The publish step was updating name and optionalDependencies but not
version, causing npm to try publishing the base package.json version
(3.11.0) instead of the release version (3.12.0).
Error was: 'You cannot publish over the previously published versions: 3.11.0'
- publish-platform.yml: Build job now checks BOTH oh-my-opencode and
oh-my-openagent before skipping. Build only skips when both are published.
Added 'Publish oh-my-openagent-{platform}' step that renames package.json
and publishes under the openagent name.
- publish.yml: Added 'Publish oh-my-openagent' step after opencode publish.
Rewrites package name and optionalDependencies to oh-my-openagent variants,
then publishes. Restores package.json after.
Previously, oh-my-openagent platform packages were never published because
the build skip check only looked at oh-my-opencode (which was already published),
causing the entire build to be skipped.
Keep installer, config detection, schema generation, and publish workflows aligned with the long-lived oh-my-opencode package so this release does not split across two npm names.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)
Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
After publishing oh-my-opencode-{platform}, rename package.json and
publish oh-my-openagent-{platform} from the same build artifact.
Download/extract steps now run if either package needs publishing.
The publish-main job relied on npm trusted publishing (OIDC) which
broke after the repo rename from oh-my-opencode to oh-my-openagent.
Adding explicit NODE_AUTH_TOKEN restores auth while --provenance
still uses OIDC for Sigstore attestation.
Fixes#2373
Bun's internal download of baseline compile targets from npm registry
consistently fails on Windows CI runners (ExtractionFailed error).
Pre-download the baseline binary via curl into Bun's cache directory
so the compile step finds it already cached and skips the download.
Also makes publish job resilient with if: always() so one failed
platform doesn't block publishing all other successful platforms.
publish job now runs with if: always() && !cancelled(), and gates
each publish step on download.outcome == 'success'. One flaky target
(e.g. windows-x64-baseline) no longer blocks all other platforms.
recovery-hook.test.ts uses mock.module() at top level which patches the
executor module in the shared bun module cache. When run in the same
batch as executor.test.ts, executeCompact becomes the mocked no-op version,
causing all lock management tests to fail.
Move it to the isolated step (each file gets its own bun process) and
enumerate the remaining anthropic-context-window-limit-recovery test files
explicitly to avoid including recovery-hook.test.ts in the batch.
- Move src/tools/session-manager to isolated test section
- Prevents mock.module() pollution across parallel test runs
- Fixes 4 flaky storage tests that failed in CI
loader.test.ts creates and deletes temp directories via process.chdir()
which causes 'current working directory was deleted' errors for subsequent
tests running in the same process. Move it to isolated step and enumerate
remaining skill-loader test files individually.
formatter.test.ts, format-default.test.ts, sync-executor.test.ts, and
session-creator.test.ts use mock.module() which pollutes bun's module
cache. Previously they ran both in the isolated step AND again in the
remaining tests step (via src/cli and src/tools wildcards), causing
cross-file contamination failures.
Now the remaining tests step enumerates subdirectories explicitly,
excluding the 4 mock-heavy files that are already run in isolation.
GitHub Web UI commits have web-flow as the author/committer,
causing CLA checks to fail even after the contributor signs.
Adding web-flow to the allowlist resolves this for all
contributors who edit files via the GitHub web interface.
- Use nick-fields/retry@v3 for Build binary step
- 5 minute timeout per attempt
- Max 5 attempts with 10s wait between retries
- Prevents infinite hang on Bun cross-compile network issues
setup-node with registry-url injects NODE_AUTH_TOKEN secret which is revoked.
Create .npmrc manually with empty _authToken to force OIDC authentication.
- Remove registry-url from setup-node (was injecting NODE_AUTH_TOKEN)
- Add npm version check and auto-upgrade for OIDC support (11.5.1+)
- Add explicit --registry flag to npm publish
- Remove empty NODE_AUTH_TOKEN/NPM_CONFIG_USERCONFIG env vars that were breaking OIDC
The repository owner (code-yeongyu) was not in the CLA allowlist,
causing CLA signature requirement on their own PRs.
Added code-yeongyu to the allowlist to skip CLA for owner commits.
Co-authored-by: 김연규 <yeongyu@mengmotaMacbookAir.local>
- Add zai-coding-plan provider with GLM 4.7 and GLM 4.6v models
- Add OpenAI provider with GPT-5.2 models
- Configure unspecified-low category to use zai-coding-plan/glm-4.7
- Auth is provided via OPENCODE_AUTH_JSON secret
Bun cross-compilation from Linux to Windows produces binaries that crash
with 'Segmentation fault at address 0xFFFFFFFFFFFFFFFF'.
Root cause: oven-sh/bun#18416
Solution:
- Use windows-latest runner for Windows platform in publish-platform.yml
- Set shell: bash for consistent behavior across runners
This is a simpler fix than PR #938 which modified publish.yml (wrong workflow).
The platform binaries are built and published by publish-platform.yml.
Fixes#873Fixes#844
Co-authored-by: justsisyphus <justsisyphus@users.noreply.github.com>
- publish.yml: main package only, triggers platform workflow on success
- publish-platform.yml: dedicated workflow with fresh OIDC token per run
- Fixes OIDC token expiration during large binary uploads (~40MB+)
- Platform workflow can also be triggered manually via workflow_dispatch
