Skip to content

Add code to publish binaries on release #1459

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
monadoid merged 3 commits into from
Dec 23, 2025
Merged

Add code to publish binaries on release #1459

monadoid merged 3 commits into from
Dec 23, 2025

Conversation

@monadoid
Copy link
Contributor

@monadoid monadoid commented Dec 23, 2025
edited by cubic-dev-ai bot
Loading

why

Stagehand-python needs a stable, versioned place to fetch the exact stagehand/server SEA binaries for packaging into wheels. Today our stagehand-server/v* GitHub Releases only include the OpenAPI spec, so the binary handoff isn’t automatic.

what changed

stagehand-server/v* releases now build a cross-platform SEA binary matrix (linux/macOS/windows) and attach the resulting binaries (plus checksums) to the same GitHub Release. The release still includes the versioned OpenAPI spec asset as before.

test plan

Binaries should build on merge to main

Summary by cubic

Publish cross-platform stagehand-server SEA binaries on each versioned GitHub Release, with SHA-256 checksums. This makes it easy for stagehand-python to fetch exact, versioned server binaries.

  • New Features

    • CI builds SEA binaries for linux-x64, linux-arm64, darwin-arm64, darwin-x64, win32-x64, and win32-arm64.
    • Binaries and checksums are attached to the stagehand/server v* GitHub Release alongside the OpenAPI spec.
    • Added build scripts (build-binary.sh, create-binary.sh) and sea-config.json; local cross-compiling is not supported.
    • Artifacts are produced per-OS via a matrix job and collected in the release.

  • Dependencies

    • Added esbuild and postject to support bundling and SEA blob injection.

Written for commit acc3bf5. Summary will update automatically on new commits.

@changeset-bot
Copy link

changeset-bot bot commented Dec 23, 2025
edited
Loading

🦋 Changeset detected

Latest commit: acc3bf5

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package
Name Type
@browserbasehq/stagehand-server Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@greptile-apps
Copy link
Contributor

greptile-apps bot commented Dec 23, 2025
edited
Loading

Greptile Summary

This PR adds automated cross-platform SEA (Single Executable Application) binary builds to the stagehand-server release workflow. Previously, GitHub Releases only included the OpenAPI spec; now they include versioned binaries for linux-x64, darwin-arm64, darwin-x64, and win32-x64 along with SHA-256 checksums.

Major changes:

  • Matrix job builds binaries on 4 platforms using esbuild for bundling and postject for SEA blob injection
  • Binaries are uploaded as GitHub artifacts, downloaded by the release job, checksummed, and attached to the GitHub Release
  • macOS binaries include proper code signing (removal and re-signing)
  • Windows uses a PowerShell-based build due to shell differences, but follows the same logic
  • Added build:binary npm script and SEA dependencies (esbuild, postject) to packages/server

Confidence Score: 4/5

  • This PR is safe to merge with minimal risk - implements well-structured binary build automation
  • Score reflects solid implementation with proper error handling, version verification, and platform-specific handling. Minor confidence reduction due to slight inconsistency in Windows build (uses inline PowerShell rather than calling build-binary.sh script) and potential checksum generation edge case with no binaries
  • Pay attention to .github/workflows/stagehand-server-release.yml for the Windows build step logic and checksum generation

Important Files Changed

Filename Overview
.github/workflows/stagehand-server-release.yml Adds matrix job to build cross-platform SEA binaries and attach them to GitHub releases with checksums
packages/server/scripts/build-binary.sh New script that builds core package, bundles with esbuild, generates SEA blob, and creates platform binary
packages/server/scripts/create-binary.sh Creates platform-specific SEA binary from pre-generated blob with proper signing for macOS

Sequence Diagram

sequenceDiagram
    participant Dev as Developer
    participant GH as GitHub
    participant Matrix as Matrix Job (4 OS)
    participant Artifacts as GitHub Artifacts
    participant Release as Release Job
    
    Dev->>GH: Push tag stagehand-server/v*
    GH->>Matrix: Trigger build_binaries job
    
    par Build on ubuntu-latest
        Matrix->>Matrix: Install deps (PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD)
        Matrix->>Matrix: pnpm --filter @browserbasehq/stagehand-server build:binary
        Matrix->>Matrix: Build @browserbasehq/stagehand core package
        Matrix->>Matrix: Bundle with esbuild
        Matrix->>Matrix: Generate SEA blob with Node
        Matrix->>Matrix: Copy node binary & inject blob with postject
        Matrix->>Artifacts: Upload stagehand-server-linux-x64
    and Build on macos-latest (arm64)
        Matrix->>Matrix: Install deps & build (same steps)
        Matrix->>Matrix: codesign --remove-signature, postject, codesign --sign
        Matrix->>Artifacts: Upload stagehand-server-darwin-arm64
    and Build on macos-13 (x64)
        Matrix->>Matrix: Install deps & build (same steps)
        Matrix->>Matrix: codesign --remove-signature, postject, codesign --sign
        Matrix->>Artifacts: Upload stagehand-server-darwin-x64
    and Build on windows-latest
        Matrix->>Matrix: Install deps
        Matrix->>Matrix: PowerShell: build core, bundle, generate blob
        Matrix->>Matrix: Copy node.exe & inject blob with postject
        Matrix->>Artifacts: Upload stagehand-server-win32-x64.exe
    end
    
    Matrix->>Release: All builds complete
    Release->>Release: Derive version from tag (stagehand-server/v*)
    Release->>Release: Verify tag matches package.json version
    Release->>Release: Prepare release-assets directory
    Release->>Release: Copy openapi.v3.yaml
    Release->>Artifacts: Download all SEA binary artifacts
    Artifacts->>Release: stagehand-server-* binaries
    Release->>Release: Generate checksums.sha256 (shasum -a 256)
    Release->>GH: Publish GitHub Release with binaries, checksums, and OpenAPI spec
    GH->>Dev: Release published
Loading

greptile-apps[bot]
greptile-apps bot reviewed Dec 23, 2025
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

5 files reviewed, 1 comment

Edit Code Review Agent Settings | Greptile

@monadoid monadoid closed this Dec 23, 2025
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Dec 23, 2025
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 7 files

@monadoid monadoid reopened this Dec 23, 2025
@monadoid monadoid mentioned this pull request Dec 23, 2025
Closed
greptile-apps[bot]
greptile-apps bot reviewed Dec 23, 2025
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

5 files reviewed, 2 comments

Edit Code Review Agent Settings | Greptile

cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Dec 23, 2025
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

2 issues found across 1 file (changes from recent commits).

Prompt for AI agents (all issues) 

Check if these issues are valid — if so, understand the root cause of each and fix them.


<file name=".github/workflows/stagehand-server-release.yml">

<violation number="1" location=".github/workflows/stagehand-server-release.yml:109">
P2: Downloaded Node.js binaries are not verified against checksums before use. For release artifacts, consider verifying the downloaded tarball against Node.js&#39;s SHASUMS256.txt to ensure integrity. Example for Linux:
```bash
curl -fsSL &quot;https://nodejs.org/dist/${NODE_VERSION}/SHASUMS256.txt&quot; -o SHASUMS256.txt
grep &quot;${NODE_TARBALL}&quot; SHASUMS256.txt | shasum -a 256 -c -
```</violation>

<violation number="2" location=".github/workflows/stagehand-server-release.yml:164">
P2: Downloaded Node.js zip is not verified against checksums. Consider adding checksum verification similar to the Linux arm64 step to ensure integrity of the downloaded binary.</violation>
</file>

Reply to cubic to teach it or ask questions. Re-run a review with @cubic-dev-ai review this PR

@monadoid monadoid merged commit abb3469 into main Dec 23, 2025
25 checks passed
This was referenced Dec 23, 2025
Merged
Open
Open
miguelg719 pushed a commit that referenced this pull request Dec 27, 2025
@github-actions
Version Packages (#1414)
5722ac0 
This PR was opened by the [Changesets
release](https://github.com/changesets/action) GitHub action. When
you're ready to do a release, you can merge this and the packages will
be published to npm automatically. If you're not ready to do a release
yet, that's fine, whenever you add more changesets to main, this PR will
be updated.


# Releases
## @browserbasehq/[email protected]

### Patch Changes

- [#1461](#1461)
[`0f3991e`](0f3991e)
Thanks [@tkattkat](https://github.com/tkattkat)! - Move hybrid mode out
of experimental

- [#1433](#1433)
[`e0e22e0`](e0e22e0)
Thanks [@tkattkat](https://github.com/tkattkat)! - Put hybrid mode
behind experimental

- [#1456](#1456)
[`f261051`](f261051)
Thanks [@shrey150](https://github.com/shrey150)! - Invoke page.hover for
agent move action

- [#1473](#1473)
[`e021674`](e021674)
Thanks [@shrey150](https://github.com/shrey150)! - Add safety
confirmation support for OpenAI + Google CUA

- [#1399](#1399)
[`6a5496f`](6a5496f)
Thanks [@tkattkat](https://github.com/tkattkat)! - Ensure cua agent is
killed when stagehand.close is called

- [#1436](#1436)
[`fea1700`](fea1700)
Thanks [@miguelg719](https://github.com/miguelg719)! - Fix auto-load key
for act/extract/observe parametrized models on api

- [#1439](#1439)
[`5b288d9`](5b288d9)
Thanks [@tkattkat](https://github.com/tkattkat)! - Remove base64 from
agent actions array ( still present in messages object )

- [#1408](#1408)
[`e822f5a`](e822f5a)
Thanks [@seanmcguire12](https://github.com/seanmcguire12)! - allow for
act() cache hit when variable values change

- [#1472](#1472)
[`638efc7`](638efc7)
Thanks [@seanmcguire12](https://github.com/seanmcguire12)! - fix: agent
cache not refreshed on action failure

- [#1424](#1424)
[`a890f16`](a890f16)
Thanks [@seanmcguire12](https://github.com/seanmcguire12)! - fix:
"Error: -32000 Failed to convert response to JSON: CBOR: stack limit
exceeded"

- [#1418](#1418)
[`934f492`](934f492)
Thanks [@miguelg719](https://github.com/miguelg719)! - Cleanup handlers
and bus listeners on close

- [#1430](#1430)
[`bd2db92`](bd2db92)
Thanks [@shrey150](https://github.com/shrey150)! - Fix CUA model
coordinate translation

- [#1465](#1465)
[`51e0170`](51e0170)
Thanks [@miguelg719](https://github.com/miguelg719)! - Add media
resolution high provider option to gemini 3 hybrid agent

- [#1431](#1431)
[`05f5580`](05f5580)
Thanks [@tkattkat](https://github.com/tkattkat)! - Update the cache
handling for agent

- [#1432](#1432)
[`f56a9c2`](f56a9c2)
Thanks [@tkattkat](https://github.com/tkattkat)! - Deprecate cua: true
in favor of mode: "cua"

- [#1406](#1406)
[`b40ae11`](b40ae11)
Thanks [@tkattkat](https://github.com/tkattkat)! - Add support for
hovering with coordinates ( page.hover )

- [#1407](#1407)
[`0d2b398`](0d2b398)
Thanks [@tkattkat](https://github.com/tkattkat)! - Clean up page methods

- [#1412](#1412)
[`cd01f29`](cd01f29)
Thanks [@seanmcguire12](https://github.com/seanmcguire12)! - fix: load
GOOGLE_API_KEY from .env

- [#1462](#1462)
[`a734fca`](a734fca)
Thanks [@shrey150](https://github.com/shrey150)! - fix: correctly pass
userDataDir to chrome launcher

- [#1466](#1466)
[`b342acf`](b342acf)
Thanks [@seanmcguire12](https://github.com/seanmcguire12)! - move
playwright to optional dependencies

- [#1440](#1440)
[`2987cd1`](2987cd1)
Thanks [@tkattkat](https://github.com/tkattkat)! - [Feature] support
excluding tools from agent

- [#1455](#1455)
[`dfab1d5`](dfab1d5)
Thanks [@seanmcguire12](https://github.com/seanmcguire12)! - update
aisdk client to better enforce structured output with deepseek models

- [#1428](#1428)
[`4d71162`](4d71162)
Thanks [@tkattkat](https://github.com/tkattkat)! - Add "hybrid" mode to
stagehand agent

## @browserbasehq/[email protected]

### Minor Changes

- [#1459](#1459)
[`abb3469`](abb3469)
Thanks [@monadoid](https://github.com/monadoid)! - Added building of
binaries

- [#1457](#1457)
[`5fc1281`](5fc1281)
Thanks [@monadoid](https://github.com/monadoid)! - First changeset for
stagehand-server

- [#1469](#1469)
[`d634d45`](d634d45)
Thanks [@monadoid](https://github.com/monadoid)! - Bump to test binary
builds

### Patch Changes

- Updated dependencies
\[[`0f3991e`](0f3991e),
[`e0e22e0`](e0e22e0),
[`f261051`](f261051),
[`e021674`](e021674),
[`6a5496f`](6a5496f),
[`fea1700`](fea1700),
[`5b288d9`](5b288d9),
[`e822f5a`](e822f5a),
[`638efc7`](638efc7),
[`a890f16`](a890f16),
[`934f492`](934f492),
[`bd2db92`](bd2db92),
[`51e0170`](51e0170),
[`05f5580`](05f5580),
[`f56a9c2`](f56a9c2),
[`b40ae11`](b40ae11),
[`0d2b398`](0d2b398),
[`cd01f29`](cd01f29),
[`a734fca`](a734fca),
[`b342acf`](b342acf),
[`2987cd1`](2987cd1),
[`dfab1d5`](dfab1d5),
[`4d71162`](4d71162)]:
    -   @browserbasehq/[email protected]

## @browserbasehq/[email protected]

### Patch Changes

- [#1373](#1373)
[`cadd192`](cadd192)
Thanks [@tkattkat](https://github.com/tkattkat)! - Update screenshot
collector in agent evals cli

- Updated dependencies
\[[`0f3991e`](0f3991e),
[`e0e22e0`](e0e22e0),
[`f261051`](f261051),
[`e021674`](e021674),
[`6a5496f`](6a5496f),
[`fea1700`](fea1700),
[`5b288d9`](5b288d9),
[`e822f5a`](e822f5a),
[`638efc7`](638efc7),
[`a890f16`](a890f16),
[`934f492`](934f492),
[`bd2db92`](bd2db92),
[`51e0170`](51e0170),
[`05f5580`](05f5580),
[`f56a9c2`](f56a9c2),
[`b40ae11`](b40ae11),
[`0d2b398`](0d2b398),
[`cd01f29`](cd01f29),
[`a734fca`](a734fca),
[`b342acf`](b342acf),
[`2987cd1`](2987cd1),
[`dfab1d5`](dfab1d5),
[`4d71162`](4d71162)]:
    -   @browserbasehq/[email protected]

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

@seanmcguire12 seanmcguire12 seanmcguire12 approved these changes

+1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@monadoid @seanmcguire12