Skip to content

Pre release script#7145

Merged
DOsinga merged 4 commits intomainfrom
pre-release-script
Feb 11, 2026
Merged

Pre release script#7145
DOsinga merged 4 commits intomainfrom
pre-release-script

Conversation

@DOsinga
Copy link
Collaborator

@DOsinga DOsinga commented Feb 11, 2026

Summary

This downloads, unpacks, xattrs & signs the latest pre-release for easier work. a lot of this could be done in CI, but until we have our keys sorted, this might have to do

Copilot AI review requested due to automatic review settings February 11, 2026 10:09
Copilot AI reviewed Feb 11, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a helper script intended to streamline downloading and locally signing the latest pre-release macOS .app artifact associated with a release PR.

Changes:

  • Add scripts/pre-release.sh to find the most recent release PR, extract a nightly.link artifact URL from PR comments, download/unpack the zip, remove quarantine xattrs, and ad-hoc sign the app with entitlements.

scripts/pre-release.sh Outdated

# Grab the last nightly.link download URL from PR comments
DOWNLOAD_URL=$(gh api "repos/$REPO/issues/$PR_NUMBER/comments" \
--jq '[.[].body | capture("(?<url>https://nightly\\.link/[^)]+\\.zip)") | .url] | last // empty')
Copy link

Copilot AI Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The jq filter will error on the first PR comment body that doesn’t match the nightly.link regex because capture(...) throws on non-matches, so this can fail even when a later comment contains a valid URL; use capture(...)? or select(test(...)) | capture(...) to safely skip non-matching comments.

Suggested change
--jq '[.[].body | capture("(?<url>https://nightly\\.link/[^)]+\\.zip)") | .url] | last // empty')
--jq '[.[].body | select(test("https://nightly\\.link/[^)]+\\.zip")) | capture("(?<url>https://nightly\\.link/[^)]+\\.zip)") | .url] | last // empty')

Copilot uses AI. Check for mistakes.
scripts/pre-release.sh Outdated

# VIBE CODED: AVERT YOUR EYES

REPO="${GOOSE_REPO:-$(git remote get-url origin | sed 's|.*github.com[:/]||;s|\.git$||')}"
Copy link

Copilot AI Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

GOOSE_REPO is used elsewhere in this repo as a filesystem path (e.g., documentation/automation/recipe-schema-tracking/scripts/*), but here it’s treated as a GitHub owner/repo slug for gh --repo, so setting GOOSE_REPO will break this script; use a different env var name (e.g., GOOSE_GITHUB_REPO) or accept a separate GOOSE_REPO_PATH elsewhere.

Suggested change
REPO="${GOOSE_REPO:-$(git remote get-url origin | sed 's|.*github.com[:/]||;s|\.git$||')}"
REPO="${GOOSE_GITHUB_REPO:-$(git remote get-url origin | sed 's|.*github.com[:/]||;s|\.git$||')}"

Copilot uses AI. Check for mistakes.
Copy link
Collaborator

@jh-block jh-block Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this seems maybe worth addressing?

scripts/pre-release.sh Outdated
Comment on lines 37 to 58
TMPDIR=$(mktemp -d)
curl -sL -o "$TMPDIR/goose.zip" "$DOWNLOAD_URL"
unzip -o -q "$TMPDIR/goose.zip" -d "$TMPDIR/extracted"

# nightly.link double-zips: if we got another zip, extract that too
INNER_ZIP=$(find "$TMPDIR/extracted" -name "*.zip" | head -1)
if [[ -n "$INNER_ZIP" ]]; then
unzip -o -q "$INNER_ZIP" -d "$TMPDIR/extracted"
fi

APP=$(find "$TMPDIR/extracted" -name "*.app" -maxdepth 2 | head -1)
APP_NAME="Goose ${VERSION}.app"
rm -rf "$DEST/$APP_NAME"
cp -R "$APP" "$DEST/$APP_NAME"
APP_PATH="$DEST/$APP_NAME"

# Remove quarantine
xattr -r -d com.apple.quarantine "$APP_PATH" 2>/dev/null || true

# Sign with entitlements
PLIST=$(mktemp /tmp/entitlements.XXXXXX.plist)
cat > "$PLIST" << 'EOF'
Copy link

Copilot AI Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The script creates a temp directory and entitlements plist but never cleans them up, which will leave files behind on success or failure; add a trap to remove $TMPDIR and $PLIST on EXIT (similar to scripts/test_providers.sh).

Copilot uses AI. Check for mistakes.
Copy link
Collaborator

@jh-block jh-block Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

also seems nice to fix up

Copy link
Collaborator Author

@DOsinga DOsinga Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, I actually removed this so I could see what it was doing, will put it back

@DOsinga DOsinga added this pull request to the merge queue Feb 11, 2026
Merged via the queue into main with commit 799319b Feb 11, 2026
17 of 19 checks passed
@DOsinga DOsinga deleted the pre-release-script branch February 11, 2026 15:53
tlongwell-block added a commit that referenced this pull request Feb 11, 2026
@tlongwell-block
Merge remote-tracking branch 'origin/main' into tui_gem
3776f63 
* origin/main: (107 commits)
  feat: Allow overriding default bat themes using environment variables (#7140)
  Make the system prompt smaller (#6991)
  Pre release script (#7145)
  Spelling (#7137)
  feat(mcp): upgrade rmcp to 0.15.0 and advertise MCP Apps UI extension capability (#6927)
  fix: ensure assistant messages with tool_calls include content field (#7076)
  fix(canonical): handle gcp_vertex_ai model mapping correctly (#6836)
  Group dependencies in root Cargo.toml (#6948)
  refactor: updated elevenLabs API module and `remove button` UX (#6781)
  fix: we were missing content from langfuse traces (#7135)
  docs: update username in authors.yml (#7132)
  fix extension selector syncing issues (#7133)
  fix(acp): per-session Agent for model isolation and load_session restore (#7115)
  fix(claude-code): defensive coding improvements for model switching (#7131)
  feat(claude-code): dynamic model listing and mid-session model switching (#7120)
  Inline worklet source (#7128)
  [docs] One shot prompting is dead - Blog Post (#7113)
  fix: correct spelling of Debbie O'Brien's name in authors.yml (#7127)
  docs: GCP Vertex AI org policy filtering & update OnboardingProviderSetup component (#7125)
  feat: replace subagent and skills with unified summon extension (#6964)
  ...

# Conflicts:
#	Cargo.lock
#	Cargo.toml
zanesq added a commit to Abhijay007/goose that referenced this pull request Feb 11, 2026
@zanesq
Merge remote-tracking branch 'upstream/main' into feat/recipeProvider
8733a30 
* upstream/main: (109 commits)
  [docs] Skills Marketplace UI Improvements (block#7158)
  More no-window flags (block#7122)
  feat: Allow overriding default bat themes using environment variables (block#7140)
  Make the system prompt smaller (block#6991)
  Pre release script (block#7145)
  Spelling (block#7137)
  feat(mcp): upgrade rmcp to 0.15.0 and advertise MCP Apps UI extension capability (block#6927)
  fix: ensure assistant messages with tool_calls include content field (block#7076)
  fix(canonical): handle gcp_vertex_ai model mapping correctly (block#6836)
  Group dependencies in root Cargo.toml (block#6948)
  refactor: updated elevenLabs API module and `remove button` UX (block#6781)
  fix: we were missing content from langfuse traces (block#7135)
  docs: update username in authors.yml (block#7132)
  fix extension selector syncing issues (block#7133)
  fix(acp): per-session Agent for model isolation and load_session restore (block#7115)
  fix(claude-code): defensive coding improvements for model switching (block#7131)
  feat(claude-code): dynamic model listing and mid-session model switching (block#7120)
  Inline worklet source (block#7128)
  [docs] One shot prompting is dead - Blog Post (block#7113)
  fix: correct spelling of Debbie O'Brien's name in authors.yml (block#7127)
  ...
jh-block added a commit that referenced this pull request Feb 12, 2026
@jh-block
Merge remote-tracking branch 'origin/main' into local-models-candle
7f7a449 
* origin/main: (33 commits)
  fix: replace panic with proper error handling in get_tokenizer (#7175)
  Lifei/smoke test for developer (#7174)
  fix text editor view broken (#7167)
  docs: White label guide (#6857)
  Add PATH detection back to developer extension (#7161)
  docs: pin version in ci/cd (#7168)
  Desktop: - No Custom Headers field for custom OpenAI-compatible providers  (#6681)
  feat: edit model and extensions of a recipe from GUI (#6804)
  feat: MCP support for agentic CLI providers (#6972)
  docs: keyring fallback to secrets.yaml (#7165)
  feat: load provider/model specified inside the recipe config (#6884)
  fix ask-ai bot hitting tool call limits (#7162)
  fix flatpak icon (#7154)
  [docs] Skills Marketplace UI Improvements (#7158)
  More no-window flags (#7122)
  feat: Allow overriding default bat themes using environment variables (#7140)
  Make the system prompt smaller (#6991)
  Pre release script (#7145)
  Spelling (#7137)
  feat(mcp): upgrade rmcp to 0.15.0 and advertise MCP Apps UI extension capability (#6927)
  ...
@github-actions github-actions bot mentioned this pull request Feb 12, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@jh-block jh-block jh-block left review comments

@katzdave katzdave katzdave approved these changes

@lifeizhou-ap lifeizhou-ap lifeizhou-ap approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@DOsinga @katzdave @lifeizhou-ap @jh-block