[pull] master from python-semantic-release:master

.github/workflows/ci.yml

@@ -21,7 +21,7 @@ jobs:
     if: ${{ github.event_name != 'pull_request' || !github.event.pull_request.draft }}
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
         with:
           fetch-depth: 0
 
@@ -35,7 +35,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
         with:
           fetch-depth: 100
 

.github/workflows/cicd.yml

@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
         with:
           fetch-depth: 100 # Must at least retrieve a set of commits to compare changes
           # primarily because of any 'Rebase and Merge' PR action in GitHub
@@ -115,7 +115,7 @@ jobs:
       # possible that the branch was updated while the workflow was running. This
       # prevents accidentally releasing un-evaluated changes.
       - name: Setup | Checkout Repository on Release Branch
-        uses: actions/checkout@v4
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
         with:
           ref: ${{ github.ref_name }}
           fetch-depth: 0
@@ -125,7 +125,7 @@ jobs:
           git reset --hard ${{ github.sha }}
 
       - name: Setup | Download Build Artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0  # v5.0.0
         id: artifact-download
         with:
           name: ${{ needs.validate.outputs.distribution-artifacts }}
@@ -148,14 +148,14 @@ jobs:
 
       - name: Release | Python Semantic Release
         id: release
-        uses: python-semantic-release/python-semantic-release@2896129e02bb7809d2cf0c1b8e9e795ee27acbcf  # v10.2.0
+        uses: python-semantic-release/python-semantic-release@9293da56b24a9bd1a97acd4e9b1aabda4ef89fd6  # v10.3.2
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           verbosity: 1
           build: false
 
       - name: Release | Add distribution artifacts to GitHub Release Assets
-        uses: python-semantic-release/publish-action@b717f67f7e7e9f709357bce5a542846503ce46ec  # v10.2.0
+        uses: python-semantic-release/publish-action@63a952936fa65b0942a64427d3636fa691d676ce  # v10.3.2
         if: steps.release.outputs.released == 'true'
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
@@ -207,7 +207,7 @@ jobs:
 
     steps:
       - name: Setup | Download Build Artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0  # v5.0.0
         id: artifact-download
         with:
           name: ${{ needs.validate.outputs.distribution-artifacts }}
@@ -216,7 +216,7 @@ jobs:
       # see https://docs.pypi.org/trusted-publishers/
       - name: Publish package distributions to PyPI
         id: pypi-publish
-        uses: pypa/gh-action-pypi-publish@v1.12.4
+        uses: pypa/gh-action-pypi-publish@v1.13.0
         with:
           packages-dir: dist
           print-hash: true

.github/workflows/validate.yml

@@ -90,7 +90,7 @@ jobs:
 
     steps:
       - name: Setup | Checkout Repository at workflow sha
-        uses: actions/checkout@v4
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
         with:
           ref: ${{ github.sha }}
           fetch-depth: 0
@@ -112,7 +112,7 @@ jobs:
 
       - name: Build | Build next version artifacts
         id: version
-        uses: python-semantic-release/python-semantic-release@2896129e02bb7809d2cf0c1b8e9e795ee27acbcf  # v10.2.0
+        uses: python-semantic-release/python-semantic-release@9293da56b24a9bd1a97acd4e9b1aabda4ef89fd6  # v10.3.2
         with:
           github_token: ""
           verbosity: 1
@@ -161,7 +161,7 @@ jobs:
 
     steps:
       - name: Setup | Checkout Repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
         with:
           ref: ${{ github.sha }}
           fetch-depth: 1
@@ -217,7 +217,7 @@ jobs:
 
     steps:
       - name: Setup | Checkout Repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
         with:
           ref: ${{ github.sha }}
           fetch-depth: 1
@@ -229,7 +229,7 @@ jobs:
           cache: 'pip'
 
       - name: Setup | Download Distribution Artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0  # v5.0.0
         with:
           name: ${{ needs.build.outputs.distribution-artifacts }}
           path: ./dist
@@ -306,7 +306,7 @@ jobs:
 
     steps:
       - name: Setup | Checkout Repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
         with:
           ref: ${{ github.sha }}
           fetch-depth: 1
@@ -318,7 +318,7 @@ jobs:
           cache: 'pip'
 
       - name: Setup | Download Distribution Artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0  # v5.0.0
         with:
           name: ${{ needs.build.outputs.distribution-artifacts }}
           path: dist
@@ -405,13 +405,13 @@ jobs:
 
     steps:
       - name: Setup | Checkout Repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
         with:
           fetch-depth: 1
           ref: ${{ github.sha }}
 
       - name: Setup | Download Distribution Artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0  # v5.0.0
         with:
           name: ${{ needs.build.outputs.distribution-artifacts }}
           path: ${{ env.ACTION_SRC_DIR }}
@@ -447,7 +447,7 @@ jobs:
 
     steps:
       - name: Setup | Checkout Repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
         with:
           ref: ${{ github.sha }}
           fetch-depth: 1

CHANGELOG.rst

@@ -4,6 +4,49 @@
 CHANGELOG
 =========
 
+.. _changelog-v10.3.2:
+
+v10.3.2 (2025-09-06)
+====================
+
+🪲 Bug Fixes
+------------
+
+* **cmd-version**: Prevent errors when PSR is executed in non-GitHub CI environments, closes
+  `#1315`_ (`PR#1322`_, `4df4be4`_)
+
+⚡ Performance Improvements
+---------------------------
+
+* **cmd-version**: Re-order operations for faster parsing in version determination (`PR#1310`_,
+  `63e435b`_)
+
+📖 Documentation
+----------------
+
+* **uv-integration**: Add ``--no-changelog`` to build step to increase job speed (`PR#1316`_,
+  `e1aece1`_)
+
+💡 Additional Release Information
+---------------------------------
+
+* **cmd-version**: Unfortunately, PSR introduced a bug in 10.3.0 when attempting to provide more CI
+  outputs for GitHub Actions. It required our GitHub client interface to be loaded and even if it
+  was not using GitHub CI to be run. This caused errors in Gitea and likely GitLab/Bitbucket
+  environments. This change prevents that from happening but if any users pipelines were
+  intentionally presenting the environment variable "GITHUB_OUTPUT" to enable action output to
+  enable passing along internal outputs of PSR then their hack will no longer work after this
+  change.
+
+.. _#1315: https://github.com/python-semantic-release/python-semantic-release/issues/1315
+.. _4df4be4: https://github.com/python-semantic-release/python-semantic-release/commit/4df4be465710e3b31ba65487069eccef1eeb8be1
+.. _63e435b: https://github.com/python-semantic-release/python-semantic-release/commit/63e435ba466e1e980b9680d0f759950e5e598a61
+.. _e1aece1: https://github.com/python-semantic-release/python-semantic-release/commit/e1aece18ae1998b1523be65b1e569837a7054251
+.. _PR#1310: https://github.com/python-semantic-release/python-semantic-release/pull/1310
+.. _PR#1316: https://github.com/python-semantic-release/python-semantic-release/pull/1316
+.. _PR#1322: https://github.com/python-semantic-release/python-semantic-release/pull/1322
+
+
 .. _changelog-v10.3.1:
 
 v10.3.1 (2025-08-06)

docs/configuration/automatic-releases/github-actions.rst

@@ -933,14 +933,14 @@ to the GitHub Release Assets as well.
           - name: Action | Semantic Version Release
             id: release
             # Adjust tag with desired version if applicable.
-            uses: python-semantic-release/python-semantic-release@v10.3.1
+            uses: python-semantic-release/python-semantic-release@v10.3.2
             with:
               github_token: ${{ secrets.GITHUB_TOKEN }}
               git_committer_name: "github-actions"
               git_committer_email: "actions@users.noreply.github.com"
 
           - name: Publish | Upload to GitHub Release Assets
-            uses: python-semantic-release/publish-action@v10.3.1
+            uses: python-semantic-release/publish-action@v10.3.2
             if: steps.release.outputs.released == 'true'
             with:
               github_token: ${{ secrets.GITHUB_TOKEN }}
@@ -1039,7 +1039,7 @@ The equivalent GitHub Action configuration would be:
 
   - name: Action | Semantic Version Release
     # Adjust tag with desired version if applicable.
-    uses: python-semantic-release/python-semantic-release@v10.3.1
+    uses: python-semantic-release/python-semantic-release@v10.3.2
     with:
       github_token: ${{ secrets.GITHUB_TOKEN }}
       force: patch
@@ -1098,14 +1098,14 @@ Publish Action.
 
         - name: Release submodule 1
           id: release-submod-1
-          uses: python-semantic-release/python-semantic-release@v10.3.1
+          uses: python-semantic-release/python-semantic-release@v10.3.2
           with:
             directory: ${{ env.SUBMODULE_1_DIR }}
             github_token: ${{ secrets.GITHUB_TOKEN }}
 
         - name: Release submodule 2
           id: release-submod-2
-          uses: python-semantic-release/python-semantic-release@v10.3.1
+          uses: python-semantic-release/python-semantic-release@v10.3.2
           with:
             directory: ${{ env.SUBMODULE_2_DIR }}
             github_token: ${{ secrets.GITHUB_TOKEN }}
@@ -1117,15 +1117,15 @@ Publish Action.
         # ------------------------------------------------------------------- #
 
         - name: Publish | Upload package 1 to GitHub Release Assets
-          uses: python-semantic-release/publish-action@v10.3.1
+          uses: python-semantic-release/publish-action@v10.3.2
           if: steps.release-submod-1.outputs.released == 'true'
           with:
             directory: ${{ env.SUBMODULE_1_DIR }}
             github_token: ${{ secrets.GITHUB_TOKEN }}
             tag: ${{ steps.release-submod-1.outputs.tag }}
 
         - name: Publish | Upload package 2 to GitHub Release Assets
-          uses: python-semantic-release/publish-action@v10.3.1
+          uses: python-semantic-release/publish-action@v10.3.2
           if: steps.release-submod-2.outputs.released == 'true'
           with:
             directory: ${{ env.SUBMODULE_2_DIR }}

pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "python-semantic-release"
-version = "10.3.1"
+version = "10.3.2"
 description = "Automatic Semantic Versioning for Python projects"
 requires-python = "~= 3.8"
 license = { text = "MIT" }

src/gh_action/requirements.txt

@@ -1 +1 @@
-python-semantic-release == 10.3.1
+python-semantic-release == 10.3.2

src/semantic_release/cli/commands/version.py

@@ -471,11 +471,7 @@ def version(  # noqa: C901
     no_verify = runtime.no_git_verify
     opts = runtime.global_cli_options
     gha_output = VersionGitHubActionsOutput(
-        gh_client=(
-            hvcs_client
-            if isinstance(hvcs_client, Github)
-            else Github(hvcs_client.remote_url(use_token=False))
-        ),
+        gh_client=hvcs_client if isinstance(hvcs_client, Github) else None,
         mode=(
             PersistenceMode.TEMPORARY
             if opts.noop or (not commit_changes and not create_tag)
@@ -553,7 +549,8 @@ def version(  # noqa: C901
 
     # Update GitHub Actions output value with new version & set delayed write
     gha_output.version = new_version
-    ctx.call_on_close(gha_output.write_if_possible)
+    if isinstance(hvcs_client, Github):
+        ctx.call_on_close(gha_output.write_if_possible)
 
     # Make string variant of version or appropriate tag as necessary
     version_to_print = str(new_version) if not print_only_tag else new_version.as_tag()

src/semantic_release/cli/github_actions_output.py

@@ -24,7 +24,7 @@ class VersionGitHubActionsOutput:
 
     def __init__(
         self,
-        gh_client: Github,
+        gh_client: Github | None = None,
         mode: PersistenceMode = PersistenceMode.PERMANENT,
         released: bool | None = None,
         version: Version | None = None,
@@ -106,6 +106,12 @@ def prev_version(self, value: Version) -> None:
             raise TypeError("output 'prev_version' should be a Version")
         self._prev_version = value
 
+    @property
+    def gh_client(self) -> Github:
+        if not self._gh_client:
+            raise ValueError("GitHub client not set, cannot create links")
+        return self._gh_client
+
     def to_output_text(self) -> str:
         missing: set[str] = set()
         if self.version is None:
@@ -128,7 +134,7 @@ def to_output_text(self) -> str:
             "version": str(self.version),
             "tag": self.tag,
             "is_prerelease": str(self.is_prerelease).lower(),
-            "link": self._gh_client.create_release_url(self.tag) if self.tag else "",
+            "link": self.gh_client.create_release_url(self.tag) if self.tag else "",
             "previous_version": str(self.prev_version) if self.prev_version else "",
             "commit_sha": self.commit_sha if self.commit_sha else "",
         }

src/semantic_release/version/algorithm.py

@@ -346,24 +346,7 @@ def next_version(
     # Step 5. apply the parser to each commit in the history (could return multiple results per commit)
     parsed_results = list(map(commit_parser.parse, commits_since_last_release))
 
-    # Step 5A. Validation type check for the parser results (important because of possible custom parsers)
-    for parsed_result in parsed_results:
-        if not any(
-            (
-                isinstance(parsed_result, (ParseError, ParsedCommit)),
-                type(parsed_result) == list
-                and validate_types_in_sequence(
-                    parsed_result, (ParseError, ParsedCommit)
-                ),
-                type(parsed_result) == tuple
-                and validate_types_in_sequence(
-                    parsed_result, (ParseError, ParsedCommit)
-                ),
-            )
-        ):
-            raise TypeError("Unexpected type returned from commit_parser.parse")
-
-    # Step 5B. Accumulate all parsed results into a single list accounting for possible multiple results per commit
+    # Step 5A. Accumulate all parsed results into a single list accounting for possible multiple results per commit
     consolidated_results: list[ParseResult] = reduce(
         lambda accumulated_results, p_results: [
             *accumulated_results,
@@ -378,6 +361,10 @@ def next_version(
         [],
     )
 
+    # Step 5B. Validation type check for the parser results (important because of possible custom parsers)
+    if not validate_types_in_sequence(consolidated_results, (ParseError, ParsedCommit)):
+        raise TypeError("Unexpected type returned from commit_parser.parse")
+
     # Step 5C. Parse the commits to determine the bump level that should be applied
     parsed_levels: set[LevelBump] = {
         parsed_result.bump  # type: ignore[union-attr] # too complex for type checkers