docs: document release confirmation step

docs: clarify script-change note path in project rules
docs: refresh project status notes for release workflow
2026-04-27 20:40:46 +02:00 · 2026-04-27 20:37:17 +02:00 · 2026-04-27 20:30:12 +02:00 · 2026-04-27 20:22:58 +02:00 · 2026-04-27 20:12:47 +02:00 · 2026-04-27 20:09:53 +02:00
4 changed files with 176 additions and 58 deletions
@@ -1,4 +1,4 @@
-# Project status — fullupgrade
+# Project Status — fullupgrade
 Last updated: 2026-04-27
@@ -31,38 +31,39 @@ Notes:
 Recommendations:
 - keep documenting the system impact clearly
 - consider whether `pacman -Sc` is the right cache cleanup level for every use case
 ### 2) `makerelease.sh`
 Current behavior:
- takes `VERSION` and `MESSAGE` as arguments
+- supports explicit versions like `1.2.3`
 - supports version increments with `+0.0.1`, `+0.1`, and `+1`
 - supports `--dry-run` to print the computed release version
 - checks that the current branch is `dev`
 - verifies the working tree is clean
 - checks that the target tag does not already exist
 - displays the computed release tag before proceeding
 - asks for confirmation before any Git action
 - checks out `main`
 - merges `dev` into `main`
 - pushes the branch
 - creates an annotated tag
 - pushes tags
- returns to `dev`
+- attempts to return to the original branch on exit
 Notes:
- the script currently does not use `set -euo pipefail`
+- the script uses `set -euo pipefail`
- there is no check for a clean working tree
+- the release tag message is automatically generated as `Release <version>`
- there is no validation of the release message
+- the script no longer requires a separate release message argument
- there is no guard against duplicate tags
+- the current increment logic assumes simple dotted numeric tags
- returning to `dev` is not protected if a command fails
+- normal releases now require an interactive confirmation after the tag is displayed
 Recommendations:
- add `set -euo pipefail`
+- consider validating the version format more strictly if release rules grow
- verify the Git status before releasing
+- keep the dry-run behavior documented and aligned with the script
 - validate `VERSION` and `MESSAGE`
 - prevent duplicate tags
 - use a `trap` to return to the initial branch on failure
 - improve the help output
 ### 3) `README.md`
 Current status:
- the README has a first complete pass in English
+- the README documents both scripts in English
- it explains both scripts, their requirements, usage, warnings, and an example release command
+- it includes release increments, dry-run usage, and the confirmation step for `makerelease.sh`
 Recommendations:
 - keep it aligned with the actual script behavior
@@ -75,12 +76,7 @@ This file should be updated whenever:
 - new constraints or design decisions are introduced
 - release workflow rules evolve
 ## Current priorities
 1. Secure the Bash scripts
 2. Keep documentation aligned with the scripts
 3. Make the release workflow more robust
 ## Maintenance notes
 - Always keep the README, the scripts, and this file consistent.
- If a script changes, update this note immediately.
+- If a script changes, update this note immediately (./continue/rules/project.md).
 - If a new usage rule appears, document it here.
@@ -7,7 +7,7 @@ Minimal Bash tools for Arch Linux maintenance and Git release automation.
 This repository contains two small Bash scripts:
 - `fullupgrade`: updates an Arch Linux system and performs cleanup
- `makerelease.sh`: merges `dev` into `main` and creates a release tag
+- `makerelease.sh`: automates a Git release from `dev` to `main`
 The project is intentionally small and focused on a simple, opinionated workflow.
@@ -42,37 +42,56 @@ sudo ./fullupgrade
 ## `makerelease.sh`
-`makerelease.sh` automates a simple Git release workflow:
+`makerelease.sh` automates a Git release workflow:
-1. checks that the current branch is `dev`
+1. checks that the current branch is `dev` for real releases
-2. switches to `main`
+2. verifies the working tree is clean
-3. merges `dev` into `main`
+3. optionally computes a new version from an increment shortcut
-4. pushes `main`
+4. displays the chosen release tag
-5. creates an annotated tag using the provided version and message
+5. asks for confirmation before any Git action
-6. pushes tags
+6. switches to `main`
-7. switches back to `dev`
+7. merges `dev` into `main`
 8. pushes `main`
 9. creates an annotated tag
 10. pushes tags
 11. switches back to the original branch on exit
 ### Usage
 ```bash
-./makerelease.sh VERSION "Release message"
+./makerelease.sh VERSION
 ./makerelease.sh +0.0.1
 ./makerelease.sh +0.1
 ./makerelease.sh +1
 ./makerelease.sh --dry-run VERSION
 ./makerelease.sh --dry-run +0.0.1
 ./makerelease.sh --dry-run +0.1
 ./makerelease.sh --dry-run +1
 ```
-### Example
+### Examples
 ```bash
-./makerelease.sh 1.2.0 "Release 1.2.0"
+./makerelease.sh 1.2.0
 ./makerelease.sh --dry-run +0.0.1
 ```
 ### Notes
 - Run the script from a clean, local Git repository.
 - Make sure the `dev` branch contains the changes you want to release.
 - `VERSION` is used directly as the tag name.
 - If `VERSION` starts with `+`, it is treated as an increment based on the latest existing tag.
 - `--dry-run` can be used from any branch and only prints the computed tag.
 - In normal mode, the computed tag is shown and a confirmation is required before Git actions run.
 - The script may fail if Git state is unexpected or if a tag already exists.
 - The tag message is automatically generated as `Release <version>`.
 ## Status
-This repository is intentionally minimal. `fullupgrade` is hardened with `set -euo pipefail`, while `makerelease.sh` may still need additional validation and safeguards.
+This repository is intentionally minimal.
 - `fullupgrade` is hardened with `set -euo pipefail`.
 - `makerelease.sh` now includes clean-tree checks, duplicate tag protection, increment shortcuts, dry-run support from any branch, and a trap to return to the original branch on exit.
 ## License
@@ -5,20 +5,20 @@ show_help() {
 	cat <<'EOF'
 Usage: fullupgrade
-Met à jour Arch Linux et effectue un nettoyage:
+Updates Arch Linux and performs cleanup:
-  - mise à jour de archlinux-keyring
+  - updates archlinux-keyring
-  - synchronisation complète du système
+  - performs a full system synchronization
-  - suppression des paquets orphelins
+  - removes orphaned packages
-  - nettoyage du cache pacman
+  - cleans the pacman cache
-Attention: ce script modifie le système et s'exécute sans confirmation.
+Warning: this script modifies the system and runs without confirmation.
 EOF
 }
 require_root() {
 	if [ "${EUID:-$(id -u)}" -ne 0 ]; then
-		echo "Erreur: ce script doit être exécuté en root." >&2
+		echo "Error: this script must be run as root." >&2
 		exit 1
 	fi
 }
@@ -31,7 +31,7 @@ cleanup_orphans() {
 	if [ "${#orphans[@]}" -gt 0 ]; then
 		pacman -Rns --noconfirm "${orphans[@]}"
 	else
-		echo "Aucun paquet orphelin à supprimer."
+		echo "No orphaned packages to remove."
 	fi
 }
@@ -43,19 +43,19 @@ main() {
 	require_root
-	echo "Mise à jour de archlinux-keyring..."
+	echo "Updating archlinux-keyring..."
 	pacman -Sy --noconfirm archlinux-keyring
-	echo "Mise à jour complète du système..."
+	echo "Performing full system update..."
 	pacman -Syu --noconfirm
-	echo "Recherche des paquets orphelins..."
+	echo "Searching for orphaned packages..."
 	cleanup_orphans
-	echo "Nettoyage du cache pacman..."
+	echo "Cleaning pacman cache..."
 	pacman -Sc --noconfirm
-	echo "Mise à jour terminée avec succès."
+	echo "Update completed successfully."
 }
 main "$@"
@@ -1,32 +1,135 @@
 #!/bin/bash
-declare -r VERSION=${1}
+set -euo pipefail
-declare -r MESSAGE=${2}
+
 declare -r TAGBRANCH=main
 declare CURRENTBRANCH=""
 declare ORIGBRANCH=""
 declare -r ARG1="${1:-}"
 declare -r ARG2="${2:-}"
 declare is_dry_run=false
 declare release_input=""
 showHelp() {
-	echo makerelease version
+	cat <<'EOF'
 Usage:
  makerelease.sh VERSION
  makerelease.sh +0.0.1
  makerelease.sh +0.1
  makerelease.sh +1
  makerelease.sh --dry-run VERSION
  makerelease.sh --dry-run +0.0.1
  makerelease.sh --dry-run +0.1
  makerelease.sh --dry-run +1
 Creates an annotated Git tag from the current dev branch.
 If VERSION starts with +, it is treated as an increment:
 - +0.0.1 increments patch
 - +0.1 increments minor
 - +1 increments major
 Use --dry-run to show the computed release version without running Git actions.
 Requirements:
 - run from a clean Git working tree
 - current branch must be dev for real releases
 - main branch must exist locally
 EOF
 }
-if [ "${VERSION}" == "" ]; then
+cleanup() {
 	if [ -n "${ORIGBRANCH}" ] && [ "${CURRENTBRANCH}" != "${ORIGBRANCH}" ]; then
 		git checkout "${ORIGBRANCH}" >/dev/null 2>&1 || true
 	fi
 }
 trap cleanup EXIT
 if [ "${ARG1}" = "--dry-run" ] || [ "${ARG1}" = "-n" ]; then
 	is_dry_run=true
 	release_input="${ARG2:-}"
 else
 	release_input="${ARG1}"
 fi
 if [ -z "${release_input}" ]; then
 	showHelp
 	echo ""
 	echo "no version provided!"
 	exit 1
 fi
-CURRENTBRANCH=$(git rev-parse --abbrev-ref HEAD)
+if ! git rev-parse --is-inside-work-tree >/dev/null 2>&1; then
 	echo "You are not inside a Git repository!"
 	exit 1
 fi
-if [ ! "${CURRENTBRANCH}" == "dev" ]; then
+if [ -n "$(git status --porcelain)" ]; then
 	echo "Working tree is not clean!"
 	echo "Commit or stash your changes before creating a release."
 	exit 1
 fi
 CURRENTBRANCH=$(git rev-parse --abbrev-ref HEAD)
 ORIGBRANCH="${CURRENTBRANCH}"
 if [ "${is_dry_run}" = false ] && [ "${CURRENTBRANCH}" != "dev" ]; then
 	echo "You are not in dev branch!"
 	echo "Use dev branch to make a release!"
 	exit 1
 fi
 release_tag="${release_input}"
 if [ "${release_input}" != "${release_input#+}" ]; then
 	current_tag="$(git describe --tags --abbrev=0 2>/dev/null || true)"
 	if [ -z "${current_tag}" ]; then
 		echo "No existing tag found to increment from!"
 		exit 1
 	fi
 	case "${release_input}" in
 		+1)
 			release_tag="$(printf '%s' "${current_tag}" | awk -F. 'BEGIN{OFS="."} { $1+=1; $2=0; $3=0; print }')"
 			;;
 			+0.1)
 			release_tag="$(printf '%s' "${current_tag}" | awk -F. 'BEGIN{OFS="."} { $2+=1; $3=0; print }')"
 			;;
 			+0.0.1)
 			release_tag="$(printf '%s' "${current_tag}" | awk -F. 'BEGIN{OFS="."} { $3+=1; print }')"
 			;;
 		*)
 			echo "Unsupported increment syntax: ${release_input}"
 			exit 1
 			;;
 	esac
 fi
 if git rev-parse -q --verify "refs/tags/${release_tag}" >/dev/null; then
 	echo "Tag ${release_tag} already exists!"
 	exit 1
 fi
 if [ "${is_dry_run}" = true ]; then
 	echo "Dry run: computed release tag ${release_tag}"
 	exit 0
 fi
 echo "Release tag selected: ${release_tag}"
 read -r -p "Proceed with release? [y/N] " confirm
 case "${confirm}" in
 	y|Y)
 		;;
 	*)
 		echo "Release cancelled."
 		exit 1
 		;;
 esac
 git checkout "${TAGBRANCH}"
-git merge "${CURRENTBRANCH}"
+CURRENTBRANCH="${TAGBRANCH}"
 git merge "${ORIGBRANCH}"
 git push
-git tag -a "${VERSION}" -m "${MESSAGE}"
+git tag -a "${release_tag}" -m "Release ${release_tag}"
 git push --tags
-git checkout "${CURRENTBRANCH}"
+
 echo "Created release tag ${release_tag}"
Author	SHA1	Message	Date
matmoul	d9b322a1c5	docs: document release confirmation step	2026-04-27 20:40:46 +02:00
matmoul	09f81b8e7c	docs: clarify script-change note path in project rules	2026-04-27 20:37:17 +02:00
matmoul	fbf993557f	docs: refresh project status notes for release workflow	2026-04-27 20:30:12 +02:00
matmoul	35675e28c5	docs: translate fullupgrade script messages to English	2026-04-27 20:22:58 +02:00
matmoul	37aa36d94f	docs: clarify makerelease dry-run branch requirement	2026-04-27 20:12:47 +02:00
matmoul	b489272bc0	feat: enhance makerelease workflow with dry-run and increments	2026-04-27 20:09:53 +02:00