From b291d86f8302e1b210eb7c90c2b6ad7f86a81e65 Mon Sep 17 00:00:00 2001 From: Chisanan232 Date: Fri, 26 Jun 2026 17:53:25 +0800 Subject: [PATCH 1/3] =?UTF-8?q?=F0=9F=94=A7=20(sonar):=20Set=20projectVers?= =?UTF-8?q?ion=20off=200.0.0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 0.0.0 stalls the SonarCloud quality gate at "Not computed". Set the static fallback to the current package version and document that CI overrides it. Refs AAASM-2774 Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_019mSz31RysZF6DYToUoBWLf --- sonar-project.properties | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/sonar-project.properties b/sonar-project.properties index 2232f7d9..fd51181a 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -3,7 +3,11 @@ sonar.projectKey=ai-agent-assembly_node-sdk sonar.organization=ai-agent-assembly sonar.projectName=node-sdk -sonar.projectVersion=0.0.0 +# Static fallback only. The CI scan (.github/workflows/quality-report.yml) +# overrides this with -Dsonar.projectVersion= so the +# SonarCloud quality gate auto-advances each release. Keep this off 0.0.0 (which +# stalls the gate at "Not computed") and roughly in step with package.json. +sonar.projectVersion=0.0.1-rc.1 sonar.projectBaseDir=./ sonar.sources=src/ From 8dfd8e91c410ac995134d10b5b92030670338f14 Mon Sep 17 00:00:00 2001 From: Chisanan232 Date: Fri, 26 Jun 2026 17:53:25 +0800 Subject: [PATCH 2/3] =?UTF-8?q?=F0=9F=94=A7=20(ci):=20Derive=20sonar.proje?= =?UTF-8?q?ctVersion=20from=20package.json?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Pass -Dsonar.projectVersion= to the Sonar scan so the quality gate auto-advances each release instead of being pinned to a literal. Refs AAASM-2774 Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_019mSz31RysZF6DYToUoBWLf --- .github/workflows/quality-report.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/quality-report.yml b/.github/workflows/quality-report.yml index 1ee801af..9a154565 100644 --- a/.github/workflows/quality-report.yml +++ b/.github/workflows/quality-report.yml @@ -60,8 +60,17 @@ jobs: token: ${{ secrets.CODECOV_TOKEN }} verbose: true + - name: Resolve package version for Sonar + id: sonar_version + run: echo "version=$(node -p "require('./package.json').version")" >> "$GITHUB_OUTPUT" + - name: SonarQube Scan if: ${{ env.SONAR_TOKEN != '' }} uses: SonarSource/sonarqube-scan-action@713881670b6b3676cda39549040e2d88c70d582e # v8.2.0 env: SONAR_TOKEN: ${{ env.SONAR_TOKEN }} + with: + # Override sonar-project.properties' static fallback so the quality + # gate version always tracks package.json and auto-advances per release. + args: > + -Dsonar.projectVersion=${{ steps.sonar_version.outputs.version }} From 3dde0f871eaf394517e7b3641ec293785a6a30d6 Mon Sep 17 00:00:00 2001 From: Chisanan232 Date: Fri, 26 Jun 2026 17:53:25 +0800 Subject: [PATCH 3/3] =?UTF-8?q?=F0=9F=93=9D=20(skill):=20Cover=20sonar.pro?= =?UTF-8?q?jectVersion=20auto-derive=20in=20release=20skills?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Note in both release runbooks that quality-report.yml derives sonar.projectVersion from package.json, so no manual bump is needed on the release path; keep the static fallback roughly in step. Refs AAASM-2774 Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_019mSz31RysZF6DYToUoBWLf --- .claude/skills/release-runbook/SKILL.md | 8 ++++++++ .claude/skills/sdk-only-release/SKILL.md | 6 ++++++ 2 files changed, 14 insertions(+) diff --git a/.claude/skills/release-runbook/SKILL.md b/.claude/skills/release-runbook/SKILL.md index bcb775ed..19666417 100644 --- a/.claude/skills/release-runbook/SKILL.md +++ b/.claude/skills/release-runbook/SKILL.md @@ -228,6 +228,14 @@ state machine: - Downloading + staging the `aasm-*.tar.gz` binaries. - The post-publish `v` git tag + GitHub Release. - The Docusaurus docs-version snapshot PR (`version-docs` job). +- The SonarCloud `sonar.projectVersion`. `quality-report.yml` overrides the + `sonar-project.properties` value with `-Dsonar.projectVersion=` at scan time, so the quality gate auto-advances once the five + `package.json` files are bumped — no manual `sonar.projectVersion` bump is + required on the release path (AAASM-2774). Keep the static fallback in + `sonar-project.properties` roughly in step with `package.json` so the gate + never falls back to `0.0.0` ("Not computed") if the scan ever runs without the + CI override. ## Detailed references diff --git a/.claude/skills/sdk-only-release/SKILL.md b/.claude/skills/sdk-only-release/SKILL.md index 354b2581..677c97ca 100644 --- a/.claude/skills/sdk-only-release/SKILL.md +++ b/.claude/skills/sdk-only-release/SKILL.md @@ -160,6 +160,12 @@ Three operator-side rules govern every dispatch: `repository_dispatch`); refresh docs separately if needed. - dist-tag promotion is a separate operator step from an authenticated terminal: `npm dist-tag add @agent-assembly/sdk@ alpha`. +- The SonarCloud `sonar.projectVersion` needs **no** manual bump for an SDK-only + release. `quality-report.yml` derives it from `package.json` at scan time + (`-Dsonar.projectVersion=`), so once `` is committed to + `package.json` the quality gate tracks it automatically (AAASM-2774). Keep the + static fallback in `sonar-project.properties` roughly in step so the gate never + reverts to `0.0.0` ("Not computed"). ## Do NOT manually run