ImBIOS · ImBIOS · Nov 23, 2025 · Nov 23, 2025 · Nov 23, 2025 · Nov 23, 2025
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -47,6 +47,11 @@ jobs:
       - uses: oven-sh/setup-bun@635640504f6d7197d3bb29876a652f671028dc97
       - run: bun install
 
+      - name: Download versions.json
+        run: gh release download versions -p versions.json || echo "{}" > versions.json
-        run: gh release download versions -p versions.json || echo "{}" > versions.json
+        run: gh release download versions -p versions.json || echo '{"bun":{},"nodejs":{}}' > versions.json
-        run: gh release download versions -p versions.json || echo "{}" > versions.json
+        run: gh release download versions -p versions.json || echo '{"bun":{},"nodejs":{}}' > versions.json
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Check for new releases of nodejs and bun
         if: ${{ inputs.nodejs-version == '' && inputs.bun-versions == '' && inputs.distros == '' }}
         run: |
@@ -77,18 +82,12 @@ jobs:
           BUN_VERSIONS_TO_BUILD: ${{ env.BUN_VERSIONS_TO_BUILD || inputs.bun-versions }}
           DISTROS: ${{ env.DISTROS || inputs.distros }}
 
-      - name: Commit changes
-        run: ./commit_changes.sh
+      - name: Upload versions.json
+        run: |
+          gh release create versions versions.json --title "Versions State" --notes "Stores the current versions.json state" || \
+          gh release upload versions versions.json --clobber
         env:
-          BUN_VERSIONS_TO_BUILD: ${{ env.BUN_VERSIONS_TO_BUILD }}
-          NODE_VERSIONS_TO_BUILD: ${{ env.NODE_VERSIONS_TO_BUILD }}
-          DISTROS: ${{ env.DISTROS }}
-      - name: Pull changes
-        run: git pull -r
-      - name: Push changes
-        uses: ad-m/github-push-action@77c5b412c50b723d2a4fbc6d71fb5723bcd439aa
-        with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   rerun-failed-jobs:
     runs-on: ubuntu-latest
     needs: [build-job]

diff --git a/build_updated.sh b/build_updated.sh
@@ -43,26 +43,24 @@ IFS=',' read -ra DISTROS <<<"$DISTROS"
 
 # If NODE_VERSIONS_TO_BUILD is empty, but BUN_VERSIONS_TO_BUILD is not,
 # build all versions from versions.json
+# If NODE_VERSIONS_TO_BUILD is empty, but BUN_VERSIONS_TO_BUILD is not,
+# we used to build all versions from versions.json.
+# But for automatic updates, we want to build NOTHING if no Node versions are updated.
 if [ -z "$NODE_VERSIONS_TO_BUILD" ]; then
-  IFS=',' read -ra NODE_MAJOR_VERSIONS <<<"$NODE_MAJOR_VERSIONS_TO_CHECK"
+  log "No Node.js versions to build."
   NODE_VERSIONS=()
-  for node_major_version in "${NODE_MAJOR_VERSIONS[@]}"; do
-    node_version=$(cat versions.json | jq -r ".nodejs.\"${node_major_version}\".version")
-    if [ "$node_version" != "null" ]; then
-      NODE_VERSIONS+=("${node_version//v/}")
-    fi
-  done
 fi
 
 log "Building Node versions: ${NODE_VERSIONS[*]}"
 
 # If BUN_VERSIONS_TO_BUILD is empty, but NODE_VERSIONS_TO_BUILD is not,
 # build all versions from versions.json
+# If BUN_VERSIONS_TO_BUILD is empty, but NODE_VERSIONS_TO_BUILD is not,
+# we used to build all versions from versions.json.
+# But for automatic updates, we want to build NOTHING if no Bun versions are updated.
 if [ -z "$BUN_VERSIONS_TO_BUILD" ]; then
+  log "No Bun versions to build."
   BUN_VERSIONS=()
-  for bun_version in $(cat versions.json | jq -r '.bun | keys[]'); do
-    BUN_VERSIONS+=("${bun_version//v/}")
-  done
 fi
 
 log "Building Bun versions: ${BUN_VERSIONS[*]}"
@@ -116,7 +114,19 @@ generate_tags() {
     echo "$REGISTRY/bun-node:latest-${codename}-${distro}"
   fi
 
-  if [[ $is_canary == false && "$node_major" == "20" && $distro == "debian" ]]; then
+  # Only tag "latest" if this is the latest Node.js version and Debian distro
+  # We need to check if the current node_major is the latest one in versions.json
+  # This is a bit tricky in bash without parsing JSON again, but we can assume the loop order or check against a known latest.
+  # Better approach: The caller knows if it's the latest.
+  # For now, let's restrict it to the highest known major version we support (e.g. 25) or check if it's the last one in the list?
+  # Actually, the issue says "latest tag should be the last tag built".
+  # If we build in order, the last one overwrites 'latest'.
+  # BUT, if we build multiple versions, we might overwrite 'latest' with an older version if the loop isn't sorted or if we build an old version update.
+  # A safer way is to explicitly check if this node version is the "latest" defined in versions.json.
-  # Only tag "latest" if this is the latest Node.js version and Debian distro
-  # We need to check if the current node_major is the latest one in versions.json
-  # This is a bit tricky in bash without parsing JSON again, but we can assume the loop order or check against a known latest.
-  # Better approach: The caller knows if it's the latest.
-  # For now, let's restrict it to the highest known major version we support (e.g. 25) or check if it's the last one in the list?
-  # Actually, the issue says "latest tag should be the last tag built".
-  # If we build in order, the last one overwrites 'latest'.
-  # BUT, if we build multiple versions, we might overwrite 'latest' with an older version if the loop isn't sorted or if we build an old version update.
-  # A safer way is to explicitly check if this node version is the "latest" defined in versions.json.
+  # Tag "latest" only if this is the highest Node.js major version in versions.json and the distro is Debian.
-  # Only tag "latest" if this is the latest Node.js version and Debian distro
-  # We need to check if the current node_major is the latest one in versions.json
-  # This is a bit tricky in bash without parsing JSON again, but we can assume the loop order or check against a known latest.
-  # Better approach: The caller knows if it's the latest.
-  # For now, let's restrict it to the highest known major version we support (e.g. 25) or check if it's the last one in the list?
-  # Actually, the issue says "latest tag should be the last tag built".
-  # If we build in order, the last one overwrites 'latest'.
-  # BUT, if we build multiple versions, we might overwrite 'latest' with an older version if the loop isn't sorted or if we build an old version update.
-  # A safer way is to explicitly check if this node version is the "latest" defined in versions.json.
+  # Tag "latest" only if this is the highest Node.js major version in versions.json and the distro is Debian.
+
+  local latest_node_major=$(echo "${json_data}" | jq -r '.nodejs | keys | map(tonumber) | max')
-  local latest_node_major=$(echo "${json_data}" | jq -r '.nodejs | keys | map(tonumber) | max')
+  local latest_node_major=$(echo "${json_data}" | jq -r '.nodejs | keys | map(tonumber) | max // 25')
-  local latest_node_major=$(echo "${json_data}" | jq -r '.nodejs | keys | map(tonumber) | max')
+  local latest_node_major=$(echo "${json_data}" | jq -r '.nodejs | keys | map(tonumber) | max // 25')
+
+  if [[ $is_canary == false && "$node_major" == "$latest_node_major" && $distro == "debian" ]]; then
     echo "$REGISTRY/bun-node:latest"
   fi
 

diff --git a/check-bun-node.ts b/check-bun-node.ts
@@ -203,12 +203,24 @@ const main = async () => {
   }
 
   if (process.argv.includes("--node")) {
-    console.log(
-      (await generateReleaseData())
-        .filter((release) => [20, 22, 24, 25].includes(release?.major || 0))
-        .map((release) => release?.versionWithPrefix.replace("v", ""))
-        .join(",")
-    );
+    const releases = await generateReleaseData();
+    const versionsJson = await Bun.file("versions.json").json();
+
+    const newVersions = releases
+      .filter((release) => [20, 22, 24, 25].includes(release?.major || 0))
+      .filter((release) => {
+        if (!release) return false;
+        const currentVersion = versionsJson.nodejs[release.major]?.version;
-        const currentVersion = versionsJson.nodejs[release.major]?.version;
+        const nodejs = versionsJson.nodejs || {};
+        const currentVersion = nodejs[release.major]?.version;
-        const currentVersion = versionsJson.nodejs[release.major]?.version;
+        const nodejs = versionsJson.nodejs || {};
+        const currentVersion = nodejs[release.major]?.version;
+        // If current version is not set, or is different (assuming we only get newer versions from nodevu), it's an update.
+        // Actually, nodevu returns the LATEST version for that major.
+        // So if versions.json has v20.10.0 and nodevu says v20.11.0, we want to build.
+        // If versions.json has v20.11.0 and nodevu says v20.11.0, we don't want to build.
-        // If current version is not set, or is different (assuming we only get newer versions from nodevu), it's an update.
-        // Actually, nodevu returns the LATEST version for that major.
-        // So if versions.json has v20.10.0 and nodevu says v20.11.0, we want to build.
-        // If versions.json has v20.11.0 and nodevu says v20.11.0, we don't want to build.
+        // Only build if the version has changed
-        // If current version is not set, or is different (assuming we only get newer versions from nodevu), it's an update.
-        // Actually, nodevu returns the LATEST version for that major.
-        // So if versions.json has v20.10.0 and nodevu says v20.11.0, we want to build.
-        // If versions.json has v20.11.0 and nodevu says v20.11.0, we don't want to build.
+        // Only build if the version has changed
+        return currentVersion !== release.versionWithPrefix;
+      })
+      .map((release) => release?.versionWithPrefix.replace("v", ""))
+      .join(",");
+
+    console.log(newVersions);
   }
 };
 

diff --git a/commit_changes.sh b/commit_changes.sh
diff --git a/docs/research_matrix.md b/docs/research_matrix.md
@@ -0,0 +1,45 @@
+# Research: Workflow Matrix vs Single Builder
+
+## Context
+The current build system uses a "Single Builder" pattern where a single job runs a script (`build_updated.sh`) that iterates over all versions and builds them sequentially. Issue #24 suggests investigating if a GitHub Actions Matrix strategy would be better.
+
+## Comparison
+
+| Feature | Single Builder (Current) | Workflow Matrix |
+| :--- | :--- | :--- |
+| **Parallelism** | Low (Sequential builds in loop) | High (Concurrent jobs) |
+| **Failures** | One failure can stop the whole loop (unless handled carefully) | Isolated failures per job |
+| **Resource Usage** | Single runner, longer duration | Multiple runners, shorter duration (burst) |
+| **Complexity** | High (Bash script logic) | Medium (YAML configuration) |
+| **Cost** | Lower (1 runner time) | Higher (Multiple runners init time overhead) |
+| **Logs** | Mixed in one huge log | Separated per job |
+| **Dynamic** | Hard (Need to generate JSON for matrix) | Native support for dynamic matrix |
+
+## Analysis for bun-node
+
+### Pros of Matrix
+1.  **Speed:** Building multiple Docker images is time-consuming. Parallelizing this would significantly reduce total build time.
+2.  **Isolation:** If one image build fails (e.g., specific Node version issue), it won't block others.
+3.  **Clarity:** GitHub UI shows exactly which build failed.
+
+### Cons of Matrix
+1.  **Complexity of Dynamic Matrix:** Since we only want to build *updated* versions, we need a "setup" job that calculates the matrix (JSON) and passes it to the build job.
+2.  **Concurrency Limits:** GitHub Free tier has concurrency limits (20 jobs). If we have many versions, we might queue.
+3.  **Shared State:** The current script updates `versions.json` after each build. In a matrix, we'd need to aggregate these updates or handle them differently (e.g., one final commit job).
+
+## Recommendation
+**Migrate to Matrix.**
+The benefits of parallelism and isolation outweigh the setup complexity.
+The `versions.json` update issue (Issue 35) actually helps here: if we move `versions.json` to Releases, we don't need to commit to git from every job. We can have a final "Release" job that aggregates the successful builds and updates the `versions.json` in the Release assets.
+
+## Implementation Strategy
+1.  **Job 1: Check Versions**
+    - Runs `check-bun-node.ts`.
+    - Outputs a JSON matrix of versions to build.
+2.  **Job 2: Build (Matrix)**
+    - `needs: [check-versions]`
+    - `strategy: matrix: ${{ fromJson(needs.check-versions.outputs.matrix) }}`
+    - Builds and pushes single image.
+3.  **Job 3: Update Release**
+    - `needs: [build]`
+    - Updates `versions.json` and uploads to GitHub Release.
diff --git a/versions.json b/versions.json