YiAgent · YiWang24 · May 5, 2026 · May 4, 2026 · May 4, 2026 · May 4, 2026
@@ -29,7 +29,22 @@ jobs:
           fetch-depth: 0
           persist-credentials: true
 
+      # Skip runs triggered by the SHA-bump bot — chore commits never produce
+      # a release (BUMP=none), so this just avoids a wasteful no-op run.
+      - name: Guard — skip SHA bump commits
+        id: guard
+        run: |
+          msg=$(git log -1 --format='%s')
+          skip=false
+          if echo "$msg" | grep -qE '^chore\(manifest\): bump YiAgent/OpenCI SHA' \
+            || echo "$msg" | grep -q 'chore/bump-self-sha-'; then
+            skip=true
+            echo "::notice::Skipping auto-release — triggered by SHA bump commit"
+          fi
+          echo "skip=$skip" >> "$GITHUB_OUTPUT"
+
       - name: Get latest tag
+        if: steps.guard.outputs.skip != 'true'
         id: latest-tag
         run: |
           set -euo pipefail
@@ -44,6 +59,7 @@ jobs:
           fi
 
       - name: Analyze commits since last tag
+        if: steps.guard.outputs.skip != 'true'
         id: analyze
         env:
           LATEST_TAG: ${{ steps.latest-tag.outputs.tag }}

@@ -27,7 +27,7 @@ concurrency:
 
 jobs:
   docs:
-    uses: YiAgent/OpenCI/.github/workflows/reusable-docs.yml@f195c36e2da18bddaa168413ad1bc0fbde34cea8
+    uses: YiAgent/OpenCI/.github/workflows/reusable-docs.yml@4e1ecadc2505761f104f3fd8d255eee4eb369d90
     with:
       build-cmd:    ${{ vars.DOCS_BUILD_CMD || '' }}
       docs-path:    ${{ vars.DOCS_DIR || 'docs' }}

@@ -44,14 +44,38 @@ jobs:
           # of the workflow run for diagnostics.
           token: ${{ secrets.RELEASE_PAT || github.token }}
 
+      # Break the infinite-loop: if THIS push was produced by a previous
+      # run of this workflow (bot-authored bump commit or bump PR merge),
+      # do nothing. We read from git rather than from GitHub context to
+      # avoid injection risks.
+      - name: Guard — skip bot-authored bump commits
+        id: guard
+        run: |
+          msg=$(git log -1 --format='%s')
+          author=$(git log -1 --format='%ae')
+          skip=false
+          if echo "$msg" | grep -qE '^chore\(manifest\): bump YiAgent/OpenCI SHA'; then
+            skip=true
+            echo "::notice::Skipping — squash-merged bump commit detected"
+          elif echo "$msg" | grep -q 'chore/bump-self-sha-'; then
+            skip=true
+            echo "::notice::Skipping — merge commit from bump branch detected"
+          elif [ "$author" = "github-actions[bot]@users.noreply.github.com" ]; then
+            skip=true
+            echo "::notice::Skipping — HEAD commit authored by github-actions[bot]"
+          fi
+          echo "skip=$skip" >> "$GITHUB_OUTPUT"
+
       - name: Install yq
+        if: steps.guard.outputs.skip != 'true'
         run: |
           sudo wget -qO /usr/local/bin/yq \
             https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
           sudo chmod +x /usr/local/bin/yq
 
       - name: Check if SHA needs bumping
         id: check
+        if: steps.guard.outputs.skip != 'true'
         run: |
           current_sha="$(yq -r '.deps["YiAgent/OpenCI"] // ""' manifest.yml)"
           head_sha="$(git rev-parse HEAD)"
@@ -62,10 +86,12 @@ jobs:
             exit 0
           fi
 
-          tree_out="$(git ls-tree "$current_sha" .github/workflows/ 2>/dev/null || true)"
-          if [ -n "$tree_out" ] && [ "$current_sha" = "$head_sha" ]; then
+          # Only skip when the pinned SHA is already HEAD — bump-self-sha.sh
+          # handles walking back to a valid ancestor when HEAD itself lacks
+          # .github/workflows/, so we don't need to replicate that check here.
+          if [ "$current_sha" = "$head_sha" ]; then
             echo "skip=true" >> "$GITHUB_OUTPUT"
-            echo "::notice::SHA $current_sha is current and valid — nothing to do"
+            echo "::notice::SHA $current_sha is already at HEAD — nothing to do"
             exit 0
           fi