chore(repo): Various release workflow fixes

[dominic-clerk]

Description

Following #7915 there were many small pre-existing things to fix. Now that we went through a whole release loop with the new workflow and everything works fine I packaged the fixes in here.

1. Use the built-in GITHUB_TOKEN everywhere possible
2. Fix the bug in the PR freshness check
3. Use pnpm instead of npm / npx where relevant
4. Await workflow dispatches instead of fire-and-forget

Checklist

• pnpm test runs as expected.
• pnpm build runs as expected.
• (If applicable) JSDoc comments have been added or updated for any package exports
• (If applicable) Documentation has been updated

Type of change

• 🐛 Bug fix
• 🌟 New feature
• 🔨 Breaking change
• 📖 Refactoring / dependency upgrade / documentation
• other: CI

Summary by CodeRabbit

Release Notes

• Chores
  • Optimized GitHub Actions workflows with consolidated dispatch calls for improved CI/CD efficiency.
  • Updated build tooling in release workflows for consistency and reduced command overhead.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 83cc4ec

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
clerk-js-sandbox	Ready	Preview, Comment	Mar 10, 2026 7:31am

[dominic-clerk]

Needed so that GITHUB_TOKEN can react to !snapshot comments and write the response when the release finishes.

[pkg-pr-new]

Open in StackBlitz

@clerk/agent-toolkit

npm i https://pkg.pr.new/@clerk/agent-toolkit@8020

@clerk/astro

npm i https://pkg.pr.new/@clerk/astro@8020

@clerk/backend

npm i https://pkg.pr.new/@clerk/backend@8020

@clerk/chrome-extension

npm i https://pkg.pr.new/@clerk/chrome-extension@8020

@clerk/clerk-js

npm i https://pkg.pr.new/@clerk/clerk-js@8020

@clerk/dev-cli

npm i https://pkg.pr.new/@clerk/dev-cli@8020

@clerk/expo

npm i https://pkg.pr.new/@clerk/expo@8020

@clerk/expo-passkeys

npm i https://pkg.pr.new/@clerk/expo-passkeys@8020

@clerk/express

npm i https://pkg.pr.new/@clerk/express@8020

@clerk/fastify

npm i https://pkg.pr.new/@clerk/fastify@8020

@clerk/hono

npm i https://pkg.pr.new/@clerk/hono@8020

@clerk/localizations

npm i https://pkg.pr.new/@clerk/localizations@8020

@clerk/nextjs

npm i https://pkg.pr.new/@clerk/nextjs@8020

@clerk/nuxt

npm i https://pkg.pr.new/@clerk/nuxt@8020

@clerk/react

npm i https://pkg.pr.new/@clerk/react@8020

@clerk/react-router

npm i https://pkg.pr.new/@clerk/react-router@8020

@clerk/shared

npm i https://pkg.pr.new/@clerk/shared@8020

@clerk/tanstack-react-start

npm i https://pkg.pr.new/@clerk/tanstack-react-start@8020

@clerk/testing

npm i https://pkg.pr.new/@clerk/testing@8020

@clerk/ui

npm i https://pkg.pr.new/@clerk/ui@8020

@clerk/upgrade

npm i https://pkg.pr.new/@clerk/upgrade@8020

@clerk/vue

npm i https://pkg.pr.new/@clerk/vue@8020

commit: 83cc4ec

[dominic-clerk]

GITHUB_TOKEN is the default value, no need to be explicit, see https://github.com/actions/github-script/tree/v7

[dominic-clerk]

GITHUB_TOKEN is the default value, no need to be explicit, see https://github.com/peter-evans/create-or-update-comment/tree/v3.0.0

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: 6fa8a159-a200-41c5-ab56-5f49b4170361

📥 Commits

Reviewing files that changed from the base of the PR and between 766ae5b and 83cc4ec.

📒 Files selected for processing (1)

• .github/workflows/release.yml

---

📝 Walkthrough

Walkthrough

The changes modify the GitHub release workflow by consolidating multiple workflow_dispatch calls into batched arrays handled with Promise.all in pre-release and canary-release flows. Workflow permissions have been expanded to include pull-requests: write access. npm commands have been replaced with pnpm equivalents for version management and build operations. PR fetching logic was updated to destructure response data. Authentication token references were removed from comment update and cleanup steps. A sourceCommit parameter was added to dispatch inputs. Conditional dispatch logic was introduced for canary-release flows, maintaining existing canary-specific conditional checks.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'chore(repo): Various release workflow fixes' accurately summarizes the main changes in the pull request, which involve multiple fixes to the GitHub release workflow including token usage, bug fixes, package manager updates, and async/await improvements.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[nikosdouvlis]

These all look good to me