npx claudepluginhub boshu2/agentops --plugin agentopsThis skill uses the workspace's default tool permissions.
> **Purpose:** Take a project from "code is ready" to "tagged and ready to push."
Creates isolated Git worktrees for feature branches with prioritized directory selection, gitignore safety checks, auto project setup for Node/Python/Rust/Go, and baseline verification.
Executes implementation plans in current session by dispatching fresh subagents per independent task, with two-stage reviews: spec compliance then code quality.
Dispatches parallel agents to independently tackle 2+ tasks like separate test failures or subsystems without shared state or dependencies.
Purpose: Take a project from "code is ready" to "tagged and ready to push."
Pre-flight validation, changelog from git history, version bumps across package files, release commit, annotated tag, and curated release notes. Everything is local and reversible. Publishing (including the GitHub Release page) is CI's job.
/release 1.7.0 # full release: changelog + bump + commit + tag
/release 1.7.0 --dry-run # show what would happen, change nothing
/release --check # readiness validation only (GO/NO-GO)
/release # suggest version from commit analysis
| Argument | Required | Description |
|---|---|---|
version | No | Semver string (e.g., 1.7.0). If omitted, suggest based on commit analysis |
--check | No | Readiness validation only — don't generate or write anything |
--dry-run | No | Show generated changelog + version bumps without writing |
--skip-checks | No | Skip pre-flight validation (tests, lint) |
--changelog-only | No | Only update CHANGELOG.md — no version bumps, no commit, no tag |
/release [version] — the complete local release workflow.
Steps: pre-flight → changelog → release notes → version bump → user review → write → release commit → tag → guidance.
/release --check — standalone readiness validation.
Runs all pre-flight checks and reports GO/NO-GO. Useful before starting the release, in CI as a gate, or composed with /vibe. Does not generate or write anything.
/release 1.7.0 --changelog-only — just update CHANGELOG.md.
Generates the changelog entry and writes it. No version bumps, no commit, no tag.
Run these checks before anything else:
./scripts/ci-local-release.sh # mandatory local CI parity gate (blocking)
git rev-parse --git-dir # must be in a git repo
git status --porcelain # warn if dirty
git branch --show-current # show current branch
/release MUST run the repo-root ci-local-release.sh gate first. If it fails, stop the release workflow and report the failing checks.
The local CI gate writes publishable artifacts to .agents/releases/local-ci/<timestamp>/, including SBOM files, a full security scan report, and release-artifacts.json.
Once the target version is known, rerun the gate as ./scripts/ci-local-release.sh --release-version <version> so the artifact manifest matches the final release version. Use ./scripts/resolve-release-artifacts.sh <version> when writing the audit trail.
Checks:
| Check | How | Severity |
|---|---|---|
| Git repo | git rev-parse --git-dir | Block — cannot proceed |
| CHANGELOG.md exists | Glob for changelog (case-insensitive) | Offer to create if missing |
Has [Unreleased] section | Read CHANGELOG.md | Warn |
| Working tree clean | git status --porcelain | Warn (show dirty files) |
| On expected branch | git branch --show-current | Warn if not main/master/release |
| Local CI parity gate | repo-root ci-local-release.sh | Block — must pass before release |
| Publishable SBOM | Generated by local CI gate (CycloneDX + SPDX) | Block — required artifact |
| Security scan report | Generated by local CI gate (full toolchain scan JSON) | Block — required artifact |
| Tests pass | Detect and run test command | Warn (show failures) |
| Lint clean | Detect and run lint command | Warn (show issues) |
| Dependency vulnerabilities | Run /deps vuln to confirm no critical vulnerabilities ship with this release | Warn (show findings) |
| Version consistency | Compare versions across package files | Warn (show mismatches) |
| Manifest versions sync | Compare .claude-plugin/plugin.json and marketplace.json versions | Warn (show mismatches) |
| Commits since last tag | git log --oneline <range> | Block if empty — nothing to release |
| Unconsumed high-severity findings | Count items in .agents/rpi/next-work.jsonl where consumed=false and severity=high | Warn — not a blocker (see check below) |
Unconsumed findings check (soft WARN, non-blocking):
if [ -f .agents/rpi/next-work.jsonl ] && command -v jq &>/dev/null; then
high_count=$(jq -s '[.[] | select(.consumed == false) | .items[] | select(.severity == "high")] | length' \
.agents/rpi/next-work.jsonl 2>/dev/null || echo 0)
if [ "$high_count" -gt 0 ]; then
echo "[WARN] $high_count unconsumed high-severity item(s) in .agents/rpi/next-work.jsonl"
echo " These carry-forward findings have not been addressed. Review before releasing."
echo " Run: jq -s '[.[] | select(.consumed==false) | .items[] | select(.severity==\"high\")]' .agents/rpi/next-work.jsonl"
fi
fi
This is a soft WARN — it does not block the release. It surfaces carry-forward findings from prior retro/post-mortem sessions so the release engineer can make an informed decision.
Test/lint detection:
| File | Test Command | Lint Command |
|---|---|---|
go.mod | go test ./... | golangci-lint run (if installed) |
package.json | npm test | npm run lint (if script exists) |
pyproject.toml | pytest | ruff check . (if installed) |
Cargo.toml | cargo test | cargo clippy (if installed) |
Makefile with test: | make test | make lint (if target exists) |
If --skip-checks is passed, skip ad-hoc test/lint detection only. It does not skip the repo-root ci-local-release.sh gate.
In --check mode, run all checks and output a summary table:
Release Readiness: NO-GO
[PASS] Git repo
[PASS] CHANGELOG.md exists
[PASS] Working tree clean
[WARN] Branch: feature/foo (expected main)
[FAIL] Tests: 2 failures in auth_test.go
[PASS] Lint clean
[PASS] Version consistency (1.6.0 in all 2 files)
[PASS] 14 commits since v1.6.0
[WARN] 2 unconsumed high-severity item(s) in .agents/rpi/next-work.jsonl
In --check mode, stop here. In default mode, continue (warnings don't block).
Find the last release tag:
git tag --sort=-version:refname -l 'v*' | head -1
v* tags exist, use the first commit: git rev-list --max-parents=0 HEAD<last-tag>..HEADGather commit data for classification:
git log --oneline --no-merges <range>
git log --format="%H %s" --no-merges <range>
git diff --stat <range>
Use --oneline for the summary view and full hashes for detail lookups when a commit message is ambiguous.
Classify each commit into one of four categories:
| Category | Signal |
|---|---|
| Added | New features, new files, "add", "create", "implement", "introduce", feat |
| Changed | Modifications, updates, refactors, "update", "refactor", "rename", "migrate" |
| Fixed | Bug fixes, corrections, "fix", "correct", "resolve", "patch" |
| Removed | Deletions, "remove", "delete", "drop", "deprecate" |
Grouping rules:
auth:, api:, feat(users))git show --stat <hash> to clarifyKey rules:
### Removed if nothing was removed--no-mergesIf no version was provided, suggest one based on the commit classification:
| Condition | Suggestion |
|---|---|
Any commit contains "BREAKING", "breaking change", or !: (conventional commits) | Major bump |
| Any commits classified as Added (new features) | Minor bump |
| Only Fixed/Changed commits | Patch bump |
Show the suggestion with reasoning:
Suggested version: 1.7.0 (minor)
Reason: 3 new features added, no breaking changes
Current version: 1.6.0 (from package.json, go tags)
Use AskUserQuestion to confirm or let the user provide a different version.
Produce a markdown block in Keep a Changelog format:
## [X.Y.Z] - YYYY-MM-DD
### Added
- description of new feature
### Changed
- description of change
### Fixed
- description of fix
Use today's date in YYYY-MM-DD format.
Style adaptation: Read the existing CHANGELOG entries and match their conventions:
—, hyphen -, colon : )If no existing entries to reference (first release), use plain Keep a Changelog defaults.
Scan for files containing version strings:
| File | Pattern | Example |
|---|---|---|
package.json | "version": "X.Y.Z" | "version": "1.6.0" |
pyproject.toml | version = "X.Y.Z" | version = "1.6.0" |
Cargo.toml | version = "X.Y.Z" | version = "1.6.0" |
*.go | const Version = "X.Y.Z" or var version = "X.Y.Z" | const Version = "1.6.0" |
version.txt | Plain version string | 1.6.0 |
VERSION | Plain version string | 1.6.0 |
.goreleaser.yml | Version from ldflags (show, don't modify — goreleaser reads from git tags) | — |
Show what was found:
Version strings detected:
package.json: "version": "1.6.0" → "1.7.0"
src/version.go: const Version = "1.6.0" → "1.7.0"
.goreleaser.yml: (reads from git tag — no change needed)
Use AskUserQuestion: "Update these version strings?" — "Yes, update all" / "Let me choose" / "Skip version bumps"
Present everything that will change:
If --dry-run was passed, stop here.
Use AskUserQuestion:
After user confirms:
## [Unreleased] line## [ line or EOF)## [Unreleased] + blank line + versioned entryRead references/release-notes.md for the full release notes format, quality bar, condensing rules, and examples. Key points:
docs/releases/YYYY-MM-DD-v<version>-notes.mdCRITICAL: Release notes MUST be written and staged BEFORE the release commit. GoReleaser checks out the tagged commit — if notes are committed after the tag, CI won't find them and falls back to raw changelog extraction.
Resolve the full local-CI artifact set that backs this release, then write the internal release audit record to docs/releases/YYYY-MM-DD-v<version>-audit.md (see Step 16 format). Stage it alongside the release notes.
ARTIFACT_JSON="$(./scripts/resolve-release-artifacts.sh <version>)"
ARTIFACT_DIR="$(echo "$ARTIFACT_JSON" | jq -r '.artifact_dir')"
Stage and commit all release changes together:
git add CHANGELOG.md <version-files...> docs/releases/YYYY-MM-DD-v<version>-notes.md docs/releases/YYYY-MM-DD-v<version>-audit.md
git commit -m "Release v<version>"
The commit message is intentionally simple. The changelog has the details. The release notes and audit trail are included in this commit so the tagged tree contains them.
Create an annotated tag:
git tag -a v<version> -m "Release v<version>"
Do NOT create a draft GitHub Release locally. GoReleaser in CI is the sole release creator. A local gh release create --draft conflicts with GoReleaser and results in an empty release body.
The curated release notes at docs/releases/YYYY-MM-DD-v<version>-notes.md are included in the release commit (Step 12), so CI finds them in the tagged tree. The pipeline (extract-release-notes.sh) reads them and passes them to GoReleaser via --release-notes.
CI also publishes security artifacts to the GitHub Release assets:
sbom-cyclonedx-go-mod.jsonsecurity-gate-summary.jsonShow the user what to do next:
Release v1.7.0 prepared locally.
Next steps:
git push origin main --tags # push commit + tag
CI publisher will handle: release publish, GitHub Release page, SBOM/security assets, provenance
(detected: .github/workflows/release.yml, .goreleaser.yml)
Curated release notes: docs/releases/YYYY-MM-DD-v1.7.0-notes.md
If no CI detected:
Next steps:
git push origin main --tags # push commit + tag
gh release create v1.7.0 --title "v1.7.0" --notes-file docs/releases/YYYY-MM-DD-v1.7.0-notes.md
No release CI detected. Consider adding a workflow for automated publishing.
The audit record (written in Step 11, committed in Step 12) uses this format:
mkdir -p docs/releases
Write to docs/releases/YYYY-MM-DD-v<version>-audit.md:
# Release v<version> — Audit
**Date:** YYYY-MM-DD
**Previous:** v<previous-version>
**Commits:** N commits in range
**Local CI Artifacts:** `<artifact_dir>/`
## Version Bumps
<files updated>
## Pre-flight Results
<check summary table>
This is an internal record for the knowledge flywheel. It does NOT go on the GitHub Release page — that's the -notes.md file from Step 12.
Two files, two audiences:
| File | Audience | Contains |
|---|---|---|
*-notes.md | GitHub feed readers | Highlights, What's New, All Changes |
*-audit.md | Internal/flywheel | Version bumps, pre-flight results |
When no CHANGELOG.md exists and the user accepts creation, write:
# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
Then proceed with the normal workflow to populate the first versioned entry.
npm publish, cargo publish, twine upload. CI handles this.go build, npm pack, docker build. CI handles this.git push, no git push --tags. The user decides when to push.Everything this skill does is local and reversible:
git reset HEAD~1git tag -d v<version>docs/releases/*-notes.md before pushUser says: /release 1.7.0
What happens:
Result: Local release fully prepared: changelog updated, versions bumped, tag created, draft release ready.
User says: /release --check
What happens:
Result: Release readiness report only, no changes made.
User says: /release (no version provided)
What happens:
Result: Suggested version based on commit analysis, user confirms or overrides.
| Problem | Cause | Solution |
|---|---|---|
| "No commits since last tag" error | Working tree clean, no new commits | Commit pending changes or skip release (nothing to release) |
| Version mismatch warning | package.json shows 1.6.0, go shows 1.5.9 | Manually sync versions before release, or choose one as source of truth |
| Tests fail during pre-flight | Breaking changes not caught earlier | Fix failing tests or use --skip-checks (not recommended) |
| Dirty working tree warning | Uncommitted changes present | Commit or stash changes before release for clean state |
| GitHub Release page has empty body | GoReleaser conflicts with existing draft release | CI workflow deletes existing releases before GoReleaser runs; do NOT gh release create locally |