docs/7-DEVELOPMENT/decisions/ADR-005-release-confidence-process.md
scripts/release-test/, ADR-004Releases grew from a handful of fixes to 50+ commits spanning security
hardening, features, migrations and dependency changes. Verification was
ad-hoc: a green test suite on main plus whatever manual checks the release
owner remembered. v1.11.0 proved the gap empirically — the unit suite was
fully green while sort_by=title returned a 500 (a SEARCH-index interaction
only a real SurrealDB exhibits) and clearing credential fields silently
no-oped (two mirror-image bugs, frontend and API, that only an end-to-end
path reveals). Neither class of bug is catchable by mocked tests, and neither
was: both were found by the process this record establishes.
Every stable release passes a risk-based confidence process before cutting, and the final gate runs against the built Docker image — the artifact users receive — not the repository.
The process (mechanics in RELEASE_PROCESS.md):
make release-test), because packaging bugs
(supervisord flags, uv sync modes, migration ordering) never appear in the
suite.scripts/release-test/, make targets)
and compounds: bucket-B investments from one release become bucket-A
automation for the next.