separated from parsing so a transient network/proxy failure (curl -f non-zero) is reported differently from a channel that has no release yet (HTTP 200 with "version": null). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Scaffolding to open dcd-cli to external contributors: - LICENSE (MIT), CONTRIBUTING, CODE_OF_CONDUCT, SECURITY, CLA templates - CODEOWNERS, PR template, issue forms + config, dependabot, .editorconfig - pr-title-lint workflow: Conventional Commits on PR title (squash-merge model, types kept in sync with release-please changelog-sections) - cla workflow: CLA Assistant Lite - release-please: use a GitHub App token (falls back to GITHUB_TOKEN until the App secrets exist) so Release PRs trigger required checks under branch protection - cli-ci: also run on production so the dev->production promotion PR is gated
fix(installer): make beta opt-in, default to stable channel
Low value for a small maintainer team where anyone can review anything; the branch ruleset's approval requirement covers review without it.
chore: add open-source contribution governance
* fix(ci): keep dependabot and fork PRs green Dependabot/fork PRs run without repo secrets, so three jobs failed on them: - lint-and-test: HAS_PRIVATE_ACCESS was true for dependabot (same-repo head), so it tried to clone the private mock-api with an empty DCD_SSH_DEPLOY_KEY. Now excludes dependabot[bot], same as forks (skips mock-api + integration). - claude-code-review: skips dependabot/fork PRs (no CLAUDE_CODE_OAUTH_TOKEN). - cla: skips its action step until PERSONAL_ACCESS_TOKEN is configured so the check is green instead of 'Branch cla-signatures not found'; also fixes two invalid input names (custom-*-prompt -> custom-*-prcomment). * ci: group all github-actions bumps into one weekly PR Wildcard pattern so major action bumps join the group too, instead of one PR per action.
* ci: power CLA via the shared automation GitHub App Mint the CLA token from the same GitHub App release-please uses, instead of a personal PAT (no expiry, signature commits show as the bot). Rename the App secrets RELEASE_PLEASE_APP_* -> BOT_APP_* since one App now serves both workflows. CLA self-skips until BOT_APP_ID is set. Carries only the app-token delta — the dependabot/fork CI fixes and actions grouping already landed on dev via #46. * ci: allowlist internal maintainers (riglar, finalerock44) in CLA
Fill the CLA party placeholder and the LICENSE/README copyright holder with the registered entity. CLA still pending legal review.
Bumps the actions group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `2` | `3` | | [actions/checkout](https://github.com/actions/checkout) | `4` | `7` | | [pnpm/action-setup](https://github.com/pnpm/action-setup) | `4` | `6` | | [actions/setup-node](https://github.com/actions/setup-node) | `5` | `6` | | [amannn/action-semantic-pull-request](https://github.com/amannn/action-semantic-pull-request) | `5` | `6` | | [googleapis/release-please-action](https://github.com/googleapis/release-please-action) | `4` | `5` | Updates `actions/create-github-app-token` from 2 to 3 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Changelog](https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md) - [Commits](actions/create-github-app-token@v2...v3) Updates `actions/checkout` from 4 to 7 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v7) Updates `pnpm/action-setup` from 4 to 6 - [Release notes](https://github.com/pnpm/action-setup/releases) - [Commits](pnpm/action-setup@v4...v6) Updates `actions/setup-node` from 5 to 6 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@v5...v6) Updates `amannn/action-semantic-pull-request` from 5 to 6 - [Release notes](https://github.com/amannn/action-semantic-pull-request/releases) - [Changelog](https://github.com/amannn/action-semantic-pull-request/blob/main/CHANGELOG.md) - [Commits](amannn/action-semantic-pull-request@v5...v6) Updates `googleapis/release-please-action` from 4 to 5 - [Release notes](https://github.com/googleapis/release-please-action/releases) - [Changelog](https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md) - [Commits](googleapis/release-please-action@v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/create-github-app-token dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/setup-node dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: amannn/action-semantic-pull-request dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: googleapis/release-please-action dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: pnpm/action-setup dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: finalerock44 <77282157+finalerock44@users.noreply.github.com>
#51) fix: v5 release blockers — installer, binary version, repeated flags, upgrade, CI output - install.ps1: fix PS 5.1 parse error (`$asset:` -> `${asset}`) that made `irm | iex` a no-op on stock Windows; decode the octet-stream SHA256SUMS (Byte[] under -UseBasicParsing) to text before splitting. - build/version: stamp the version into the bun-compiled binary via `bun --define __DCD_CLI_VERSION__` (the compiled binary can't read package.json), so `dcd --version` no longer reports 0.0.0. npm/tsx path still falls back to reading package.json. Adds src/global.d.ts. - cloud: collect repeated `-e/--env`, `-m/--metadata`, `--include-tags`, `--exclude-tags`, `--exclude-flows` from rawArgs (citty/parseArgs kept only the last occurrence, silently dropping earlier values); echo the collected values too. - upgrade: query the beta channel for prerelease installs and distinguish "no newer release on this channel" from a real network failure, replacing the misleading "Could not reach the update manifest" error during the beta. - progress/polling: make the realtime status indicator TTY-aware — in non-interactive/CI output, print one line per state change instead of flooding logs with a per-frame spinner (not suppressed by --quiet/--json-file). - methods: downgrade primary-Backblaze-upload failure warnings to debug-only; the Supabase fallback recovers and validateUploadResults raises the only user-facing error (when every strategy fails). - list/status: build console links from the env the CLI targets (resolveFrontendUrl) instead of the API's hardcoded-prod consoleUrl. - cloud: validate a local --app-file exists during --dry-run.
Co-authored-by: dcd-cli-release-please[bot] <296541543+dcd-cli-release-please[bot]@users.noreply.github.com>
The CLA Assistant action defaults lock-pullrequest-aftermerge=true, so merging a release-please PR locked it; release-please then failed trying to comment on the locked PR, killing the Release job before npm publish + binary upload ran (seen on v5.0.0-beta.2). Set lock-pullrequest-aftermerge=false. Also skip release-please PRs in claude-code-review (version bumps — nothing to review, and it must never block a release).
Prints a beta notice (billed at $0.03/min, contact support to enroll) before starting a session. The API's new enrollment gate returns a 403 whose "contact support" message the CLI already surfaces verbatim on a non-enrolled org.
Co-authored-by: dcd-cli-release-please[bot] <296541543+dcd-cli-release-please[bot]@users.noreply.github.com>
Code reviewNo issues found. Checked for bugs and CLAUDE.md compliance. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What & why
Type of change
fix— bug fixfeat— new featureperf— performance improvementrefactor— code change that's neither a fix nor a featuredocs— documentation onlychore/ci/build/test— tooling, no user-facing change!or PR notes aBREAKING CHANGE:)Checklist
pnpm lintpassespnpm typecheckpassespnpm buildpassesCHANGELOG.md(release-please handles this)README.md/STYLE_GUIDE.mdupdated if behaviour or output changedHow to test