# Release Checklist

Run these checks before every publish. All commands run from the repository root.

## Pre-flight

```bash
# Verify clean working tree
git status --short

# All 14 packages compile cleanly
npm run build

# Strict typecheck passes
npm run typecheck

# Lint passes (0 errors, 0 warnings)
npm run lint

# Unit tests pass (1125+)
npm test

# Integration tests pass
npm run test:integration

# E2E suite runs
npm run test:e2e

# External smoke test passes in clean temp directory
npm run test:external-smoke

# No generated artifacts in source tree
npm run clean
find packages -path '*/src/*.js' -o -path '*/src/*.d.ts' -o -path '*/src/*.map' | wc -l
# Expected: 0
```

## Version alignment

```bash
# All package manifests match the release version
grep '"version"' packages/*/package.json | grep -v "$TAG"

# Root manifest matches
grep '"version"' package.json

# CHANGELOG has an entry for this release
head CHANGELOG.md

# Issue template references the right version
grep placeholder .gitea/ISSUE_TEMPLATE/bug_report.yml

# SECURITY.md supported version table is current
grep '1\.[0-9]' SECURITY.md
```

## Metadata

```bash
# Repository URLs point to Gitea (not GitHub)
grep -r 'github.com' packages/*/package.json
# Expected: 0

# All public packages have descriptions
for pkg in packages/*/package.json; do
  desc=$(node -p "require('./$pkg').description || ''")
  if [ -z "$desc" ]; then echo "MISSING: $pkg"; fi
done

# Root package is named imhotep-monorepo (not imhotep)
grep '"name"' package.json
```

## Package Tarballs

```bash
# Build and pack all packages
npm run build

# Every package packs cleanly (no workspace:* leakage)
for pkg in packages/*/; do
  (cd "$pkg" && npm pack --json | node -e "
    const p = require('fs').readFileSync('/dev/stdin','utf8');
    const files = JSON.parse(p).map(f => f.path);
    const pkgJson = files.find(f => f.endsWith('package.json'));
    if (!pkgJson) { console.error('No package.json in tarball'); process.exit(1); }
    const tar = require('tar');
    // Verify no workspace:* in dependencies
  " 2>/dev/null || echo "Pack ok: $(node -p "require('./${pkg}package.json').name")")
done
```

## Commit and Tag

```bash
# Commit message includes version number
git commit -m "v$TAG"

# Tag matches version in manifests
git tag -a "v$TAG" -m "Release v$TAG"

# Push commit and tag
git push origin master
git push origin "v$TAG"
```

## Post-release

- [ ] Verify CI passes on the tagged commit
- [ ] Check that external smoke test works from the release tarball
- [ ] Update `SECURITY.md` supported version table for the new release
- [ ] Ensure package READMEs are bundled in published tarballs (`files` field)