fix(ci): address releasekit integration issues (#239)

* fix(ci): address releasekit integration issues and improve release workflow

- Add pull-requests: read permission to gate job (fixes silent label lookup
  failure that caused bump:patch + scope:spy to never trigger a release)
- Add skip-checkout: 'true' to gate step (eliminates redundant double checkout)
- Propagate gate-stable output so release:stable label graduates prereleases
  to stable instead of always publishing as prerelease
- Honour inputs.target_packages in reusable workflow (removes redundant
  scope→package case statement that duplicated the scopeLabels config)

Co-Authored-By: Claude Sonnet 4.6 <[email protected]>

* refactor(release): remove stable input from release workflows

- Eliminated the `stable` input from both the reusable and main release workflows to streamline the release process.
- Updated the logic to determine release type based solely on the `release_type` input, enhancing clarity and reducing complexity.

* chore: upgrade @releasekit dependencies to version 0.17.1

- Updated `@releasekit/release`, `@releasekit/notes`, `@releasekit/publish`, and `@releasekit/version` to version `0.17.1` in `package.json` and `pnpm-lock.yaml` for improved functionality and bug fixes.
- Modified GitHub workflows to utilize the latest version of ReleaseKit, ensuring consistency in the release process.

---------

Co-authored-by: Claude Sonnet 4.6 <[email protected]>

Author: goosewobbler

.github/workflows/_release.reusable.yml

@@ -16,11 +16,6 @@ on:
         description: 'Version increment (patch, minor, major)'
         required: true
         type: string
-      stable:
-        description: 'Graduate prerelease to stable without bumping'
-        required: false
-        type: string
-        default: 'false'
       release_type:
         description: 'Release type (stable or prerelease)'
         required: false
@@ -230,11 +225,11 @@ jobs:
 
       - name: Run ReleaseKit
         id: releasekit
-        uses: goosewobbler/[email protected].0
+        uses: goosewobbler/[email protected].1
         with:
           mode: release
           node-version: '24'
-          target: ${{ steps.targets.outputs.packages }}
+          target: ${{ inputs.target_packages || steps.targets.outputs.packages }}
           branch: ${{ inputs.target_branch }}
           bump: ${{ steps.params.outputs.bump }}
           stable: ${{ steps.params.outputs.stable }}

.github/workflows/release-preview.yml

@@ -27,7 +27,7 @@ jobs:
           fetch-depth: 0
 
       - name: Release Preview
-        uses: goosewobbler/[email protected].0
+        uses: goosewobbler/[email protected].1
         with:
           node-version: '24'
           mode: preview

.github/workflows/release.yml

@@ -61,12 +61,17 @@ jobs:
   gate:
     name: Gate
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      actions: read
+      pull-requests: read
     if: github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'push'
     outputs:
       should_release: ${{ steps.gate.outputs.should-release }}
       bump: ${{ steps.gate.outputs.bump }}
       scope: ${{ steps.gate.outputs.gate-scope }}
       target: ${{ steps.gate.outputs.gate-target }}
+      stable: ${{ steps.gate.outputs.gate-stable }}
     steps:
       - name: Checkout
         uses: actions/checkout@v6
@@ -75,14 +80,15 @@ jobs:
 
       - name: Run ReleaseKit Gate
         id: gate
-        uses: goosewobbler/[email protected].0
+        uses: goosewobbler/[email protected].1
         with:
           mode: gate
           node-version: '24'
           project-dir: .
           branch: main
           json: "true"
           summary: "true"
+          skip-checkout: 'true'
         env:
           GITHUB_TOKEN: ${{ github.token }}
 
@@ -98,8 +104,7 @@ jobs:
       target_packages: ${{ needs.gate.outputs.target }}
       target_branch: main
       bump: ${{ needs.gate.outputs.bump }}
-      stable: 'false'
-      release_type: prerelease
+      release_type: ${{ needs.gate.outputs.stable == 'true' && 'stable' || 'prerelease' }}
       dry_run: false
       scope: ${{ needs.gate.outputs.scope }}
     secrets:
@@ -117,7 +122,6 @@ jobs:
     with:
       target_branch: ${{ inputs.target_branch }}
       bump: ${{ inputs.bump }}
-      stable: 'false'
       release_type: ${{ inputs.release_type }}
       dry_run: ${{ inputs.dry_run }}
       scope: ${{ inputs.scope }}

package.json

@@ -65,7 +65,7 @@
   "devDependencies": {
     "@biomejs/biome": "2.4.12",
     "@inquirer/prompts": "^8.3.0",
-    "@releasekit/release": "^0.17.0",
+    "@releasekit/release": "^0.17.1",
     "@types/node": "^25.5.0",
     "@typescript-eslint/parser": "^8.57.0",
     "@vitest/eslint-plugin": "^1.6.11",