[chore]: only release alpha when changeset present

[seanmcguire12]

why

• so that we don't release an alpha versions for merges to main without a changeset

what changed

• added a step in release.yml to check for a changeset in the stagehand package. if one exists, it will publish an alpha version. otherwise, it wont publish

---

Summary by cubic

Only publish canary (alpha) on main when this push adds a changeset for @browserbasehq/stagehand or @browserbasehq/browse-cli. Adds a step in .github/workflows/release.yml to scan new .changeset/*.md files in the push and gate the publish step, aligning with STG-1583.

^{Written for commit 242e266. Summary will update on new commits. Review in cubic}

[changeset-bot]

⚠️ No Changeset found

Latest commit: 242e266

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[greptile-apps]

Greptile Summary

This PR adds a guard to the release.yml workflow so that alpha/canary npm publishes are only triggered when a pending changeset for @browserbasehq/stagehand is present on main — preventing spurious alpha bumps on changesetless merges.

Key changes:

• A new check_changesets step runs pnpm changeset status --output changeset-status.json and parses the JSON to look for a release entry targeting @browserbasehq/stagehand.
• The existing Publish Canary step gains a second if: condition: steps.check_changesets.outputs.has_changesets == 'true'.
• Two minor style concerns: the || true that suppresses changeset status exit codes silently masks unexpected command failures (not just the expected "no changesets" exit-1), and the stagehand-specific gate means packages like @browserbasehq/browse-cli can accumulate changesets that never get alpha-released unless a stagehand changeset is also present.

Confidence Score: 4/5

• Safe to merge — the change correctly prevents spurious alpha publishes with no risk of breaking stable releases.
• The logic is sound: changesets/action leaves changeset files in place on main when only creating a Version PR (not publishing), so pnpm changeset status will correctly detect pending changesets. The set -euo pipefail + || true pattern is appropriate, though it silently swallows unexpected failures. The stagehand-specific gating is intentional per the PR description. No stable release path is affected.
• .github/workflows/release.yml — review the || true suppression and the stagehand-only changeset gate.

Important Files Changed

Filename	Overview
.github/workflows/release.yml	Adds a check_changesets step that runs pnpm changeset status and parses the JSON output to determine whether @browserbasehq/stagehand has a pending changeset; the Publish Canary step is now gated on this output. Logic is sound, with two minor style concerns: `

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Push to main] --> B[Checkout and Setup]
    B --> C[Lint and Build]
    C --> D[changesets/action - Create Version PR or Publish Stable]
    D --> E[check_changesets - pnpm changeset status output JSON]
    E --> F{changeset-status.json exists?}
    F -- No or empty --> G[has_changesets=false]
    F -- Yes --> H{releases contains @browserbasehq/stagehand?}
    H -- No --> G
    H -- Yes --> I[has_changesets=true]
    G --> J[Publish Canary - SKIPPED]
    I --> K[Publish Canary - git checkout main then pnpm run release-canary]
    K --> L[changeset version --snapshot creates alpha versions]
    L --> M[changeset publish --tag alpha to npm]

Loading

_{Last reviewed commit: 2da4412}

[greptile-apps]

Silent suppression of all changeset status errors

|| true suppresses every non-zero exit from pnpm changeset status, including unexpected infrastructure failures (e.g., a corrupted node_modules, a pnpm resolution error, etc.). In those cases the output file won't be created, the node script falls into the !fs.existsSync branch, sets has_changesets=false, and the alpha publish is silently skipped with no indication that something went wrong.

Consider adding a brief comment so future maintainers know the intent — changeset status exits 1 when there are no pending changesets, which is why || true is needed rather than to swallow real errors:

Suggested change

	pnpm changeset status --output changeset-status.json || true
	pnpm changeset status --output changeset-status.json || true # exits 1 when no changesets exist

[greptile-apps]

Alpha gated only on @browserbasehq/stagehand, not sibling packages

The release-canary script (changeset version --snapshot && changeset publish --tag alpha) publishes all packages that have pending changesets — including @browserbasehq/browse-cli. However, the gate here only checks for a @browserbasehq/stagehand changeset.

This means if @browserbasehq/browse-cli (or any other workspace package) accumulates changesets without a corresponding stagehand changeset, those packages will never get an alpha release through this workflow until a stagehand changeset also lands.

If the intent is truly "only alpha when stagehand itself changes" this is fine — but it's worth a comment documenting the choice so it's not accidentally widened later.

[cubic-dev-ai]

1 issue found across 1 file

Confidence score: 3/5

• There is a concrete medium-risk release-process issue in .github/workflows/release.yml: the changeset check is not scoped to the current push range, so alpha can publish on merges that did not add a changeset.
• Because this behavior is tied to STG-1583 and can violate the stated alpha publishing requirement, the risk is user-impacting for release correctness even though the change scope is small.
• Pay close attention to .github/workflows/release.yml - ensure the changeset validation only evaluates the current push range to prevent unintended alpha releases.

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name=".github/workflows/release.yml">

<violation number="1" location=".github/workflows/release.yml:54">
P2: Scope the changeset check to the current push range; otherwise alpha can still publish on merges that didn’t add a changeset.

According to linked Linear issue STG-1583, this can violate the requirement to avoid alpha releases for merges to `main` without a changeset.</violation>
</file>

Architecture diagram

sequenceDiagram
    participant Runner as GitHub Actions Runner
    participant CLI as Changeset CLI
    participant FS as File System
    participant Node as Validation Script
    participant Release as Release Process (pnpm)
    participant Registry as NPM Registry

    Note over Runner, Registry: CI/CD Release Flow (Branch: main)

    Runner->>CLI: pnpm changeset status --output changeset-status.json
    CLI->>FS: Write status to changeset-status.json

    Runner->>Node: NEW: Parse status and check package
    FS-->>Node: Read JSON data
    
    Note over Node: NEW: Logic looks for package<br/>'@browserbasehq/stagehand'

    alt Changeset exists for stagehand
        Node-->>Runner: NEW: set GITHUB_OUTPUT has_changesets=true
        Runner->>Release: pnpm run release-canary
        Release->>Registry: Publish alpha version
    else No changeset or different package
        Node-->>Runner: NEW: set GITHUB_OUTPUT has_changesets=false
        Note over Runner: NEW: Publish step skipped via 'if' condition
    end

Loading

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[cubic-dev-ai]

1 issue found across 1 file (changes from recent commits).

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name=".github/workflows/release.yml">

<violation number="1" location=".github/workflows/release.yml:67">
P2: This check can produce false positives because it scans the whole changeset markdown file instead of only frontmatter package entries. According to linked Linear issue STG-1583, alpha publishing should only happen when a relevant changeset is actually present; this logic can still publish alpha when package names appear only in the note body.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[cubic-dev-ai]

P2: This check can produce false positives because it scans the whole changeset markdown file instead of only frontmatter package entries. According to linked Linear issue STG-1583, alpha publishing should only happen when a relevant changeset is actually present; this logic can still publish alpha when package names appear only in the note body.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At .github/workflows/release.yml, line 67:

<comment>This check can produce false positives because it scans the whole changeset markdown file instead of only frontmatter package entries. According to linked Linear issue STG-1583, alpha publishing should only happen when a relevant changeset is actually present; this logic can still publish alpha when package names appear only in the note body.</comment>

<file context>
@@ -46,25 +46,30 @@ jobs:
+          # Private packages (server-v3, server-v4) have their own release workflows.
+          has_publishable=false
+          for file in $new_changesets; do
+            if grep -qE '"@browserbasehq/stagehand"|"@browserbasehq/browse-cli"' "$file"; then
+              has_publishable=true
+              break
</file context>

Suggested change

	if grep -qE '"@browserbasehq/stagehand"|"@browserbasehq/browse-cli"' "$file"; then
	if sed -n '/^---$/,/^---$/p' "$file" | grep -qE "^[[:space:]]*['\"](@browserbasehq/stagehand|@browserbasehq/browse-cli)['\"]:[[:space:]]"; then