chore(ci): route release recipes through PRs and refresh release runbook

[groksrc]

The v0.22.0 release hit the new main ruleset ("Changes must be made through a pull request") mid-just release — the version bump commit and tag were created locally but the push to main was rejected, and the release had to be finished by hand (release PR #960, rebase-merge, re-tag).

This updates the tooling and docs so the next release works first try:

justfile

• release and beta now commit the version bump on a release/vX.Y.Z branch, open a PR (chore(core): release vX.Y.Z), rebase-merge it with gh pr merge --rebase (the repo disallows merge commits), then tag the rebased bump commit on main — located by commit subject, since the rebase rewrites the SHA — and push the tag.
• New pre-flight check in release: CHANGELOG.md must already contain a ## vX.Y.Z heading on main (land the changelog via a normal PR first).
• Post-release reminders updated for the current docs.basicmemory.com site shape.

AGENTS.md

• Release Process section describes the PR-based flow and the changelog-first requirement; stale docs-site path replaced with the What's New page + version badge checklist.

.claude/commands/release/release.md

• Step 2 reflects what the recipe actually does now.
• The docs.basicmemory.com section no longer points at src/pages/latest-releases.mdx (the site is Nuxt/Docus now; the changelog page auto-fetches GitHub releases) — it now describes the What's New page convention and homepage badge bump.

Found while releasing v0.22.0. Note: the OpenClaw npm publish job failed in the v0.22.0 release run with ENEEDAUTH — the NPM_TOKEN repo secret is missing (npm shows the package stuck at 0.2.4, so v0.21.6 hit the same thing). Tracked separately; needs someone with npm org access to mint a token and gh secret set NPM_TOKEN, then re-run the failed job.

🤖 Generated with Claude Code

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 00081c7d1f

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Wait for the release PR to merge before tagging

In the documented PR flow this command runs immediately after creating and pushing the release PR, but the new head still needs the required merge gates (the repo docs call out a required BM Bossbot Approval status, and CI workflows also trigger on the release branch/PR). In that context gh pr merge --rebase will either fail or enable/queue a later merge instead of making the bump commit appear on main synchronously, so the following git pull/git log origin/main --grep "$COMMIT_SUBJECT" can run before the commit exists and the recipe exits without pushing the release tag. The beta recipe repeats the same race; wait for the required statuses/merge completion, or enable auto-merge and poll main before tagging.

Useful? React with 👍 / 👎.

[groksrc]

Good catch — the tag step did assume the merge lands synchronously. As of 62761b0 both recipes now fall back to gh pr merge --rebase --auto when the direct merge doesn't complete, then poll origin/main for the rebased bump commit (5s × 60) before tagging, and print manual finish instructions if the merge is still pending at timeout.

One note on the premise: the BM Bossbot Approval gate was removed in #945 and the current main ruleset has no required status checks, which is why the direct merge worked for v0.22.0 — but the race is real the moment any gate is added, so the recipes shouldn't depend on that.