ci: comment when publish to npm/pypi finishes successfully

[christian-byrne]

This change adds a reusable post-release-summary composite action that automatically figures out the current/previous version, generates diff + PyPI/npm links, and posts (or updates) the release summary comment whenever the publish jobs succeed.

┆Issue is synchronized with this Notion page by Unito

[github-actions]

🎭 Playwright Test Results

⚠️ Tests passed with flaky tests

⏰ Completed at: 11/07/2025, 03:41:11 AM UTC

📈 Summary

• Total Tests: 497
• Passed: 462 ✅
• Failed: 0
• Flaky: 5 ⚠️
• Skipped: 30 ⏭️

📊 Test Reports by Browser

• ✅ chromium: View Report • ✅ 453 / ❌ 0 / ⚠️ 5 / ⏭️ 30
• ✅ chromium-2x: View Report • ✅ 2 / ❌ 0 / ⚠️ 0 / ⏭️ 0
• ✅ chromium-0.5x: View Report • ✅ 1 / ❌ 0 / ⚠️ 0 / ⏭️ 0
• ✅ mobile-chrome: View Report • ✅ 6 / ❌ 0 / ⚠️ 0 / ⏭️ 0

---

🎉 Click on the links above to view detailed test results for each browser configuration.

[github-actions]

🎨 Storybook Build Status

✅ Build completed successfully!

⏰ Completed at: 11/07/2025, 03:27:06 AM UTC

🔗 Links

• 📊 View Workflow Run
• 🎨 View Storybook

---

🎉 Your Storybook is ready for review!

[github-actions]

Bundle Size Report

Summary

• Raw size: 12.2 MB baseline 12.2 MB — ⚪ 0 B
• Gzip: 2.49 MB baseline 2.49 MB — ⚪ 0 B
• Brotli: 1.96 MB baseline 1.96 MB — ⚪ 0 B
• Bundles: 58 current • 58 baseline

Category Glance
Vendor & Third-Party ⚪ 0 B (5.32 MB) · App Entry Points ⚪ 0 B (3.25 MB) · Other ⚪ 0 B (2.55 MB) · Graph Workspace ⚪ 0 B (793 kB) · Panels & Settings ⚪ 0 B (293 kB) · UI Components ⚪ 0 B (12.6 kB) · + 3 more

Per-category breakdown

App Entry Points — 3.25 MB (baseline 3.25 MB) • ⚪ 0 B

Main entry bundles and manifests

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/index-ByemK137.js	2.87 MB	2.87 MB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/index-C9ABu5-j.js	1.75 kB	1.75 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/index-DGllLwUY.js	382 kB	382 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

Graph Workspace — 793 kB (baseline 793 kB) • ⚪ 0 B

Graph editor runtime, canvas, workflow orchestration

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/GraphView-C38PONQN.js	793 kB	793 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

Views & Navigation — 8.18 kB (baseline 8.18 kB) • ⚪ 0 B

Top-level views, pages, and routed surfaces

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/UserSelectView-BgrfeVcm.js	8.18 kB	8.18 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

Panels & Settings — 293 kB (baseline 293 kB) • ⚪ 0 B

Configuration panels, inspectors, and settings screens

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/AboutPanel-Bv3fgKRb.js	10.3 kB	10.3 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/CreditsPanel-yCTAO4Ls.js	23 kB	23 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/ExtensionPanel-DuXiLr6F.js	12.1 kB	12.1 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/KeybindingPanel-Dai_KEqI.js	15.3 kB	15.3 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/ServerConfigPanel-BU3cYDFe.js	8.23 kB	8.23 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-0O6mq5to.js	24.3 kB	24.3 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-BYaBy7dC.js	20.4 kB	20.4 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-C3vygQN4.js	25.7 kB	25.7 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-CbKYXyH0.js	22.7 kB	22.7 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-CCholIsI.js	25 kB	25 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-DFX7vRkK.js	19.8 kB	19.8 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-INJLrcmT.js	31.3 kB	31.3 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-iR6BKRXe.js	23.7 kB	23.7 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-YjQmudNE.js	23.5 kB	23.5 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/UserPanel-4aftM9v7.js	7.94 kB	7.94 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

UI Components — 12.6 kB (baseline 12.6 kB) • ⚪ 0 B

Reusable component library chunks

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/ComfyQueueButton-nrXmgUVb.js	11.3 kB	11.3 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/UserAvatar.vue_vue_type_script_setup_true_lang-D2s8tnS2.js	1.26 kB	1.26 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

Data & Services — 10.4 kB (baseline 10.4 kB) • ⚪ 0 B

Stores, services, APIs, and repositories

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/keybindingService-BTYSJJg0.js	7.6 kB	7.6 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/serverConfigStore-BOo8M-7s.js	2.79 kB	2.79 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

Utilities & Hooks — 1.07 kB (baseline 1.07 kB) • ⚪ 0 B

Helpers, composables, and utility bundles

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/mathUtil-CTARWQ-l.js	1.07 kB	1.07 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

Vendor & Third-Party — 5.32 MB (baseline 5.32 MB) • ⚪ 0 B

External libraries and shared vendor chunks

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/vendor-other-Bfb5Ofrh.js	3.22 MB	3.22 MB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/vendor-primevue-PESgPnbc.js	517 B	517 B	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/vendor-three-JDoAqkQm.js	1.37 MB	1.37 MB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/vendor-tiptap-Dvg9y4X0.js	232 kB	232 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/vendor-vue-SdQKVoRx.js	92.6 kB	92.6 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/vendor-xterm-BZLod3g9.js	407 kB	407 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

Other — 2.55 MB (baseline 2.55 MB) • ⚪ 0 B

Bundles that do not match a named category

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/commands-B2KZRBmX.js	15.1 kB	15.1 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-Bw-ckyga.js	13.9 kB	13.9 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-C_NmM85I.js	13.8 kB	13.8 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-CuozCW4W.js	14 kB	14 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-DGfVUJCR.js	16.2 kB	16.2 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-dOJNDogK.js	14.5 kB	14.5 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-DwiE551e.js	14.7 kB	14.7 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-Fw7mvqSy.js	13.1 kB	13.1 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-FXnO1W4Q.js	13.2 kB	13.2 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-B28vuueQ.js	58.7 kB	58.7 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-B5DMAz5p.js	76.3 kB	76.3 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-B9oeRB3u.js	66.2 kB	66.2 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-BfxLm2q9.js	68.4 kB	68.4 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-Bqw7zi8p.js	92.9 kB	92.9 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-CxXcIMmb.js	80.3 kB	80.3 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-DbrkzQIr.js	70.6 kB	70.6 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-DwpdJL5U.js	67.5 kB	67.5 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-mC3TQk_1.js	59.4 kB	59.4 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-3I1vPgv4.js	181 kB	181 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-B2huPGKQ.js	190 kB	190 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-BWugyUzd.js	215 kB	215 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-bXqu6Stq.js	194 kB	194 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-CtB2M3sY.js	229 kB	229 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-D-rCrn-T.js	200 kB	200 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-D38DSnl1.js	179 kB	179 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-DAsU52ON.js	192 kB	192 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-DnGONaA_.js	196 kB	196 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

[claude]

[security] high Priority

Issue: Potential command injection via unquoted variable in node command
Context: VERSION_FILE variable is passed directly to node process without proper quoting, allowing potential injection
Suggestion: Quote the variable: node -pe "..." "$VERSION_FILE" or sanitize input first

[claude]

[quality] medium Priority

Issue: Function refactor changes arrow function to regular function without clear benefit
Context: isPrimitiveNode was changed from arrow function export to regular function, which affects consistency
Suggestion: Maintain consistent function style across the codebase or document the reasoning for this change

[claude]

[architecture] high Priority

Issue: Hardcoded color values replace semantic theme CSS classes
Context: Changes from semantic classes like 'bg-interface-menu-component-surface-selected' to hardcoded 'bg-white' violates design system patterns
Suggestion: Use semantic CSS values from the theme as specified in CLAUDE.md guidelines instead of hardcoded colors

[claude]

[quality] medium Priority

Issue: Locale strings removed without replacement or deprecated usage cleanup
Context: Multiple locale entries deleted including vitePreloadErrorTitle, templates, console without indication they're no longer used
Suggestion: Verify these strings are truly unused or provide migration path for their replacement

[claude]

Comprehensive PR Review

This review is generated by Claude. It may not always be accurate, as with human reviewers. If you believe that any of the comments are invalid or incorrect, please state why for each. For others, please implement the changes in one way or another.

Review Summary

PR: ci: comment when publish to npm/pypi finishes successfully (#6628)
Impact: 185 additions, 10 deletions across 29 files

Issue Distribution

• Critical: 1
• High: 2
• Medium: 2
• Low: 0

Category Breakdown

• Architecture: 2 issues
• Security: 1 issues
• Performance: 0 issues
• Code Quality: 2 issues

Key Findings

Architecture & Design

The most significant concern is PR scope mismatch. While the title indicates this PR only adds CI commenting functionality, it contains extensive unrelated changes including:

• Component deletion (LanguageSelector.vue)
• Utility file reorganization (moving files from workbench/utils to utils/)
• Styling changes from semantic CSS classes to hardcoded colors
• Locale string deletions
• Vue component modifications

This violates the principle of atomic, single-purpose PRs and makes review/rollback more difficult.

Security Considerations

The GitHub Actions script has a potential command injection vulnerability where the VERSION_FILE variable is passed unquoted to a Node.js command. While this is likely low-risk in practice due to GitHub Actions context, it should be properly sanitized.

Integration Points

The file moves from workbench/utils to utils/ suggest organizational refactoring, but the impact on other parts of the system isn't clear. The deletion of LanguageSelector component may affect i18n functionality.

Design System Compliance

Changes to Vue components replace semantic CSS classes (e.g., 'bg-interface-menu-component-surface-selected') with hardcoded colors ('bg-white'), which violates the design system guidelines outlined in CLAUDE.md.

Positive Observations

• The CI automation functionality itself is well-structured with proper error handling
• TypeScript usage is generally sound in the new utility functions
• File moves appear to follow a logical reorganization pattern

References

• Repository Architecture Guide
• CLAUDE.md guidelines regarding semantic CSS usage

Next Steps

1. Critical: Split this PR - separate CI functionality from application code changes
2. Address command injection vulnerability in GitHub Actions
3. Restore semantic CSS classes or document design system changes
4. Verify locale string deletions don't break functionality
5. Document the reasoning behind component deletion and file reorganization

---

This is a comprehensive automated review. For architectural decisions requiring human judgment, please request additional manual review.