Version fix 2

[AchintyaAshok]

Description

Fixes the GitHub Actions publish-beta workflow to properly push version bumps back to the protected main branch. The workflow was failing with "Push declined due to repository rule violations" because GitHub does not allow github-actions[bot] to be added directly to ruleset bypass lists. This PR implements the correct solution using SSH deploy keys with ruleset bypass permissions.

Type of Change

Please check the relevant option(s):

• 🐛 Bug fix (non-breaking change which fixes an issue)
• ✨ New feature (non-breaking change which adds functionality)
• 💥 Breaking change (fix or feature that would cause existing functionality to not work as expected)
• 📚 Documentation update
• 🧪 Test improvement
• 🔧 Build/tooling improvement
• 🎨 Code refactoring

Changes Made

Bug Fixes

Fixed GitHub Actions workflow failing to push to protected main branch

• Root cause: GitHub rulesets do not support adding github-actions[bot] directly to bypass lists
• Solution: Implemented SSH deploy key authentication with ruleset bypass permissions
• Files changed: .github/workflows/publish-beta.yml
• Key changes:
  • Changed from token: ${{ secrets.GITHUB_TOKEN }} to ssh-key: ${{ secrets.DEPLOY_KEY }}
  • This allows the workflow to authenticate using a deploy key that has bypass permissions in the ruleset

Synced package.json version to match published NPM version

• Issue: package.json was at 0.0.43 but NPM had 0.0.44 published
• Fix: Updated package.json and package-lock.json to version 0.0.44
• Why this matters: Prevents version conflicts in the next automated release

Other Enhancements

Created comprehensive RULESET_SETUP.md documentation

• Purpose: Complete step-by-step guide for configuring GitHub repository rulesets with deploy key bypass
• Location: .github/RULESET_SETUP.md
• Contents:
  • Explanation of why rulesets (not legacy branch protection) are GitHub's recommended approach
  • Complete deploy key generation and setup instructions
  • Detailed troubleshooting guide for common errors
  • Security considerations and best practices
  • Ready for replication in other projects
• Why this matters: Initially attempted wrong approach (GitHub App), corrected to official GitHub-recommended deploy key method after research

Breaking Changes

None - this is purely a workflow infrastructure fix.

Testing

• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• I have tested the changes with both stdio and HTTP transports

Testing notes:

• Workflow changes tested by configuring deploy key, secret, and ruleset bypass in GitHub
• Ready for integration testing when merged to main

Checklist

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have run npm run lint and npm run format
• I have run the test suite with npm test
• Any dependent changes have been merged and published

Related Issues

Fixes the workflow failures reported where publish-beta step would fail intermittently with:

• "Push declined due to repository rule violations"
• "Changes must be made through a pull request"
• "Commits must have verified signatures"

Additional Notes

Important Setup Required Before Merge:

This PR requires one-time GitHub configuration (already completed for this repository):

1. ✅ SSH deploy key generated and added to repository Deploy Keys with write access
2. ✅ Private key stored as DEPLOY_KEY repository secret
3. ✅ Ruleset configured with "Deploy keys" in bypass list with "Always" mode

Why Deploy Keys Over GitHub Apps:

• Simpler - no app creation or installation needed
• Repository-scoped - key only works for this specific repository
• No organization required - works for personal and org repos
• Native GitHub feature with built-in ruleset support
• More secure than PATs - scoped to single repo with specific permissions

Workflow Safeguards:

• [skip-ci] in commit message prevents infinite build loops
• Deploy key only accessible to workflows from main repository (not forks)
• All pushes audited in GitHub audit log

For Future Projects:
Follow .github/RULESET_SETUP.md to replicate this setup in other repositories.

[github-actions]

🤖 Changeset Status

⚠️ No changeset found - This PR will default to patch version when merged.

Is this the right version bump?

• 🐛 Bug fixes, small improvements → Automatic patch is perfect! ✅
• ✨ New features, API additions → Consider adding a minor changeset
• 💥 Breaking changes → Please add a major changeset

How to add a changeset:

1. Run npx changeset in your terminal
2. Select the appropriate version bump (patch/minor/major)
3. Write a short description of your changes
4. Commit the generated .changeset/*.md file

Skip release entirely:

Add [skip-ci] to your PR title if this shouldn't trigger any release.

---

This comment will update automatically when you push changes.