From a55cf444fd8d5a0bc6e33991481e20bc3bf30924 Mon Sep 17 00:00:00 2001
From: attiasas <assafattias93@gmail.com>
Date: Thu, 1 Jan 2026 13:25:47 +0200
Subject: [PATCH 1/2] Create a new release script in Github actions

---
 .github/workflows/release.yml | 66 +++++++++++++++++++++++++++++++++++
 1 file changed, 66 insertions(+)
 create mode 100644 .github/workflows/release.yml

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 00000000..095f4b31
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,66 @@
+name: Release Security CLI
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'Release version (e.g., 1.2.3)'
+        required: true
+        type: string
+        default: '0.0.0'
+      skip_audit:
+        description: 'Skip running audit command'
+        required: false
+        type: boolean
+        default: false
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    
+    steps:
+      - name: Validate version input
+        run: |
+          if [ -z "${{ inputs.version }}" ] || [ "${{ inputs.version }}" = "0.0.0" ]; then
+            echo "Error: Invalid version provided"
+            exit 1
+          fi
+          echo "NEXT_VERSION=${{ inputs.version }}" >> $GITHUB_ENV
+          echo "CI=true" >> $GITHUB_ENV
+
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      - name: Set up JFrog CLI
+        uses: jfrog/setup-jfrog-cli@v4
+        env:
+          JF_URL: ${{ secrets.FROGBOT_URL }}
+          JF_ACCESS_TOKEN: ${{ secrets.FROGBOT_ACCESS_TOKEN }}
+
+      - name: Configure Git
+        run: |
+          git config --global user.name "jfrog-security-cli-release-bot"
+          git config --global user.email "jfrog-security-cli-release-bot@users.noreply.github.com"
+
+      - name: Merge dev into main and create tag
+        run: |
+          git checkout main
+          git merge origin/dev
+          git tag v${NEXT_VERSION}
+
+      - name: Run audit
+        if: ${{ inputs.skip_audit != true }}
+        run: |
+          jf audit --extended-table
+
+      - name: Push changes and tag
+        run: |
+          git clean -fd
+          git push origin main
+          git push origin --tags
+
+      - name: Merge changes back to dev
+        run: |
+          git checkout dev
+          git merge origin/main
+          git push origin dev
\ No newline at end of file

From 9de5cbe10bbc2b9708a5cb39bfccc789b672a15c Mon Sep 17 00:00:00 2001
From: attiasas <assafattias93@gmail.com>
Date: Thu, 1 Jan 2026 14:06:42 +0200
Subject: [PATCH 2/2] add latest CLI version for release

---
 .github/workflows/release.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 095f4b31..2a9f6385 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -33,6 +33,8 @@ jobs:
 
       - name: Set up JFrog CLI
         uses: jfrog/setup-jfrog-cli@v4
+        with:
+          version: latest
         env:
           JF_URL: ${{ secrets.FROGBOT_URL }}
           JF_ACCESS_TOKEN: ${{ secrets.FROGBOT_ACCESS_TOKEN }}