feat(node): add changelog support to comfy node publish

[bigcat88]

• Adds --changelog flag, --changelog-file flag (- reads stdin), and COMFY_NODE_CHANGELOG env var to comfy node publish; the text is sent as node_version.changelog in the existing publish POST, populating the registry's Updates section.
• --changelog and --changelog-file are mutually exclusive; either explicit flag overrides the env var (read manually via os.environ, not typer's envvar, so behavior is identical across typer/click versions). Files and stdin are decoded utf-8-sig (BOM-safe); input is stripped, and empty input omits the key from the request body.
• --changelog-file - without --token exits early with a clear error, since the interactive API-key prompt cannot read from stdin after the changelog consumed it.
• Prints a warning when the publish response does not echo the changelog back (publish still succeeds); resolve_publish_changelog runs before validation so input errors exit 1 without touching the network.
• Removes the print(request_body) in RegistryAPI.publish_node_version that dumped the personal access token to stdout on every publish.
• Adds token and changelog to SENSITIVE_TRACKING_KEYS so the publisher PAT and changelog text are redacted from command telemetry (key presence is still recorded).
• Adds 25 tests covering the request body (present/omitted/verbatim multi-line), all input sources and their precedence, file/stdin error paths, the echo-warning matrix, telemetry redaction, and a token-not-printed regression.
• Fixes feat: support publishing a node version changelog (registry "Updates" section) #467

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 3a1c374d-bdf6-44d5-bb65-dda1d6675de6

📥 Commits

Reviewing files that changed from the base of the PR and between 0495c09 and 3f41ffc.

📒 Files selected for processing (4)

• comfy_cli/command/custom_nodes/command.py
• comfy_cli/tracking.py
• tests/comfy_cli/command/nodes/test_publish.py
• tests/comfy_cli/test_tracking.py

---

📝 Walkthrough

Walkthrough

Adds end-to-end changelog support: CLI flags/env/file/stdin resolve changelog text, publish command passes it to RegistryAPI.publish_node_version, tests cover parsing/encoding/precedence/warnings, and tracking redaction now redacts token and changelog. A tiny rhyme for good measure: publish with care, and changelogs will share.

Changes

Publish Changelog Support

Layer / File(s)	Summary
Registry API changelog parameter and tests comfy_cli/registry/api.py, tests/comfy_cli/registry/test_api.py	publish_node_version gains an optional changelog parameter and conditionally includes it in the POST body. Tests mock the publish response and assert changelog is sent verbatim when present, omitted when absent or empty, and that tokens are not printed.
CLI changelog resolution and publish wiring comfy_cli/command/custom_nodes/command.py	Adds resolve_publish_changelog to derive changelog from --changelog, --changelog-file (path or - for stdin), or COMFY_NODE_CHANGELOG; publish accepts new flags, enforces exclusivity, requires --token when reading stdin, passes resolved text to the registry API, and warns if the registry does not echo the submitted changelog.
CLI changelog tests and helpers tests/comfy_cli/command/nodes/test_publish.py	Adds publish_flow_mocks and flatten helpers and many tests validating flag/file/stdin/env parsing, UTF-8/BOM handling, invalid-UTF8/file-missing errors, precedence rules, whitespace-only normalization, and warning behavior when the registry drops or alters the changelog.
Telemetry tracking redaction comfy_cli/tracking.py, tests/comfy_cli/test_tracking.py	Expands SENSITIVE_TRACKING_KEYS to include token and changelog, and adds a test verifying that track_command("publish") redacts those fields while preserving changelog_file=None.

🚥 Pre-merge checks | ✅ 2

✅ Passed checks (2 passed)

Check name	Status	Explanation
Linked Issues check	✅ Passed	PR fully addresses issue #467 by adding --changelog/--changelog-file flags and COMFY_NODE_CHANGELOG env var to publish command, with changelog passed to registry POST request and comprehensive test coverage.
Out of Scope Changes check	✅ Passed	All changes directly support changelog publishing feature [#467]: CLI flags, registry API update, comprehensive tests, and telemetry redaction of sensitive values. No unrelated changes detected.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch bigcat88/node-publish-changelog

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch bigcat88/node-publish-changelog

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

@@            Coverage Diff             @@
##             main     #469      +/-   ##
==========================================
+ Coverage   83.25%   83.32%   +0.06%     
==========================================
  Files          45       45              
  Lines        6804     6831      +27     
==========================================
+ Hits         5665     5692      +27     
  Misses       1139     1139              

Files with missing lines	Coverage Δ
comfy_cli/command/custom_nodes/command.py	85.03% <100.00%> (+0.74%)	⬆️
comfy_cli/registry/api.py	89.65% <100.00%> (+0.18%)	⬆️
comfy_cli/tracking.py	94.07% <100.00%> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.