fix(repo): fix pub release ci

[xsahil03x]

Description

We have to use the tag push trigger instead of published because publishing on pub.dev is only allowed from 'tag' refType.

The new workflow is now

Release commit → release_tag.yml → Create tag → release_publish.yml → Publish to pub.dev → Create GitHub release

Tested here: https://github.com/xsahil03botx/stream-automatic-release-test

Summary by CodeRabbit

• Chores
  • Replaced the previous release workflow with a new, tag-triggered publishing workflow that creates GitHub releases with autogenerated notes.
  • Updated the tagging workflow to directly create and push version tags, removing automated release creation.
  • Removed the old release workflow that published on release events.

[coderabbitai]

Walkthrough

The release workflow was restructured by deleting .github/workflows/release_pub.yml and introducing .github/workflows/release_publish.yml with a single job that publishes to pub.dev and creates GitHub releases on semantic version tags. Additionally, .github/workflows/release_github.yml was renamed to .github/workflows/release_tag.yml with changes to create and push git tags manually instead of creating GitHub releases.

Changes

File(s)	Change Summary
.github/workflows/release_pub.yml	Deleted entire workflow that published releases on release events with Melos and Flutter setup.
.github/workflows/release_publish.yml	Added new workflow triggered on semantic version tags to publish packages, run lint, and create GitHub releases.
.github/workflows/release_github.yml → release_tag.yml	Renamed file and job; replaced GitHub release creation with manual git tag creation and push; updated permissions and checkout token usage.

Sequence Diagram(s)

sequenceDiagram
    participant GitHub Actions
    participant release_publish_job
    participant pub_dev
    participant GitHub API
    participant git_repo

    GitHub Actions->>release_publish_job: Trigger on push tag vX.Y.Z
    release_publish_job->>git_repo: Checkout repo with full history
    release_publish_job->>release_publish_job: Setup Dart SDK and Flutter
    release_publish_job->>release_publish_job: Activate Melos and bootstrap workspace
    release_publish_job->>release_publish_job: Run lint on pubspec files
    release_publish_job->>pub_dev: Publish packages via Melos
    release_publish_job->>release_publish_job: Extract version and prerelease flag
    release_publish_job->>GitHub API: Create GitHub release with autogenerated notes

Loading

Suggested reviewers

• renefloor

Poem

🐇 Through workflows old, a change did hop,
The release_pub file took a final stop.
New publish steps now tag the way,
Packages fly and releases stay.
Tags are pushed with care anew,
This bunny’s work is done for you! 🌟🐰

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (1)

.github/workflows/release_github.yml (1)

6-6: Consider adding inputs for manual triggers
Allow users to specify the release tag (and whether it’s a prerelease) when running manually, rather than relying solely on the commit message.

Example addition:

 on:
   workflow_dispatch:
+    inputs:
+      tag:
+        description: 'The semver tag to release (e.g. v1.2.3)'
+        required: true
+      prerelease:
+        description: 'Publish as a prerelease?'
+        required: false
+        default: 'false'

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 37a9721 and 315e1d1.

📒 Files selected for processing (2)

• .github/workflows/release_github.yml (1 hunks)
• .github/workflows/release_pub.yml (1 hunks)

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

.github/workflows/release_publish.yml (2)

69-73: Version regex and pre-release detection.

The regex version_regex='[vV][0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z.\-]+)?' correctly matches SemVer with optional pre-release. The is_prerelease logic is concise.

You might consider anchoring the pattern (e.g., ^...$) or using word boundaries (\b) if you anticipate more complex commit messages.

---

84-90: GitHub Release action configuration.

softprops/action-gh-release@v1 with generate_release_notes is a solid choice. You may also use the default GITHUB_TOKEN instead of a custom BOT_GITHUB_API_TOKEN unless there’s a specific need.

🧰 Tools

🪛 actionlint (1.7.7)

85-85: the runner of "softprops/action-gh-release@v1" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🪛 YAMLlint (1.37.1)

[error] 90-90: no new line character at the end of file

(new-line-at-end-of-file)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 315e1d1 and e50316d.

📒 Files selected for processing (2)

• .github/workflows/release_pub.yml (0 hunks)
• .github/workflows/release_publish.yml (2 hunks)

💤 Files with no reviewable changes (1)

• .github/workflows/release_pub.yml

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: stream_chat_localizations

🔇 Additional comments (7)

.github/workflows/release_publish.yml (7)

1-1: Skip workflow name change.

The workflow name has been updated to release_publish. This is a trivial rename with no functional impact.

---

11-12: Review concurrency group naming.

The concurrency group is set to ${{ github.workflow }}-${{ github.ref }}. This will serialize workflow runs per branch/ref, which is usually fine for releases. Ensure this level of throttling matches your release cadence.

---

15-21: Conditional run and permissions for publish_pub.

The publish_pub job correctly gates on commit messages and uses OIDC (id-token: write) for secure authentication with pub.dev. Verify that all contributors understand the commit-message convention (chore(repo): release).

---

24-46: Publish to pub.dev steps look good.

The sequence of steps—checkout, setup Dart & Flutter, activate Melos, bootstrap, lint, and publish—is well-structured and verbose for debugging.

---

47-52: publish_github job header is correct.

The job depends on publish_pub and has the necessary contents: write permission for creating releases.

---

55-63: Check out and extraction step configuration.

Using actions/checkout@v4 with fetch-depth: 0 is appropriate for accessing full history if needed. The extract_tag step is correctly wired up with bash.

🧰 Tools

🪛 actionlint (1.7.7)

63-63: "github.event.head_commit.message" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions for more details

(expression)

---

77-79: Emit outputs to GitHub Actions correctly.

Writing tag and prerelease to $GITHUB_OUTPUT follows the latest guidance.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (2)

.github/workflows/release_tag.yml (1)

53-56: Remove trailing whitespace and add EOF newline
YAMLlint flags trailing spaces and missing newline at end of file. Please strip trailing blanks on line 53 and ensure the file ends with a single newline.

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 53-53: trailing spaces

(trailing-spaces)

---

[error] 56-56: no new line character at the end of file

(new-line-at-end-of-file)

.github/workflows/release_publish.yml (1)

48-55: Remove trailing spaces & add EOF newline
YAMLlint flags trailing whitespace on lines 48, 51, and 55, and missing newline at end of file. Please clean up these minor formatting issues.

Also applies to: 65-65

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 48-48: trailing spaces

(trailing-spaces)

---

[error] 51-51: trailing spaces

(trailing-spaces)

---

[error] 55-55: trailing spaces

(trailing-spaces)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e50316d and e17bf2f.

📒 Files selected for processing (3)

• .github/workflows/release_pub.yml (0 hunks)
• .github/workflows/release_publish.yml (1 hunks)
• .github/workflows/release_tag.yml (3 hunks)

💤 Files with no reviewable changes (1)

• .github/workflows/release_pub.yml

🧰 Additional context used

🪛 YAMLlint (1.37.1)

.github/workflows/release_tag.yml

[error] 53-53: trailing spaces

(trailing-spaces)

---

[error] 56-56: no new line character at the end of file

(new-line-at-end-of-file)

.github/workflows/release_publish.yml

[error] 48-48: trailing spaces

(trailing-spaces)

---

[error] 51-51: trailing spaces

(trailing-spaces)

---

[error] 55-55: trailing spaces

(trailing-spaces)

---

[error] 65-65: no new line character at the end of file

(new-line-at-end-of-file)

🪛 actionlint (1.7.7)

.github/workflows/release_publish.yml

60-60: the runner of "softprops/action-gh-release@v1" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🔇 Additional comments (15)

.github/workflows/release_tag.yml (5)

1-2: Workflow rename is correct
The workflow name has been updated to release_tag to reflect its focus on tag creation.

---

12-14: Job name updated to create_tag
Renaming the job from release to create_tag aligns with its new responsibility of generating and pushing git tags.

---

16-18: Explicit write permission for contents
Granting contents: write is necessary for tag creation and pushing, and follows least-privilege principles.

---

24-25: Checkout with bot token
Using fetch-depth: 0 plus the bot token ensures full history is available for tagging.

---

48-56: Create & push tag step looks good
Configuration of git user details, tag creation, and push commands are correct and will run reliably.

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 53-53: trailing spaces

(trailing-spaces)

---

[error] 56-56: no new line character at the end of file

(new-line-at-end-of-file)

.github/workflows/release_publish.yml (10)

8-11: Concurrency settings are appropriate
Cancel-in-progress on the same workflow/ref prevents duplicate publishes.

---

13-16: Permissions scoped correctly for OIDC
id-token: write is required for Dart pub authentication via OIDC.

---

17-23: Checkout step is well configured
Using actions/checkout@v4 with full history and the bot token aligns with best practices for publishing workflows.

---

24-27: Setup Dart SDK step is correct
dart-lang/setup-dart@v1 will provision the required SDK for pub operations.

---

28-30: Install Flutter step is fine
subosito/flutter-action@v2 will prepare Flutter for Melos and other tooling.

---

31-33: Global tool installation is solid
Activating Melos globally ensures consistent releases across the mono-repo.

---

34-36: Workspace bootstrap is appropriate
melos bootstrap --verbose readies all packages for linting and publishing.

---

37-39: Dry run lint check looks good
Running melos run lint:pub before publishing helps catch issues early.

---

40-42: Publish to pub.dev step is configured correctly
melos run release:pub will handle the actual package publication.

---

43-58: Version extraction & prerelease detection are solid
Using github.ref_name and checking for - correctly sets the prerelease flag for the GitHub Release.

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 48-48: trailing spaces

(trailing-spaces)

---

[error] 51-51: trailing spaces

(trailing-spaces)

---

[error] 55-55: trailing spaces

(trailing-spaces)

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (2)

.github/workflows/release_publish.yml (2)

61-62: 🛠️ Refactor suggestion

Pin softprops/action-gh-release to a fixed patch version
Locking to @v2 is too broad and may introduce breaking changes. Pin to the latest stable patch (e.g., @v2.2.2) for greater stability.

---

5-6: 🛠️ Refactor suggestion

⚠️ Potential issue

Allow prerelease tags to trigger this workflow
The current regex only matches vX.Y.Z, so prerelease tags like v1.2.3-beta won’t fire the job. Please extend the pattern to include an optional suffix.

Apply this diff:

-      - 'v[0-9]+.[0-9]+.[0-9]+'
+      - 'v[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z.\-]+)?'

🧹 Nitpick comments (2)

.github/workflows/release_publish.yml (2)

49-49: Remove trailing whitespace
Lines 49, 52, and 56 include unnecessary trailing spaces. Please trim these to satisfy YAML lint rules.

Also applies to: 52-52, 56-56

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 49-49: trailing spaces

(trailing-spaces)

---

66-66: Add newline at end of file
A final newline is required by POSIX and YAML linters.

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 66-66: no new line character at the end of file

(new-line-at-end-of-file)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e17bf2f and 27bac02.

📒 Files selected for processing (1)

• .github/workflows/release_publish.yml (1 hunks)

🧰 Additional context used

🪛 YAMLlint (1.37.1)

.github/workflows/release_publish.yml

[error] 49-49: trailing spaces

(trailing-spaces)

---

[error] 52-52: trailing spaces

(trailing-spaces)

---

[error] 56-56: trailing spaces

(trailing-spaces)

---

[error] 66-66: no new line character at the end of file

(new-line-at-end-of-file)

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (3)

.github/workflows/release_tag.yml (1)

53-56: Remove trailing whitespace and add newline

• Line 53 has trailing spaces.
• Line 56 is missing a terminating newline.

-          git config user.email "60655709+Stream-SDK-Bot@users.noreply.github.com"  
+          git config user.email "60655709+Stream-SDK-Bot@users.noreply.github.com"

# Add a newline at end of file
+

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 53-53: trailing spaces

(trailing-spaces)

---

[error] 56-56: no new line character at the end of file

(new-line-at-end-of-file)

.github/workflows/release_publish.yml (2)

63-63: Pin release action to a fixed version

Lock softprops/action-gh-release to a specific minor tag to avoid breaking changes in future v2 releases:

- uses: softprops/action-gh-release@v2
+ uses: softprops/action-gh-release@v2.2.2

---

51-58: Remove trailing whitespace and add newline

Trailing spaces detected at lines 51, 54, and 58; also add a newline at the end of the file.

-         |          
+         |

-          echo "📦 Tag: $tag_name"          
+          echo "📦 Tag: $tag_name"

-          is_prerelease=$([[ $tag_name == *-* ]] && echo true || echo false)          
+          is_prerelease=$([[ $tag_name == *-* ]] && echo true || echo false)

# Add newline at end of file
+

Also applies to: 68-68

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 51-51: trailing spaces

(trailing-spaces)

---

[error] 54-54: trailing spaces

(trailing-spaces)

---

[error] 58-58: trailing spaces

(trailing-spaces)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 27bac02 and fa2ff60.

📒 Files selected for processing (2)

• .github/workflows/release_publish.yml (1 hunks)
• .github/workflows/release_tag.yml (3 hunks)

🧰 Additional context used

🪛 YAMLlint (1.37.1)

.github/workflows/release_publish.yml

[error] 51-51: trailing spaces

(trailing-spaces)

---

[error] 54-54: trailing spaces

(trailing-spaces)

---

[error] 58-58: trailing spaces

(trailing-spaces)

---

[error] 68-68: no new line character at the end of file

(new-line-at-end-of-file)

.github/workflows/release_tag.yml

[error] 53-53: trailing spaces

(trailing-spaces)

---

[error] 56-56: no new line character at the end of file

(new-line-at-end-of-file)

🔇 Additional comments (7)

.github/workflows/release_tag.yml (3)

16-18: Correct use of permissions for tag creation

The contents: write permission is correctly scoped for creating and pushing tags.

---

24-24: Proper checkout token usage

Using secrets.BOT_GITHUB_API_TOKEN to authenticate the checkout step ensures the workflow can push tags without relying on the default GITHUB_TOKEN.

---

48-56: Manual tag creation and push steps

The explicit git configuration, tag creation, and push commands correctly replace the previous release action and fulfill the tagging workflow.

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 53-53: trailing spaces

(trailing-spaces)

---

[error] 56-56: no new line character at the end of file

(new-line-at-end-of-file)

.github/workflows/release_publish.yml (4)

8-8: Manual dispatch enabled

Allowing workflow_dispatch grants the flexibility to trigger this workflow manually, which aligns with release management needs.

---

17-18: Permissions for release publish job

contents: write and id-token: write are correctly set for creating releases and using OIDC.

---

24-25: Checkout step with proper token

Fetching full history and authenticating with the bot token is essential for workspace bootstrapping and release.

---

52-57: Version extraction logic

The bash snippet correctly captures github.ref_name and derives the prerelease flag based on the presence of a hyphen.

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 54-54: trailing spaces

(trailing-spaces)