Skip to content

semrel

Zero Node.js. Zero runtime overhead. One binary that reads your commits, bumps SemVer, and ships the release — automatically.

No Node.js — ever

semrel ships as a single static binary for Linux, macOS, and Windows. No npm install, no node_modules, no V8 cold starts. Alpine containers, air-gapped pipelines, and minimal runners just work.

Automatic SemVer from Conventional Commits

semrel analyses every commit since the last tag and calculates the correct major, minor, or patch bump — no human decision required, no manual changelog editing.

Supply-chain secure by default

Every official release is signed with Sigstore Cosign, includes CycloneDX + SPDX SBOMs, and carries SLSA Level 1 provenance attestation. Ready for NIS2, DORA, and Cyber Resilience Act mandates.

Air-gap & regulated environments

Pre-cache the .semrel/plugins/ directory once. After that, zero outbound network calls during CI. Fully compatible with restricted, air-gapped enterprise pipelines.

Fully pluggable pipeline

Every step — condition, analyzer, generator, updater, packager, publisher, provider, hook — is a swappable subprocess binary. Write plugins in Go, Python, Rust, Node.js, or any language. No lock-in.

Monorepo ready

Version multiple independent modules in a single repository, each with its own .semrel.yaml, tag series, and release lifecycle.

Fast in large repositories

Compiled Go versus a multi-hundred-package Node.js tree. semrel traverses git log and calls forge APIs concurrently — no 35-minute CI timeouts.

Open Source · Apache 2.0

Built in the open at SemRels/semrel. Free forever, no Pro tier, no pay-wall for monorepos or enterprise features.