fix(release): align AICX public binary install lane#2
Closed
m-szymanska wants to merge 8 commits intomainfrom
Closed
fix(release): align AICX public binary install lane#2m-szymanska wants to merge 8 commits intomainfrom
m-szymanska wants to merge 8 commits intomainfrom
Conversation
- add release-binaries make target for aicx and aicx-mcp - copy built binaries into operator-provided STAGING_DIR - emit component metadata for cross-repo Loctree bundles - optionally codesign macOS binaries when CODESIGN is enabled
- keep binary release sha256 files usable after download - write the archive basename instead of the build container /out path - preserve existing unsigned bundle packaging semantics
- Make GitHub Releases the documented public install path for v0.6.5.\n- Update release-mode asset naming to the published slim unsigned tarballs.\n- Switch Linux release detection to GNU x64/arm64 and fail loudly for unsupported Intel Mac.\n- Clarify that npm wrapper packages are not the supported v0.6.5 install path yet.
- Add a 0.6.5 changelog entry for the public GitHub Release assets.\n- Mark the npm distribution lane as planned but inactive for v0.6.5.\n- Document that the current npm matrix still expects the older zip/musl shape.\n- Point npm publishing checks at the real v0.6.5 slim unsigned tarball asset shape.
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request updates the release infrastructure for version 0.6.5, shifting the primary distribution channel from npm to GitHub Releases. Key changes include the introduction of slim unsigned .tar.gz archives for macOS arm64 and Linux (x64 and arm64 GNU) targets. The Makefile, install.sh, and release_bundle.sh scripts have been updated to support these new targets and the specific naming convention for unsigned bundles. Additionally, documentation across the repository has been revised to reflect that npm distribution is currently inactive for this version until platform packages are realigned. I have no feedback to provide as no review comments were included.
- Checkout Loctree/rust-memex at the pinned 0.6.4 migration commit in CI and release workflows. - Run Cargo and release assembly steps from the nested aicx checkout so ../rust-memex resolves on runners. - Update cache/artifact paths after nested checkout and teach actionlint about our self-hosted runner labels.
- Stop saving the nested aicx/target directory through actions/cache. - Keep Cargo registry/git caching while avoiding long post-job cache uploads on self-hosted runners. - Scope cache keys to aicx/Cargo.lock after the rust-memex sibling checkout.
- Remove actions/cache from PR CI after repeated post-job cache hangs on self-hosted runners. - Remove the same cache steps from release verify/build jobs so release runs favor predictability over cache speed. - Keep the rust-memex sibling checkout and nested aicx working directory behavior unchanged.
There was a problem hiding this comment.
Pull request overview
Aligns the documented and scripted “public binary install” path around GitHub Releases for v0.6.5, and updates release/CI automation to build from an aicx/ subdirectory with a checked-out rust-memex sibling.
Changes:
- Updates
install.sh+ top-level docs to treat GitHub Releases (with.sha256sidecars) as the supported binary install lane forv0.6.5, and marks npm as planned/inactive until realigned. - Extends
tools/release_bundle.sh/Makefileto support a binary-only tarball bundling mode with configurable build command/target/dist. - Adjusts CI/release workflows to checkout
aicxinto a subdirectory and fetchLoctree/rust-memexat a pinned ref.
Reviewed changes
Copilot reviewed 11 out of 11 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
| tools/release_bundle.sh | Adds “binaries-only” unsigned tar.gz bundle mode and build command override. |
| README.md | Updates install instructions to use GitHub Releases via install.sh. |
| Makefile | Adds release-binaries target and passes target/dist/dry-run into release-bundle targets. |
| install.sh | Changes release asset targeting/naming and installer messaging around public install lanes. |
| docs/RELEASES.md | Documents v0.6.5 distribution channels, current asset shape, and maintainer bundle flow. |
| distribution/npm/README.md | Marks npm lane as planned/inactive for v0.6.5 until realigned. |
| distribution/npm/PUBLISHING.md | Adds warnings and updates examples to reflect v0.6.5 release asset shape. |
| CHANGELOG.md | Adds a 0.6.5 entry describing the release lane changes. |
| .github/workflows/release.yml | Checks out aicx/ + rust-memex/, sets working-directory, adjusts artifact pathing. |
| .github/workflows/ci.yml | Checks out aicx/ + rust-memex/, sets working-directory for Rust/Semgrep steps. |
| .github/actionlint.yaml | Adds actionlint configuration for self-hosted runner labels. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
126
to
127
| require_cmd shasum | ||
|
|
Comment on lines
+201
to
+205
| # shellcheck disable=SC2086 | ||
| $BUILD_CMD --locked --release --target "$TARGET" --features "$FEATURES_VALUE" --bin aicx --bin aicx-mcp | ||
| else | ||
| cargo build --locked --release --target "$TARGET" --bin aicx --bin aicx-mcp | ||
| # shellcheck disable=SC2086 | ||
| $BUILD_CMD --locked --release --target "$TARGET" --bin aicx --bin aicx-mcp |
Comment on lines
19
to
+23
| FEATURES ?= | ||
| TARGET ?= $(shell rustc -vV | sed -n 's/^host: //p') | ||
| CODESIGN ?= auto | ||
| DIST_DIR ?= $(CURDIR)/dist | ||
| DRY_RUN ?= 0 |
|
|
||
| ```bash | ||
| npm install -g @loctree/aicx | ||
| curl -fsSLO https://raw.githubusercontent.com/Loctree/aicx/main/install.sh |
Comment on lines
429
to
432
| release_tag=$(resolve_release_tag) | ||
| target=$(detect_release_target) | ||
| version="${release_tag#v}" | ||
| archive_ext=$(detect_release_archive_ext) | ||
| archive_name="aicx-v${version}-${target}.${archive_ext}" | ||
| archive_name="aicx-${release_tag}-${target}-slim-unsigned.tar.gz" | ||
| base_url="https://github.com/${AICX_RELEASE_REPO}/releases/download/${release_tag}" |
Comment on lines
+40
to
+64
| ## What the Public Release Asset Set Contains | ||
|
|
||
| Tagging `vX.Y.Z` triggers `.github/workflows/release.yml`, which: | ||
|
|
||
| - verifies the tag matches `Cargo.toml` | ||
| - reruns the required release gates: `semgrep`, default clippy, native GGUF clippy, binary tests, native GGUF tests, and `cargo fmt -- --check` | ||
| - builds both shipped binaries: `aicx` and `aicx-mcp` | ||
| - builds Linux artifacts on `ops-linux` | ||
| - builds macOS artifacts on `dragon-macos` | ||
| - imports the macOS signing certificate from GitHub org secrets on `dragon-macos` | ||
| - signs and notarizes macOS release bundles before upload | ||
| - builds Linux artifacts on the Linux release runner | ||
| - builds macOS artifacts on the macOS release runner | ||
| - packages archives plus `LICENSE`, `README.md`, `install.sh`, and command docs | ||
| - uploads SHA-256 checksum files alongside each archive | ||
| - creates or updates the matching GitHub Release using the current version section from `CHANGELOG.md` | ||
| - keeps self-hosted runners lean by not caching `target/` in release jobs and cleaning Cargo build artifacts after packaging/upload | ||
|
|
||
| Current binary targets: | ||
|
|
||
| - `x86_64-unknown-linux-musl` | ||
| - `x86_64-apple-darwin` | ||
| - `aarch64-apple-darwin` | ||
| - `x86_64-unknown-linux-gnu` | ||
| - `aarch64-unknown-linux-gnu` | ||
|
|
||
| Archive naming is deterministic: | ||
|
|
||
| - `aicx-vX.Y.Z-x86_64-unknown-linux-musl.tar.gz` | ||
| - `aicx-vX.Y.Z-x86_64-apple-darwin.zip` | ||
| - `aicx-vX.Y.Z-aarch64-apple-darwin.zip` | ||
| - `aicx-vX.Y.Z-aarch64-apple-darwin-slim-unsigned.tar.gz` | ||
| - `aicx-vX.Y.Z-x86_64-unknown-linux-gnu-slim-unsigned.tar.gz` | ||
| - `aicx-vX.Y.Z-aarch64-unknown-linux-gnu-slim-unsigned.tar.gz` |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
v0.6.5GitHub Release asset shape.v0.6.5.0.6.5changelog entry.Not included
Verification
bash -n install.shgit diff --checkv0.6.5asset, verified.sha256, confirmedaicx,aicx-mcp, andinstall.share present.Release note
Draft PR intentionally. This makes the AICX source assets safe for Loctree bundle consumption; npm remains a follow-up.