From c1a19cce54161ab310cbc905f02e8bb6f072bd34 Mon Sep 17 00:00:00 2001
From: Nathan Richards <nathan.richards@irysan.com>
Date: Thu, 21 May 2026 16:45:50 +0200
Subject: [PATCH 1/5] build: publish scratch-gui as @RaspberryPiFoundation on
 GitHub Packages

Rename scratch-gui to @RaspberryPiFoundation/scratch-gui with publishConfig
for GitHub Packages. Add root .npmrc for the scope and update package-lock.json
so the monorepo resolves the renamed workspace package.

Co-authored-by: Cursor <cursoragent@cursor.com>
---
 .npmrc                            |  2 ++
 package-lock.json                 | 11 +++++------
 packages/scratch-gui/package.json |  9 ++++++---
 3 files changed, 13 insertions(+), 9 deletions(-)
 create mode 100644 .npmrc

diff --git a/.npmrc b/.npmrc
new file mode 100644
index 00000000000..5cac20b354c
--- /dev/null
+++ b/.npmrc
@@ -0,0 +1,2 @@
+@RaspberryPiFoundation:registry=https://npm.pkg.github.com
+//npm.pkg.github.com/:_authToken=${NPM_AUTH_TOKEN}
diff --git a/package-lock.json b/package-lock.json
index 5329235038d..594a59bf6a2 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -4983,6 +4983,10 @@
       "version": "1.1.1",
       "license": "MIT"
     },
+    "node_modules/@RaspberryPiFoundation/scratch-gui": {
+      "resolved": "packages/scratch-gui",
+      "link": true
+    },
     "node_modules/@rolldown/binding-android-arm64": {
       "version": "1.0.0-rc.9",
       "resolved": "https://registry.npmjs.org/@rolldown/binding-android-arm64/-/binding-android-arm64-1.0.0-rc.9.tgz",
@@ -5278,10 +5282,6 @@
         "node": ">=8.0.0"
       }
     },
-    "node_modules/@scratch/scratch-gui": {
-      "resolved": "packages/scratch-gui",
-      "link": true
-    },
     "node_modules/@scratch/scratch-media-lib-scripts": {
       "resolved": "packages/scratch-media-lib-scripts",
       "link": true
@@ -34406,7 +34406,6 @@
       "dev": true,
       "license": "BSD-2-Clause",
       "optional": true,
-      "peer": true,
       "bin": {
         "uglifyjs": "bin/uglifyjs"
       },
@@ -36168,7 +36167,7 @@
       }
     },
     "packages/scratch-gui": {
-      "name": "@scratch/scratch-gui",
+      "name": "@RaspberryPiFoundation/scratch-gui",
       "version": "13.7.3",
       "license": "AGPL-3.0-only",
       "dependencies": {
diff --git a/packages/scratch-gui/package.json b/packages/scratch-gui/package.json
index 78902c67653..4e9a1891d03 100644
--- a/packages/scratch-gui/package.json
+++ b/packages/scratch-gui/package.json
@@ -1,15 +1,18 @@
 {
-  "name": "@scratch/scratch-gui",
+  "name": "@RaspberryPiFoundation/scratch-gui",
   "version": "13.7.3",
   "description": "Graphical User Interface for creating and running Scratch 3.0 projects",
   "keywords": [],
-  "homepage": "https://github.com/scratchfoundation/scratch-gui#readme",
+  "homepage": "https://github.com/RaspberryPiFoundation/scratch-editor#readme",
   "bugs": {
     "url": "https://github.com/scratchfoundation/scratch-editor/issues"
   },
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/scratchfoundation/scratch-editor.git"
+    "url": "https://github.com/RaspberryPiFoundation/scratch-editor.git"
+  },
+  "publishConfig": {
+    "registry": "https://npm.pkg.github.com"
   },
   "license": "AGPL-3.0-only",
   "author": "Massachusetts Institute of Technology",

From 06afaa578ac339d20dbd4fcb811103e34abe2028 Mon Sep 17 00:00:00 2001
From: Nathan Richards <nathan.richards@irysan.com>
Date: Thu, 21 May 2026 16:45:59 +0200
Subject: [PATCH 2/5] build: remove upstream and unavailable CI workflows

Remove publish.yml (MIT npmjs releases). Remove update-i18n.yml (Transifex
credentials we do not have). Remove signature-assistant.yml (MIT CLA bot
requires GHA_AGREEMENTS_PAT). Publishing and agreements are not used on
this fork's code-classroom integration path.

Co-authored-by: Cursor <cursoragent@cursor.com>
---
 .github/workflows/publish.yml             | 235 ----------------------
 .github/workflows/signature-assistant.yml |  38 ----
 .github/workflows/update-i18n.yml         |  46 -----
 3 files changed, 319 deletions(-)
 delete mode 100644 .github/workflows/publish.yml
 delete mode 100644 .github/workflows/signature-assistant.yml
 delete mode 100644 .github/workflows/update-i18n.yml

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
deleted file mode 100644
index e14c991145f..00000000000
--- a/.github/workflows/publish.yml
+++ /dev/null
@@ -1,235 +0,0 @@
-name: Publish
-
-on:
-  release:
-    types: [published]
-
-jobs:
-  build:
-    name: Build
-    runs-on: ubuntu-latest
-    outputs:
-      packages: ${{ steps.list-packages.outputs.packages }}
-    steps:
-      - name: Debug Info
-        # https://docs.github.com/en/actions/reference/security/secure-use#use-an-intermediate-environment-variable
-        env:
-          # `env:` values are printed to the log even without using them in `run:`
-          RELEASE_TAG_NAME: ${{ github.event.release.tag_name }}
-          RELEASE_TARGET_COMMITISH: ${{ github.event.release.target_commitish }}
-        run: |
-          cat <<EOF
-          Release tag name: $RELEASE_TAG_NAME
-          Release target commit-ish: $RELEASE_TARGET_COMMITISH
-          EOF
-
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
-
-      - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6
-        with:
-          cache: 'npm'
-          node-version-file: '.nvmrc'
-
-      - uses: ./.github/actions/install-dependencies
-
-      - name: Bump Version
-        shell: bash
-        env:
-          GIT_TAG: ${{ github.event.release.tag_name }}
-        run: |
-          NEW_VERSION="${GIT_TAG/v/}"
-          npm version "$NEW_VERSION" --no-git-tag-version
-
-      - name: Build Packages
-        run: npm run build
-
-      - name: List Packages
-        id: list-packages
-        run: |
-          PACKAGES=$(npm query '.workspace' | jq -cr '[.[].location | sub("^packages/"; "")]')
-          echo "packages=$PACKAGES" >> "$GITHUB_OUTPUT"
-
-      - name: Store Build Artifacts
-        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5
-        with:
-          name: build
-          retention-days: 90
-          path: |
-            packages/**/build
-            packages/**/dist
-            packages/**/playground
-
-      - name: Store Package Manifests
-        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5
-        with:
-          name: package-manifests
-          retention-days: 90
-          path: |
-            package.json
-            package-lock.json
-            packages/*/package.json
-
-  test:
-    needs: build
-    uses: ./.github/workflows/test-packages.yml
-    with:
-      packages: ${{ needs.build.outputs.packages }}
-
-  preview:
-    needs: build
-    uses: ./.github/workflows/deploy-playground-preview.yml
-    with:
-      destination_dir: ${{ github.event.release.target_commitish }}
-      full_commit_message: "Build for release ${{ github.event.release.tag_name }}"
-
-  cd:
-    name: Publish to npm
-    needs:
-      - build
-      - test
-    if: ${{ !cancelled() && needs.build.result == 'success' && needs.test.result == 'success' }}
-    runs-on: ubuntu-latest
-    permissions:
-      contents: write # to push the version commit and tag
-      issues: write # to comment on issues when a fix is released
-      pull-requests: write # to comment on PRs when a fix is released
-    env:
-      NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
-    steps:
-      - name: Determine NPM Tag
-        shell: bash
-        env:
-          TARGET_COMMITISH: ${{ github.event.release.target_commitish }}
-          IS_PRERELEASE: ${{ github.event.release.prerelease }}
-        run: |
-          case "$TARGET_COMMITISH" in
-            develop | main | master)
-              if [[ "$IS_PRERELEASE" == true ]]; then
-                npm_tag=beta
-              else
-                npm_tag=latest
-              fi
-              ;;
-            *)
-              # use the branch name as the npm tag
-              npm_tag="$TARGET_COMMITISH"
-              ;;
-          esac
-          echo "Determined NPM tag: [$npm_tag]"
-          echo "NPM_TAG=${npm_tag}" >> "$GITHUB_ENV"
-
-      - name: Check NPM Tag
-        run: |
-          if [ -z "$NPM_TAG" ]; then
-            echo "Refusing to publish with empty NPM tag."
-            exit 1
-          fi
-
-      - name: Configure GitHub User
-        shell: bash
-        run: |
-          git config --global user.name 'GitHub Actions'
-          git config --global user.email 'github-actions@localhost'
-
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
-        with:
-          token: ${{ secrets.PAT_RELEASE_PUSH }} # persists the token for pushing to the repo later
-
-      - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6
-        with:
-          cache: 'npm'
-          node-version-file: '.nvmrc'
-          registry-url: 'https://registry.npmjs.org'
-
-      - uses: ./.github/actions/install-dependencies
-
-      - name: Download Package Manifests
-        uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6
-        with:
-          name: package-manifests
-          path: .
-
-      - name: Commit Version Bump
-        shell: bash
-        env:
-          GIT_TAG: ${{ github.event.release.tag_name }}
-        run: |
-          NEW_VERSION="${GIT_TAG/v/}"
-          git add package.json package-lock.json packages/*/package.json
-          git commit -m "chore(release): $NEW_VERSION [skip ci]"
-
-      - name: Download Build Artifacts
-        uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6
-        with:
-          name: build
-          path: packages
-
-      - name: Publish scratch-svg-renderer
-        run: npm publish --access=public --tag="$NPM_TAG" --ignore-scripts --workspace=@scratch/scratch-svg-renderer
-
-      - name: Publish scratch-render
-        run: npm publish --access=public --tag="$NPM_TAG" --ignore-scripts --workspace=@scratch/scratch-render
-
-      - name: Publish scratch-vm
-        run: npm publish --access=public --tag="$NPM_TAG" --ignore-scripts --workspace=@scratch/scratch-vm
-
-      - name: Publish scratch-gui
-        run: |
-          cp ./packages/scratch-gui/package.json ./packages/scratch-gui/package-copy.json
-
-          jq 'del(.exports["./standalone"])' ./packages/scratch-gui/package.json | npx sponge ./packages/scratch-gui/package.json
-
-          npm publish --access=public --tag="$NPM_TAG" --ignore-scripts --workspace=@scratch/scratch-gui
-
-          mv ./packages/scratch-gui/package-copy.json ./packages/scratch-gui/package.json
-
-      - name: Publish scratch-gui-standalone
-        run: |
-          bash ./scripts/prepare-standalone-gui.sh
-          npm publish --access=public --tag="$NPM_TAG" --ignore-scripts --workspace=@scratch/scratch-gui-standalone
-
-      - name: Publish task-herder
-        run: npm publish --access=public --tag="$NPM_TAG" --ignore-scripts --workspace=@scratch/task-herder
-
-      - name: Publish scratch-media-lib-scripts
-        run: |
-          npm run build --workspace @scratch/scratch-media-lib-scripts
-          npm publish --access=public --tag="$NPM_TAG" --workspace=@scratch/scratch-media-lib-scripts
-        env:
-          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
-
-      - name: Push to Develop
-        shell: bash
-        env:
-          TAG_NAME: ${{ github.event.release.tag_name }}
-        run: |
-          git fetch origin develop
-
-          # HEAD is the version bump commit; HEAD^ is the release target commit
-          RELEASE_TARGET_COMMIT="$(git rev-parse HEAD^)"
-          DEVELOP_COMMIT_ID="$(git rev-parse origin/develop)"
-
-          if [ "$RELEASE_TARGET_COMMIT" = "$DEVELOP_COMMIT_ID" ]; then
-            git push origin HEAD:develop
-          else
-            echo "Not pushing to develop because the tag we're operating on is behind"
-          fi
-
-      # See https://stackoverflow.com/a/24849501
-      - name: Change Connected Commit on Release
-        shell: bash
-        env:
-          TAG_NAME: ${{ github.event.release.tag_name }}
-        run: |
-          git tag -f "$TAG_NAME" HEAD
-          git push -f origin "refs/tags/$TAG_NAME"
-
-      - name: Comment on Resolved Issues and Merged PRs
-        if: ${{ !github.event.release.prerelease }}
-        continue-on-error: true
-        uses: apexskier/github-release-commenter@e7813a9625eabd79a875b4bc4046cfcae377ab34 # v1
-        with:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          skip-label: dependencies
-          comment-template: |
-            :tada: This is included in release {release_link}.
diff --git a/.github/workflows/signature-assistant.yml b/.github/workflows/signature-assistant.yml
deleted file mode 100644
index 13547e2ac19..00000000000
--- a/.github/workflows/signature-assistant.yml
+++ /dev/null
@@ -1,38 +0,0 @@
-name: Signature Assistant
-on:
-  issue_comment:
-    types: [created]
-  pull_request_target:
-    types: [opened, closed, synchronize]
-
-permissions:
-  actions: write
-  contents: read
-  pull-requests: write
-  statuses: write
-
-jobs:
-  CLA-Assistant:
-    if: |
-      github.event_name == 'pull_request_target' ||
-      (
-        github.event.comment.body == 'recheck' ||
-        github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA'
-      )
-    runs-on: ubuntu-latest
-    steps:
-      - uses: scratchfoundation/scratch-agreements/.github/actions/cla-allowlist@bc84604e8b82c14642a8e82f6999d44b09ac5450 # main
-        id: cla-allowlist
-      - name: CLA Assistant
-        uses: contributor-assistant/github-action@ca4a40a7d1004f18d9960b404b97e5f30a505a08 # v2.6.1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          # the below token should have repo scope and must be manually added by you in the repository's secrets
-          PERSONAL_ACCESS_TOKEN: ${{ secrets.GHA_AGREEMENTS_PAT }}
-        with:
-          remote-organization-name: "scratchfoundation"
-          remote-repository-name: "scratch-agreements"
-          path-to-signatures: "signatures/version1/cla.json"
-          path-to-document: "https://github.com/scratchfoundation/scratch-agreements/blob/main/CLA.md"
-          branch: "main"
-          allowlist: ${{ steps.cla-allowlist.outputs.allowlist }}
diff --git a/.github/workflows/update-i18n.yml b/.github/workflows/update-i18n.yml
deleted file mode 100644
index b6e5aa4ccc0..00000000000
--- a/.github/workflows/update-i18n.yml
+++ /dev/null
@@ -1,46 +0,0 @@
-name: Update i18n
-
-on:
-  workflow_dispatch: # Allows you to run this workflow manually from the Actions tab
-  schedule:
-    - cron: 0 0 * * * # daily at midnight UTC = 7-8pm US Eastern
-
-concurrency:
-  group: '${{ github.workflow }}'
-  cancel-in-progress: true
-
-permissions:
-  contents: write
-
-jobs:
-  update-i18n:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
-      - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6
-        with:
-          cache: 'npm'
-          node-version-file: '.nvmrc'
-      - name: Info
-        # https://docs.github.com/en/actions/reference/security/secure-use#use-an-intermediate-environment-variable
-        env:
-          GH_HEAD_REF: ${{ github.head_ref }}
-        run: |
-          cat <<EOF
-          Node version: $(node --version)
-          NPM version: $(npm --version)
-          GitHub ref: ${{ github.ref }}
-          GitHub head ref: ${GH_HEAD_REF}
-          EOF
-      - name: Setup
-        uses: ./.github/actions/install-dependencies
-      - name: Update i18n in scratch-vm
-        uses: ./.github/actions/update-i18n
-        with:
-          package_name: scratch-vm
-          tx_token: ${{ secrets.TX_TOKEN }}
-      - name: Update i18n in scratch-gui
-        uses: ./.github/actions/update-i18n
-        with:
-          package_name: scratch-gui
-          tx_token: ${{ secrets.TX_TOKEN }}

From 02e954bb1b1587c05536f1ee67220e266ebc30e4 Mon Sep 17 00:00:00 2001
From: Nathan Richards <nathan.richards@irysan.com>
Date: Thu, 21 May 2026 16:46:06 +0200
Subject: [PATCH 3/5] build: align CI with code-classroom fork publishing

Publish @RaspberryPiFoundation/scratch-gui on push or workflow_dispatch to
code-classroom with version 13.7.3-code-classroom.<timestamp>. Add
packages:write, GitHub npm registry, NPM_AUTH_TOKEN for installs, and
Rolldown linux binaries in the build job.

Remove the GitHub Pages preview job; we do not use per-branch playground
previews on this fork.

Co-authored-by: Cursor <cursoragent@cursor.com>
---
 .github/workflows/ci.yml | 46 ++++++++++++++++++----------------------
 1 file changed, 21 insertions(+), 25 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 6ad50ea996e..620837ba49f 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -17,6 +17,10 @@ on:
         type: boolean
         default: false
 
+permissions:
+  contents: read
+  packages: write
+
 concurrency:
   group: "${{ github.workflow }} @ ${{ github.event.compare || github.head_ref || github.ref }}"
   cancel-in-progress: true
@@ -34,6 +38,7 @@ jobs:
         with:
           cache: 'npm'
           node-version-file: '.nvmrc'
+          registry-url: https://npm.pkg.github.com
       - name: Debug Info
         # https://docs.github.com/en/actions/reference/security/secure-use#use-an-intermediate-environment-variable
         env:
@@ -68,8 +73,14 @@ jobs:
           fi
 
       - if: ${{ steps.filter.outputs.any-workspace == 'true' }}
+        env:
+          NPM_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         uses: ./.github/actions/install-dependencies
 
+      - name: Install Rolldown linux binaries
+        if: ${{ steps.filter.outputs.any-workspace == 'true' }}
+        run: npm install @rolldown/binding-linux-x64-gnu --no-save --ignore-scripts
+
       # TODO: Packages currently depend on each other's compiled dist at build time. Fix that and matrix the builds.
       - name: Build Packages
         if: ${{ steps.filter.outputs.any-workspace == 'true' }}
@@ -86,6 +97,16 @@ jobs:
             packages/**/dist
             packages/**/playground
 
+      - name: Publish scratch-gui to GitHub Packages
+        if: ${{ github.ref == 'refs/heads/code-classroom' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') }}
+        working-directory: ./packages/scratch-gui
+        env:
+          NPM_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          RELEASE_VERSION="13.7.3-code-classroom.$(date +'%Y%m%d%H%M%S')"
+          npm version --no-git-tag-version "$RELEASE_VERSION"
+          npm publish --access public --tag latest
+
   test:
     name: Test
     needs: build
@@ -93,28 +114,3 @@ jobs:
     uses: ./.github/workflows/test-packages.yml
     with:
       packages: ${{ needs.build.outputs.packages }}
-
-  preview:
-    name: Preview
-    needs: build
-    # We don't want to give forks free reign to publish to our GitHub Pages, so run this job only if both:
-    # - any workspace changed (otherwise there's no work to do)
-    # - and either
-    #   - this is not a PR (so it's some other event that happened in our fork, like a push or merge group)
-    #   - or it's a PR from our fork (not some other fork)
-    # - and
-    #   - it's not a Renovate branch (just to reduce noise)
-    if: ${{
-        (needs.build.outputs.any-workspace == 'true') &&
-        (
-          (!github.event.pull_request) ||
-          (github.event.pull_request.head.repo.full_name == github.repository)
-        ) &&
-        (!startsWith((github.head_ref || github.ref_name), 'renovate/'))
-      }}
-    uses: ./.github/workflows/deploy-playground-preview.yml
-    with:
-      # even `develop` should be published to a subdirectory
-      # that way each branch can be updated or cleaned up independently
-      destination_dir: ${{ github.head_ref || github.ref_name }}
-      full_commit_message: "Build for ${{ github.sha }} ${{ github.event.head_commit.message }}"

From 160e0f8d5b510495636654867ab9e933577d6835 Mon Sep 17 00:00:00 2001
From: Nathan Richards <nathan.richards@irysan.com>
Date: Thu, 21 May 2026 16:46:06 +0200
Subject: [PATCH 4/5] build: fix Linux test CI and drop EnricoMi test
 publishing

Install @rolldown/binding-linux-x64-gnu in the test-package action for
ubuntu-latest runners. Remove EnricoMi test result publishing and extra
permissions from test-packages; keep the pass/fail outcome check only.

Co-authored-by: Cursor <cursoragent@cursor.com>
---
 .github/actions/test-package/action.yml |  4 ++++
 .github/workflows/test-packages.yml     | 22 ----------------------
 2 files changed, 4 insertions(+), 22 deletions(-)

diff --git a/.github/actions/test-package/action.yml b/.github/actions/test-package/action.yml
index 083bb5ef501..4a4eb97f3ac 100644
--- a/.github/actions/test-package/action.yml
+++ b/.github/actions/test-package/action.yml
@@ -19,6 +19,10 @@ runs:
       # per-package browser list, and Firefox in scratch-render is
       # cheap unused weight rather than a correctness problem.
       run: npx playwright install --with-deps chromium firefox
+    - name: Explicitly install Rolldown linux binaries
+      shell: bash
+      run: npm install @rolldown/binding-linux-x64-gnu --no-save --ignore-scripts
+
     - name: Test
       working-directory: ./packages/${{ inputs.package_name }}
       shell: bash
diff --git a/.github/workflows/test-packages.yml b/.github/workflows/test-packages.yml
index 8bdfbf8af8e..f48c95e6feb 100644
--- a/.github/workflows/test-packages.yml
+++ b/.github/workflows/test-packages.yml
@@ -38,29 +38,7 @@ jobs:
     runs-on: ubuntu-latest
     needs: test
     if: ${{ !cancelled() }}
-    permissions:
-      checks: write
-      pull-requests: write
-      contents: read
-      issues: read
     steps:
-      - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6
-        with:
-          # Download every per-package test-output artifact. Each lands
-          # in its own subdirectory (e.g. scratch-gui-test-output/),
-          # which avoids filename collisions between packages that both
-          # produce junit.xml.
-          pattern: '*-test-output'
-          path: test-results
-      - name: Publish test reports
-        uses: EnricoMi/publish-unit-test-result-action@34d7c956a59aed1bfebf31df77b8de55db9bbaaf # v2
-        with:
-          # Every test reporter in this repo produces JUnit XML.
-          # Restricting to *.xml avoids the action trying to parse
-          # directories and non-test artifacts (Playwright HTML
-          # reports, traces, screenshots, etc.) as test result files.
-          files: test-results/**/*.xml
-          check_name: "Test Results"
       - name: Check test outcome
         run: |
           case "${{ needs.test.result }}" in

From a413c5cee0bf902c8091e5f0ad325d16bcf13122 Mon Sep 17 00:00:00 2001
From: Nathan Richards <nathan.richards@irysan.com>
Date: Thu, 21 May 2026 16:46:07 +0200
Subject: [PATCH 5/5] docs: document code-classroom fork and upstream sync

Document code-classroom-base on MIT release tags, code-classroom integration,
compare link for RPF-only diffs, editor-ui as primary consumer, GitHub
Packages publishing, local dev, and refreshing the base branch from MIT
releases.

Co-authored-by: Cursor <cursoragent@cursor.com>
---
 README.md | 61 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)

diff --git a/README.md b/README.md
index 309bbff6210..2b3a34236e7 100644
--- a/README.md
+++ b/README.md
@@ -6,6 +6,67 @@ Scratch project by pressing "Create" on that website or by visiting <https://scr
 This is a source code repository for the packages that make up the Scratch editor and a few additional support
 packages. Use this if you'd like to learn about how the Scratch editor works or to contribute to its development.
 
+## Raspberry Pi Foundation fork (`code-classroom`)
+
+This repository is a public fork of [scratchfoundation/scratch-editor](https://github.com/scratchfoundation/scratch-editor), maintained for Code Classroom and related products. Modified source is published under AGPL-3.0; published npm packages should correspond to a specific commit on this repository.
+
+**Primary consumer:** this build is maintained for use with [editor-ui](https://github.com/RaspberryPiFoundation/editor-ui), which depends on `@RaspberryPiFoundation/scratch-gui` published from this repository.
+
+### Upstream anchor and integration branch
+
+| | |
+|---|---|
+| **Upstream anchor branch** | [`code-classroom-base`](https://github.com/RaspberryPiFoundation/scratch-editor/tree/code-classroom-base) — points at a [scratchfoundation/scratch-editor](https://github.com/scratchfoundation/scratch-editor) **release tag** only (no RPF packaging) |
+| **Upstream release** | [`v13.7.3`](https://github.com/scratchfoundation/scratch-editor/releases/tag/v13.7.3) (current tag on `code-classroom-base`) |
+| **Integration branch** | [`code-classroom`](https://github.com/RaspberryPiFoundation/scratch-editor/tree/code-classroom) — long-lived branch; RPF packaging, CI, and feature work merge here via PR |
+| **RPF changes (diff)** | [Compare `code-classroom` to `code-classroom-base`](https://github.com/RaspberryPiFoundation/scratch-editor/compare/code-classroom-base...code-classroom) — packaging, CI, and fork-only code |
+| **Published package** | [`@RaspberryPiFoundation/scratch-gui`](https://github.com/RaspberryPiFoundation/scratch-editor/pkgs/npm/scratch-gui) on GitHub Packages |
+
+`code-classroom` is based on the latest upstream **release tag** on `code-classroom-base`, plus RPF-specific packaging and CI.
+
+### Keeping `code-classroom` up to date with MIT
+
+We track [scratchfoundation/scratch-editor](https://github.com/scratchfoundation/scratch-editor) **release tags** (not `develop`). Pick the latest release from [GitHub Releases](https://github.com/scratchfoundation/scratch-editor/releases) when refreshing the fork.
+
+**`code-classroom-base`** holds the pure upstream snapshot. **`code-classroom`** holds RPF changes on top — see the [branch comparison](https://github.com/RaspberryPiFoundation/scratch-editor/compare/code-classroom-base...code-classroom) (or locally: `git diff code-classroom-base..code-classroom`). To adopt a newer MIT release, update `code-classroom-base` to the new tag, then integrate that bump into `code-classroom` via PR.
+
+#### Refresh `code-classroom-base` to a newer release tag
+
+Use the tag from [scratchfoundation/scratch-editor releases](https://github.com/scratchfoundation/scratch-editor/releases) (example: `v13.7.4-svg`):
+
+```bash
+git fetch mit --tags
+git checkout code-classroom-base
+git reset --hard v13.7.4-svg
+git push origin code-classroom-base --force-with-lease
+```
+
+### Local development
+
+Use the Node version in [`.nvmrc`](.nvmrc). Install dependencies from the **repository root**:
+
+```bash
+nvm install
+nvm use
+NODE_ENV=development npm ci
+npm run build
+```
+
+Root [`.npmrc`](.npmrc) routes the `@RaspberryPiFoundation` scope to GitHub Packages. This requires a Github access token with `read:packages` and `repo`.
+
+```bash
+cd packages/scratch-gui
+npm run test:lint
+npm run test:unit
+npm start   # http://localhost:8601/
+```
+
+### CI and publishing
+
+- **Pull requests:** CI runs build and tests; **no** package is published to GitHub Packages.
+- **Push to `code-classroom`:** CI builds and publishes `@RaspberryPiFoundation/scratch-gui` with a version such as `13.7.3-code-classroom.YYYYMMDDHHMMSS`. Pin an explicit version in consumers (e.g. editor-ui); do not rely on floating `latest` in production.
+- Publishing is configured in [`.github/workflows/ci.yml`](.github/workflows/ci.yml) (inline publish step on the `code-classroom` branch only). Upstream’s npmjs release workflow (`.github/workflows/publish.yml`) is disabled on this fork.
+
 ## What's in this repository?
 
 The `packages` directory in this repository contains: