Github Release

What Is Github Release?

The Github Release skill is a specialized Claude Code automation designed to streamline and secure the process of preparing and publishing open source releases on GitHub. It provides an end-to-end release workflow that not only creates GitHub releases and version tags, but also ensures that code is sanitized for public distribution. The skill leverages essential CLI tools to scan for secrets, remove personal development artifacts, and validate critical project documentation like LICENSE and README files. By enforcing robust checks before publishing, Github Release helps developers prevent accidental exposure of sensitive information and maintain open source best practices.

Why Use Github Release?

Releasing code to the public is fraught with potential pitfalls, from accidentally leaking secrets to omitting key documentation or publishing unnecessary files. Manual release processes are error-prone and time-consuming, especially for teams that iterate quickly. The Github Release skill addresses these challenges by automating the critical pre-release checks and publishing steps, ensuring that every release meets security and compliance standards.

Key reasons to adopt this skill include:

• Automated Security: Automated secrets scanning helps prevent the accidental leakage of credentials or sensitive data.
• Release Consistency: By enforcing a repeatable, auditable workflow, the skill reduces human error and increases confidence in the release process.
• Documentation Compliance: Validates the presence and correctness of LICENSE and README files, important for open source compliance and user trust.
• Efficiency: Reduces manual effort by handling version tagging and release creation via the GitHub CLI.

How to Get Started

To begin using the Github Release skill, a few setup steps are required to ensure smooth operation:

1. Install

Prerequisites

• GitHub CLI (gh):
  Install the official GitHub CLI and authenticate it with your GitHub account.

  bash

  gh auth status

  If not installed, visit: https://cli.github.com/

• Gitleaks:
  Used for secrets scanning. Install via Homebrew or download from its GitHub releases page:

  bash

  brew install gitleaks

  Or, download a binary from https://github.com/gitleaks/gitleaks/releases.

• Git Repository:
  Ensure you are working within a git repository with a properly configured remote.

2. Trigger the

Skill

The skill can be invoked with commands like release, publish, open source, prepare for release, create release, or github release within Claude Code.

Key Features

The Github Release skill operates in a two-phase workflow: Sanitize and Publish.

Phase 1:

Sanitize

1. Secrets

Scanning (BLOCKER)

Before releasing, the skill scans your codebase for secrets using gitleaks. If any secrets are detected, the release is halted until they are removed.

gitleaks detect --no-git --source=. --verbose

If secrets are found:

• Remove them from code and move sensitive data to environment variables.
• To check if secrets exist in git history:
  bash

  git log -S "secret_value"

• For purging secrets from history, use BFG Repo-Cleaner.

If gitleaks is not installed:
Manual alternative checks:

find . -name ".env*" -not -path "*/node_modules/*"
grep -ri "api_key\|token\|secret\|password" wrangler.toml wrangler.jsonc .dev.vars 2>/dev/null

2. Remove Personal

Artifacts

The skill identifies and prompts removal of files not intended for public release, such as:

• SESSION.md
• planning/
• Temporary notes or local cache files

3. LICENSE and README

Validation

Ensures your project includes a valid LICENSE file and a comprehensive README, both of which are essential for open source projects.

Phase 2:

Tag and Publish

Once the codebase is sanitized:

• Version Tagging:
  The skill creates a new git tag for the release version.

  bash

  git tag v1.2.3
  git push origin v1.2.3

• GitHub Release Publishing:
  Uses the GitHub CLI to publish the release.

  bash

  gh release create v1.2.3 --title "v1.2.3" --notes "Release notes here"

All these actions are performed only if the sanitation phase passes without blocker issues.

Best Practices

• Automate Regularly: Integrate the Github Release skill as part of your CI/CD pipeline to enforce consistent release hygiene.
• Review Scan Results: Always carefully review the secret scan output, and consider adding custom patterns for your organization’s sensitive data.
• Keep Documentation Up-to-Date: Regularly update your LICENSE and README to reflect project changes before each release.
• Tag Meaningfully: Use semantic versioning for tags to communicate changes effectively to users.

Important Notes

• The skill is designed for use with Claude Code and may not function in other environments.
• All blockers (like secrets found) must be resolved before proceeding to the release phase.
• Manual review is recommended in addition to automated scans for comprehensive coverage.
• Ensure gh and gitleaks are installed and updated to their latest versions for compatibility.
• Publishing a release is irreversible; always verify the repository’s state before tagging and releasing.
• The skill does not automatically clean secrets from git history; manual intervention is required for historical leaks.

By following these guidelines and leveraging the Github Release skill, teams can confidently open source their code while minimizing risk and maximizing transparency.