Is your code refactoring request related to a problem?
The current release agent can continue into tagging and publishing even when its safeguards are too soft for a live release. It also still carries hardcoded release assumptions that can mis-target publish steps when the release path changes.
Describe the Refactoring / Review Task
Harden the release agent so live releases fail fast unless the repository is in a known-good state.
Scope:
- fail live releases when the worktree is dirty
- verify target branch, commit, and version alignment before mutation
- tighten duplicate tag and duplicate release preflight checks
- remove or reduce hardcoded branch assumptions where they can mis-target publishing
Use Case
Release maintainers and automation operators need a safe release command that cannot silently tag the wrong commit or continue through a stale local state.
Alternatives Considered
- Leave the current warnings in place and rely on workflow discipline
- Move all checks into the workflow only
- Require live confirmation plus stronger runtime guards
The safe default is to enforce hard failures in the agent and keep workflow gates as a second layer.
Additional Context
- Source pack:
.github/projects/active/release-agent-hardening/
- Proposal spec:
openspec-strict/children/01-1-task-release-agent-safety-gates.md
Example Code Snippets
Before: dirty tree logs a warning and the agent continues
After: dirty tree aborts the live release before tagging
Refactoring / Review Checklist
Code Area(s) Impacted
Definition of Ready (DoR)
Definition of Done (DoD)
Is your code refactoring request related to a problem?
The current release agent can continue into tagging and publishing even when its safeguards are too soft for a live release. It also still carries hardcoded release assumptions that can mis-target publish steps when the release path changes.
Describe the Refactoring / Review Task
Harden the release agent so live releases fail fast unless the repository is in a known-good state.
Scope:
Use Case
Release maintainers and automation operators need a safe release command that cannot silently tag the wrong commit or continue through a stale local state.
Alternatives Considered
The safe default is to enforce hard failures in the agent and keep workflow gates as a second layer.
Additional Context
.github/projects/active/release-agent-hardening/openspec-strict/children/01-1-task-release-agent-safety-gates.mdExample Code Snippets
Refactoring / Review Checklist
Code Area(s) Impacted
Definition of Ready (DoR)
Definition of Done (DoD)