CLI Reference
Complete command-line interface reference
Release Rust projects with ease
Global Flags
| Flag | Short | Description |
|---|---|---|
--config | -f | Path to config file (overrides auto-detection) |
--verbose | — | Enable verbose output |
--debug | — | Enable debug output |
--quiet | -q | Suppress non-error output |
--strict | — | Strict mode: configured features that silently skip become hard errors |
Commands
anodizer release
Run the full release pipeline
| Flag | Short | Default | Description |
|---|---|---|---|
--crate | — | — | Release a specific crate (repeatable; --id is accepted as a GoReleaser-compat alias) |
--all | — | — | Release all crates with unreleased changes |
--force | — | — | Force release even without unreleased changes |
--snapshot | — | — | Build without publishing (snapshot mode) |
--nightly | — | — | Create a nightly release with date-based version |
--dry-run | — | — | Run full pipeline without side effects |
--clean | — | — | Remove dist directory before starting |
--skip | — | — | Skip stages or publishers (comma-separated, e.g. docker,announce,npm). Unified denylist: a stage name skips the stage, a publisher name (npm, homebrew, chocolatey, …) skips that publisher. |
--publishers | — | — | Comma-separated publishers to run (default: all configured). --skip always wins over --publishers. |
--token | — | — | GitHub token (overrides ANODIZER_GITHUB_TOKEN / GITHUB_TOKEN env vars) |
--timeout | — | 3h | Pipeline timeout duration (e.g., 90m, 3h, 5s) — a generous safety backstop, not the primary bound; per-stage bounds (e.g. announce.deadline) catch a hung stage in seconds |
--parallelism | -p | — | Maximum number of parallel build jobs (default: number of CPUs) |
--auto-snapshot | — | — | Automatically set --snapshot if the git repo is dirty |
--single-target | — | — | Build only for the host target triple |
--targets | — | — | Restrict the build to a comma-separated subset of configured target triples (e.g. x86_64-apple-darwin,aarch64-apple-darwin). Used by the Determinism Harness's sharded job matrix; conflicts with --single-target. |
--host-targets | — | — | Build every configured target this host can build, skipping cross-compile-only targets (apple targets on a non-macOS host). Only valid with --snapshot or --dry-run. Used by task prepush to do a real host-scoped build without aborting on un-buildable targets. |
--release-notes | — | — | Path to a custom release notes file (overrides changelog) |
--workspace | — | — | Release a specific workspace in a monorepo config |
--preflight | — | — | Run pre-flight publisher-state check and exit (don't start the pipeline) |
--no-preflight | — | — | Skip the automatic pre-flight publisher-state check |
--preflight-secrets | — | — | Validate that all required publish secrets / credentials are present (and key material is well-formed) without checking host-local tools — for a central pre-release gate across decoupled CI runners. Checks and exits; does not start the pipeline. |
--strict-preflight | — | — | Alias for --strict (also treats Unknown publisher state as a blocker during pre-flight) |
--draft | — | — | Set the release as a draft |
--release-header | — | — | Path to a file containing custom release header text |
--release-header-tmpl | — | — | Path to a template file for release header (rendered with template variables) |
--release-footer | — | — | Path to a file containing custom release footer text |
--release-footer-tmpl | — | — | Path to a template file for release footer (rendered with template variables) |
--release-notes-tmpl | — | — | Path to a template file for release notes (rendered with template variables, overrides --release-notes) |
--fail-fast | — | — | Abort immediately on first error during publishing |
--no-gate-submitter | — | — | Disable the Submitter gate: dispatch Submitter publishers even when required Assets/Manager publishers failed |
--rollback | — | — | Rollback policy after publish stage. Defaults to best-effort when preflight is clean, none otherwise. |
--rollback-only | — | — | Skip publish; re-attempt rollback from a prior run report. Requires --from-run= |
--from-run | — | — | Prior run id whose state to load when running --rollback-only. Loads |
--allow-rerun | — | — | DANGEROUS: force publish to proceed even when a prior dist/run- |
--show-skipped | — | — | Show per-crate 'no |
--allow-nondeterministic | — | — | Runtime non-determinism opt-out for a specific artifact (repeatable). Mutually exclusive with --strict. |
--summary-json | — | — | Write the per-publisher run summary JSON to this path. Without it, real (non-snapshot, non-dry-run) releases write |
--allow-ai-failure | — | — | If changelog.ai is configured and the AI provider fails, log a warning and keep the pre-AI release notes instead of aborting the release. |
--allow-snapshot-publish | — | — | DANGEROUS: allow publishing a non-release version (snapshot / dirty / 0.0.0-sentinel, e.g. 0.0.0~SNAPSHOT- |
--split | — | — | Run only the build stage for split CI fan-out (outputs artifacts JSON to dist/) |
--merge | — | — | Merge artifacts from split build jobs and resume the pipeline from post-build stages |
--publish-only | — | — | Load artifacts from dist/ (preserved by anodize check determinism --preserve-dist) and run only the sign + publish pipeline. Skips build/archive/nfpm/sbom/checksum — those stages' outputs must already be present in dist/. |
--prepare | — | — | Run local build + archive + sign + checksum + sbom stages but skip release / publish / announce (GoReleaser Pro parity). Artifacts stay in dist/ for inspection. --prepare-only is accepted as an alias for GR-imported scripts. |
--announce-only | — | — | Re-fire announcers only. Loads <dist>/run-<id>/report.json written by a prior run, skips every pipeline stage except announce (which itself short-circuits on nightly), then runs after-hooks. Use this to retry a transient announcer failure (Slack 502, Discord 5xx) without re-creating the GitHub release or re-publishing to package managers. Fails fast when no <dist>/run-<id>/report.json is present. |
--resume-release | — | — | Resume into an existing release left over from a prior failed attempt; bypasses the safety check that bails on partial assets. |
--replace-existing | — | — | Force release.replace_existing_artifacts: true regardless of config (overwrite conflicting assets on retry). |
--no-post-publish-poll | — | — | Skip post-publish polling for chocolatey moderation / winget PR validation; report NotPolled for affected publishers. |
anodizer build
Build binaries only (always runs in snapshot mode)
| Flag | Short | Default | Description |
|---|---|---|---|
--crate | — | — | Build a specific crate (repeatable) |
--timeout | — | 3h | Pipeline timeout duration (e.g., 90m, 3h, 5s) — a generous safety backstop, not the primary bound; per-stage bounds (e.g. announce.deadline) catch a hung stage in seconds |
--parallelism | -p | — | Maximum number of parallel build jobs (default: number of CPUs) |
--single-target | — | — | Build only for the host target triple |
--workspace | — | — | Build a specific workspace in a monorepo config |
--output | -o | — | Copy the built binary to this path (requires --single-target and single crate) |
--skip | — | — | Skip stages (comma-separated: pre-hooks, post-hooks, validate, before) |
anodizer check
Validate configuration and run determinism checks
anodizer check config
Validate the workspace's anodize config
| Flag | Short | Default | Description |
|---|---|---|---|
--workspace | — | — | Validate a specific workspace in a monorepo config |
--skip | — | — | Validate these skip tokens (stages or publishers) against the known set without running anything (comma-separated). Unified denylist: a stage name skips the stage, a publisher name (npm, homebrew, chocolatey, …) skips that publisher. |
--publishers | — | — | Validate-only: check that each name is a publisher the active config actually enables (a known but unconfigured publisher is rejected). Comma-separated publishers to run (default: all configured). --skip always wins over --publishers. |
anodizer check determinism
Run the determinism harness (build pipeline twice, diff artifacts)
| Flag | Short | Default | Description |
|---|---|---|---|
--runs | — | 2 | Number of from-clean rebuilds to diff |
--stages | — | — | Optional stage subset (build,source,upx,archive,nfpm,makeself,snapcraft,sbom,sign,checksum,cargo-package,docker,msi,nsis,dmg,pkg,srpm,appbundle,appimage,flatpak, plus the installers family selector expanding to nfpm,makeself,srpm,msi,nsis,dmg,pkg). Omit the flag to byte-verify the full OS-native partition for this host (Linux adds nfpm/makeself/snapcraft/srpm/docker/appimage/flatpak; macOS adds appbundle/dmg/pkg; Windows adds msi/nsis). The list is also the build filter: stages NOT named here are added to the child release's --skip= set, so a stage must be requested (or in the host default) to be byte-verified. cargo-package is harness-only — drives cargo package --no-verify --allow-dirty per workspace member to probe .crate byte-stability without hitting a registry; it is NOT in the host default and stays opt-in. docker is harness-only — drives docker buildx build --output=type=oci,rewrite-timestamp=true,dest=… against each configured dockers_v2 entry's rendered dockerfile (with its extra_files and build_args, mirroring the production docker stage) to probe OCI image byte-stability without pushing to a registry; skipped when docker buildx is unavailable or the crate configures no dockers_v2. Installer stages (msi/nsis/dmg/pkg/srpm) plus appimage (needs linuxdeploy) and flatpak (needs flatpak-builder) are skipped at the gate when their backing tool is absent — a host-default stage warn-skips, an explicitly typed one hard-fails; appbundle is pure file assembly and always runs when requested. |
--targets | — | — | Restrict the harness to a comma-separated subset of configured target triples. Used by the sharded release workflow so each runner only validates targets it can natively build (Linux runner skips macOS targets, etc.). Forwarded to the child anodize release --snapshot subprocess. |
--report | — | — | JSON report path; default dist/run- |
--snapshot | — | — | Force snapshot mode on the child release subprocess (artifacts get a -SNAPSHOT-<sha> suffix). Default: auto — snapshot off when HEAD is at a tag, on otherwise. |
--no-snapshot | — | — | Force snapshot mode OFF on the child release subprocess (artifacts emit the actual release version). Default: auto — see --snapshot. |
--preserve-dist | — | — | When the harness greens, copy run-0's <worktree>/dist/** to <path>/context.json describing the artifact set. The release workflow's publish-only path consumes this to ship the determinism step's output directly (eliminates the redundant build: recompilation). Local operators can pass this too — useful for inspecting a hermetic dist tree without re-running the release pipeline. |
--crate | — | — | When --preserve-dist is set, write the preserved dist tree to release --publish-only job can merge all crates into a single dist/ without context.json collision. |
--require-tools | — | — | Fail (not warn-skip) if any selected stage's backing tool is missing — used by CI so a default host-OS run cannot silently skip an OS-native producer. |
anodizer check version-files
Check that enrolled version_files still match each crate's current version
anodizer init
Generate starter config, or enroll version-bearing files
| Flag | Short | Default | Description |
|---|---|---|---|
--version-files | — | — | Discover repo files that embed the current version and enroll the selection into version_files in .anodizer.yaml |
--exclude | — | — | Glob(s) to drop from discovered candidates (repeatable or comma-separated); only with --version-files |
--yes | -y | — | Non-interactive: enroll all discovered candidates without prompting |
anodizer changelog
Manage CHANGELOG.md: refresh the pending section, or render notes/JSON
| Flag | Short | Default | Description |
|---|---|---|---|
<range> | — | — | Commit range to render: a single tag (predecessor-resolved against its crate), an explicit from..to range, or omitted to refresh each crate's pending section against its last tag |
--format | — | keep-a-changelog | Output format: keep-a-changelog (refresh the [Unreleased] section), release-notes (grouped-bullet GitHub body to stdout), or json |
--write | — | — | Apply the regenerated [Unreleased] section to the configured CHANGELOG.md file(s) in place (keep-a-changelog only) |
--crate | — | — | Restrict to a specific crate in a workspace |
--snapshot | — | — | Preview as a snapshot release (release-notes format only) |
anodizer completion
Generate shell completions
| Flag | Short | Default | Description |
|---|---|---|---|
<shell> | — | — | Shell to generate completions for |
anodizer healthcheck
Check availability of required external tools
anodizer preflight
Verify the environment can run the configured release: required tools, env vars/secrets (presence only — values are never printed), endpoint reachability, docker daemon, and loadable key material, all derived from the resolved config. Every failure is reported in one pass and the exit code is non-zero when anything is missing. The same checks run automatically at the start of anodizer release
| Flag | Short | Default | Description |
|---|---|---|---|
--json | — | — | Output the report as JSON |
--publish-only | — | — | Check only the publish-time surface (the stages release --publish-only runs), not artifact-producing stages |
--skip | — | — | Skip requirement collection for these stages (comma-separated, same names as release --skip) |
--publishers | — | — | Comma-separated publishers to run (default: all configured). --skip always wins over --publishers. |
--token | — | — | GitHub token override; when set, GitHub token env-var requirements are treated as satisfied |
anodizer man
Generate man pages to stdout
anodizer jsonschema
Output JSON Schema for .anodizer.yaml
anodizer resolve-tag
Resolve a git tag to its matching crate in the config
| Flag | Short | Default | Description |
|---|---|---|---|
<tag> | — | — | Tag to resolve (e.g. 'v1.2.3', 'core-v0.2.3') |
--json | — | — | Output as JSON |
anodizer targets
Emit the configured build targets as a GitHub Actions matrix
| Flag | Short | Default | Description |
|---|---|---|---|
--json | — | — | Output as JSON (include-form matrix) |
--crate | — | — | Restrict to specific crate(s) |
anodizer vocabulary
Emit the canonical --skip / --publishers token vocabulary
| Flag | Short | Default | Description |
|---|---|---|---|
--json | — | — | Output as JSON |
anodizer tools
Emit the external CLI tools the resolved config's pipeline will invoke
| Flag | Short | Default | Description |
|---|---|---|---|
--json | — | — | Output as JSON |
--publish-only | — | — | Only the tools the publish-time surface needs (the stages release --publish-only runs), not artifact-producing stages |
--skip | — | — | Drop tools contributed by these skipped stages (comma-separated, same names as release --skip) |
--publishers | — | — | Comma-separated publishers to run (default: all configured). --skip always wins over --publishers. |
anodizer tag
Auto-tag based on commit message directives
| Flag | Short | Default | Description |
|---|---|---|---|
--dry-run | — | — | Show what tag would be created without pushing |
--custom-tag | — | — | Override bump logic with a specific tag value |
--version | — | — | Tag exactly this semver version, bypassing autotag derivation and the Cargo.toml-ahead guard |
--default-bump | — | — | Override default bump type (patch/minor/major) |
--crate | — | — | Tag a specific crate in a workspace |
--push | — | — | Push the version-sync bump commit to the release branch atomically with the tag |
--no-push | — | — | Push the tag only, leaving the version-sync bump commit local |
--push-remote | — | — | Remote to push to (default: origin) |
--push-dry-run | — | — | Create the tag + bump commit locally but only print (not run) the git push commands --push would use; pass --dry-run to also preview tagging |
--changelog | — | — | Refresh CHANGELOG.md as part of this tag (requires a changelog: config block) |
anodizer tag rollback
Rollback anodize-managed tags at a SHA, then revert (or reset past) the bump commit they point at
| Flag | Short | Default | Description |
|---|---|---|---|
<sha> | — | — | Commit SHA to roll back from. Defaults to HEAD. |
--dry-run | — | — | Print what would happen without mutating anything |
--no-push | — | — | Skip remote tag delete and branch push (local-only) |
--force | — | — | Override the published-state guard: roll back even when the tag's run summary shows a one-way-door publisher (crates.io, chocolatey, winget, snapcraft, ...) accepted the version, or — when no summary exists — when a published (non-draft) GitHub release exists for the tag. Without it, rollback refuses because those registries never accept the same version twice: the version is burned and the only clean recovery is fixing forward |
--scope | — | all | Tag-shape filter: all |
--mode | — | revert | Rollback strategy: revert (default; history-preserving) |
--branch | — | — | Branch name to push the revert commit to. Required when HEAD is detached and no local branch points at it (typical CI tag-push context, where GITHUB_REF_NAME is the tag — not the bump-commit branch). Pass --branch master (or whichever branch the bump commit was created on). |
anodizer continue
Resume a release after a transient failure or after --prepare/--split
| Flag | Short | Default | Description |
|---|---|---|---|
--merge | — | — | Merge artifacts from split build jobs and run post-build stages |
--dist | — | — | Custom dist directory (overrides config) |
--dry-run | — | — | Run full pipeline without side effects |
--skip | — | — | Skip stages or publishers (comma-separated, e.g. docker,announce,npm). Unified denylist: a stage name skips the stage, a publisher name (npm, homebrew, chocolatey, …) skips that publisher. |
--publishers | — | — | Comma-separated publishers to run (default: all configured). --skip always wins over --publishers. |
--token | — | — | GitHub token (overrides ANODIZER_GITHUB_TOKEN / GITHUB_TOKEN env vars) |
anodizer publish
Run only the publish stages (release, blob, publish) from a completed dist/
| Flag | Short | Default | Description |
|---|---|---|---|
--dry-run | — | — | Run full pipeline without side effects |
--token | — | — | GitHub token (overrides ANODIZER_GITHUB_TOKEN / GITHUB_TOKEN env vars) |
--dist | — | — | Custom dist directory (overrides config) |
--merge | — | — | Merge artifacts from release --split workers (dist/goreleaser publish --merge. |
--allow-rerun | — | — | Force re-publish even when a prior report.json exists. WARNING: PR-based publishers will open duplicate pull requests. |
--show-skipped | — | — | Show per-crate 'no |
--skip | — | — | Skip stages or publishers (comma-separated, e.g. npm,blob). Unified denylist: a stage name skips the stage, a publisher name (npm, homebrew, chocolatey, …) skips that publisher. |
--publishers | — | — | Comma-separated publishers to run (default: all configured). --skip always wins over --publishers. |
anodizer bump
Bump crate versions (Conventional Commits → semver level)
| Flag | Short | Default | Description |
|---|---|---|---|
<level_or_version> | — | — | patch |
--package | -p | — | Bump a specific crate (repeatable) |
--workspace | — | — | Bump every workspace member (excluding publish=false) |
--exclude | — | — | Exclude a crate from --workspace (repeatable) |
--pre | — | — | Append a prerelease identifier (e.g. rc.1) |
--exact | — | — | Do not rewrite dependents' [dependencies] version specs |
--allow-dirty | — | — | Proceed even if the working tree has uncommitted changes |
--yes | -y | — | Skip confirmation prompt |
--dry-run | — | — | Print the plan without editing any files |
--commit | — | — | Stage edits and create a single commit |
--changelog | — | — | Refresh CHANGELOG.md in the bump commit (requires --commit and a changelog: config block) |
--sign | — | — | GPG-sign the commit (requires --commit) |
--commit-message | — | — | Override the default commit message template |
--output | — | text | Output format: text |
anodizer announce
Run only the announce stage from a completed dist/
| Flag | Short | Default | Description |
|---|---|---|---|
--dry-run | — | — | Run full pipeline without side effects |
--dist | — | — | Custom dist directory (overrides config) |
--token | — | — | GitHub token (overrides ANODIZER_GITHUB_TOKEN / GITHUB_TOKEN env vars) |
--skip | — | — | Skip stages (comma-separated) |
--merge | — | — | Merge artifact lists from release --split workers (dist/goreleaser announce --merge. |
anodizer notify
Send a notification through configured announce integrations
| Flag | Short | Default | Description |
|---|---|---|---|
<message> | — | — | Message template to send. Supports standard Tera template vars (e.g. {{ ProjectName }}, {{ Tag }}, {{ Version }}) |
--publishers | — | — | Comma-separated list of integration names to fire (default: all). Valid names: discord, discourse, slack, webhook, telegram, teams, mattermost, reddit, twitter, mastodon, bluesky, linkedin |
--skip | — | — | Comma-separated list of integration names to omit |
--raw | — | — | Send the message literally, without Tera template rendering. Use when the message contains untrusted text (e.g. error output in an on_error hook) |
--allow-secrets | — | — | Send secrets in the message body verbatim (disable outbound redaction). For trusted private channels only; log output stays redacted |
--dry-run | — | — | Run without sending (dry-run mode) |