feat(init): pre-read common config files to reduce round-trips

After computing the directory listing, pre-read common config files
if they exist. Send the results as fileCache in the startAsync input
data. Workflow steps already check fileCache before suspending for
read-files, so this eliminates 1-3 HTTP round-trips.

Covers all supported ecosystems: JavaScript/TypeScript (Next, Nuxt,
Angular, Astro, Svelte, Remix, React Native, Electron, Cloudflare,
Bun, serverless), Python (Django, Flask, FastAPI), PHP (Laravel,
Symfony, WordPress), .NET (AspNetCore), Java/Android (Spring Boot,
Gradle), Go (Gin), Ruby (Rails), Rust, Dart/Flutter, Elixir, Cocoa,
and native (CMake). Capped at 512KB total.

Made-with: Cursor

Author: betegon

.github/workflows/ci.yml

@@ -142,61 +142,6 @@ jobs:
           echo "::error::Skill files are out of date. Run 'bun run generate:docs' locally and commit the result."
           exit 1
 
-  eval-skill:
-    name: Eval SKILL.md
-    needs: [changes]
-    if: needs.changes.outputs.skill == 'true'
-    runs-on: ubuntu-latest
-    steps:
-      # For fork PRs: check if eval has already passed via commit status
-      - name: Detect fork
-        id: detect-fork
-        run: |
-          if [[ "${{ github.event_name }}" == "pull_request" && "${{ github.event.pull_request.head.repo.full_name }}" != "${{ github.repository }}" ]]; then
-            echo "is_fork=true" >> "$GITHUB_OUTPUT"
-          fi
-      - name: Check fork eval status
-        if: steps.detect-fork.outputs.is_fork == 'true'
-        env:
-          GH_TOKEN: ${{ github.token }}
-        run: |
-          SHA="${{ github.event.pull_request.head.sha }}"
-          STATUS=$(gh api "repos/${{ github.repository }}/commits/$SHA/statuses" \
-            --jq '[.[] | select(.context == "eval-skill/fork")] | first | .state // "none"')
-          if [[ "$STATUS" != "success" ]]; then
-            echo "::error::Fork PR modifies skill files but eval has not passed for commit $SHA."
-            echo "::error::A maintainer must review the code and add the 'eval-skill' label."
-            exit 1
-          fi
-          echo "Fork eval passed for $SHA"
-      # For internal PRs: run the eval directly
-      - uses: actions/checkout@v6
-        if: steps.detect-fork.outputs.is_fork != 'true'
-      - uses: oven-sh/setup-bun@v2
-        if: steps.detect-fork.outputs.is_fork != 'true'
-      - uses: actions/cache@v5
-        if: steps.detect-fork.outputs.is_fork != 'true'
-        id: cache
-        with:
-          path: node_modules
-          key: node-modules-${{ hashFiles('bun.lock', 'patches/**') }}
-      - if: steps.detect-fork.outputs.is_fork != 'true' && steps.cache.outputs.cache-hit != 'true'
-        run: bun install --frozen-lockfile
-      - name: Generate docs and skill files
-        if: steps.detect-fork.outputs.is_fork != 'true'
-        run: bun run generate:schema && bun run generate:docs
-      - name: Eval SKILL.md
-        if: steps.detect-fork.outputs.is_fork != 'true'
-        run: bun run eval:skill
-        env:
-          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
-      - name: Upload eval results
-        if: always() && steps.detect-fork.outputs.is_fork != 'true'
-        uses: actions/upload-artifact@v7
-        with:
-          name: skill-eval-results
-          path: test/skill-eval/results.json
-
   lint:
     name: Lint & Typecheck
     needs: [changes]
@@ -597,7 +542,7 @@ jobs:
 
   test-e2e:
     name: E2E Tests
-    needs: [build-binary]
+    needs: [build-binary, changes]
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v6
@@ -621,6 +566,9 @@ jobs:
       - name: E2E Tests
         env:
           SENTRY_CLI_BINARY: ${{ github.workspace }}/dist-bin/sentry-linux-x64
+          # Pass API key only when skill files changed — the skill-eval e2e test
+          # auto-skips when the key is absent, so non-skill PRs aren't affected.
+          ANTHROPIC_API_KEY: ${{ needs.changes.outputs.skill == 'true' && secrets.ANTHROPIC_API_KEY || '' }}
         run: bun run test:e2e
 
   build-npm:
@@ -662,7 +610,7 @@ jobs:
 
   build-docs:
     name: Build Docs
-    needs: [lint]
+    needs: [lint, build-binary]
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v6
@@ -674,18 +622,50 @@ jobs:
           key: node-modules-${{ hashFiles('bun.lock', 'patches/**') }}
       - if: steps.cache.outputs.cache-hit != 'true'
         run: bun install --frozen-lockfile
+      - name: Get CLI version
+        id: version
+        run: echo "version=$(node -p 'require("./package.json").version')" >> "$GITHUB_OUTPUT"
+      - name: Download compiled CLI binary
+        uses: actions/download-artifact@v8
+        with:
+          name: sentry-linux-x64
+          path: dist-bin
+      - name: Make binary executable
+        run: chmod +x dist-bin/sentry-linux-x64
       - name: Generate docs content
         run: bun run generate:schema && bun run generate:docs
       - name: Build Docs
         working-directory: docs
+        env:
+          PUBLIC_SENTRY_ENVIRONMENT: production
+          SENTRY_RELEASE: ${{ steps.version.outputs.version }}
+          PUBLIC_SENTRY_RELEASE: ${{ steps.version.outputs.version }}
         run: |
           bun install --frozen-lockfile
           bun run build
+      # Inject debug IDs and upload sourcemaps. The inject step adds
+      # //# debugId= and the _sentryDebugIds IIFE to deployed JS files.
+      # Both steps require SENTRY_AUTH_TOKEN (the CLI checks auth on startup).
+      - name: Inject debug IDs and upload sourcemaps
+        if: github.event_name == 'push' && env.SENTRY_AUTH_TOKEN != ''
+        env:
+          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
+          SENTRY_ORG: sentry
+          SENTRY_PROJECT: cli-website
+        run: |
+          ./dist-bin/sentry-linux-x64 sourcemap inject docs/dist/
+          ./dist-bin/sentry-linux-x64 sourcemap upload docs/dist/ \
+            --release "${{ steps.version.outputs.version }}" \
+            --url-prefix "~/"
+      # Remove .map files — they were uploaded to Sentry but shouldn't
+      # be deployed to production.
+      - name: Remove sourcemaps from output
+        run: find docs/dist -name '*.map' -delete
       - name: Package Docs
         run: |
           cp .nojekyll docs/dist/
           cd docs/dist && zip -r ../../gh-pages.zip .
-      - name: Upload artifact
+      - name: Upload docs artifact
         uses: actions/upload-artifact@v7
         with:
           name: gh-pages
@@ -694,15 +674,15 @@ jobs:
   ci-status:
     name: CI Status
     if: always()
-    needs: [changes, check-generated, eval-skill, build-binary, build-npm, build-docs, test-e2e, generate-patches, publish-nightly]
+    needs: [changes, check-generated, build-binary, build-npm, build-docs, test-e2e, generate-patches, publish-nightly]
     runs-on: ubuntu-latest
     permissions: {}
     steps:
       - name: Check CI status
         run: |
           # Check for explicit failures or cancellations in all jobs
           # generate-patches and publish-nightly are skipped on PRs — that's expected
-          results="${{ needs.check-generated.result }} ${{ needs.eval-skill.result }} ${{ needs.build-binary.result }} ${{ needs.build-npm.result }} ${{ needs.build-docs.result }} ${{ needs.test-e2e.result }} ${{ needs.generate-patches.result }} ${{ needs.publish-nightly.result }}"
+          results="${{ needs.check-generated.result }} ${{ needs.build-binary.result }} ${{ needs.build-npm.result }} ${{ needs.build-docs.result }} ${{ needs.test-e2e.result }} ${{ needs.generate-patches.result }} ${{ needs.publish-nightly.result }}"
           for result in $results; do
             if [[ "$result" == "failure" || "$result" == "cancelled" ]]; then
               echo "::error::CI failed"
@@ -720,9 +700,4 @@ jobs:
             echo "::error::CI failed - upstream job failed causing check-generated to be skipped"
             exit 1
           fi
-          if [[ "${{ needs.changes.outputs.skill }}" == "true" && "${{ needs.eval-skill.result }}" == "skipped" ]]; then
-            echo "::error::CI failed - upstream job failed causing eval-skill to be skipped"
-            exit 1
-          fi
-
           echo "CI passed"

.github/workflows/docs-preview.yml

@@ -1,18 +1,32 @@
 name: Docs Preview
 
 on:
+  push:
+    branches: [main]
+    paths:
+      - 'docs/**'
+      - 'src/**'
+      - 'script/generate-command-docs.ts'
+      - 'script/generate-skill.ts'
+      - 'install'
+      - '.github/workflows/docs-preview.yml'
   pull_request:
     paths:
       - 'docs/**'
       - 'src/**'
       - 'script/generate-command-docs.ts'
       - 'script/generate-skill.ts'
+      - 'install'
       - '.github/workflows/docs-preview.yml'
 
 permissions:
   contents: write
   pull-requests: write
 
+concurrency:
+  group: docs-preview-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
   preview:
     runs-on: ubuntu-latest
@@ -30,18 +44,42 @@ jobs:
       - if: steps.cache.outputs.cache-hit != 'true'
         run: bun install --frozen-lockfile
 
+      - name: Get CLI version
+        id: version
+        run: echo "version=$(node -p 'require("./package.json").version')" >> "$GITHUB_OUTPUT"
+
       - name: Generate docs content
         run: bun run generate:schema && bun run generate:docs
 
       - name: Build Docs for Preview
         working-directory: docs
         env:
-          # Override base path for PR preview (no /cli prefix since preview domain is different)
-          DOCS_BASE_PATH: /pr-preview/pr-${{ github.event.pull_request.number }}
+          DOCS_BASE_PATH: ${{ github.event_name == 'push'
+            && '/_preview/pr-main'
+            || format('/_preview/pr-{0}', github.event.pull_request.number) }}
+          PUBLIC_SENTRY_ENVIRONMENT: staging
+          SENTRY_RELEASE: ${{ steps.version.outputs.version }}
+          PUBLIC_SENTRY_RELEASE: ${{ steps.version.outputs.version }}
         run: |
           bun install --frozen-lockfile
           bun run build
 
+      - name: Inject debug IDs and upload sourcemaps
+        if: env.SENTRY_AUTH_TOKEN != ''
+        env:
+          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
+          SENTRY_ORG: sentry
+          SENTRY_PROJECT: cli-website
+        run: |
+          bun run --bun src/bin.ts sourcemap inject docs/dist/
+          bun run --bun src/bin.ts sourcemap upload docs/dist/ \
+            --release "${{ steps.version.outputs.version }}" \
+            --url-prefix "~/"
+
+      # Remove .map files — uploaded to Sentry but shouldn't be deployed.
+      - name: Remove sourcemaps from output
+        run: find docs/dist -name '*.map' -delete
+
       - name: Ensure .nojekyll at gh-pages root
         run: |
           git config user.name "github-actions[bot]"
@@ -78,6 +116,8 @@ jobs:
         with:
           source-dir: docs/dist/
           preview-branch: gh-pages
-          umbrella-dir: pr-preview
+          umbrella-dir: _preview
           pages-base-url: cli.sentry.dev
-          action: auto
+          action: ${{ github.event_name == 'push' && 'deploy' || 'auto' }}
+          pr-number: ${{ github.event_name == 'push' && 'main' || github.event.pull_request.number }}
+          comment: ${{ github.event_name != 'push' }}

.github/workflows/eval-skill-fork.yml

@@ -46,6 +46,9 @@ jobs:
       - if: steps.cache.outputs.cache-hit != 'true'
         run: bun install --frozen-lockfile
 
+      - name: Generate docs and skill files
+        run: bun run generate:schema && bun run generate:docs
+
       - name: Eval SKILL.md
         id: eval
         run: bun run eval:skill

.github/workflows/sentry-release.yml

@@ -47,7 +47,7 @@ jobs:
       # The org/ prefix is how org is specified — it is NOT part of the version.
       # The version portion must match Sentry.init({ release }) exactly.
       - name: Create release
-        run: sentry release create "sentry/${VERSION}" --project cli
+        run: sentry release create "sentry/${VERSION}" --project cli,cli-website
 
       # --auto matches the local origin remote against Sentry repo integrations.
       # continue-on-error: integration may not be configured for all orgs.