OpenWork releases should be deterministic, easy to reproduce, and fully verifiable with CLI tooling.
- Sync the default branch (currently
dev). - Run
pnpm release:reviewand fix any mismatches. - If you are building sidecar assets, set
SOURCE_DATE_EPOCHto the tag timestamp for deterministic manifests.
- Bump versions (app + desktop + Tauri + Cargo):
pnpm bump:patchorpnpm bump:minororpnpm bump:major
- Re-run
pnpm release:review. - Build sidecars for the desktop bundle:
pnpm --filter @different-ai/openwork prepare:sidecar
- Commit the version bump.
- Tag and push:
git tag vX.Y.Zgit push origin vX.Y.Z
- Bump versions (includes
packages/orchestrator/package.json):pnpm bump:patchorpnpm bump:minororpnpm bump:major
- Build sidecar assets and manifest:
pnpm --filter openwork-orchestrator build:sidecars
- Create the GitHub release for sidecars:
gh release create openwork-orchestrator-vX.Y.Z packages/orchestrator/dist/sidecars/* --repo different-ai/openwork
- Publish the package:
pnpm --filter openwork-orchestrator publish --access public
pnpm --filter openwork-server publish --access publicpnpm --filter opencode-router publish --access public
openwork start --workspace /path/to/workspace --check --check-eventsgh run list --repo different-ai/openwork --workflow "Release App" --limit 5gh release view vX.Y.Z --repo different-ai/openwork
Use pnpm release:review --json when automating these checks in scripts or agents.
Release App publishes the Arch AUR package automatically after the Linux .deb asset is uploaded.
For local AMD64 Arch builds without Docker, see packaging/aur/README.md.
Required repo config:
- GitHub Actions secret:
AUR_SSH_PRIVATE_KEY(SSH key with push access to the AUR package repo) - Optional repo variable:
AUR_REPO(defaults toopenwork)
If you want Release App to publish openwork-orchestrator, openwork-server, and opencode-router to npm, configure:
- GitHub Actions secret:
NPM_TOKEN(npm automation token)
If NPM_TOKEN is not set, the npm publish job is skipped.