Skip to main content

CLI Reference

Complete command-line interface reference

Release Rust projects with ease

Global Flags

FlagShortDescription
--config-fPath to config file (overrides auto-detection)
--verboseEnable verbose output
--debugEnable debug output
--quiet-qSuppress non-error output
--strictStrict mode: configured features that silently skip become hard errors

Commands

anodizer release

Run the full release pipeline

FlagShortDefaultDescription
--crateRelease a specific crate (repeatable; --id is accepted as a GoReleaser-compat alias)
--allRelease all crates with unreleased changes
--forceForce release even without unreleased changes
--snapshotBuild without publishing (snapshot mode)
--nightlyCreate a nightly release with date-based version
--dry-runRun full pipeline without side effects
--cleanRemove dist directory before starting
--skipSkip stages or publishers (comma-separated, e.g. docker,announce,npm). Unified denylist: a stage name skips the stage, a publisher name (npm, homebrew, chocolatey, …) skips that publisher.
--publishersComma-separated publishers to run (default: all configured). --skip always wins over --publishers.
--tokenGitHub token (overrides ANODIZER_GITHUB_TOKEN / GITHUB_TOKEN env vars)
--timeout3hPipeline timeout duration (e.g., 90m, 3h, 5s) — a generous safety backstop, not the primary bound; per-stage bounds (e.g. announce.deadline) catch a hung stage in seconds
--parallelism-pMaximum number of parallel build jobs (default: number of CPUs)
--auto-snapshotAutomatically set --snapshot if the git repo is dirty
--single-targetBuild only for the host target triple
--targetsRestrict the build to a comma-separated subset of configured target triples (e.g. x86_64-apple-darwin,aarch64-apple-darwin). Used by the Determinism Harness's sharded job matrix; conflicts with --single-target.
--host-targetsBuild every configured target this host can build, skipping cross-compile-only targets (apple targets on a non-macOS host). Only valid with --snapshot or --dry-run. Used by task prepush to do a real host-scoped build without aborting on un-buildable targets.
--release-notesPath to a custom release notes file (overrides changelog)
--workspaceRelease a specific workspace in a monorepo config
--preflightRun pre-flight publisher-state check and exit (don't start the pipeline)
--no-preflightSkip the automatic pre-flight publisher-state check
--preflight-secretsValidate that all required publish secrets / credentials are present (and key material is well-formed) without checking host-local tools — for a central pre-release gate across decoupled CI runners. Checks and exits; does not start the pipeline.
--strict-preflightAlias for --strict (also treats Unknown publisher state as a blocker during pre-flight)
--draftSet the release as a draft
--release-headerPath to a file containing custom release header text
--release-header-tmplPath to a template file for release header (rendered with template variables)
--release-footerPath to a file containing custom release footer text
--release-footer-tmplPath to a template file for release footer (rendered with template variables)
--release-notes-tmplPath to a template file for release notes (rendered with template variables, overrides --release-notes)
--fail-fastAbort immediately on first error during publishing
--no-gate-submitterDisable the Submitter gate: dispatch Submitter publishers even when required Assets/Manager publishers failed
--rollbackRollback policy after publish stage. Defaults to best-effort when preflight is clean, none otherwise.
--rollback-onlySkip publish; re-attempt rollback from a prior run report. Requires --from-run=.
--from-runPrior run id whose state to load when running --rollback-only. Loads /run-/rollback.json if present (a prior replay's state), otherwise /run-/report.json. Delete rollback.json to force a full re-roll. Must match the run_id format written by the release pipeline (alphanumeric, dot, dash, underscore; no path separators).
--allow-rerunDANGEROUS: force publish to proceed even when a prior dist/run-/report.json exists for this tag. PR-based publishers (homebrew, scoop, nix, krew, MCP) will open DUPLICATE pull requests. Recover from partial failures with --rollback-only --from-run= first. Cannot be combined with --rollback-only (which has its own idempotency).
--show-skippedShow per-crate 'no config block' skip lines at default verbosity (normally only visible with --debug). Use to diagnose why a publisher didn't run for a given crate.
--allow-nondeterministicRuntime non-determinism opt-out for a specific artifact (repeatable). Mutually exclusive with --strict.
--summary-jsonWrite the per-publisher run summary JSON to this path. Without it, real (non-snapshot, non-dry-run) releases write /run-/summary.json — even when a stage fails — so recovery tooling always has machine-readable publish state.
--allow-ai-failureIf changelog.ai is configured and the AI provider fails, log a warning and keep the pre-AI release notes instead of aborting the release.
--allow-snapshot-publishDANGEROUS: allow publishing a non-release version (snapshot / dirty / 0.0.0-sentinel, e.g. 0.0.0~SNAPSHOT-) to external publishers. By default the publish, blob, and announce stages refuse such versions — several indexes (crates.io, Cloudsmith, Chocolatey, winget, AUR) are one-way doors. Use ONLY for a private/test channel.
--splitRun only the build stage for split CI fan-out (outputs artifacts JSON to dist/)
--mergeMerge artifacts from split build jobs and resume the pipeline from post-build stages
--publish-onlyLoad artifacts from dist/ (preserved by anodize check determinism --preserve-dist) and run only the sign + publish pipeline. Skips build/archive/nfpm/sbom/checksum — those stages' outputs must already be present in dist/.
--prepareRun local build + archive + sign + checksum + sbom stages but skip release / publish / announce (GoReleaser Pro parity). Artifacts stay in dist/ for inspection. --prepare-only is accepted as an alias for GR-imported scripts.
--announce-onlyRe-fire announcers only. Loads <dist>/run-<id>/report.json written by a prior run, skips every pipeline stage except announce (which itself short-circuits on nightly), then runs after-hooks. Use this to retry a transient announcer failure (Slack 502, Discord 5xx) without re-creating the GitHub release or re-publishing to package managers. Fails fast when no <dist>/run-<id>/report.json is present.
--resume-releaseResume into an existing release left over from a prior failed attempt; bypasses the safety check that bails on partial assets.
--replace-existingForce release.replace_existing_artifacts: true regardless of config (overwrite conflicting assets on retry).
--no-post-publish-pollSkip post-publish polling for chocolatey moderation / winget PR validation; report NotPolled for affected publishers.

anodizer build

Build binaries only (always runs in snapshot mode)

FlagShortDefaultDescription
--crateBuild a specific crate (repeatable)
--timeout3hPipeline timeout duration (e.g., 90m, 3h, 5s) — a generous safety backstop, not the primary bound; per-stage bounds (e.g. announce.deadline) catch a hung stage in seconds
--parallelism-pMaximum number of parallel build jobs (default: number of CPUs)
--single-targetBuild only for the host target triple
--workspaceBuild a specific workspace in a monorepo config
--output-oCopy the built binary to this path (requires --single-target and single crate)
--skipSkip stages (comma-separated: pre-hooks, post-hooks, validate, before)

anodizer check

Validate configuration and run determinism checks

anodizer check config

Validate the workspace's anodize config

FlagShortDefaultDescription
--workspaceValidate a specific workspace in a monorepo config
--skipValidate these skip tokens (stages or publishers) against the known set without running anything (comma-separated). Unified denylist: a stage name skips the stage, a publisher name (npm, homebrew, chocolatey, …) skips that publisher.
--publishersValidate-only: check that each name is a publisher the active config actually enables (a known but unconfigured publisher is rejected). Comma-separated publishers to run (default: all configured). --skip always wins over --publishers.

anodizer check determinism

Run the determinism harness (build pipeline twice, diff artifacts)

FlagShortDefaultDescription
--runs2Number of from-clean rebuilds to diff
--stagesOptional stage subset (build,source,upx,archive,nfpm,makeself,snapcraft,sbom,sign,checksum,cargo-package,docker,msi,nsis,dmg,pkg,srpm,appbundle,appimage,flatpak, plus the installers family selector expanding to nfpm,makeself,srpm,msi,nsis,dmg,pkg). Omit the flag to byte-verify the full OS-native partition for this host (Linux adds nfpm/makeself/snapcraft/srpm/docker/appimage/flatpak; macOS adds appbundle/dmg/pkg; Windows adds msi/nsis). The list is also the build filter: stages NOT named here are added to the child release's --skip= set, so a stage must be requested (or in the host default) to be byte-verified. cargo-package is harness-only — drives cargo package --no-verify --allow-dirty per workspace member to probe .crate byte-stability without hitting a registry; it is NOT in the host default and stays opt-in. docker is harness-only — drives docker buildx build --output=type=oci,rewrite-timestamp=true,dest=… against each configured dockers_v2 entry's rendered dockerfile (with its extra_files and build_args, mirroring the production docker stage) to probe OCI image byte-stability without pushing to a registry; skipped when docker buildx is unavailable or the crate configures no dockers_v2. Installer stages (msi/nsis/dmg/pkg/srpm) plus appimage (needs linuxdeploy) and flatpak (needs flatpak-builder) are skipped at the gate when their backing tool is absent — a host-default stage warn-skips, an explicitly typed one hard-fails; appbundle is pure file assembly and always runs when requested.
--targetsRestrict the harness to a comma-separated subset of configured target triples. Used by the sharded release workflow so each runner only validates targets it can natively build (Linux runner skips macOS targets, etc.). Forwarded to the child anodize release --snapshot subprocess.
--reportJSON report path; default dist/run-/determinism.json
--snapshotForce snapshot mode on the child release subprocess (artifacts get a -SNAPSHOT-<sha> suffix). Default: auto — snapshot off when HEAD is at a tag, on otherwise.
--no-snapshotForce snapshot mode OFF on the child release subprocess (artifacts emit the actual release version). Default: auto — see --snapshot.
--preserve-distWhen the harness greens, copy run-0's <worktree>/dist/** to and emit <path>/context.json describing the artifact set. The release workflow's publish-only path consumes this to ship the determinism step's output directly (eliminates the redundant build: recompilation). Local operators can pass this too — useful for inspecting a hermetic dist tree without re-running the release pipeline.
--crateWhen --preserve-dist is set, write the preserved dist tree to // instead of directly into /. Used by the sharded matrix to produce per-crate subdirectories so a release --publish-only job can merge all crates into a single dist/ without context.json collision.
--require-toolsFail (not warn-skip) if any selected stage's backing tool is missing — used by CI so a default host-OS run cannot silently skip an OS-native producer.

anodizer check version-files

Check that enrolled version_files still match each crate's current version

anodizer init

Generate starter config, or enroll version-bearing files

FlagShortDefaultDescription
--version-filesDiscover repo files that embed the current version and enroll the selection into version_files in .anodizer.yaml
--excludeGlob(s) to drop from discovered candidates (repeatable or comma-separated); only with --version-files
--yes-yNon-interactive: enroll all discovered candidates without prompting

anodizer changelog

Manage CHANGELOG.md: refresh the pending section, or render notes/JSON

FlagShortDefaultDescription
<range>Commit range to render: a single tag (predecessor-resolved against its crate), an explicit from..to range, or omitted to refresh each crate's pending section against its last tag
--formatkeep-a-changelogOutput format: keep-a-changelog (refresh the [Unreleased] section), release-notes (grouped-bullet GitHub body to stdout), or json
--writeApply the regenerated [Unreleased] section to the configured CHANGELOG.md file(s) in place (keep-a-changelog only)
--crateRestrict to a specific crate in a workspace
--snapshotPreview as a snapshot release (release-notes format only)

anodizer completion

Generate shell completions

FlagShortDefaultDescription
<shell>Shell to generate completions for

anodizer healthcheck

Check availability of required external tools

anodizer preflight

Verify the environment can run the configured release: required tools, env vars/secrets (presence only — values are never printed), endpoint reachability, docker daemon, and loadable key material, all derived from the resolved config. Every failure is reported in one pass and the exit code is non-zero when anything is missing. The same checks run automatically at the start of anodizer release

FlagShortDefaultDescription
--jsonOutput the report as JSON
--publish-onlyCheck only the publish-time surface (the stages release --publish-only runs), not artifact-producing stages
--skipSkip requirement collection for these stages (comma-separated, same names as release --skip)
--publishersComma-separated publishers to run (default: all configured). --skip always wins over --publishers.
--tokenGitHub token override; when set, GitHub token env-var requirements are treated as satisfied

anodizer man

Generate man pages to stdout

anodizer jsonschema

Output JSON Schema for .anodizer.yaml

anodizer resolve-tag

Resolve a git tag to its matching crate in the config

FlagShortDefaultDescription
<tag>Tag to resolve (e.g. 'v1.2.3', 'core-v0.2.3')
--jsonOutput as JSON

anodizer targets

Emit the configured build targets as a GitHub Actions matrix

FlagShortDefaultDescription
--jsonOutput as JSON (include-form matrix)
--crateRestrict to specific crate(s)

anodizer vocabulary

Emit the canonical --skip / --publishers token vocabulary

FlagShortDefaultDescription
--jsonOutput as JSON

anodizer tools

Emit the external CLI tools the resolved config's pipeline will invoke

FlagShortDefaultDescription
--jsonOutput as JSON
--publish-onlyOnly the tools the publish-time surface needs (the stages release --publish-only runs), not artifact-producing stages
--skipDrop tools contributed by these skipped stages (comma-separated, same names as release --skip)
--publishersComma-separated publishers to run (default: all configured). --skip always wins over --publishers.

anodizer tag

Auto-tag based on commit message directives

FlagShortDefaultDescription
--dry-runShow what tag would be created without pushing
--custom-tagOverride bump logic with a specific tag value
--versionTag exactly this semver version, bypassing autotag derivation and the Cargo.toml-ahead guard
--default-bumpOverride default bump type (patch/minor/major)
--crateTag a specific crate in a workspace
--pushPush the version-sync bump commit to the release branch atomically with the tag
--no-pushPush the tag only, leaving the version-sync bump commit local
--push-remoteRemote to push to (default: origin)
--push-dry-runCreate the tag + bump commit locally but only print (not run) the git push commands --push would use; pass --dry-run to also preview tagging
--changelogRefresh CHANGELOG.md as part of this tag (requires a changelog: config block)

anodizer tag rollback

Rollback anodize-managed tags at a SHA, then revert (or reset past) the bump commit they point at

FlagShortDefaultDescription
<sha>Commit SHA to roll back from. Defaults to HEAD.
--dry-runPrint what would happen without mutating anything
--no-pushSkip remote tag delete and branch push (local-only)
--forceOverride the published-state guard: roll back even when the tag's run summary shows a one-way-door publisher (crates.io, chocolatey, winget, snapcraft, ...) accepted the version, or — when no summary exists — when a published (non-draft) GitHub release exists for the tag. Without it, rollback refuses because those registries never accept the same version twice: the version is burned and the only clean recovery is fixing forward
--scopeallTag-shape filter: all
--moderevertRollback strategy: revert (default; history-preserving)
--branchBranch name to push the revert commit to. Required when HEAD is detached and no local branch points at it (typical CI tag-push context, where GITHUB_REF_NAME is the tag — not the bump-commit branch). Pass --branch master (or whichever branch the bump commit was created on).

anodizer continue

Resume a release after a transient failure or after --prepare/--split

FlagShortDefaultDescription
--mergeMerge artifacts from split build jobs and run post-build stages
--distCustom dist directory (overrides config)
--dry-runRun full pipeline without side effects
--skipSkip stages or publishers (comma-separated, e.g. docker,announce,npm). Unified denylist: a stage name skips the stage, a publisher name (npm, homebrew, chocolatey, …) skips that publisher.
--publishersComma-separated publishers to run (default: all configured). --skip always wins over --publishers.
--tokenGitHub token (overrides ANODIZER_GITHUB_TOKEN / GITHUB_TOKEN env vars)

anodizer publish

Run only the publish stages (release, blob, publish) from a completed dist/

FlagShortDefaultDescription
--dry-runRun full pipeline without side effects
--tokenGitHub token (overrides ANODIZER_GITHUB_TOKEN / GITHUB_TOKEN env vars)
--distCustom dist directory (overrides config)
--mergeMerge artifacts from release --split workers (dist//context.json) before running the publish-only pipeline. Mirrors goreleaser publish --merge.
--allow-rerunForce re-publish even when a prior report.json exists. WARNING: PR-based publishers will open duplicate pull requests.
--show-skippedShow per-crate 'no config block' skip lines at default verbosity (normally only visible with --debug). Use to diagnose why a publisher didn't run for a given crate.
--skipSkip stages or publishers (comma-separated, e.g. npm,blob). Unified denylist: a stage name skips the stage, a publisher name (npm, homebrew, chocolatey, …) skips that publisher.
--publishersComma-separated publishers to run (default: all configured). --skip always wins over --publishers.

anodizer bump

Bump crate versions (Conventional Commits → semver level)

FlagShortDefaultDescription
<level_or_version>patch
--package-pBump a specific crate (repeatable)
--workspaceBump every workspace member (excluding publish=false)
--excludeExclude a crate from --workspace (repeatable)
--preAppend a prerelease identifier (e.g. rc.1)
--exactDo not rewrite dependents' [dependencies] version specs
--allow-dirtyProceed even if the working tree has uncommitted changes
--yes-ySkip confirmation prompt
--dry-runPrint the plan without editing any files
--commitStage edits and create a single commit
--changelogRefresh CHANGELOG.md in the bump commit (requires --commit and a changelog: config block)
--signGPG-sign the commit (requires --commit)
--commit-messageOverride the default commit message template
--outputtextOutput format: text

anodizer announce

Run only the announce stage from a completed dist/

FlagShortDefaultDescription
--dry-runRun full pipeline without side effects
--distCustom dist directory (overrides config)
--tokenGitHub token (overrides ANODIZER_GITHUB_TOKEN / GITHUB_TOKEN env vars)
--skipSkip stages (comma-separated)
--mergeMerge artifact lists from release --split workers (dist//context.json) before announcing. Mirrors goreleaser announce --merge.

anodizer notify

Send a notification through configured announce integrations

FlagShortDefaultDescription
<message>Message template to send. Supports standard Tera template vars (e.g. {{ ProjectName }}, {{ Tag }}, {{ Version }})
--publishersComma-separated list of integration names to fire (default: all). Valid names: discord, discourse, slack, webhook, telegram, teams, mattermost, reddit, twitter, mastodon, bluesky, linkedin
--skipComma-separated list of integration names to omit
--rawSend the message literally, without Tera template rendering. Use when the message contains untrusted text (e.g. error output in an on_error hook)
--allow-secretsSend secrets in the message body verbatim (disable outbound redaction). For trusted private channels only; log output stays redacted
--dry-runRun without sending (dry-run mode)