Skip to content

chore: add release-please automation#236

Merged
yacosta738 merged 3 commits into
mainfrom
release-please
Mar 16, 2026
Merged

chore: add release-please automation#236
yacosta738 merged 3 commits into
mainfrom
release-please

Conversation

@yacosta738
Copy link
Copy Markdown
Contributor

@yacosta738 yacosta738 commented Mar 16, 2026

No description provided.

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai Bot commented Mar 16, 2026
edited
Loading

Warning

Rate limit exceeded

@yacosta738 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 14 minutes and 43 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: ad0ea706-6c05-453d-88f9-b96a4860000f

📥 Commits

Reviewing files that changed from the base of the PR and between ee3d1ae and f61bf7e.

📒 Files selected for processing (1)
  • clients/web/apps/docs/src/content/docs/es/guides/release.md
📝 Walkthrough

Walkthrough

Adds Release Please automation: workflow, config, manifest, version markers, and docs updates to drive releases from main via automated release PRs and tagged publishes.

Changes

Cohort / File(s) Summary
Release Please workflow & manifests
.github/workflows/release-please.yml, .release-please-manifest.json, release-please-config.json, version.txt		 Adds a Release Please GitHub Action workflow, manifest (initial version "0.4.0"), config mapping multiple version sources (gradle, Cargo.toml, package.json), and a root version.txt set to 0.4.0.
Docs / README
.github/workflows/README.md, clients/web/apps/docs/src/content/docs/guides/release.md, clients/web/apps/docs/src/content/docs/es/guides/release.md		 Documents the Release Please-driven process, replaces manual version-sync instructions with automated PR/tag flow, and adds token/secret guidance.
Gradle version markers
gradle.properties, gradle/build-logic/gradle.properties		 Inserts # x-release-please-start-version / # x-release-please-end markers around VERSION=0.4.0 to enable release tooling edits.
Agent runtime changes
clients/agent-runtime/npm/corvus/package.json, clients/agent-runtime/src/main.rs		 Downgrades several optionalDependencies platform packages from 0.5.0 → 0.4.0; switches CLI version attribute to env!("CARGO_PKG_VERSION") for dynamic versioning.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    participant Dev as Developer
    participant GH as GitHub (push / main)
    participant RP as Release-Please Action
    participant Repo as Repository (files: version.txt, package files, gradle props)
    participant CI as Publish Workflow

    Dev->>GH: Push to main (or manual dispatch)
    GH->>RP: Trigger release-please.yml
    RP->>Repo: Read release-please-config.json & extra-files
    RP->>GH: Open/Update release PR with version bumps
    Dev->>GH: Review & merge release PR
    RP->>GH: Create vX.Y.Z tag on merge
    GH->>CI: Tag triggers publish-release.yml
    CI->>Repo: Publish artifacts (gradle, crates, npm, docker, binaries)
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Description check ⚠️ Warning The pull request description is completely missing; no content was provided by the author. Add a comprehensive description covering: summary of changes, purpose of release-please automation, testing details, and impact on the release workflow.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title follows Conventional Commits style with 'chore' prefix and clearly describes the main change: adding release-please automation.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch release-please
📝 Coding Plan
  • Generate coding plan for human review comments

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@sentry
Copy link
Copy Markdown

sentry Bot commented Mar 16, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

coderabbitai[bot]
coderabbitai Bot reviewed Mar 16, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/README.md:
- Around line 239-242: Update the RELEASE_PLEASE_TOKEN guidance to require a
fine‑grained, least‑privilege PAT scoped only to this repository (not org‑wide),
list the exact minimal permissions needed for release workflows (e.g.,
repo:contents/write or equivalent minimal tag/create permissions), mandate a
short expiry and a rotation policy (e.g., rotate every X days and document
who/where to rotate), and instruct storing the token in GitHub Secrets with an
explicit secret name; mention that broader scopes or long‑lived tokens are not
permitted. Reference: RELEASE_PLEASE_TOKEN in the README entry to locate the
text to update.

In `@clients/web/apps/docs/src/content/docs/es/guides/release.md`:
- Around line 28-30: Update the ordered list numbering so the two items after
the nested bullets restart at 1 and 2 to satisfy MD029: locate the list entries
that begin with "Token de Release Please" (`RELEASE_PLEASE_TOKEN` ...) and
"Permisos de escritura: Debes ser mantenedor del repositorio" and change their
leading numerals to "1." and "2." respectively so the ordered list restarts
after the nested bullets.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 530f0d9d-d087-4afe-877c-aa8889886e64

📥 Commits

Reviewing files that changed from the base of the PR and between 7bb0bd7 and d5449cf.

📒 Files selected for processing (11)
  • .github/workflows/README.md
  • .github/workflows/release-please.yml
  • .release-please-manifest.json
  • clients/agent-runtime/npm/corvus/package.json
  • clients/agent-runtime/src/main.rs
  • clients/web/apps/docs/src/content/docs/es/guides/release.md
  • clients/web/apps/docs/src/content/docs/guides/release.md
  • gradle.properties
  • gradle/build-logic/gradle.properties
  • release-please-config.json
  • version.txt
📜 Review details
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)
  • GitHub Check: sonar
  • GitHub Check: pr-checks-build-logic
  • GitHub Check: pr-checks
  • GitHub Check: pr-checks
  • GitHub Check: pr-checks-build-logic
  • GitHub Check: Cloudflare Pages
🧰 Additional context used
📓 Path-based instructions (6)
**/*

⚙️ CodeRabbit configuration file

**/*: Security first, performance second.
Validate input boundaries, auth/authz implications, and secret management.
Look for behavioral regressions, missing tests, and contract breaks across modules.

Files:

  • gradle/build-logic/gradle.properties
  • clients/agent-runtime/src/main.rs
  • release-please-config.json
  • clients/agent-runtime/npm/corvus/package.json
  • version.txt
  • clients/web/apps/docs/src/content/docs/es/guides/release.md
  • clients/web/apps/docs/src/content/docs/guides/release.md
  • gradle.properties
clients/agent-runtime/src/**/*.rs

📄 CodeRabbit inference engine (clients/agent-runtime/AGENTS.md)

clients/agent-runtime/src/**/*.rs: Never log secrets, tokens, raw credentials, or sensitive payloads in any logging statements
Avoid unnecessary allocations, clones, and blocking operations to maintain performance and efficiency

Files:

  • clients/agent-runtime/src/main.rs
clients/agent-runtime/**/*.rs

📄 CodeRabbit inference engine (clients/agent-runtime/AGENTS.md)

Run cargo fmt --all -- --check, cargo clippy --all-targets -- -D warnings, and cargo test for code validation, or document which checks were skipped and why

Files:

  • clients/agent-runtime/src/main.rs
clients/agent-runtime/src/main.rs

📄 CodeRabbit inference engine (clients/agent-runtime/AGENTS.md)

clients/agent-runtime/src/main.rs: Preserve CLI contract unless change is intentional and documented; prefer explicit errors over silent fallback for unsupported critical paths
Keep startup path lean and avoid heavy initialization in command parsing flow

Files:

  • clients/agent-runtime/src/main.rs
**/*.rs

⚙️ CodeRabbit configuration file

**/*.rs: Focus on Rust idioms, memory safety, and ownership/borrowing correctness.
Flag unnecessary clones, unchecked panics in production paths, and weak error context.
Prioritize unsafe blocks, FFI boundaries, concurrency races, and secret handling.

Files:

  • clients/agent-runtime/src/main.rs
**/*.{md,mdx}

⚙️ CodeRabbit configuration file

**/*.{md,mdx}: Verify technical accuracy and that docs stay aligned with code changes.
For user-facing docs, check EN/ES parity or explicitly note pending translation gaps.

Files:

  • clients/web/apps/docs/src/content/docs/es/guides/release.md
  • clients/web/apps/docs/src/content/docs/guides/release.md
🧠 Learnings (9)
📚 Learning: 2026-02-17T12:31:17.076Z 
Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/.github/**/*.{yml,yaml} : For workflow/template-only changes, ensure YAML/template syntax validity

Applied to files:

  • .github/workflows/README.md
📚 Learning: 2026-02-17T12:31:17.076Z 
Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/main.rs : Preserve CLI contract unless change is intentional and documented; prefer explicit errors over silent fallback for unsupported critical paths

Applied to files:

  • clients/agent-runtime/src/main.rs
📚 Learning: 2026-02-17T12:31:17.076Z 
Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/**/*.rs : Run `cargo fmt --all -- --check`, `cargo clippy --all-targets -- -D warnings`, and `cargo test` for code validation, or document which checks were skipped and why

Applied to files:

  • clients/agent-runtime/src/main.rs
  • clients/web/apps/docs/src/content/docs/guides/release.md
📚 Learning: 2026-02-17T12:31:17.076Z 
Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/main.rs : Keep startup path lean and avoid heavy initialization in command parsing flow

Applied to files:

  • clients/agent-runtime/src/main.rs
📚 Learning: 2026-02-17T12:31:17.076Z 
Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/**/Cargo.toml : Do not add heavy dependencies for minor convenience; justify new crate additions

Applied to files:

  • clients/agent-runtime/src/main.rs
📚 Learning: 2026-02-17T12:31:17.076Z 
Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/**/Cargo.toml : Preserve release-size profile assumptions in `Cargo.toml` and avoid adding heavy dependencies unless clearly justified

Applied to files:

  • clients/agent-runtime/src/main.rs
📚 Learning: 2026-02-17T12:31:17.076Z 
Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/{security,gateway,tools,config}/**/*.rs : Do not silently weaken security policy or access constraints; keep default behavior secure-by-default with deny-by-default where applicable

Applied to files:

  • clients/agent-runtime/src/main.rs
📚 Learning: 2026-02-17T12:31:17.076Z 
Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/**/*.rs : Avoid unnecessary allocations, clones, and blocking operations to maintain performance and efficiency

Applied to files:

  • clients/agent-runtime/src/main.rs
📚 Learning: 2026-02-17T12:31:17.076Z 
Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/tools/**/*.rs : Implement `Tool` trait in `src/tools/` with strict parameter schema, validate and sanitize all inputs, and return structured `ToolResult` without panics in runtime path

Applied to files:

  • clients/agent-runtime/src/main.rs
🪛 LanguageTool
clients/web/apps/docs/src/content/docs/es/guides/release.md

[grammar] ~28-~28: Elimina la palabra o signo.
Context: ...con acceso de escritura al repo para que release-please pueda abrir PRs y crear t...

(QB_NEW_ES_OTHER_ERROR_IDS_UNNECESSARY_SPACE)

[grammar] ~29-~29: Cambia la palabra o signo.
Context: ...ue disparen los workflows de publicación 5. Permisos de escritura: Debes ser mante...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_OTHER)

[grammar] ~30-~30: Aquí puede haber un error.
Context: ...**: Debes ser mantenedor del repositorio ### Qué publica un release Cuando `publish-...

(QB_NEW_ES)

[grammar] ~50-~50: Elimina la palabra o signo.
Context: ...s para publicar deben estar mergeados en main antes de mergear el PR de release...

(QB_NEW_ES_OTHER_ERROR_IDS_UNNECESSARY_SPACE)

[grammar] ~53-~53: Corrige la mayúscula.
Context: ...rgear el PR de release. ## Publicar un Release ### Paso 1: Mergea cambios en main Asegúr...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_ORTHOGRAPHY_UPPERCASE)

[grammar] ~59-~59: Aquí puede haber un error.
Context: ...estén mergeados en main. ### Paso 2: Release Please abre el PR de release En cada p...

(QB_NEW_ES)

[grammar] ~59-~59: Cambia la palabra o signo.
Context: ...rgeados en main. ### Paso 2: Release Please abre el PR de release En cada push a `...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_OTHER)

[grammar] ~59-~59: Aquí puede haber un error.
Context: ... 2: Release Please abre el PR de release En cada push a main, Release Please cr...

(QB_NEW_ES)

[grammar] ~63-~63: Cambia la palabra o signo.
Context: ...nes en Gradle, Cargo, npm y paquetes web - Actualiza optionalDependencies en `cli...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_OTHER)

[grammar] ~64-~64: Oración con errores
Context: ...s web - Actualiza optionalDependencies en clients/agent-runtime/npm/corvus/package.json - Genera notas de release con Conventional...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_MULTITOKEN)

[grammar] ~65-~65: Aquí puede haber un error.
Context: ...otas de release con Conventional Commits Para controlar el bump, usa Conventional...

(QB_NEW_ES)

[grammar] ~69-~69: Cambia la palabra o signo.
Context: ...Conventional Commits: - fix: -> patch - feat: -> minor - feat!: o BREAKING CHANGE:...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_SPACE)

[grammar] ~70-~70: Cambia la palabra o signo.
Context: ...s: - fix: -> patch - feat: -> minor - feat!: o BREAKING CHANGE: -> major ### Paso ...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_SPACE)

[grammar] ~73-~73: Aquí puede haber un error.
Context: ...Paso 3: Revisa y mergea el PR de release Revisa el PR, valida las versiones y mer...

(QB_NEW_ES)

[grammar] ~79-~79: Cambia la palabra o signo.
Context: .... Ese tag dispara publish-release.yml, que ejecuta _publish.yml para publicar...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_OTHER)

[grammar] ~114-~114: Cambia la palabra o signo.
Context: ...Selecciona el branch (usualmente main) 4. Haz clic en Run workflow Los snapsh...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_OTHER)

[grammar] ~132-~132: Elimina la palabra o signo.
Context: ...ne versiones alineadas. Si falla, revisa release-please-config.json y el diff d...

(QB_NEW_ES_OTHER_ERROR_IDS_UNNECESSARY_SPACE)

[grammar] ~133-~133: Cambia la palabra o signo.
Context: ...config.jsony el diff del PR de release - **PR de release no creado**: FaltaRELEAS...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_OTHER)

[grammar] ~134-~134: Oración con errores
Context: ...EASE_PLEASE_TOKENo los commits no son Conventional - **Secret faltante de release**:CARGO_REGISTRY_...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_MULTITOKEN)

[grammar] ~158-~158: Cambia la palabra o signo.
Context: ...[ ] PR de release actualizado y mergeado - [ ] Versiones alineadas en el diff del P...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_SPACE)

[grammar] ~159-~159: Cambia la palabra o signo.
Context: ...s alineadas en el diff del PR de release - [ ] La clave GPG es válida y no ha expir...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_SPACE)

[grammar] ~160-~160: Cambia la palabra o signo.
Context: ... La clave GPG es válida y no ha expirado - [ ] Las credenciales de Maven Central so...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_SPACE)

[grammar] ~161-~161: Cambia la palabra o signo.
Context: ...edenciales de Maven Central son actuales - [ ] Los secrets de crates.io, npm y Dock...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_SPACE)

[grammar] ~162-~162: Cambia la palabra o signo.
Context: ....io, npm y Docker Hub están configurados - [ ] Tag vX.Y.Z creado por Release Plea...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_SPACE)

[grammar] ~163-~163: Aquí puede haber un error.
Context: ...] Tag vX.Y.Z creado por Release Please ## Ver También - [Guía de Configuración GP...

(QB_NEW_ES)

🪛 markdownlint-cli2 (0.21.0)
clients/web/apps/docs/src/content/docs/es/guides/release.md

[warning] 28-28: Ordered list item prefix
Expected: 1; Actual: 4; Style: 1/2/3

(MD029, ol-prefix)

[warning] 30-30: Ordered list item prefix
Expected: 2; Actual: 5; Style: 1/2/3

(MD029, ol-prefix)

clients/web/apps/docs/src/content/docs/guides/release.md

[warning] 28-28: Ordered list item prefix
Expected: 1; Actual: 4; Style: 1/2/3

(MD029, ol-prefix)

[warning] 30-30: Ordered list item prefix
Expected: 2; Actual: 5; Style: 1/2/3

(MD029, ol-prefix)

🔇 Additional comments (15)
clients/agent-runtime/npm/corvus/package.json (1)

19-24: LGTM - Version alignment is consistent.

The optionalDependencies versions (0.4.0) correctly match both the main package version (line 3) and the platform-specific package versions in corvus-darwin-x64, corvus-linux-x64, and corvus-windows-x64.

gradle.properties (1)

27-29: LGTM - Release Please markers correctly placed.

The version markers bracket the VERSION property, enabling automated version bumps during release PR creation.

gradle/build-logic/gradle.properties (1)

19-21: LGTM - Consistent with root gradle.properties.

Version markers enable synchronized version bumps for the build-logic plugin.

clients/agent-runtime/src/main.rs (1)

87-87: LGTM - Single source of truth for version.

Using env!("CARGO_PKG_VERSION") derives the version from Cargo.toml at compile time, eliminating version drift between the binary and manifest. No runtime overhead since env!() is evaluated during compilation.

clients/web/apps/docs/src/content/docs/guides/release.md (2)

28-30: LGTM - Documentation accurately reflects the new Release Please workflow.

The prerequisite for RELEASE_PLEASE_TOKEN with repo write access is correctly documented. The numbered list continues from the previous items (1-3), so items 4 and 5 are correctly numbered despite the linter warning.

55-80: Clear step-by-step release process.

The workflow is well-documented: merge to main → Release Please opens PR → review/merge → tag triggers publish. The Conventional Commits guidance (fix: → patch, feat: → minor, feat!: → major) helps contributors control version bumps.

.release-please-manifest.json (1)

1-3: LGTM - Manifest aligns with all version sources.

The root version 0.4.0 is consistent with version.txt, gradle.properties, Cargo.toml, and npm packages. Release Please will maintain this file during automated releases.

version.txt (1)

1-1: LGTM - Central version source for Release Please.

Version 0.4.0 is consistent across all files in this PR.

.github/workflows/release-please.yml (2)

10-13: Permissions are correctly scoped.

The issues: write permission is required by Release Please for release tracking, though it may be removable if not using that feature. Consider reviewing if this permission is necessary for your use case.

20-24: Good security practice: action pinned to SHA.

The workflow correctly uses a pinned commit SHA rather than a mutable tag, and the token is properly sourced from GitHub secrets rather than hardcoded. Permissions are appropriately scoped for Release Please operations (contents write for tags/files, pull-requests write for release PRs, issues write for tracking).

.github/workflows/README.md (1)

224-238: Release flow documentation matches the implemented workflow chain.

The trigger/behavior description is aligned with the configured release-please → tag → publish flow.

release-please-config.json (2)

1-37: Good multi-ecosystem version propagation setup.

Using version.txt as the primary source plus Gradle/Cargo/npm extra-files is a solid release-automation baseline.

38-67: No action required—all JSONPath targets are resolvable.

All referenced optionalDependencies keys in the corvus package configuration are correctly configured and resolve successfully. Automation can proceed safely.

clients/web/apps/docs/src/content/docs/es/guides/release.md (2)

50-83: Release-Please lifecycle steps are correctly documented.

Lines 50-83 are consistent with the configured push to main trigger and tag-driven publishing flow.

55-83: No action needed — EN/ES documentation parity is present and complete.

Both the English (clients/web/apps/docs/src/content/docs/guides/release.md) and Spanish (clients/web/apps/docs/src/content/docs/es/guides/release.md) release guides are fully aligned. The Release Please workflow, Conventional Commits flow, and all five steps/pasos are accurately mirrored with no translation gaps. No pending translation note required.

Comment thread .github/workflows/README.md
Comment thread clients/web/apps/docs/src/content/docs/es/guides/release.md Outdated
@cloudflare-workers-and-pages
Copy link
Copy Markdown

cloudflare-workers-and-pages Bot commented Mar 16, 2026
edited
Loading

Deploying corvus with  Cloudflare Pages  Cloudflare Pages

Latest commit: f61bf7e
Status: ✅  Deploy successful!
Preview URL: https://ed34fe93.corvus-42x.pages.dev
Branch Preview URL: https://release-please.corvus-42x.pages.dev

View logs

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Mar 16, 2026
edited
Loading

✅ Contributor Report

User: @yacosta738
Status: Passed (12/13 metrics passed)

Metric Description Value Threshold Status
PR Merge Rate PRs merged vs closed 89% >= 30%
Repo Quality Repos with ≥100 stars 0 >= 0
Positive Reactions Positive reactions received 9 >= 1
Negative Reactions Negative reactions received 0 <= 5
Account Age GitHub account age 3062 days >= 30 days
Activity Consistency Regular activity over time 108% >= 0%
Issue Engagement Issues with community engagement 0 >= 0
Code Reviews Code reviews given to others 408 >= 0
Merger Diversity Unique maintainers who merged PRs 2 >= 0
Repo History Merge Rate Merge rate in this repo 91% >= 0%
Repo History Min PRs Previous PRs in this repo 152 >= 0
Profile Completeness Profile richness (bio, followers) 90 >= 0
Suspicious Patterns Spam-like activity detection 1 N/A

Contributor Report evaluates based on public GitHub activity. Analysis period: 2025-03-16 to 2026-03-16

coderabbitai[bot]
coderabbitai Bot reviewed Mar 16, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@clients/web/apps/docs/src/content/docs/es/guides/release.md`:
- Around line 28-30: The current bullet for RELEASE_PLEASE_TOKEN is too
permissive; update the Spanish text for RELEASE_PLEASE_TOKEN to mirror the
stricter token policy used by the workflow docs: require a fine‑grained PAT with
minimum permissions needed for release-please, short expiry/rotation guidance,
exact secret name RELEASE_PLEASE_TOKEN, deny broad scopes, and note it must be a
maintainer-level secret only; ensure the wording matches the English page and
the existing workflow README policy so EN/ES parity is preserved.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 16864550-2a6a-4553-867b-ee23b2406212

📥 Commits

Reviewing files that changed from the base of the PR and between d5449cf and ee3d1ae.

📒 Files selected for processing (2)
  • .github/workflows/README.md
  • clients/web/apps/docs/src/content/docs/es/guides/release.md
📜 Review details
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)
  • GitHub Check: pr-checks
  • GitHub Check: sonar
  • GitHub Check: pr-checks-build-logic
  • GitHub Check: pr-checks
  • GitHub Check: Cloudflare Pages
🧰 Additional context used
📓 Path-based instructions (2)
**/*.{md,mdx}

⚙️ CodeRabbit configuration file

**/*.{md,mdx}: Verify technical accuracy and that docs stay aligned with code changes.
For user-facing docs, check EN/ES parity or explicitly note pending translation gaps.

Files:

  • clients/web/apps/docs/src/content/docs/es/guides/release.md
**/*

⚙️ CodeRabbit configuration file

**/*: Security first, performance second.
Validate input boundaries, auth/authz implications, and secret management.
Look for behavioral regressions, missing tests, and contract breaks across modules.

Files:

  • clients/web/apps/docs/src/content/docs/es/guides/release.md
🧠 Learnings (1)
📚 Learning: 2026-02-17T12:31:17.076Z 
Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/.github/**/*.{yml,yaml} : For workflow/template-only changes, ensure YAML/template syntax validity

Applied to files:

  • .github/workflows/README.md
🪛 LanguageTool
clients/web/apps/docs/src/content/docs/es/guides/release.md

[grammar] ~28-~28: Elimina la palabra o signo.
Context: ...con acceso de escritura al repo para que release-please pueda abrir PRs y crear t...

(QB_NEW_ES_OTHER_ERROR_IDS_UNNECESSARY_SPACE)

[grammar] ~29-~29: Cambia la palabra o signo.
Context: ...ue disparen los workflows de publicación 2. Permisos de escritura: Debes ser mante...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_OTHER)

[grammar] ~30-~30: Aquí puede haber un error.
Context: ...**: Debes ser mantenedor del repositorio ### Qué publica un release Cuando `publish-...

(QB_NEW_ES)

[grammar] ~50-~50: Elimina la palabra o signo.
Context: ...s para publicar deben estar mergeados en main antes de mergear el PR de release...

(QB_NEW_ES_OTHER_ERROR_IDS_UNNECESSARY_SPACE)

[grammar] ~53-~53: Corrige la mayúscula.
Context: ...rgear el PR de release. ## Publicar un Release ### Paso 1: Mergea cambios en main Asegúr...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_ORTHOGRAPHY_UPPERCASE)

[grammar] ~59-~59: Aquí puede haber un error.
Context: ...estén mergeados en main. ### Paso 2: Release Please abre el PR de release En cada p...

(QB_NEW_ES)

[grammar] ~59-~59: Cambia la palabra o signo.
Context: ...rgeados en main. ### Paso 2: Release Please abre el PR de release En cada push a `...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_OTHER)

[grammar] ~59-~59: Aquí puede haber un error.
Context: ... 2: Release Please abre el PR de release En cada push a main, Release Please cr...

(QB_NEW_ES)

[grammar] ~63-~63: Cambia la palabra o signo.
Context: ...nes en Gradle, Cargo, npm y paquetes web - Actualiza optionalDependencies en `cli...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_OTHER)

[grammar] ~64-~64: Oración con errores
Context: ...s web - Actualiza optionalDependencies en clients/agent-runtime/npm/corvus/package.json - Genera notas de release con Conventional...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_MULTITOKEN)

[grammar] ~65-~65: Aquí puede haber un error.
Context: ...otas de release con Conventional Commits Para controlar el bump, usa Conventional...

(QB_NEW_ES)

[grammar] ~69-~69: Cambia la palabra o signo.
Context: ...Conventional Commits: - fix: -> patch - feat: -> minor - feat!: o BREAKING CHANGE:...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_SPACE)

[grammar] ~70-~70: Cambia la palabra o signo.
Context: ...s: - fix: -> patch - feat: -> minor - feat!: o BREAKING CHANGE: -> major ### Paso ...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_SPACE)

[grammar] ~73-~73: Aquí puede haber un error.
Context: ...Paso 3: Revisa y mergea el PR de release Revisa el PR, valida las versiones y mer...

(QB_NEW_ES)

[grammar] ~79-~79: Cambia la palabra o signo.
Context: .... Ese tag dispara publish-release.yml, que ejecuta _publish.yml para publicar...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_OTHER)

[grammar] ~114-~114: Cambia la palabra o signo.
Context: ...Selecciona el branch (usualmente main) 4. Haz clic en Run workflow Los snapsh...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_OTHER)

[grammar] ~132-~132: Elimina la palabra o signo.
Context: ...ne versiones alineadas. Si falla, revisa release-please-config.json y el diff d...

(QB_NEW_ES_OTHER_ERROR_IDS_UNNECESSARY_SPACE)

[grammar] ~133-~133: Cambia la palabra o signo.
Context: ...config.jsony el diff del PR de release - **PR de release no creado**: FaltaRELEAS...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_OTHER)

[grammar] ~134-~134: Oración con errores
Context: ...EASE_PLEASE_TOKENo los commits no son Conventional - **Secret faltante de release**:CARGO_REGISTRY_...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_MULTITOKEN)

[grammar] ~158-~158: Cambia la palabra o signo.
Context: ...[ ] PR de release actualizado y mergeado - [ ] Versiones alineadas en el diff del P...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_SPACE)

[grammar] ~159-~159: Cambia la palabra o signo.
Context: ...s alineadas en el diff del PR de release - [ ] La clave GPG es válida y no ha expir...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_SPACE)

[grammar] ~160-~160: Cambia la palabra o signo.
Context: ... La clave GPG es válida y no ha expirado - [ ] Las credenciales de Maven Central so...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_SPACE)

[grammar] ~161-~161: Cambia la palabra o signo.
Context: ...edenciales de Maven Central son actuales - [ ] Los secrets de crates.io, npm y Dock...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_SPACE)

[grammar] ~162-~162: Cambia la palabra o signo.
Context: ....io, npm y Docker Hub están configurados - [ ] Tag vX.Y.Z creado por Release Plea...

(QB_NEW_ES_OTHER_ERROR_IDS_REPLACEMENT_SPACE)

[grammar] ~163-~163: Aquí puede haber un error.
Context: ...] Tag vX.Y.Z creado por Release Please ## Ver También - [Guía de Configuración GP...

(QB_NEW_ES)

🔇 Additional comments (2)
.github/workflows/README.md (2)

16-16: Nice addition to workflow discoverability.

Adding release-please.yml to the quick reference table keeps the workflow catalog accurate and easy to scan.

224-243: Release-please section is clear and security-aware.

The new section documents triggers, behavior, and token requirements well, and the token guidance now reflects least-privilege and rotation expectations.

Comment thread clients/web/apps/docs/src/content/docs/es/guides/release.md Outdated
@yacosta738 @coderabbitai
Update clients/web/apps/docs/src/content/docs/es/guides/release.md
f61bf7e 
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Signed-off-by: Yuniel Acosta Pérez <33158051+yacosta738@users.noreply.github.com>
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Mar 16, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@yacosta738 yacosta738 merged commit 0fb9e62 into main Mar 16, 2026
19 of 21 checks passed
@yacosta738 yacosta738 deleted the release-please branch March 16, 2026 16:12
@coderabbitai coderabbitai Bot mentioned this pull request Mar 16, 2026
Merged
This was referenced Apr 2, 2026
Merged
Merged
Merged
@coderabbitai coderabbitai Bot mentioned this pull request Apr 10, 2026
Merged
8 tasks
@coderabbitai coderabbitai Bot mentioned this pull request Apr 29, 2026
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@yacosta738