chore(release): bump v2026.5.3 #984
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: desktop-smoke | |
| on: | |
| push: | |
| branches: [dev] | |
| pull_request: | |
| branches: [dev] | |
| workflow_dispatch: | |
| concurrency: | |
| group: desktop-smoke-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| changes: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| docs_only: ${{ steps.filter.outputs.docs_only }} | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| - id: filter | |
| env: | |
| EVENT_NAME: ${{ github.event_name }} | |
| BASE_SHA: ${{ github.event.pull_request.base.sha || github.event.before }} | |
| HEAD_SHA: ${{ github.sha }} | |
| run: | | |
| set -euo pipefail | |
| is_docs_path() { | |
| case "$1" in | |
| README.md|README_CN.md|assets/readme/*|.github/ISSUE_TEMPLATE/*|.github/pull_request_template.md|packages/*/README.md|packages/opencode/specs/*) | |
| return 0 | |
| ;; | |
| *) | |
| return 1 | |
| ;; | |
| esac | |
| } | |
| docs_only=false | |
| if [ "$EVENT_NAME" = "workflow_dispatch" ]; then | |
| echo "docs_only=false" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| if [ -z "$BASE_SHA" ] || [ "$BASE_SHA" = "0000000000000000000000000000000000000000" ]; then | |
| BASE_SHA="$(git rev-list --max-parents=0 HEAD | tail -n 1)" | |
| fi | |
| mapfile -t changes < <(git diff --name-status --find-renames --find-copies "$BASE_SHA" "$HEAD_SHA" --) | |
| if [ "${#changes[@]}" -gt 0 ]; then | |
| docs_only=true | |
| for change in "${changes[@]}"; do | |
| IFS=$'\t' read -r status path1 path2 <<< "$change" | |
| case "$status" in | |
| A*|M*|T*|D*) | |
| if ! is_docs_path "$path1"; then | |
| docs_only=false | |
| break | |
| fi | |
| ;; | |
| R*|C*) | |
| if ! is_docs_path "$path1" || ! is_docs_path "$path2"; then | |
| docs_only=false | |
| break | |
| fi | |
| ;; | |
| *) | |
| docs_only=false | |
| break | |
| ;; | |
| esac | |
| done | |
| fi | |
| echo "docs_only=$docs_only" >> "$GITHUB_OUTPUT" | |
| smoke-macos-arm64: | |
| needs: changes | |
| if: needs.changes.outputs.docs_only != 'true' | |
| runs-on: macos-14 | |
| timeout-minutes: 30 | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # actions/checkout@v6 | |
| with: | |
| persist-credentials: false | |
| # Load-bearing: `bun install` runs `trustedDependencies` | |
| # postinstalls from the root package.json (electron, node-pty, | |
| # esbuild, tree-sitter at time of writing), which call `node` | |
| # explicitly. Do not drop without first patching those scripts. | |
| # Source of truth: grep `trustedDependencies` in package.json. (#70) | |
| - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # actions/setup-node@v6.4.0 | |
| with: | |
| node-version: "24" | |
| - uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # oven-sh/setup-bun@v2 | |
| with: | |
| bun-version: "1.3.13" | |
| - uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # actions/cache@v5 | |
| with: | |
| path: ~/.bun/install/cache | |
| key: bun-${{ runner.os }}-${{ hashFiles('bun.lock') }} | |
| restore-keys: | | |
| bun-${{ runner.os }}- | |
| - uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # actions/cache@v5 | |
| with: | |
| path: | | |
| ~/Library/Caches/electron | |
| ~/Library/Caches/electron-builder | |
| key: electron-${{ runner.os }}-${{ hashFiles('bun.lock', 'packages/desktop-electron/package.json') }} | |
| restore-keys: | | |
| electron-${{ runner.os }}- | |
| - name: Install dependencies | |
| run: bun install --frozen-lockfile | |
| - name: Prepare OfficeCLI | |
| run: bun ./scripts/prepare-officecli.ts --platform darwin --arch arm64 | |
| working-directory: packages/desktop-electron | |
| - name: Build desktop app | |
| run: bun run build | |
| working-directory: packages/desktop-electron | |
| env: | |
| OPENCODE_CHANNEL: dev | |
| PAWWORK_FEEDBACK_FORM_URL: https://example.com/pawwork-feedback | |
| - name: Check desktop runtime imports | |
| run: bun ./scripts/runtime-import-guard.ts | |
| working-directory: packages/desktop-electron | |
| - name: Launch desktop smoke app | |
| run: bun run smoke:ci | |
| working-directory: packages/desktop-electron | |
| - name: Report problem smoke | |
| run: bun run smoke:report | |
| working-directory: packages/desktop-electron | |
| env: | |
| PAWWORK_FEEDBACK_FORM_URL: https://example.com/pawwork-feedback | |
| - name: Package desktop app | |
| run: npx electron-builder --mac dir --arm64 --publish never --config electron-builder.config.ts --config.mac.identity=- --config.mac.notarize=false | |
| working-directory: packages/desktop-electron | |
| env: | |
| CSC_IDENTITY_AUTO_DISCOVERY: "false" | |
| OPENCODE_CHANNEL: dev | |
| - name: Smoke check app bundle | |
| run: | | |
| set -euo pipefail | |
| APP_PATH="dist/mac-arm64/PawWork Dev.app" | |
| EXECUTABLE_PATH="$APP_PATH/Contents/MacOS/PawWork Dev" | |
| INFO_PLIST_PATH="$APP_PATH/Contents/Info.plist" | |
| ASAR_PATH="$APP_PATH/Contents/Resources/app.asar" | |
| OFFICECLI_PATH="$APP_PATH/Contents/Resources/tools/officecli" | |
| THIRD_PARTY_NOTICES_PATH="$APP_PATH/Contents/Resources/THIRD_PARTY_NOTICES.md" | |
| FRAMEWORK_PATH="$APP_PATH/Contents/Frameworks/Electron Framework.framework" | |
| HELPER_APP_PATH="$APP_PATH/Contents/Frameworks/PawWork Dev Helper.app" | |
| if [ ! -d "$APP_PATH" ]; then | |
| echo "Expected app bundle at $APP_PATH" | |
| exit 1 | |
| fi | |
| if [ ! -x "$EXECUTABLE_PATH" ]; then | |
| echo "Expected executable at $EXECUTABLE_PATH" | |
| exit 1 | |
| fi | |
| if [ ! -f "$INFO_PLIST_PATH" ]; then | |
| echo "Expected Info.plist at $INFO_PLIST_PATH" | |
| exit 1 | |
| fi | |
| if [ ! -f "$ASAR_PATH" ]; then | |
| echo "Expected app.asar at $ASAR_PATH" | |
| exit 1 | |
| fi | |
| if [ ! -x "$OFFICECLI_PATH" ]; then | |
| echo "Expected executable OfficeCLI at $OFFICECLI_PATH" | |
| exit 1 | |
| fi | |
| file "$OFFICECLI_PATH" | grep -q "arm64" | |
| OFFICECLI_SKIP_UPDATE=1 "$OFFICECLI_PATH" --version | |
| if [ ! -f "$THIRD_PARTY_NOTICES_PATH" ]; then | |
| echo "Expected third-party notices at $THIRD_PARTY_NOTICES_PATH" | |
| exit 1 | |
| fi | |
| if [ ! -d "$FRAMEWORK_PATH" ]; then | |
| echo "Expected Electron Framework at $FRAMEWORK_PATH" | |
| exit 1 | |
| fi | |
| if [ ! -d "$HELPER_APP_PATH" ]; then | |
| echo "Expected helper app at $HELPER_APP_PATH" | |
| exit 1 | |
| fi | |
| codesign -dv --verbose=2 "$APP_PATH" 2>&1 | tee /tmp/pawwork-codesign.txt | |
| grep -q "Signature=adhoc" /tmp/pawwork-codesign.txt | |
| working-directory: packages/desktop-electron | |
| - name: Launch packaged desktop smoke app | |
| run: | | |
| set -euo pipefail | |
| EXECUTABLE_PATH="dist/mac-arm64/PawWork Dev.app/Contents/MacOS/PawWork Dev" | |
| bun ./scripts/ci-smoke.ts packaged dev "$EXECUTABLE_PATH" | |
| working-directory: packages/desktop-electron | |
| # Aggregator for the `dev` branch ruleset. The required check on GitHub | |
| # is `desktop-smoke / check`; every new job added above MUST be listed | |
| # in `needs:` below, otherwise its failure will not block merge. | |
| check: | |
| if: always() | |
| needs: | |
| - changes | |
| - smoke-macos-arm64 | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Validate desktop smoke result | |
| env: | |
| DOCS_ONLY: ${{ needs.changes.outputs.docs_only }} | |
| SMOKE_RESULT: ${{ needs.smoke-macos-arm64.result }} | |
| run: | | |
| set -euo pipefail | |
| if [ "$DOCS_ONLY" = "true" ]; then | |
| echo "Docs-only change, desktop smoke skipped." | |
| exit 0 | |
| fi | |
| if [ "$SMOKE_RESULT" != "success" ]; then | |
| echo "smoke-macos-arm64=$SMOKE_RESULT" | |
| exit 1 | |
| fi |