Release 0.4.3

[FOV-RGT]

This pull request primarily improves CI/CD workflow reliability and maintainability by standardizing concurrency settings across all GitHub Actions workflows, updating secret naming conventions, and making minor code quality improvements.

Workflow concurrency and naming standardization:

• Added or updated concurrency groups for all workflows to ensure only one workflow per branch or pull request runs at a time, using consistent and descriptive group names (e.g., ci-feature-${{ github.ref }}), and enabled cancel-in-progress where appropriate to avoid redundant runs. [1] [2] [3] [4] [5] [6] [7] [8]

Secret and environment variable updates:

• Changed the secret name for Personal Access Tokens from PAT_TOKEN to PAT in workflow files and documentation, and updated the corresponding environment variable usage. [1] [2] [3]

Code quality and maintainability:

• Added *.md to .prettierignore to prevent Prettier from formatting Markdown files.
• Updated Node.js scripts (generate-snapshot-info.cjs and validate-release-version.cjs) to allow them to be imported as modules in addition to being run as standalone scripts. [1] [2]

Other workflow improvements:

• Improved workflow group naming conventions for clarity and consistency across environments (development, production, release, etc.). [1] [2] [3]

These changes help prevent duplicate workflow runs, make secret management clearer, and improve code reusability and formatting consistency.

Summary by CodeRabbit

版本更新

• 文档更新

  • 仓库密钥命名由 PAT_TOKEN 改为 PAT，已更新 README 与工作流注释。

• Chores

  • 包版本升级至 0.4.3。
  • 新增 .prettierignore，忽略 Markdown 文件 (*.md)。
  • 多个 CI/CD 工作流新增并发分组并启用取消进行中相同分支/PR 的运行；生产部署工作流新增环境变量并移除部分内容读取权限。

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Warning

Rate limit exceeded

@FOV-RGT has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 11 minutes and 34 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 500e724 and d970d6f.

📒 Files selected for processing (2)

• scripts/generate-snapshot-info.cjs
• scripts/validate-release-version.cjs

Walkthrough

本次 PR 统一并发配置并调整少量工作流与文档：将 secret 名称 PAT_TOKEN → PAT，在生产 CD 添加环境变量并移除部分权限，多个 workflow 增加或修改 concurrency，两个脚本改为条件执行并导出 main，并提升包版本至 0.4.3，新增 .prettierignore。

Changes

Cohort / File(s)	变更摘要
工作流：PAT 命名与文档 \.github/workflows/auto-tag-release.yaml, README.md	将注释与引用的 secret 名称从 PAT_TOKEN 改为 PAT，workflow 中环境变量更新为 `TOKEN: ${{ secrets.PAT
工作流：生产 CD 扩展 \.github/workflows/cd-prod.yaml	移除 permissions.contents: read，并发组名由 CD - Production - ${{ github.ref }} 改为 cd-production-${{ github.ref }}，cancel-in-progress 设为 true，新增 env：DB_URL、BACKEND_CONTAINER_PORT、BACKEND_HOST_PORT。
工作流：并发配置（多处） \.github/workflows/ci-cd-dev.yaml, \.github/workflows/ci-feature.yaml, \.github/workflows/ci-prod.yaml, \.github/workflows/ci-release.yaml, \.github/workflows/pr-check-dev.yaml, \.github/workflows/pr-check-prod.yaml, \.github/workflows/release-snapshot.yaml	为多个 CI/PR/release workflow 添加或调整 concurrency 配置，采用基于 ref 或 PR ID 的动态分组，并在多数场景启用或调整 cancel-in-progress（具体文件存在细微差别）。
脚本：入口与导出 scripts/generate-snapshot-info.cjs, scripts/validate-release-version.cjs	将无条件 main() 调用改为 if (require.main === module) { main(); } 并通过 module.exports = { main } 导出 main，并添加 JSDoc 注释以暴露可复用/可测试的主函数。
工具/配置与版本 .prettierignore, package.json	新增 .prettierignore（包含 *.md）；package.json 版本从 0.4.2 升级到 0.4.3。

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• Release 0.4 #13 — 直接修改相同的工作流与脚本文件（如 generate-snapshot-info.cjs、validate-release-version.cjs），存在代码级重叠。
• ci: update github actions workflow #6 — 涉及相同或相似 CI/CD 工作流与环境变量（DB_URL、BACKEND_CONTAINER_PORT、BACKEND_HOST_PORT）更改。
• update ci workflow #3 — 修改多处 GitHub Actions 工作流（例如 ci-cd-dev.yaml、pr-check-dev.yaml），与本次并发配置调整相关。

Suggested labels

ci:success

Suggested reviewers

• seeleclover

Poem

🐰 我是一只代码兔，穿过分支与密钥，
名字换了小写声，流水线排起队；
脚本学会自我问候，出口留成了接口，
版本悄悄跳一跳，格式忽略了.md。

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	标题"Release 0.4.3"与变更集的主要内容相符，这是一个版本发布提交，涵盖了工作流优化、密钥重命名和代码改进等多项改动。
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.github/workflows/cd-prod.yaml (1)

17-19: DB_URL 和 BACKEND_HOST_PORT 环境变量未被使用

DB_URL 和 BACKEND_HOST_PORT 已定义但在工作流中没有任何引用。BACKEND_CONTAINER_PORT 在 build-args 中被正确使用（line 103），但另外两个变量应当被移除或明确其使用意图。如果这些变量预留供未来使用，建议提供相关文档说明；否则建议删除以保持配置简洁。

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between fe8ebd9 and 1d43061.

📒 Files selected for processing (14)

• .github/workflows/auto-tag-release.yaml
• .github/workflows/cd-prod.yaml
• .github/workflows/ci-cd-dev.yaml
• .github/workflows/ci-feature.yaml
• .github/workflows/ci-prod.yaml
• .github/workflows/ci-release.yaml
• .github/workflows/pr-check-dev.yaml
• .github/workflows/pr-check-prod.yaml
• .github/workflows/release-snapshot.yaml
• .prettierignore
• README.md
• package.json
• scripts/generate-snapshot-info.cjs
• scripts/validate-release-version.cjs

🧰 Additional context used

📓 Path-based instructions (1)

**/*.{yaml,yml,json}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Use 2 spaces for indentation in YAML and JSON files

Files:

• package.json

🧠 Learnings (2)

📚 Learning: 2025-12-22T19:42:55.173Z

Learnt from: CR
Repo: gdmuna/nestjs-demo-basic PR: 0
File: .github/copilot-instructions.md:0-0
Timestamp: 2025-12-22T19:42:55.173Z
Learning: Follow NestJS directory structure convention with src/ containing: common/ (shared services), utils/ (utility functions and constants), feature modules, controllers, services, and main.ts entry point

Applied to files:

• package.json

📚 Learning: 2025-12-22T19:42:55.173Z

Learnt from: CR
Repo: gdmuna/nestjs-demo-basic PR: 0
File: .github/copilot-instructions.md:0-0
Timestamp: 2025-12-22T19:42:55.173Z
Learning: Applies to CHANGELOG{,_zh-CN}.md : Maintain CHANGELOG.md (English) and CHANGELOG_zh-CN.md (Chinese) files with detailed records of file changes, config modifications, dependency updates, and renames/deletions

Applied to files:

• README.md

🔇 Additional comments (16)

package.json (1)

4-4: 版本升级正确！

版本从 0.4.2 升级到 0.4.3，与 PR 标题一致，符合语义化版本规范。

.github/workflows/ci-release.yaml (1)

7-9: 并发控制配置合理！

新增的并发控制块使用动态的 github.ref 实现了按分支隔离的运行机制，cancel-in-progress: true 的设置确保同一分支的新推送会取消正在运行的旧工作流，有效避免重复运行。命名规范清晰，与 PR 目标一致。

.github/workflows/ci-cd-dev.yaml (1)

14-16: 并发组命名优化得当！

将并发组从静态字符串改为动态的 ci/cd-development-${{ github.ref }}，实现了更精细的按分支隔离。这与 PR 中其他工作流的改动保持一致，提升了 CI/CD 流程的可靠性。

.github/workflows/ci-feature.yaml (1)

7-9: 特性分支并发控制配置正确！

为特性分支工作流添加了并发控制，使用 ci-feature-${{ github.ref }} 作为分组标识，cancel-in-progress: true 确保同一分支的新提交会取消旧的运行。配置规范且与其他工作流保持一致。

.github/workflows/pr-check-prod.yaml (1)

8-10: PR 检查并发控制设计合理！

使用 github.event.pull_request.id 作为并发组标识符，这对于 PR 触发的工作流是正确的选择，确保每个 PR 的检查相互隔离。cancel-in-progress: true 保证了 PR 更新时会取消旧的检查运行，节省资源并加快反馈速度。

.prettierignore (1)

1-1: Prettier 配置符合预期！

新增 .prettierignore 文件将 Markdown 文件排除在格式化之外，配置简洁明确，与 PR 目标一致。

.github/workflows/ci-prod.yaml (1)

7-9: 生产环境 CI 并发控制优化到位！

将并发组更新为动态的 ci-production-${{ github.ref }}，与开发环境和其他工作流的改进保持一致，确保了生产分支的 CI 运行按分支正确隔离。

.github/workflows/release-snapshot.yaml (1)

7-9: 快照发布并发控制配置合理！

为快照发布工作流添加了并发控制，特别注意到 cancel-in-progress: false 的设置。这是正确且有意为之的配置——对于快照发布这类重要的构建任务，不应该取消正在进行的构建，确保每个快照都能完整生成。这体现了对不同工作流场景的细致考虑。

.github/workflows/pr-check-dev.yaml (1)

8-10: 并发控制配置正确！

为 PR 检查工作流添加并发控制是正确的做法。使用 github.event.pull_request.id 作为分组键确保同一 PR 的多次推送只运行最新的工作流，cancel-in-progress: true 可以取消正在进行的旧运行，节省 CI 资源。

README.md (1)

378-378: 文档更新与代码保持一致！

将 Secret 名称从 PAT_TOKEN 更新为 PAT 与工作流文件中的更改保持一致。文档准确性对用户配置至关重要。

.github/workflows/auto-tag-release.yaml (2)

11-13: 文档注释更新正确！

注释已正确更新为新的 Secret 名称 PAT，与实际使用保持一致，有助于维护者理解配置要求。

---

25-25: Secret 引用更新正确！

环境变量已正确更新为使用 secrets.PAT，并保留了对 GITHUB_TOKEN 的回退机制。这确保了即使未配置 PAT，工作流也能继续执行（尽管不会触发后续的 CD 流程）。

scripts/generate-snapshot-info.cjs (1)

85-89: 代码可重用性改进正确！

添加 require.main === module 条件判断和导出 main 函数是标准的 CommonJS 模块模式。这使得脚本既可以直接执行，也可以作为模块导入，提高了代码的可测试性和可重用性。实现正确。

scripts/validate-release-version.cjs (1)

127-131: 模块化改造与其他脚本保持一致！

此脚本采用了与 generate-snapshot-info.cjs 相同的模块化模式，确保了代码库中脚本处理方式的一致性。这种统一的方法提高了可维护性，并使脚本更易于测试。

.github/workflows/cd-prod.yaml (2)

22-22: 并发组命名标准化！

将并发组名称从 "CD - Production - ${{ github.ref }}" 简化为 "cd-production-${{ github.ref }}" 提高了命名的一致性，与 PR 中其他工作流的命名风格保持一致。

---

23-23: 验证生产部署的取消策略是否合适。

将 cancel-in-progress 从 false 改为 true 意味着当新的标签被推送时，正在进行的生产部署会被取消。请确认：

1. 当前部署流程（Docker 镜像构建和推送）是否可以安全取消而不会留下不一致状态
2. 是否存在后续的部署步骤（如数据库迁移、服务重启）可能因取消而导致问题
3. 生产环境中是否预期会出现快速连续的标签推送

对于纯粹的 Docker 镜像构建和推送，取消通常是安全的。但如果有状态变更操作，建议保持 cancel-in-progress: false 以确保部署完整执行。

[coderabbitai]

Note

Docstrings generation - SUCCESS
Generated docstrings for this pull request at #17

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

scripts/validate-release-version.cjs (1)

1-1: 修复 Prettier 格式问题。

两个 CI 流水线都报告了 Prettier 格式问题，必须修复才能通过检查。

运行以下命令修复格式：

prettier --write scripts/validate-release-version.cjs

🧹 Nitpick comments (1)

scripts/validate-release-version.cjs (1)

54-59: 移除重复的 setGitHubOutput 函数并从 version-utils.cjs 导入。

该函数已在 version-utils.cjs 中定义（第 168-173 行）并导出，其他脚本如 validate-version.cjs 和 create-release-tag.cjs 均已正确从该模块导入。请将本文件中第 54-59 行的函数定义删除，改为在文件顶部添加导入语句：const { setGitHubOutput } = require('./version-utils.cjs');

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1d43061 and 7e86bfc.

📒 Files selected for processing (2)

• scripts/generate-snapshot-info.cjs
• scripts/validate-release-version.cjs

🚧 Files skipped from review as they are similar to previous changes (1)

• scripts/generate-snapshot-info.cjs

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: CR
Repo: gdmuna/nestjs-demo-basic PR: 0
File: .github/copilot-instructions.md:0-0
Timestamp: 2025-12-22T19:42:55.173Z
Learning: Follow Conventional Commits format for commit messages: <type>(<scope>): <subject> with types: feat, fix, docs, style, refactor, perf, test, chore, ci, build, release, revert

🧬 Code graph analysis (1)

scripts/validate-release-version.cjs (3)

scripts/validate-version.cjs (1)

• require (10-10)

scripts/create-release-tag.cjs (1)

• require (12-12)

scripts/version-utils.cjs (1)

• require (9-9)

🪛 GitHub Actions: CI - Release Branch

scripts/validate-release-version.cjs

[warning] 1-1: Code style issues found in this file. Run Prettier with --write to fix.

🪛 GitHub Actions: Pull Request Check - Production

scripts/validate-release-version.cjs

[warning] 1-1: Prettier formatting issues detected in this file. Run 'prettier --write' to fix.

🔇 Additional comments (2)

scripts/validate-release-version.cjs (2)

61-67: 优秀的文档补充！

JSDoc 注释清晰地说明了函数的用途、环境变量依赖、输出和退出码，提升了代码可维护性。

---

133-137: 实现方式正确！

使用 require.main === module 保护和导出 main 函数是标准的 Node.js 模式，允许脚本既可以直接运行也可以作为模块导入，与 PR 目标一致。

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

scripts/validate-release-version.cjs (1)

54-59: 建议使用共享的工具函数以消除重复代码

setGitHubOutput 函数在此处定义，但根据相关代码片段显示，version-utils.cjs 已经导出了相同的工具函数，并被其他脚本（如 validate-version.cjs 和 create-release-tag.cjs）引用使用。

建议从 version-utils.cjs 导入该函数以遵循 DRY 原则，提高代码的可维护性和一致性。

🔎 建议的重构方案

在文件顶部添加导入：

 const fs = require('fs');
 const path = require('path');
+const { setGitHubOutput } = require('./version-utils.cjs');

然后移除本地定义的 setGitHubOutput 函数（第 54-59 行）：

-// 设置 GitHub Actions 输出
-function setGitHubOutput(key, value) {
-    const outputFile = process.env.GITHUB_OUTPUT;
-    if (outputFile) {
-        fs.appendFileSync(outputFile, `${key}=${value}\n`, 'utf8');
-    }
-}
-

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7e86bfc and 500e724.

📒 Files selected for processing (2)

• scripts/generate-snapshot-info.cjs
• scripts/validate-release-version.cjs

🚧 Files skipped from review as they are similar to previous changes (1)

• scripts/generate-snapshot-info.cjs

🧰 Additional context used

🧬 Code graph analysis (1)

scripts/validate-release-version.cjs (3)

scripts/create-release-tag.cjs (1)

• require (12-12)

scripts/validate-version.cjs (1)

• require (10-10)

scripts/version-utils.cjs (1)

• require (9-9)

🔇 Additional comments (1)

scripts/validate-release-version.cjs (1)

61-67: 文档说明清晰完整！

添加的函数文档详细说明了 main 函数的行为、环境变量依赖、输出和退出码，提升了代码的可维护性。

[coderabbitai]

⚠️ Potential issue | 🟠 Major

模块化模式正确，但 process.exit() 限制了可复用性

条件执行守卫和模块导出的实现符合 Node.js 最佳实践，使脚本既可以直接运行也可以作为模块导入。

但存在一个重要问题：main() 函数内部多次调用 process.exit()（第 108、122、129 行），当其他模块导入并调用 main() 时，会直接终止整个 Node.js 进程。这限制了该函数作为模块的实际可用性。

建议考虑以下改进方案之一：

• 返回结果对象而不是调用 process.exit()
• 抛出错误而不是 process.exit(1)
• 在文档中明确说明此限制

🔎 可选的重构方案示例

如果希望真正实现模块化复用，可以重构为：

 function main() {
     try {
         // ... 验证逻辑 ...
         
         if (isValid) {
             console.log('✅ 版本验证通过');
             // ... 设置输出 ...
             console.log('========================================');
-            process.exit(0);
+            return { success: true, isValid: true, expectedVersionPrefix, actualVersion };
         } else {
             console.log('❌ 版本验证失败');
             // ... 设置输出和错误消息 ...
             console.error(messageCn);
             console.log('========================================');
-            process.exit(1);
+            return { success: false, isValid: false, expectedVersionPrefix, actualVersion, error: messageCn };
         }
     } catch (error) {
         console.error('❌ 错误:', error.message);
         setGitHubOutput('is_valid', 'false');
         // ...
-        process.exit(1);
+        return { success: false, isValid: false, error: error.message };
     }
 }
 
 if (require.main === module) {
-    main();
+    const result = main();
+    process.exit(result.success ? 0 : 1);
 }

这样既保持了作为独立脚本运行时的退出码行为，又允许作为模块导入时获取结构化的返回结果。

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents

In scripts/validate-release-version.cjs around lines 133 to 137, the module
guard and export are fine but main() currently calls process.exit() at lines
108, 122 and 129 which terminates the whole Node process when imported; refactor
main() to stop calling process.exit() internally and instead return a structured
result object (or throw errors) indicating success/failure and exit code; update
the CLI branch (the require.main === module block) to call main() and call
process.exit(result.code) or handle thrown errors there so running as a script
preserves exit semantics while importing the module remains reusable.

[github-actions]

✅ Package 版本检查通过

• 期望版本: 0.4.3
• 实际版本: 0.4.3

版本配置正确，可以合并。

---

✅ Package Version Check Passed

• Expected Version: 0.4.3
• Actual Version: 0.4.3

Version is correctly configured for this release.