Release workflow

[danielsitek]

This pull request adds a new GitHub Actions workflow to automate the release process whenever a new version tag is pushed. The workflow checks out the code and creates a GitHub release with autogenerated release notes.

Release automation:

• Added .github/workflows/release.yml workflow to trigger on version tags (v*) and create a release with autogenerated notes using softprops/action-gh-release.

Summary by CodeRabbit

• Chores
  • Updated release automation workflow for internal CI/CD processes.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

A new GitHub Actions workflow is added to automate release creation. The workflow triggers on version tags matching v*, checks out the repository, and uses the softprops/action-gh-release action to create releases with auto-generated release notes.

Changes

Cohort / File(s)	Summary
GitHub Actions Release Workflow \.github/workflows/release\.yml	Adds automated release workflow triggered on version tags (v*), configured with repository checkout and release creation via softprops/action-gh-release@v2 with auto-generated notes

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

• Single configuration file addition with standard GitHub Actions syntax
• No complex logic or interdependencies to evaluate

Poem

🐰 A workflow so sweet, on tags it will leap,
Creating releases while we all sleep,
With notes auto-penned by the action so keen,
The smoothest release process you've ever seen! 🚀

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Release workflow' directly and concisely describes the main change: adding a GitHub Actions release workflow to automate version releases.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/ds-release-workflow

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

.github/workflows/release.yml (2)

3-6: Consider a more specific tag pattern to match semantic versioning.

The tag pattern v* is permissive and will match any tag starting with "v" (e.g., versioninfo, vXYZ). This could trigger unintended releases for tags that don't follow semantic versioning conventions.

Consider using a more specific pattern like v[0-9].* to ensure only version tags are matched:

  on:
    push:
      tags:
-       - "v*"
+       - "v[0-9]*"

Alternatively, for stricter semantic versioning matching:

  on:
    push:
      tags:
-       - "v*"
+       - "v[0-9]+.[0-9]+.[0-9]+"

---

20-23: Consider explicitly passing the GITHUB_TOKEN.

While GitHub Actions provides GITHUB_TOKEN implicitly, explicitly passing it to softprops/action-gh-release is a best practice for clarity and ensures the action uses the correct token with appropriate permissions.

Add the token parameter:

      - name: Create Release
        uses: softprops/action-gh-release@v2
        with:
          generate_release_notes: true
+         token: ${{ secrets.GITHUB_TOKEN }}

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 20a9715 and 1128ea9.

📒 Files selected for processing (1)

• .github/workflows/release.yml (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Codacy Static Code Analysis

🔇 Additional comments (1)

.github/workflows/release.yml (1)

20-23: No action needed—version usage is correct and secure.

The workflow correctly uses softprops/action-gh-release@v2, which is the repository's recommended practice. This major version tag automatically tracks the latest v2.x release (currently v2.5.0 as of Dec 1, 2025). No known security vulnerabilities are reported for this action.