**Breaking: private config key is now required.** No implicit default. Set "private": true for private repos or "private": false for public repos. Private repos are blocked from publishing to public registries.
Breaking: private hook template removed. The post-release-private.sh.tpl scaffold template is deleted. Asset upload is now a built-in release step configured via publish.<target>.assets. A new private-hook-stale check detects legacy private hooks.
Breaking: CLAUDE.md removed from scaffold templates. Projects using selfdoc root file templates should manage CLAUDE.md via docs/_CLAUDE.md. Scaffold no longer creates or updates CLAUDE.md.
**Breaking: run_cmd legacy signature removed.** The release command no longer accepts run_cmd(registry, args, flags). Use ReleaseConfig from rlsbl.release_file instead.
**New command: changelog amend.** Amend historical changelog entries in released JSONL files. Unlocks the file, appends the entry, re-locks, regenerates CHANGELOG.md, and syncs GitHub Release notes via edit-release.
**Per-target build_assets().** New target method for building distributable artifacts. Implemented for PyPI (uv build), npm (npm pack), Go (go build), and Cargo (cargo build --release).
Release asset upload. Configure publish.<target>.assets: true and max_asset_size_mb to build and upload artifacts to GitHub Releases during rlsbl release. Size guard aborts if artifacts exceed the limit.
Auto-dump strictcli schema during release. Projects with strictcli in their dependencies automatically run --dump-schema during release. Changed .strictcli/schema.json is included in the release commit.
Selfdoc check runs earlier in release pipeline. Moved from after lint to after pre-checks hook, catching staleness errors before tests run.
Fix: noop commit warnings eliminated. Monorepo sync, monorepo snapshot, and validation cache no longer warn when nothing changed. Prints a clear skip message instead.
**Fix: release-init no longer refuses empty files.** An empty or whitespace-only unreleased.toml left after finalization no longer blocks release-init.
Fix: version-consistency check no longer fails on DocsTarget. Targets with no version file (like docs) are skipped in the version comparison.
**Breaking: removed --skip-tests, --skip-lint, --skip-docs, --skip-remote-check, and --no-tag flags from the release command.** Tests, lint, and remote checks now always run. Selfdoc check is automatically skipped when docs target is excluded in the release file. Only --allow-dirty remains as a release-specific flag.
selfdoc root file templates. README.md and CLAUDE.md are now auto-generated by selfdoc from docs/_README.md and docs/_CLAUDE.md templates. Edit the templates, not the generated files.
Breaking: file-based releases.rlsbl release now reads from .rlsbl/releases/unreleased.toml instead of CLI args. Run rlsbl release-init to scaffold the file. The file declares bump type, included/excluded targets, and per-target config.
**Breaking: rlsbl doctor, monorepo lint, and changelog validate removed.** Replaced by the unified rlsbl check command. Use rlsbl check --all, rlsbl check --tag workspace, or rlsbl check --tag changelog.
**Breaking: --dry-run, --yes, --quiet are now global flags.** They apply to all commands. Both rlsbl --dry-run release and rlsbl release --dry-run work.
Breaking: PyYAML replaced with ruamel.yaml. Projects extending rlsbl's YAML handling must use the ruamel.yaml API.
Breaking:rlsbl check (name availability) renamed to rlsbl check-name to make room for the unified check system.
Unified check system. 27 checks migrated to strictcli's @app.check() framework. Run rlsbl check --all, filter by tag (--tag project, --tag changelog, --tag workspace, --tag release), or by name (--name lock). Supports dependency ordering, JSON output, dry-run, and verbose modes.
Dart target and workspace scanner. New dart target type: reads/writes pubspec.yaml version field with round-trip formatting preservation. DartScanner detects intra-workspace dependencies in Dart monorepos.
Flutter iOS/Android targets with Shorebird OTA. Separate flutter-ios and flutter-android targets with platform-specific tags. Release file mode field (ota/build) controls release type. Native file detection blocks OTA when platform code changes. Build number (+N) management opt-in via config.
**monorepo graph command.** Export the workspace dependency graph as JSON, DOT (Graphviz), or indented text. Filter with --root (transitive deps), --reverse (transitive rdeps), and --depth.
**monorepo snapshot command.** Generates .rlsbl-monorepo/snapshot.json summarizing all packages, versions, deps, and graph structure. --check mode for CI staleness detection. Auto-regenerates during monorepo releases.
Architectural layer rules. Define [layers] in workspace.toml with ordered layers and glob-based package assignments. The layers-violations check enforces dependency direction. Supports unrestricted packages, forbidden targets, and explicit cross-layer allowances.
Dependency-import validation. New deps-unused and deps-undeclared checks scan source files (Python via tree-sitter, Dart via regex) to verify declared dependencies match actual imports. Whitelist via .rlsbl-monorepo/dep-overrides.toml.
**monorepo impact command.** Analyze blast radius of changes: input a package name, file paths, or git range (--since). Outputs direct/transitive dependents, test scope, and release candidates in JSON or text.
Coordinated multi-package releases.monorepo release reads a batch release file (.rlsbl-monorepo/releases/unreleased.toml) and releases packages in topological order. New deps-stale check detects outdated intra-workspace constraints. Advisory constraint propagation after each release.
Fix. Publish router no longer fails for plain-target releases. Added a no-op job so GitHub Actions workflows succeed even when all conditional publish jobs are skipped.
Hook-generated files included in release commit. Files modified or created by pre-checks and pre-release hooks are now automatically detected and included in the release commit, instead of being left dirty.
Fix PyPI build for subdirectory targets.uv build --out-dir no longer produces a doubled path (e.g. pypi/pypi/dist) when the pypi target lives in a subdirectory.
Monorepo publish router inlines jobs.monorepo sync now inlines each sub-project's publish steps directly into the root publish.yml instead of calling per-project reusable workflows via workflow_call. This fixes PyPI Trusted Publishing (OIDC), which rejects tokens from reusable workflows. Per-project source workflows stay on: release (standalone-ready). Old {name}-publish.yml wrappers are auto-deleted on sync.
Publish router hash cache.monorepo sync now caches SHA256 hashes of per-project publish workflows in .rlsbl-monorepo/publish-cache.json and skips router regeneration when nothing changed.
New feature. Auto-sync lockfiles during release. After version bump, rlsbl detects uv.lock, package-lock.json, and go.sum, runs the appropriate sync command, and includes modified lockfiles in the release commit.
Fix. Restore path-based changelog-only commit exemption alongside the Autogenerated trailer check. Manual commits touching only .rlsbl/changes/ or CHANGELOG.md are now correctly skipped during coverage validation.
Fix. Skip gitignored lockfiles during release lockfile sync. Previously, syncing a lockfile that was in .gitignore caused git add to fail and aborted the release.
Fix. Monorepo target detection now resolves project paths relative to the monorepo root, not the current directory. Fixes changelog validation and status reporting when running from inside a sub-project.
Fix.uv build and uv publish now run from the sub-project directory in monorepo mode, fixing build failures for PyPI targets.
New feature. Asset size guard in private post-release hook -- checks files in dist/ against max_asset_size_mb (default 2MB) before uploading to GitHub Releases.
**rlsbl release warns about stale changelog entries in monorepo mode.** During finalization, entries referencing commits outside the unreleased range are flagged to stderr (warn-only; no entries stripped) so out-of-range entries don't silently carry into the next release cycle.
**Template action versions now use {{action "name"}} placeholders.** GitHub Action versions in scaffold templates are resolved at scaffold time from rlsbl/data/action_versions.toml, eliminating duplication between the table and 60+ template references. Updates to action versions now require editing only the table.
Release flow no longer crashes when extracting the changelog entry. Fixed a regression introduced in v0.34.0 where the in-memory preview of generate_changelog used ## Unreleased as the heading but entry extraction looked for ## X.Y.Z, returning None and crashing later in GitHub Release notes generation. The preview call now passes version_override=new_version so the heading matches.
**max_entries_per_commit default raised from 2 to 5.** The previous default 2 was too strict and contradicted the documented practice that one commit can appear in multiple JSONL entries (e.g., fix + feature). Default now matches the existing max_commits_per_entry default of 5.
Configurable changelog batch-limits validation.rlsbl changelog validate now checks that no entry has more than max_commits_per_entry (default 5) commits and that no commit appears in more than max_entries_per_commit (default 2) entries. Both limits configurable per project via the batch_limits section in .rlsbl/config.json. Known violations can be silenced via an exclusions list with a required reason field for audit purposes.
**rlsbl dev install expanded.** New --global (default) and --venv flags. Added support for hex, deno, zig, and swift targets in addition to pypi/npm/go/cargo. For pypi/npm, --venv installs into the project's local environment (uv sync / npm install).
PyPI publish error names both env vars. When the PyPI publish credential is missing and no token_var override is configured, the error message now reads 'no PYPI_TOKEN or TWINE_PASSWORD' instead of hardcoding only PYPI_TOKEN.
Em-dash in status warning.rlsbl status's 'commits ahead' warning now uses an em-dash separator (— run) instead of two hyphens (-- run).
**Empty release_branches config is now an error.** Previously an explicit empty list silently fell back to ['main','master'] and disabled the manual-push warning. To opt out of the warning, remove the release_branches key entirely; to limit to specific branches, list them.
**rlsbl release no longer pollutes the working tree on abort.** Previously, when a pre-mutation check (selfdoc, tests, lint, hooks) failed, the regenerated CHANGELOG.md was left in the working tree and had to be manually reverted. The write is now deferred until after all pre-checks pass.
Status warning for unreleased commits.rlsbl status now prints a prominent ! N commits ahead of <tag> warning when the current project has unreleased commits since its last tag.
Centralized GitHub Actions versions. All scaffolded workflows now read action versions from a single table (rlsbl/data/action_versions.toml), and actions/checkout has been bumped to v6 across every template ahead of the June 2026 Node 20 deprecation.
**scaffold --dry-run.** Preview which files would be created, updated, conflicted, or unchanged without writing anything.
**scaffold --update regenerates stale pre-push hooks.** Known-old hook contents are recognized by content hash and overwritten with the current template; user-customized hooks are preserved and a unified diff is printed for manual review.
Pre-push hook warns on manual release-branch pushes. Pushing to main/master outside rlsbl release now prints a prominent warning (configurable via release_branches in .rlsbl/config.json). The push is not blocked.
Config-driven per-target publish gating. A new publish section in .rlsbl/config.json declares local: true|false and token_var overrides per target, replacing ad-hoc env-var-presence checks across all 7 publishable targets.
**New rlsbl dev install command.** Locally installs the current project in editable mode based on its target (pypi → uv tool install -e ., npm → npm link, go → go install ./..., cargo → cargo install --path .). Supports --uninstall, and in monorepos: --all, --include, --exclude.
**User-owned ci-custom.yml and publish-custom.yml.** Customize CI without three-way merge conflicts by adding your own jobs in a separate workflow file that rlsbl scaffold never touches.
**--no-commit flag on rlsbl monorepo init/add/sync.** Consistent with scaffold and changelog; enables batched migrations into a single commit.
Go monorepo tag bug fix. Release in a Go monorepo no longer produces malformed tags like auth-gatewayv0.1.0 when the workspace.toml path lacks a trailing slash — the separator is now inserted defensively, and workspace paths are normalized at load time.
Monorepo publish workflows now run on release. The generated publish router declares per-target permissions: and secrets: inherit, fixing the startup_failure that affected every monorepo publish run on GitHub Actions.
**scaffold --update no longer commits files with merge conflict markers.** Conflicted files are excluded from the auto-commit and listed so they can be resolved manually.
Docs target no longer fails when Cloudflare credentials are missing.DocsTarget.publish() gracefully skips selfdoc deploy when CF_ACCOUNT_ID or CF_PAGES_API_TOKEN is absent, instead of producing a hard subprocess error on every release.
**Autogenerated: trailer uses git's --trailer flag.** rlsbl-created commits now record the trailer via git commit --trailer instead of embedding it in the commit message body. This makes the trailer correctly parseable by git interpret-trailers and other git tooling, which previously couldn't read the embedded form.
Breaking. Go targets in monorepos now use path-based tags (go/v0.1.1) instead of name-based ([email protected]), matching Go module proxy requirements. All tag discovery and matching updated.
Fix. Commits touching only changelog infrastructure files (.rlsbl/changes/, CHANGELOG.md) are again exempt from coverage, even without the Autogenerated trailer.
Fix. Release flow now rolls back locally on push failure: deletes the tag, resets commits, and prints recovery instructions. Branch and tag are pushed in a single git push command.
Fix.rlsbl undo now handles the two-commit release pattern (version bump + changelog finalize), reverting both and restoring JSONL state.
Breaking. Changelog coverage exemption now uses the Autogenerated: true git trailer instead of file-path pattern matching and commit-message regexes. Auto-generated commits must carry this trailer to be exempt.
Fix. Pre-push hook now recognizes monorepo release commit messages and filters coverage checks to only commits affecting each sub-project.
Fix. Release commit now includes all version files modified by targets (__init__.py for PyPI, build.zig.zon for Zig, dynamically-chosen file for Maven).
Fix. Built-in tests, lint, and hook scripts now run from the correct sub-project directory in monorepo mode.
Fix. Changelog validation, rlsbl status, and rlsbl changelog validate now use project-scoped tags (<name>@v*) in monorepo mode.
Fix.rlsbl undo now correctly finds project-scoped tags and matches monorepo release commit messages.
Fix: status applies changelog-only exemptions.rlsbl status now excludes changelog-only commits from the JSONL coverage count, consistent with changelog validate. Shows exemption count when applicable.
Fix: gitignore uses set-union merge on scaffold update.scaffold --update now appends new entries to .gitignore without three-way merge, eliminating predictable conflicts. No lines are removed or reordered.
Fix: backfill script uses CWD as default project root.scripts/backfill_changelog.py now operates on the current directory instead of hardcoding rlsbl's own root. Accepts --project-root for explicit override.
**changelog generate auto-commits.** Generated CHANGELOG.md and per-version .md files are now auto-committed after generation. Use --no-commit to skip.
**Fix: monorepo publish workflow renamed to publish.yml.** The monorepo publish router was named publish-router.yml, which broke PyPI Trusted Publishing OIDC claims when projects moved between standalone and monorepo layouts. Now always publish.yml in both contexts.
Fix: monorepo sync handles trailing slashes, version-file paths, and packages-dir. Sync no longer produces double-slash globs from workspace.toml paths with trailing slashes. Action inputs like go-version-file are rewritten to include the sub-project path. pypa/gh-action-pypi-publish gets packages-dir injected when working-directory is set.
**Fix: monorepo publish workflow renamed to publish.yml.** The monorepo publish router was named publish-router.yml, which broke PyPI Trusted Publishing OIDC claims. Now always publish.yml in both standalone and monorepo contexts.
Fix: monorepo sync handles trailing slashes, version-file paths, and packages-dir. Sync no longer produces double-slash globs. Action inputs like go-version-file are rewritten for sub-project paths. pypa/gh-action-pypi-publish gets packages-dir injected.
Breaking: JSONL changelog required.rlsbl release now requires .rlsbl/changes/ to exist. The manual CHANGELOG.md heading check fallback has been removed. Run rlsbl scaffold --update to set up JSONL changelogs.
Breaking: old lint.toml ignore format removed. The deprecated flat ignore key in .rlsbl/lint.toml is no longer supported. Use per-language config in .rlsbl/lint/python.toml etc.
**Breaking: get_* method aliases removed from BaseTarget.** Target implementations now use bare method names (version_file, template_dir, etc.) matching the ReleaseTarget protocol.
Breaking: lint returns empty results when no language detected. Previously defaulted to Python scanning; now requires a language marker file (pyproject.toml, go.mod, package.json).
Fix: Watch CI hint points to the correct commit. The release command now captures the pushed SHA before running post-release hooks, so rlsbl watch targets the release commit instead of a post-hook auto-commit.
**rlsbl yank command.** Deprecate or delete past releases. Soft yank (rlsbl yank v1.2.3) marks the GitHub Release as a pre-release with a deprecation notice. Hard yank (rlsbl yank v1.2.3 --hard) deletes the GitHub Release and its git tag entirely.
**PyPI release bumps __version__.** Python source files containing __version__ are now updated alongside pyproject.toml during release, keeping runtime version introspection in sync.
Strict type validation for JSONL entries. Changelog entries with user_facing: true now require type to be one of feature, fix, or breaking. Unrecognized types are rejected during validation and changelog add.
Fix: scaffold stays in sub-project directory. In monorepos, rlsbl scaffold no longer walks up to the repo root when project files already exist in the current directory. Previously this caused scaffold to operate on the wrong project.
Fix: tag-based range for changelog validation. Unreleased commit detection now uses <last_tag>..HEAD instead of origin/main..HEAD. This correctly answers "what hasn't been released" rather than "what hasn't been pushed," and works regardless of branch naming convention or remote configuration.
Fix: built-in lint only runs on library projects. The pre-release lint check no longer runs on CLI applications, avoiding false positives for print() calls and entry points. Lint runs only for monorepo projects with library = true.
Fix: CHANGELOG.md regenerated after JSONL finalization. The release command now regenerates CHANGELOG.md after renaming unreleased.jsonl to the versioned file, so the changelog heading shows the version number instead of "Unreleased".
Structured JSONL changelog. Changelog entries are now backed by structured JSONL files in .rlsbl/changes/. Each entry maps a description to commit hashes with user_facing and type fields. rlsbl changelog add/validate/generate commands manage entries. rlsbl release auto-validates coverage and generates CHANGELOG.md. Pre-push blocks on missing coverage. rlsbl unreleased uses exact hash matching. rlsbl status shows coverage info. Scaffold creates the directory for new projects. changelog add auto-commits entries (with --no-commit opt-out). Coverage validation skips changelog-only commits. Internal commit logic centralized via commit_files helper. Pre-push hook compatible with strictcli argument handling.
Changelog backfill script.scripts/backfill_changelog.py migrates an existing CHANGELOG.md into JSONL files by parsing entries, mapping them to commits via keyword matching, and writing per-version JSONL files.
Fix: selfdoc CLI documentation. Replaced incompatible code-help directives with auto-generated CLI docs via selfdoc gen, fixing the build warning after the strictcli migration.
Fix: monorepo commands commit without safegit.monorepo init, add, and sync now properly fall back to plain git when safegit is not installed, instead of silently skipping the commit.
Fix: pre-push hook compatibility with strictcli. The pre-push hook no longer passes extra arguments that strictcli rejects. Release pushes (containing a version bump commit) skip the JSONL coverage check entirely since validation already ran during rlsbl release.
**rlsbl edit-release [version].** New command that updates GitHub Release notes from CHANGELOG.md. Auto-detects the current version if none is given. Supports --dry-run to preview without changes.
Breaking: hooks are now scaffold-managed.pre-release.sh and post-release.sh are no longer user-owned. scaffold --update merges template improvements into existing hooks via three-way merge.
**Breaking: rlsbl init removed.** The init alias for scaffold has been dropped. Use rlsbl scaffold directly.
**Breaking: --registry flag removed.** Use --target instead. The --registry flag was deprecated since 0.20.0.
Per-command help. CLI dispatch migrated to strictcli. Every command and monorepo subcommand now has its own --help with typed flags, arguments, and descriptions.
Multi-ecosystem library lint. Library boundary lint now supports Go and npm in addition to Python. Go lint detects forbidden imports (net/http, cobra, urfave/cli), fmt.Println, and func main(). npm lint detects forbidden imports (express, koa, commander, etc.), console.log, and bin entry points.
AST and regex lint backends. Each language has two lint implementations: tree-sitter AST (accurate, default) and regex (lightweight fallback). Select via parser = "regex" in .rlsbl/lint.toml.
Per-language lint config. Lint rules are now configured in .rlsbl/lint/python.toml, go.toml, and npm.toml with [forbidden-imports], [stdout], and [entry-point] sections. Scaffold generates these with sensible defaults. The old lint.toml ignore list is deprecated; a warning is shown if detected.
Built-in pre-release checks.rlsbl release now runs tests and lint automatically before releasing. No hook customization needed for standard checks. Skip with --skip-tests or --skip-lint.
Two-hook model. New pre-checks.sh hook runs before built-in checks (for setup tasks). The existing pre-release.sh runs after (for custom validation).
Standalone library lint.rlsbl doctor --check library-lint now works on any project, not just monorepo libraries.
Fix: lint false positives from vendored code. The lint file walker no longer descends into .venv/, node_modules/, __pycache__/, and other non-source directories.
Name check short-circuiting. When a name is already taken, variant checking and GitHub repo lookups are now skipped, reducing API calls from 6 to 1-2 per taken name. Ultranormalization breaks after the first conflict instead of checking all 64 variants.
Reason-specific explanations. Check results now explain WHY a name was rejected: stdlib module conflict, npm moniker collision, or visual similarity. Previously only the status ("taken") was shown.
PyPI caveats for available names. Available PyPI names now always show the prohibited names list warning and suggest --ultranormalized-variants when the flag wasn't used.
Steps-run summary. Verbose check output ends with a "Checked:" line listing which validations ran (registry, stdlib, variants, GitHub, ultranormalization, moniker similarity).
Multi-name summary. Batch checks now print an aggregate summary ("N available, M taken") and the delay setting after the table.
Rate limit retry visibility. HTTP 429 retries now print "Rate limited, retrying in Ns..." to stderr instead of sleeping silently.
Library boundary lint. Tag monorepo projects with library = true in workspace.toml (or monorepo add --library true) to enforce library discipline. rlsbl doctor --check library-lint detects forbidden imports (argparse, flask, click, etc.), print() calls, and CLI entry points in library source files via Python AST analysis. Logging usage is flagged as a warning. Violations block releases via the pre-release hook. Supports .rlsbl/lint.toml ignore lists for false positives.
**Library column in monorepo status.** Shows which projects are tagged as libraries. Dynamic column — hidden when no projects have library = true.
PyPI check: Simple API. Switched from the JSON API to the Simple API for availability checks. Fixes false "available" results for package names that are registered but have no releases.
PyPI check: stdlib collision detection. Names that conflict with Python standard library modules (like queue, json, os) are now reported as taken without hitting the network.
**PyPI check: --ultranormalized-variants.** New flag that generates visual-similarity variants (l/1/i and o/0 substitutions) and checks each against PyPI. Catches names like cli that PyPI rejects due to collision with cl1.
npm check: moniker similarity detection. The npm check now queries the search API to detect moniker conflicts — names that npm considers identical after stripping punctuation. Catches cases like selfdoc conflicting with self-doc.
**rlsbl doctor --check <name>.** Run a single diagnostic check by name instead of all checks. Useful in CI and pre-release hooks.
Fix: scaffold template variable resolution for secondary targets. Multi-target projects (e.g., pypi+npm) no longer leave {{registryUrl}} unresolved when npm is a secondary target.
Hook output is now visible. Pre-release and post-release hooks stream stdout/stderr to the terminal in real-time. On failure, the actual exit code is shown instead of a generic error message.
**RLSBL_HOOK_TIMEOUT environment variable.** Configure a timeout in seconds for release hooks. Default is no timeout (hooks run to completion), fixing the previous 120-second hard limit that silently killed long-running test suites.
**rlsbl release --allow-dirty.** Release with uncommitted changes in the working tree. Pre-existing dirty files are tracked and excluded from the unexpected-files safety check, so genuinely new unexpected files are still caught.
**monorepo add passes --target to scaffold.** When an explicit target is specified (e.g., --target plain), it is forwarded to the scaffold subprocess instead of relying on auto-detection. Removes a special case where monorepo add pre-created a VERSION file for plain targets.
**Cross-registry depends_on in workspace.toml.** Monorepo projects can now declare explicit dependencies on siblings in any ecosystem: depends_on = ["framework"]. These edges are respected by release-order, counted in status Deps/Rdeps columns, and shown in outdated with status "explicit". Use monorepo add --depends-on name1,name2 to set them during project registration.
**plain target for no-build-system projects.** Register template directories, shared config, or other non-code projects with monorepo add --target plain. Uses a plain VERSION file, creates GitHub Releases with changelog notes, but generates no CI or publish workflows. Standard tag format.
**--target flag on monorepo add.** Explicitly specify any target type, bypassing auto-detection. Works for all registered targets, not just plain.
Reusable npm binary wrapper. The platform-specific npm package distribution pattern (esbuild/biome/turbo-style) is now a shared module used by both Go and Zig targets. Platform list is configurable via npm_wrapper.platforms in project config.
Zig target. New release target for Zig projects. Detects build.zig.zon, manages versions via VERSION file with best-effort .zon sync, generates CI (via mlugg/setup-zig) and publish workflows that cross-compile for 6 platforms from a single runner. Supports optional npm binary wrapper distribution.
CI router fix for projects without workflows.monorepo sync no longer includes projects without CI workflows in the CI router, preventing references to non-existent workflow files.
**Breaking: rlsbl check now requires --target.** The implicit default of checking both npm and PyPI has been removed. Specify --target npm, --target pypi, or --target go explicitly.
Multi-name checking.rlsbl check foo bar baz --target pypi checks multiple names in one invocation and prints a compact table. Single-name invocations still show the verbose format with variants.
**Rate limiting for rlsbl check.** New --delay flag (default 200ms) throttles between names. HTTP 429 responses from PyPI/Go/GitHub trigger automatic retry with exponential backoff.
**rlsbl monorepo check-names.** Batch-check name availability for all workspace projects. Supports --prefix and --suffix to evaluate namespacing strategies (e.g., --prefix www- --target pypi).
**rlsbl monorepo outdated.** For each project, shows its intra-workspace dependency constraints against current sibling versions. Reports versioned deps as ok/outdated, and labels workspace/path references.
**Dependency columns in rlsbl monorepo status.** New Deps and Rdeps columns show how many workspace siblings each project depends on and how many depend on it. Hidden when no intra-workspace dependencies exist.
Monorepo-aware pre-push changelog check. The pre-push hook now detects monorepo context and only checks changelogs for projects whose files appear in the pushed commits.
**Per-subcommand help for rlsbl monorepo.** Each subcommand now has its own --help with usage and description.
Path dependency rewriting for PyPI. When building a PyPI package in a monorepo, path dependencies (e.g., core @ {root:uri}/../core) are automatically rewritten to versioned constraints in a temp copy. The working tree is never modified.
**rlsbl monorepo release-order.** Shows the topological order to release projects in, based on intra-workspace dependencies. Detects cycles.
**rlsbl deploy [name] command.** Deploy to configured targets via SSH with health checks (HTTP, TCP, script) and automatic rollback on failure. Configure targets in .rlsbl/config.json under the deploy key. Supports --dry-run to preview without executing and --force to override branch restrictions.
Deploy CI workflow template.rlsbl scaffold generates a deploy workflow when deploy targets are configured.
Project root discovery. rlsbl now finds the project root automatically, so commands work from any subdirectory (like git, cargo, npm).
Scaffold untracks gitignored files.rlsbl scaffold runs git rm --cached on tracked files matching new .gitignore entries.
**Monorepo: lock files moved to .rlsbl-monorepo/.** rlsbl release no longer creates a spurious .rlsbl/ directory at the repo root.
Deploy after publish.rlsbl release runs deploy automatically after publish completes. Deploy failures do not undo the release — retry with rlsbl deploy <name>.
**env_file config key.** Set "env_file": "~/path/to/.env" in .rlsbl/config.json to load environment variables before release. Useful for secrets needed by target publish steps (e.g., CLOUDFLARE_API_TOKEN for docs deploys).
**Breaking: removed --include and --exclude flags from rlsbl release.** Target selection for releases is now config-only via release_targets in .rlsbl/config.json.
Go binary distribution: Homebrew tap. Go binary projects can now scaffold Homebrew tap support. Set {"homebrew": {"tap": "homebrew-tap"}} in .rlsbl/config.json to add a brews: section to the goreleaser config and pass HOMEBREW_TAP_TOKEN to the publish workflow. Users install via brew install user/tap/tool.
Go binary distribution: npm wrapper. Go binary projects can scaffold npm binary wrapper packages (the esbuild/biome/turbo pattern). Set {"npm_wrapper": {"scope": "@user"}} to generate platform-specific packages for 6 platforms (linux/darwin/win32, x64/arm64), a wrapper package with optionalDependencies, a bin script, and a publish workflow that packages goreleaser archives into npm packages. Users install via npm install -g @user/tool.
Cross-target metadata in templates. Multi-target projects now merge template variables from all targets during scaffold, not just the primary. Variables are namespaced by target ({{pypi.minRequiredPython}}, {{npm.minRequiredNode}}). CI templates include runtime version references from project manifests (requires-python, engines.node, go directive, rust-version).
**rlsbl doctor: metadata consistency checks.** Three new checks validate that package name, license, and description are consistent across targets. Names are normalized per registry conventions (npm scope stripping, PyPI PEP 503, Go module path). Mismatches produce warnings, not failures.
Per-target subdirectory paths. Targets can now live in subdirectories. Configure with {"name": "npm", "path": "npm/"} in the targets array (plain strings still default to project root). Version sync, build, publish, doctor, status, and scaffold all resolve per-target paths. Useful for projects that ship wrapper packages alongside the main artifact.
npm scaffold: lockfile warning.rlsbl scaffold now warns when an npm project has no lockfile (package-lock.json, pnpm-lock.yaml, or yarn.lock) and adds a "run npm install" step to the next steps output. Prevents broken CI from npm ci failing on first push.
**rlsbl doctor command.** Diagnoses release state with 7 checks: stale lock file, version consistency across targets, local/remote tag existence, GitHub Release existence, branch sync, changelog coverage. --fix auto-repairs safe issues (stale locks, missing remote tags, missing GitHub Releases).
Lock file hardening..rlsbl/lock added to gitignore template. atexit handler ensures lock cleanup on process exit. New is_stale() helper for doctor.
Go scaffold: goreleaser ldflags. Goreleaser template now includes -X main.version={{.Version}} for version injection at build time.
Go scaffold: dynamic goreleaser main field.main: field auto-detects root vs cmd/<name>/ project structure via {{goreleaserMain}} template variable.
Go scaffold: version.go generation. Binary Go projects get a scaffolded version.go with ReadBuildInfo fallback for go install users. Libraries are excluded.
npm: package manager detection.NpmTarget detects pnpm, yarn, or npm by searching for lock files from the project directory up to the git root.
npm: per-manager CI and publish templates. Separate CI and publish workflow templates for npm, pnpm, and yarn. pnpm templates include pnpm/action-setup@v4. All CI templates now include an install step before testing.
Deleted built-in config migration engine. Removed rlsbl/lib/ (ConfigMigrator, schema_loader, ~440 LOC), the rlsbl config subcommand tree, and all associated tests (~1,500 LOC). Config migrations are now handled by the external migrable tool.
**rlsbl migrate command.** Shells out to migrable migrate --config-dir .rlsbl. Supports --dry-run and --status. Gives install instructions if migrable is not found.
**--json flag for rlsbl status.** Outputs structured JSON with name, version, target, branch, tag, clean, changelog, ci, publish.
Documented hidden flags.--no-commit and --skip-shared now appear in rlsbl scaffold --help.
Go root main detection.rlsbl scaffold warns when a Go project has its main package in cmd/<name>/ instead of the project root, since go install module@latest won't work.
Router watch paths. Projects in a monorepo can declare extra file patterns to watch via --watch on monorepo add or the watch key in workspace.toml. The CI router generates multi-line path filters including both the project directory and all watch entries.
Swift target split. New swift-apple target for Apple-platform Swift projects (macOS-only CI). The existing swift target keeps macOS+ubuntu for server-side Swift. swift-apple requires explicit declaration in .rlsbl/config.json (no auto-detection).
Subtree publishing. Monorepo projects with subtree_remote configured get automatic git subtree pushes after release. The project's subdirectory is split and pushed to a mirror repo with plain semver tags, enabling SPM consumption. A GitHub Release is also created on the mirror. Failures are non-fatal.
Explicit target enforcement.rlsbl scaffold now warns when using auto-detected targets and always writes the detected target to .rlsbl/config.json, ensuring subsequent runs use explicit config.
**monorepo status enhanced.** Optional Watch column (path count) and Remote column (subtree URL) appear when projects use these features.
**monorepo sync warns for Swift projects** without subtree_remote, since SPM can't resolve monorepo-style prefixed tags.
**Monorepo sync adds working-directory.** Synced CI workflows now include defaults: run: working-directory: {path} so steps run in the correct project subdirectory.
Monorepo add shows guidance. When no target is detected, the error now suggests which manifest files to create.
Dynamic merged publish workflows. Multi-target projects now get dynamically generated publish workflows composed from each target's individual template. Supports all 11 targets, replaces the static npm+pypi+go-only merged template.
Monorepo support. New rlsbl monorepo command family for managing multi-project repos with independent versioning. Projects remain fully standalone — extracting to a solo repo requires zero config changes. - monorepo init creates a .rlsbl-monorepo/workspace.toml workspace manifest. - monorepo add <path> registers a project (auto-detects target, auto-scaffolds, auto-syncs CI). - monorepo remove <path> unregisters a project. - monorepo list shows all registered projects. - monorepo status shows version, latest tag, target, and unreleased changelog entries per project. - monorepo sync copies per-project CI workflows to root, rewrites triggers to workflow_call, generates a CI router (paths-filter dispatch) and publish router (tag-prefix dispatch), sets copies read-only with source header.
Scoped releases in monorepos.rlsbl release inside a monorepo project automatically prefixes tags ([email protected]), scopes version reads/writes and changelog to the project subdirectory, and uses a scoped commit message.
**Monorepo-aware rlsbl status.** Shows monorepo tag format and project count hint when inside a monorepo project.
Scaffold triggers monorepo sync. Running rlsbl scaffold inside a monorepo project automatically syncs workflows to root.
7 new release targets. swift (SPM), cargo (Rust/crates.io), deno (JSR), hex (Elixir/hex.pm), maven (Gradle/Maven), docker, spec (versioned specifications). Each with CI/publish templates and hybrid publish support.
Opt-in target config. Projects declare targets in .rlsbl/config.json"targets" array. Auto-detection remains as fallback for existing projects.
Hybrid publish.rlsbl release publishes locally when ecosystem token is available (NPM_TOKEN, CARGO_REGISTRY_TOKEN, HEX_API_KEY, etc.). Falls back to CI otherwise.
Private registry workflow.rlsbl scaffold --private (or auto-detected) skips publish.yml, generates a post-release hook that uploads artifacts to GitHub Releases. Prints consumer install instructions.
tomlkit replaces TOML regex.pyproject.toml editing (version bumps, keyword injection) now uses tomlkit for correct round-trip editing with comment preservation. Fixes edge cases with [project.urls] sub-tables.
detect_targets() covers all targets. Auto-detection now finds all 11 registered targets, not just npm/pypi/go.
Watch re-polls for late-starting workflows. After initial runs complete, waits 5 seconds and re-polls for workflows that started late (e.g., Publish triggered by GitHub Release creation). Fixes missing Publish detection.
Release aborts if behind remote. Fetches origin before releasing and exits if local branch is behind. Use --skip-remote-check for offline releases.
Watch reports which workflows ran. After CI completes, prints a summary table of workflow names and results. Warns if a publish workflow exists on disk but didn't trigger.
Docs system extracted to selfdoc.rlsbl docs commands removed. DocsTarget now detects selfdoc.json and delegates to the selfdoc CLI. Install selfdoc separately for documentation generation.
**rlsbl check includes GitHub repo search.** Shows repo count as informational context (not an availability check) after registry checks.
Codehome target removed. The plugin target and rlsbl register command were premature and have been removed pending a more mature design.
Codehome target rewrite. Now root-scoped: each plugin (or plugin group) lives in its own repo with plugin.json. Standard v1.2.3 tags, no namespacing. Push is delivery.
**rlsbl register command.** Prints the JSON registry entry for the current plugin repo (name, repo URL, description, plugins provided).
Scaffold template for codehome.rlsbl scaffold --target codehome creates CI workflow that validates plugin.json.
Plugin validation. Release validates plugin.json has required fields (name, version, description) and valid semver.
Codehome plugin target.--target codehome --scope plugins/<name> releases individual plugins from a monorepo. Reads/writes plugin.toml, creates namespaced tags ([email protected]).
Docs target. Auto-generate documentation from Python docstrings and deploy to Cloudflare Pages or GitHub Pages. rlsbl docs init/build/serve/deploy commands. Zero external dependencies (stdlib ast + built-in MD/HTML converter).
**rlsbl targets command.** Lists all available targets with detection status, scope type, and version file.
Multi-target release. Secondary root-scoped targets (e.g., docs) auto-run build+deploy during release. Use --skip-docs to opt out.
**--target and --scope CLI flags.** --target selects the release target explicitly. --scope restricts operations to a subdirectory for subdir-scoped targets.
Scoped release safety. Validates scope path exists, includes pyproject.toml in commit for plugin targets, warns when --scope is used with root-scoped targets.
**--registry deprecated.** Use --target instead. Prints a deprecation warning when used.
Scaffold auto-commits. Created files are committed automatically (use --no-commit to opt out). Runs config migrations when .rlsbl/config-schema.json exists.
Parallel watch.rlsbl watch polls CI runs concurrently (total time = max of all runs, not sum).
Parallel variant checking.rlsbl check uses ThreadPoolExecutor for concurrent registry queries.
**rlsbl undo improvements.** Auto-pushes revert commit (with confirmation prompt, or automatic with --yes). Prints structured failure summary table with remediation commands on partial failure.
Pre-release suffix support.bump_version handles versions like 1.0.0-beta.1.
**--force no longer overwrites user-owned files.** CHANGELOG.md, LICENSE, and hooks are preserved even with --force.
**Pre-release hook receives RLSBL_VERSION.** Matches the existing post-release hook behavior.
Release race condition fix. Aborts if unexpected files are modified before commit.
Top-level error handler sanitized. No longer exposes sensitive CalledProcessError details.
Discover hardened. Pagination capped at 20 pages; retries once on HTTP 403 with Retry-After header.
**record-gif validates flags.** Clear error message on non-integer flag values.
Release prompt mentions ecosystem tagging when enabled.
npm check timeout. Variant checking has 10-second subprocess timeout.
Templates included in wheel. Moved templates/ into the rlsbl/ package so non-editable installs (pip, pipx) get them. Previously rlsbl scaffold crashed on PyPI installs.
**undo checks prerequisites.** Now verifies gh CLI auth and clean working tree before proceeding.
TOML trailing comma fix. Adding the rlsbl keyword no longer produces a double comma.
**Pagination URL validation in discover.** Only follows Link header URLs pointing to api.github.com.
**.rlsbl/version included in release commit.** No more orphaned version marker changes.
Non-ASCII preserved in package.json.json.dumps now uses ensure_ascii=False.
Universal three-way merge for scaffold updates. Replaced all format-specific merge strategies (YAML job-level, JSON deep-merge, line-based, section append) with git merge-file. Bases are stored in .rlsbl/bases/ at scaffold time. On --update, user customizations and template updates merge cleanly; conflicts get git-style conflict markers.
**Removed ruamel-yaml dependency.** No longer needed since YAML-aware merging is replaced by three-way text merge.
Detailed scaffold output. Every file now shows its action: created, updated, merged, unchanged, user-owned, or CONFLICTS.
**Removed check-prs command.** Was a useless wrapper around gh pr list.
**JSON deep-merge for .claude/settings.json.** Scaffold now merges new template keys into existing user settings instead of skipping the file. User values are preserved.
YAML job-level merge for CI workflows.ci.yml and publish.yml are now merged at the job level: rlsbl-managed jobs are updated, user-added jobs are preserved. Uses ruamel.yaml for comment-preserving round-trip parsing.
Explicit USER_OWNED category.CHANGELOG.md, LICENSE, and hooks are formally marked as user-owned and never overwritten.
LICENSE year update.scaffold --update extends the copyright year range to the current year.
Scripts moved to subcommands.check-prs.sh, record-gif.sh, and pre-push-hook.sh are no longer scaffolded into scripts/. They are now built-in subcommands: rlsbl record-gif, rlsbl pre-push-check.
**rlsbl watch command.** Monitors all CI runs for a commit, prints results to stderr, sends desktop notification, exits 1 on failure. rlsbl release prints Watch CI: rlsbl watch <sha> for easy invocation.
Removed built-in background CI watcher from rlsbl release. Use rlsbl watch explicitly instead.
**Hooks moved to .rlsbl/hooks/.** pre-release.sh and post-release.sh moved from scripts/ to .rlsbl/hooks/. rlsbl release looks for hooks there.
Pre-push hook is a one-liner..git/hooks/pre-push now calls exec rlsbl pre-push-check "$@" instead of being a full script copy. Updates happen via uv tool upgrade rlsbl, not re-scaffolding.
Version detection reads source tree first.__version__ now reads pyproject.toml directly when running from source, fixing stale metadata from editable installs.
CLAUDE.md template is registry-specific. Publish setup instructions (NPM_TOKEN, Trusted Publishing, GoReleaser) now match the project's registry instead of always showing NPM_TOKEN.
Gitignore merge normalizes trailing slashes.*.egg-info/ and *.egg-info are now recognized as duplicates during scaffold merge.
**record-gif.sh no longer hardcodes /tmp/.** Uses bare mktemp for portability.
**Go check hidden by default in rlsbl check.** Only shown with --registry go. Labels changed from "available"/"taken" to "not found"/"exists" since Go modules use repository paths.
**Auth hint on 403 in rlsbl discover.** Suggests gh auth login when rate-limited.
CI watcher prints to stderr. The background CI watcher now writes results to inherited stderr instead of attempting tty detection. AI agents and terminal users both see CI pass/fail in their output stream. On failure, the GitHub Actions run URL is printed.
***.local-only gitignore pattern.** Scaffolded .gitignore now includes *.local-only. Use a .local-only/ directory or *.local-only suffix to keep files out of version control without per-file gitignore entries.
Post-release hooks.scripts/post-release.sh runs after a successful release with RLSBL_VERSION env var set. Non-fatal (release is already complete). Scaffolded via rlsbl scaffold.
CI watcher. After pushing, rlsbl spawns a background process that watches CI via gh run watch and sends a desktop notification (notify-send on Linux, osascript on macOS) when CI passes or fails.
Ecosystem discoverability: rlsbl discover command lists all rlsbl-tagged projects via GitHub topics
rlsbl config shows ecosystem tagging status and source
--quiet flag is respected by all tagging output
Auto-tagging: scaffold and release inject "rlsbl" keyword into package.json/pyproject.toml and add the rlsbl GitHub topic
Opt-out via --no-tag flag, project config (.rlsbl/config.json), or user config (~/.rlsbl/config.json)
rlsbl discover --mine filters to the authenticated user's repos