thumbgate@1.28.0
Release Links
- npm: https://www.npmjs.com/package/thumbgate/v/1.28.0
- GitHub Release: https://github.com/IgorGanapolsky/ThumbGate/releases/tag/v1.28.0
- Compare: v1.27.20...v1.28.0
- Publish workflow: https://github.com/IgorGanapolsky/ThumbGate/actions/runs/29154003334
- npm published at: 2026-07-11T13:16:06.037Z
- npm shasum:
687d75cbe9b2ffe42f27eb173ca534c3606dbcbf - npm tarball: https://registry.npmjs.org/thumbgate/-/thumbgate-1.28.0.tgz
- Release ref: 369dd59
npm Email Companion
npm controls the native "Successfully published" email template, so the email itself stays short. Treat this generated artifact as the full release-note companion for that email: it carries the Changeset summaries, CHANGELOG entry, publish workflow, npm tarball, and shasum when available.
Full Changeset Release Notes
No changed .changeset/*.md entries were detected for this release range.
CHANGELOG.md Entry
1.28.0
Minor Changes
-
#2568
f9474e2Thanks @IgorGanapolsky! - Addnpx thumbgate quickstart— a guided first-rule activation walkthrough that fixes the #1 funnel break: ~98.5% ofinitusers never promote their first prevention rule, so they never reach the "ThumbGate just blocked a repeat mistake" aha moment. The command captures one real agent mistake, promotes it into a block rule (reusing the existing force-promote path), then immediately fires that rule against the action so the user watches it get blocked, and ties the value to what Pro keeps synced across machines and team. Additive and safe:initis untouched, the walkthrough runs in a TTY only, and non-interactive / piped / CI runs print a one-line hint and exit 0 without prompting or hanging. -
#2621
b11cb29Thanks @IgorGanapolsky! - Strengthen the anti-claim Stop hook (hook-stop-anti-claim.js). Expand the lie-phrase set to catch completion claims that previously slipped past it — "all green", "tests pass/passing", "verified", "confirmed", "is/now stable", "all clear", "good to go", "race is over" — all still suppressed when the same turn ran a proof tool call (curl/grep/test/Read). Add a strict mode: withTHUMBGATE_STRICT_ENFORCEMENT=1the hook emits a Stop-hookblockdecision (forcing the agent to verify or retract before ending the turn) instead of a soft next-turn reminder. Default behavior unchanged. -
#2744
2d5dec3Thanks @IgorGanapolsky! - Add opt-in autonomous fail-closed mode for approval gates. WhenTHUMBGATE_AUTONOMOUS=1, anapprove(human-in-the-loop) gate now fails CLOSED (deny) instead of deferring — because in an autonomous agent loop there is no human to sign off, and the actions that most need approval must not slip through unattended. Interactive and existing CI behavior is unchanged (opt-in only); applies to both the sync and async evaluation paths. -
#2611
2f45fb6Thanks @IgorGanapolsky! - Add five discoverable/thumbgate-*slash-commands that surface ThumbGate's core enforcement value in the agent command palette — the same distribution lever that took GSD (get-shit-done) to 64k stars by exposing 67 browsable/gsd-*commands, while ThumbGate's value sat hidden behind MCP tools nobody browses.The commands ship in
.claude/commands/and are installed into every agent's palette (.claude,.gemini,.antigravitycli) bythumbgate init:/thumbgate-guard— turn the last agent mistake into a hard prevention rule (wrapscapture_feedback+ thethumbgate force-gateforce-promote path)./thumbgate-rules— list the active prevention rules + lessons guarding this repo (wrapsprevention_rules,get_reliability_rules,search_lessons)./thumbgate-blocked— show what's actually been blocked: gate stats + enforcement matrix (wrapsgate_stats,enforcement_matrix)./thumbgate-protect— show branch/release governance and grant a scoped, expiring approval for protected-file actions (wrapsget_branch_governance,approve_protected_action)./thumbgate-doctor— health-check the wiring: hooks, MCP, agent-readiness (wraps the existingthumbgate doctor).
Each is a thin wrapper over an existing MCP tool or CLI command — no new enforcement logic, just discoverability. README now positions these as "the guardrail layer for spec-driven agents," working alongside GSD / Spec-Kit rather than competing with them. Guarded by
tests/discoverable-skills.test.js, which verifies every command's frontmatter and thatallowed-toolsreference only real registered MCP tools and realbin/cli.jssubcommands. -
#2636
85da24fThanks @IgorGanapolsky! - Addnpx thumbgate hermes-gate— a governance adapter for Nous Research's Hermes Agent. Hermes is a self-evolving agent that rewrites its ownSKILL.mdfiles during use; it exposes a documentedpre_tool_callshell hook that pipes each pending tool call to an external command and reads a block/allow decision from stdout.hermes-gateimplements that contract: it reads Hermes's tool-call JSON from stdin, runs the same gate pipeline asgate-check(secret guard, security scan, force-push / destructive /skill_manage/ learned prevention rules), and emits{"decision":"block","reason":...}to veto a call or{}to allow it — so ThumbGate can gate Hermes's runtime tool calls, including silent skill overwrites, before they execute.Because Hermes's
pre_tool_callis binary (block or allow) with no warn channel,hermes-gateruns strict enforcement by default so a deny actually blocks; setTHUMBGATE_HERMES_WARN_ONLY=1for advisory-only. The hook fails open by design (Hermes proceeds if it errors/times out). Shipsadapters/hermes/config.yamlwith the exact~/.hermes/config.yamlwiring (MCP tool exposure +pre_tool_callmatcher coveringterminal|process|patch|write_file|skill_manage|execute_code). -
#2800
b5e97efThanks @IgorGanapolsky! - Detect an explicit "never …" / "always …" directive in feedback and surface the one-shot enforcement path as an offer. When a thumbs-down says "never do X", the capture confirmation now offers an immediateforce-gate(block now) instead of silently waiting for the pattern to recur — because typing "never" is explicit intent to guard. It only OFFERS; it never auto-blocks (auto-promotion stays occurrence-gated, which is what keeps a single signal from locking you out). A thumbs-up "always …" is clarified as guidance-only (positive patterns are surfaced as context, not gate-enforced). Newscripts/imperative-detector.js(pure/deterministic) + wired into the CLI feedback confirmation. -
#2610
f90bcd3Thanks @IgorGanapolsky! - Add regression-gated rule promotion (Self-Harness stage 3). Before a feedback-derived rule auto-activates as a hardblock,auto-promote-gatesnow replays it against the audit trail's priorallowdecisions; if the candidate would have blocked actions that were previously safe, it is quarantined towarninstead ofblock. Prevents a noisy 3× capture from hard-blocking an over-broad pattern that degrades known-good behavior. -
#2849
f49cd34Thanks @IgorGanapolsky! - Self-protection gates now bind regardless of enforcement posture. Previously every gate — including the ones guarding ThumbGate's own kill switch and env overrides — degraded to a warning under warn-by-default, so an agent could runpkill -f gates-engineorexport THUMBGATE_HOTFIX_BYPASS=1and only be warned, by which point the guardrail was already gone.self-protect-killandself-protect-env-overridenow hard-deny by default. A deliberate owner escape,THUMBGATE_SELF_PROTECT_OVERRIDE=1, prevents self-lockout (break-glass covers.claude/settings*but not the self-protect surface). The change is targeted: non-self-protective denies (e.g. force-push) still follow warn-by-default. The file-edit self-protect gates (self-protect-config,self-protect-hooks-disable) remain shadowed byprotected-file-approval-required/workflow-sentineland are approval-gated; hardening those to hard-deny requires gate reordering and is a tracked follow-up. -
#2614
66c4f9fThanks @IgorGanapolsky! - Addscripts/sync-telemetry-from-prod.jsso the local agentic data pipeline reflects the real web funnel.get_business_metrics(semantic-layer → agentic-data-pipeline → telemetry-analytics) reads the LOCALtelemetry-pings.jsonl, which is empty on dev machines, so it reporteduniqueVisitors:0 / checkoutStarts:0even while prod traffic flowed. The real funnel lives on the prod Railway volume and is exposed only via the operator-gatedGET /v1/telemetry/export. The new sync pulls that export and merges/dedupes thetelemetryrows (and, with--funnel, thefunnelrows) into the same feedback dir the pipeline reads. Dedupe is a stable sha256 of the canonical row so repeat runs never double-count. Auth usesAuthorization: Bearer <key>(the header the server'sextractApiKeyactually reads); the key is resolved fromTHUMBGATE_OPERATOR_KEY/THUMBGATE_API_KEY/~/.config/thumbgate/operator.jsonand never printed. Hermetic unit tests injectfetchImpl(no network, no secret).
Patch Changes
-
#2855
836dff8Thanks @IgorGanapolsky! - Reject versioned release pull requests that leave any Changesets pending, preventing a green release PR from preserving an unshipped backlog. Version generation now uses Changesets' local changelog formatter so backlog consumption does not depend on GitHub GraphQL; the publish workflow still attaches repository links, the exact release ref, and npm receipt metadata after publication. -
#2574
0295054Thanks @IgorGanapolsky! - chore(activation): clean upscripts/activation-quickstart.jsmaintainability smells flagged by SonarCloud after #2568 merged — usenode:import specifiers,String.rawin the regex escaper, optional chaining for the gate verdict and CLI error, and drop unused catch bindings. Also replaces an always-true assertion in the non-TTY quickstart test with a real check on the printed hint. No behavior change. -
#2626
c6ca469Thanks @IgorGanapolsky! - Add agent context governance positioning, Learn and homepage entry points, and a public guide for context hygiene, tool lockdown, MCP integrity, and AI-authored code provenance. -
#2553
103b222Thanks @IgorGanapolsky! - Add a canonical agentic web governance guide, homepage/Learn-hub links, and AI-readable context updates so ThumbGate can own the bot-majority promotion narrative while routing buyers toward pre-action checks. -
#2779
4713f53Thanks @IgorGanapolsky! - Ship all runtime files in the npm bundle and self-protect ThumbGate's own governance files.- Adds a pack-integrity test that fails if any runtime
require()reachable from the shipped entrypoints is missing from the tarball — the class of bug that broke 1.27.19 (missingfeedback-sanitizer.jscrashed the prompt hook for every user). - Adds
scripts/self-protection.js: edits to ThumbGate's own kill-switch files (.claude/settings.json, hook scripts,config/gates/**) now WARN by default and hard-block underTHUMBGATE_STRICT_ENFORCEMENT=1, with aTHUMBGATE_ALLOW_SELF_EDIT=1escape hatch that preserves the repair path.
Prompted by Andy Martin's review.
- Adds a pack-integrity test that fails if any runtime
-
#2809
e216172Thanks @IgorGanapolsky! - Bound the publish guard's pending-changeset exemption so a merged fix cannot sit unshipped behind a green check.publish-npm.ymlalready errored when shipped content changed since the last release tag without a version bump, but it exempted that error whenever any pending changeset existed — on the theory that "the next versioned publish will ship it." Nothing bounded until. On 2026-07-09 thedeny-network-egresshost-boundary fix merged tomainwhilePublish to NPMreported success and published nothing, because a changeset for it existed;npm install thumbgatekept serving the vulnerable pattern and no check anywhere went red. The exemption now expires afterMAX_UNRELEASED_DAYS(default 7), after which a pending changeset stops excusing the no-op and the workflow fails with an instruction to cut a release PR. The decision moves out of inline shell intoscripts/release-window.jsso it is unit-testable;tests/release-window.test.jspins the boundary and the 2026-07-09 regression. -
#2698
1d1d6a3Thanks @IgorGanapolsky! - Rename inline logo mark to v2 to bypass aggressive browser cache and immediately display the premium shield logo. -
#2701
c3c2cc7Thanks @IgorGanapolsky! - Rename the inline logo SVG asset to v3 and update all references to bust the browser logo cache. -
#2519
1f28d7fThanks @IgorGanapolsky! - Capture buyer abandonment reasons on the ThumbGate Pro checkout interstitial before redirecting to Stripe. Adds first-party telemetry for reason-not-buying choices and silent interstitial abandonment so checkout friction can be measured instead of guessed. -
#2518
e14eea0Thanks @IgorGanapolsky! - Bypass checkout interstitial when THUMBGATE_CHECKOUT_INTERSTITIAL_BYPASS is set to 1. Added /about page and Referrer-Policy header to static files. Updated dashboard chat intents to support listing blocked/prevented mistakes. Added local LLM config to stats payload. -
#2769
f102e3dThanks @IgorGanapolsky! - Fix broken checkout: 99 visitors hit /checkout/pro in 30 days, 0 converted. The interstitial form posted back to itself instead of redirecting to Stripe. Now bypasses the broken createCheckoutSession path and routes directly to the Stripe Payment Link. Bypass is enabled by default. -
#2719
8c7cb49Thanks @IgorGanapolsky! - Reduce Pro checkout friction by letting confirmed human clicks reach Stripe without requiring an email on the ThumbGate interstitial, while keeping bot deflection and adding a revenue doctor guard for deployed required-email drift. -
#2708
60cb53fThanks @IgorGanapolsky! - Require a valid buyer email before creating Pro Stripe Checkout Sessions so abandoned checkouts keep a recoverable contact path instead of generating unpaid no-contact sessions. -
#2667
10bca99Thanks @IgorGanapolsky! - Constrain checkout interstitial hidden attribution to an allowlist so arbitrary request query parameters cannot be reflected into server-rendered HTML. -
#2520
b57b6d9Thanks @IgorGanapolsky! - Add deterministic sampling for the ThumbGate Pro checkout interstitial when direct-to-Stripe bypass is enabled, preserving fast checkout for unsampled visitors while exposing a configured slice of human traffic to buyer-objection feedback capture. -
#2789
6347fa6Thanks @IgorGanapolsky! - Add the commercialization strategy: open-core (free permissive runtime as the adoption wedge; learned models + exporters + hosted behind a real paywall), fundable repricing (Team/Enterprise, token-insurance ROI), and an investor one-pager. Decision: do NOT relicense to FSL/BUSL now — the code is commoditized and the moat is data + hosted state; relicensing stays an option for later once there's adoption to protect. MOAT.md points to the new strategy doc. -
#2528
b0457a2Thanks @IgorGanapolsky! - seo: add /compare/cycode buyer-intent comparison pageAction #5 from the 2026-06-05 LLM-citability deep-research: "X vs Y" comparison pages are what LLM answer engines (Perplexity, ChatGPT, Gemini, Claude, Grok) cite for buyer-intent "should I use A or B" queries. Cycode is the funded enterprise vendor anchoring the IDE-security category (Feb 2026 blog popularized PreToolUse / beforeMCPExecution / beforeReadFile naming); ThumbGate occupies the indie/MIT slot beneath them. Honest, non-hyperbolic comparison: enterprise platform vs MIT CLI; learning loop is the differentiator.
Registered in seo-gsd inline list and prove-seo-gsd sitemap pin.
-
#2529
ca47841Thanks @IgorGanapolsky! - seo: add /compare/claude-code-hooks-mastery (disler) buyer-intent comparisonCompanion to /compare/cycode. Per memory
project_fiddler_competitive_positioning: ThumbGate's REAL competitor at the buyer-intent layer isn't funded enterprise vendors like Fiddler/Cycode — it's the free disler/claude-code-hooks-mastery repo (3,000+ stars). This page addresses the "why pay $19/mo when disler is free?" objection head-on: honest comparison of static example repo vs runnable CLI with learning loop. Same SEO-GSD pattern as /compare/cycode. -
#2548
8eba5e6Thanks @IgorGanapolsky! - seo: wire all live /compare pages into the comparison hub and homepageThe /compare hub linked to only 4 of 13 live comparison pages, and the homepage compare strip to 4 — both hand-maintained lists that drifted every time a new buyer-intent page shipped. Flagship competitor comparisons (claude-code-hooks, arcjet, bumblebee, anthropic-containment, oak-and-sparrow-gatekeeper, anthropic-claude-for-legal) were live and in the sitemap but unreachable from the hub whose entire job is to list them, and the homepage's only link to the hub was
display:none. That starves the highest-intent pages of internal link equity from the site's top-authority surfaces — directly counter to the GEO/buyer-intent goal those pages exist for.This makes the hub a complete index of every live comparison (framing grounded in each page's own subtitle, no overclaim), adds the top buyer-intent links plus a visible "Compare all" hub link to the homepage strip, and pins the contract with a regression test (
/comparemust link to everypublic/compare/*.html) mirroring the existing sitemap-completeness test so it cannot silently drift again. -
#2594
df59c66Thanks @IgorGanapolsky! - docs(compare): add /compare/sigmashake — honest ThumbGate vs SigmaShake (and APort, agent-guardrails) comparison targeting "SigmaShake alternative" search intent. Leads with ThumbGate's auto-learning wedge (one thumbs-down → a permanent rule) while conceding where SigmaShake is genuinely ahead (FORCE-substitution, ruleset-hub breadth, maturity). Website-only page; not in the npm bundle. Wired into the /compare index. -
#2679
8aa6e3bThanks @IgorGanapolsky! - Add public Headroom context-compression and sovereign coding model guardrail guides, plus LLM discovery links, so buyers comparing token compression or local coding models can find ThumbGate's pre-action enforcement layer. -
#2631
beb9dd3Thanks @IgorGanapolsky! - Include brand assets, statusbar SVGs, and buyer intent scripts in the packaged files to fix dashboard layout, broken thumbnails, and clickability for local npm installs. Bump package file count and size limits to accommodate these visual assets. -
#2542
a0f79b1Thanks @IgorGanapolsky! - Add a database-agent safety gate pack, harden SQL and migration pre-action checks, and publish a high-intent database safety guide for AI agents. -
#2807
811635bThanks @IgorGanapolsky! - Fixdeny-network-egressmatching everycurlandwgetregardless of destination. The pattern led with barecurl\s|wget\salternatives, so the allowlist was never consulted for them and loopback probes such ascurl http://localhost:9222warned on every invocation, recording false-positive negative-feedback events. Detection now keys on the destination, with loopback (localhost,127.0.0.1,[::1],0.0.0.0) added to the allowlist. Each allowlist entry is also anchored to a hostname boundary, closing a bypass whereopen https://github.com.evil.com/xwas silently exempt because an allowlisted host matched as a bare prefix. -
#2740
be6a81bThanks @IgorGanapolsky! - Fix deploy-scope silently skipping deploys when production has drifted behind main. A push with no runtime-serving file changes now still triggers a catch-up deploy when the live/healthbuild SHA is positively confirmed behind HEAD; unknown/unreachable preserves the historical skip (fail-safe). Prevents production freezing many commits behind main (root cause of the/diagnostic404 — prod was sitting 86 commits behind). -
#2550
6f2458bThanks @IgorGanapolsky! - chore(deps): bump protobufjs to ^8.5.0 (resolved 8.6.0), @lancedb/lancedb to ^0.30.0, @anthropic-ai/sdk to 0.100.1, @google/genai to 2.7.0, stripe to ^22.2.0Combined dependency bump consolidating dependabot PRs #2435/#2437/#2438/#2439/#2436 (all five passed targeted tests and were included). Single changeset satisfies the changeset:check gate that blocks lockfile-only dependabot PRs.
-
#2721
fee04ebThanks @IgorGanapolsky! - Add a focused Workflow Hardening Diagnostic page with a tracked $499 diagnostic checkout path and deploy-gated route verification. -
#2730
60b98b2Thanks @IgorGanapolsky! - Fix the/diagnosticpage header logo. It rendered a placeholder CSS letter-"T" monogram (<span class="mark">T</span>) — the only page on the site doing so — which read as unfinished on the paid $499 diagnostic landing page. Replace it with the real brand mark (/assets/brand/thumbgate-mark-inline-v3.svg), matching every other page, and simplify the.markstyle to a self-framed 28×28 image. -
#2615
132d626Thanks @IgorGanapolsky! - feat(distribution): add 5 discoverable auto-triggering Claude Skills that wrap existing MCP tools —thumbgate-guard(capture + force-promote a mistake into an enforced block),thumbgate-rules(list active prevention/reliability rules + their lessons),thumbgate-blocked(gate_stats + enforcement_matrix),thumbgate-protect(branch governance + scoped approvals), andthumbgate-doctor(wiring health). They are the description-discovered companion to the/thumbgate-*slash-commands (#2611): same real MCP tools + CLI subcommands, no new product logic. Built to Anthropic's Agent Skills best practices (trigger-phrase descriptions with a "Do NOT use" over-trigger boundary, progressive disclosure viareferences/, a self-verify quality checklist). Also fixes three description antipatterns —solve-architecture-autonomy(replaced a 15-keyword over-broad description with narrow explicit triggers),agent-memoryandthumbgate-brand-voice(added explicit trigger phrases + a Do-NOT clause). Guarded bytests/discoverable-skill-skills.test.js. Distribution is via the marketplace plugin ("skills": "./skills/"); npmfiles[]and the bundle ratchet are untouched. -
#2570
c1b8653Thanks @IgorGanapolsky! - Wave 7 of the post-Reddit credibility cleanup: removes 13 docs/ root launch-theater markdown files (REDDITGTM_PLAYBOOK, MAY_2026_REVENUE_MACHINE, MONETIZATION_EXEC_SUMMARY, X_AUTOMATION*, etc.) that read as bot-farmed AI-output. Updates VERIFICATION_EVIDENCE.md and tests/version-metadata.test.js so nothing breaks. -
#2787
0329ceeThanks @IgorGanapolsky! - Documentation + landing-page truthfulness audit: align all public copy and docs with the product's real behavior.- Enforcement: reworded ~300 claims across README, landing page, all
learn/,guides/,compare/pages, and docs from false "physically blocks / cannot bypass / fails closed / blocks every repeat" to the accurate warn-by-default posture — ThumbGate flags and logs by default, hard-blocks only the catastrophic classes (secret exfiltration, destructive deletes, supply-chain) by default, and hard-blocks every rule underTHUMBGATE_STRICT_ENFORCEMENT=1. "block" language retained only where true (catastrophic classes / strict mode). - Removed the unrelated Pretix/Hilltown Media Stripe-Connect consulting content from all public surfaces (meta, JSON-LD, about, learn, llms.txt) and deleted the Pretix case-study page.
- Fixed the false free-tier "5-rule cap" → 3 (the canonical, test-enforced number); removed the fabricated "Most popular" badge; corrected internal docs that claimed "$20 booked revenue / first-dollar crossed" to the true 0 external customers.
- Aligned moat copy with
MOAT.md(hosted services, not a closed private "core"); marked regulated/enterprise claims (HIPAA/DORA/EU AI Act/SSO) as roadmap/available-on-request; fixed a stale1.27.17install version → 1.27.20; softened a "peer-reviewed" arXiv-preprint claim; removed retired X/Twitter links. - Updated the pinning tests (check-congruence, public-landing, public-static-assets) to assert the new truthful copy so CI enforces honesty going forward.
- Enforcement: reworded ~300 claims across README, landing page, all
-
#2634
6ac5086Thanks @IgorGanapolsky! - Report external customer revenue separately from owner/test Stripe activity in revenue status. -
#2769
f102e3dThanks @IgorGanapolsky! - Fix checkout conversion bug: 99 visitors hit /checkout/pro in 30 days, 0 paid. The server-side Stripe session creation was failing silently (env var not configured on Railway), causing the form to loop back to the interstitial instead of redirecting to Stripe. Changed the form action to link directly to the Stripe Payment Link, bypassing the broken server-side flow entirely. -
#2624
5572bfbThanks @IgorGanapolsky! - Fix the sticky Pay $499 diagnostic CTA so Stripe Checkout opens in the current tab instead of a fragile popup/new-tab flow. -
#2601
3c78a19Thanks @IgorGanapolsky! - Fix LangGraph wording overclaim in marketplace distribution pack and status dashboard copy. Docs/wording-only; no behavioral change. -
#2652
2f578eaThanks @IgorGanapolsky! - Sharpen public positioning so ThumbGate is framed as pre-action governance with reviewable evidence, not self-governance or passive logging. -
#2682
f913c5fThanks @IgorGanapolsky! - Add the Guardian/Ethicore policy-engine adapter and commercial-truth claim gates so ThumbGate can normalize external policy verdicts into local pre-action enforcement and require source-of-truth evidence before agents claim money, tax, checkout, inventory, permission, or customer-facing state is fixed or verified. -
#2589
b485f6dThanks @IgorGanapolsky! - fix(health): report the actually-deployed commit in/healthbuildSha. On the Railway GitHub-connected service the bakedconfig/build-metadata.jsonis the committed null placeholder andRAILWAY_SYNC_VARIABLESis off, soTHUMBGATE_BUILD_SHAnever updated and/healthreported a months-old commit while newer code was live — which also made the deploy workflow's build-SHA verification gate fail on every run.resolveBuildMetadatanow reads Railway's per-deployRAILWAY_GIT_COMMIT_SHA(ground truth for GitHub-connected deploys) ahead of the drift-proneTHUMBGATE_BUILD_SHA, while a properly baked file SHA still wins when present. -
#2625
cfdadf8Thanks @IgorGanapolsky! - Add Hermes Agent guardrails positioning, compatibility entry points, and a public guide for self-improving agent workflows. -
#2635
8706f06Thanks @IgorGanapolsky! - Position Hermes-style self-evolution as safer reviewed rule and skill-change proposals instead of silent instruction overwrites. -
#2612
f555423Thanks @IgorGanapolsky! - Rewrite the landing-page hero lede to lead with the concrete mechanism instead of a vague benefit claim. Replaces "AI agents will always hallucinate… we make their mistakes harmless" with what actually happens — ThumbGate blocks the specific dangerous tool call (rm -rf, force-push to main, leaked key, DROP on prod) in the PreToolUse hook before the shell runs it, and a thumbs-down becomes a prevention rule that stops the agent repeating it. -
#2637
4884d89Thanks @IgorGanapolsky! - Recognize hosted funnel telemetry as implemented tracking in the revenue status report. -
#2623
32684c1Thanks @IgorGanapolsky! - Make agentic development cycle cards clickable on landing page. -
#2622
936af49Thanks @IgorGanapolsky! - Delete broken skool asset symlinks to unblock Railway deployment. -
#2620
367424dThanks @IgorGanapolsky! - Serve static /media/ assets route to fix broken demo GIF in landing pages. -
#2696
28392bcThanks @IgorGanapolsky! - Improve test coverage for Reddit browser notification watch script and publisher credential guards. -
#2746
cd54bc7Thanks @IgorGanapolsky! - Add an owned/installbuyer path that consolidates live ThumbGate distribution surfaces, verified install commands, marketplace status, and the paid Workflow Hardening Diagnostic CTA. -
#2664
7d350f1Thanks @IgorGanapolsky! - Harden analytics JSON responses against HTML interpretation by addingnosniffheaders and neutralizing HTML-significant telemetry strings. -
#2530
b7b0ddaThanks @IgorGanapolsky! - Add paid conversion paths to the high-traffic persistent-memory article so readers can move from the free install path into Pro checkout, the workflow diagnostic, or the workflow intake without hunting for pricing. -
#2770
e729195Thanks @IgorGanapolsky! - Serve the Hermes founding beta / Leash Pro pricing landing at/leash-betawith deploy-verify sentinel coverage. -
#2742
db60efdThanks @IgorGanapolsky! - Add a retrieval-time superseding filter to lesson retrieval. Same-topic lessons are now collapsed before final selection: duplicates drop to the higher-ranked one, and contradictions (opposite signal on the same rule/topic) keep the most recent — which supersedes the stale one. This prevents "context poisoning," where an agent could be handed two contradictory lessons (e.g. "never force-push" and "force-push is fine") at equal relevance. Conservative by design (distinct lessons are never merged); affects only lesson retrieval, not the hard gate rules. -
#2753
f1e5011Thanks @IgorGanapolsky! - Trust hardening of the published npm artifact.verifyLicense()now only considersTHUMBGATE_-prefixed env vars as license candidates — it previously scanned every*_API_KEY/*_PRO_KEYenv var, so an unrelated vendor's secret could be picked up as a license key — and its result object no longer carries the raw key value (callers only ever needed the boolean/source). The owner-email allowlist is no longer hardcoded in the shipped bundle: setTHUMBGATE_OWNER_EMAILS(comma-separated) to classify owner traffic, matching the existing convention inexternal-customer-audit. The near-duplicatescripts/bot-detector.jsis consolidated intoscripts/bot-detection.js, which now also exportsclassifyVisitor,shouldExcludeFromAnalytics, andbotFilterMiddleware, with the legacy crawler patterns merged into the unifiedBOT_PATTERNSlist. -
#2751
4e523cfThanks @IgorGanapolsky! - fix(mcp): stop reinstalling thumbgate@latest on every MCP server launch. The serve entry now fast-starts from the installed runtime and resolves @latest via npx only when the runtime is absent — matching the hook commands. Removes a per-launch blockingnpm installthat could hang or fail server startup on slow/offline networks (agents saw the server / capture "time out"). -
#2724
5d927e0Thanks @IgorGanapolsky! - Addnpx thumbgate diagnosticso npm/CLI users can reach the $499 Workflow Hardening Diagnostic intake and checkout paths directly from the package. -
#2733
2859021Thanks @IgorGanapolsky! - Add Memora-style nucleus (top-P) "decide when to stop" filtering to per-action lesson retrieval. Operators can setTHUMBGATE_RETRIEVAL_TOP_P(or passoptions.topP) to trim the low-relevance tail so a single dominant lesson isn't padded out tomaxResults— fewer tokens stuffed into each PreToolUse warning andretrieve_lessonscall. Off by default (topP=1.0is a no-op, so existing behaviour is unchanged). Also fixes the previously dead, mis-normalizedfilterTopP(now scale-free with aminKeepfloor) and removes a duplicatecalculateRetrievalEntropydefinition. -
#2669
99cd471Thanks @IgorGanapolsky! - Stop reflecting OAuth authorization query parameters into the browser consent page by storing pending authorization requests behind a short-lived opaque nonce. -
#2671
02de749Thanks @IgorGanapolsky! - Escape the OAuth consent nonce before rendering it into the hidden form attribute so the hosted connector authorization page remains explicit about its HTML boundary. -
#2699
06ff2feThanks @IgorGanapolsky! - Optimize inline brand logo (shield and thumbs-up) size, stroke-width, and transparency inside navigation headers to prevent blurriness and increase contrast on dark themes. -
#2674
ee14437Thanks @IgorGanapolsky! - Patch transitive audit advisories by pinning the Changesets YAML parser and agent-runtime protobuf parser chains to non-vulnerable versions. -
#2818
c0d9a06Thanks @IgorGanapolsky! - Fix a deadlock that preventednpm run pr:managefrom ever queuing a PR whose only outstanding check was the merge queue's own.Trunk Merge Queue (main)stayspendinguntil a PR enters the queue, andsummarizeChecks()bucketed every check — including that one — so pr-manager refused to submit while "1 quality check is still pending." The guard waited on its own output. Twelve Dependabot PRs sat stuck this way for up to 25 days with all seven required checks green.config/merge-quality-checks.jsonnow carries aselfReferentialCheckslist, andsummarizeChecks()skips those names. Genuine pending or failing quality checks still block, verified by test. -
#2527
7bfe020Thanks @IgorGanapolsky! - Reduce pricing-page checkout friction by sending Pro CTAs directly to the confirmed checkout path where Stripe collects email, while preserving bot-safe interstitial protection and adding first-party pricing page/CTA telemetry. -
#2557
d6cb6dbThanks @IgorGanapolsky! - Pricing surface hygiene: remove dead.price-card.team-cardCSS left over from the retired Team tier (no element references it; the Enterprise card uses.enterprise-card), and correct the staleverify-pricing-surfacesskill so it stops flagging the intentionally plausible-only checkout interstitial as a missing-analytics bug. Prices corrected to $0/$19/$149 and the real checkout health signal (302 → live Stripe) documented. -
#2642
2debbb5Thanks @IgorGanapolsky! - Complete the Team-tier retirement across the public marketing surface. The buyer-facing pricing page retired the Team tier in favor of Free/Pro/Enterprise (#2488, #2557), but 50 SEO/comparison/guide pages still advertised the deadTeam $49/seat/motier, and several tests still asserted it as "current." This sweeps every public page fromTeam $49/seat/moto the liveEnterprisethird tier (keepingPro $19/mo or $149/yr), and updates the page-copy assertions inseo-guides.test.jsandcompetitive-positioning-marketing.test.jsto match.Scope note: this is the buyer-facing copy reconciliation only. The dormant Team SKU still wired into the Stripe catalog, the
planId=teamcheckout path, and the 24 active$49Stripe prices (0 customers ever) are intentionally left untouched here — that billing-infra decommission is a separate change. -
#2796
a01ba56Thanks @IgorGanapolsky! - Email the operator when a customer activates ThumbGate Pro locally. The CLI now pings the hosted activation endpoint with the Pro key only as Bearer auth, while the hosted server validates the billing key and sends a secret-safe owner alert containing only a key fingerprint and activation metadata. -
#2803
140a761Thanks @IgorGanapolsky! - Route confirmed/checkout/probypass traffic to the Pro $19/mo Stripe Payment Link instead of the $1 first-failure-rule product, and tighten public conversion copy around the enterprise AI-agent governance buyer. -
#2805
d8645e0Thanks @IgorGanapolsky! - Align Pro and Enterprise packaging copy across checkout, pricing, public pages, LLM context, and CLI receipts. Pro is personal recall, dashboard proof, exports, and managed adapters; Enterprise is shared hosted lessons, org visibility, and rollout support. -
#2759
dc18cbbThanks @IgorGanapolsky! - Add ThumbGate Pro tier section to README with Stripe payment link. Lists Pro features (team-wide policies, centralized feedback memory, budget monitoring, priority support) and links to the $19/month payment page. -
#2668
d7d41baThanks @IgorGanapolsky! - Route public HTML detail pages through server-built slug allowlists and sanitize forwarded hosts before rendering HTML or OpenAPI metadata. -
#2662
0b3b4a1Thanks @IgorGanapolsky! - Keep Cloudflare Worker maintenance changes out of the Railway deploy scope while preserving Railway deploys for root runtime dependency and serving-surface changes. -
#2749
86ed0cbThanks @IgorGanapolsky! - docs(readme): add a "Who builds ThumbGate — and hiring me" section that routes the repo's qualified readers to the maintainer's freelance/contract availability (payments, AI agents, Android). Repositions ThumbGate's credibility as a lead source per the Option-C monetization analysis; no code or runtime behavior change. -
#2735
11585b4Thanks @IgorGanapolsky! - Never block read-only observability tools on the pending PR-thread-resolution gate. After any PR-branch commit, the gate previously denied every subsequent tool call — including pure reads likeget_business_metrics,dashboard, anddescribe_semantic_entity— with "a git commit was made on a PR branch." That blinded operators to their own revenue/metrics mid-PR while doing nothing for safety (a read cannot advance a readiness claim or mutate state). Read-only tools (sourced from the canonicalreadonlyMCP profile) are now exempt; mutating tools and file edits stay gated. -
#2560
26a9752Thanks @IgorGanapolsky! - Remove internal AI-orchestration files from the public repo after they were called out on Reddit r/devops on 2026-06-06 as "vibe-coded" / bot-like:.claude/implementation-notes/— internal decision/postmortem docs leaking founder sentiment + revenue state.claude/ralph/ATTEMPTS.md— task list including "ready-to-post for Reddit, HN, Discord".github/workflows/ralph-*.yml+social-engagement-hourly.yml— hourly social-posting cadence evidencedocs/marketing/reddit-posts/— literal draft post copy
Adds
.gitignoreentries, a pre-commit guard in.githooks/pre-commit, and a CI test (tests/no-internal-orchestration-leaks.test.js) so these path families cannot be re-introduced. Note: this only prevents future leaks — the content is still in git history; nuclear history-rewrite is a separate decision. -
#2608
50e5697Thanks @IgorGanapolsky! - Security: redact secrets at capture-time and export-time so ThumbGate never stores or ships a
credential. Adds a single canonical helperscripts/secret-redaction.js(covers Stripe
sk_live_/sk_test_/rk_live_/rk_test_/whsec_, AWS access keys, GitHub/Slack/Google/Anthropic/OpenAI
keys, JWTs, bearer tokens, PEM private-key blocks, and generickey=valuesecret assignments;
Stripe publishablepk_live_keys are intentionally preserved as public).It is wired into the conversation-capture writers —
feedback-history-distiller(the
conversation-window.jsonlwriter, which was the incident vector),lesson-inference(lesson
writer), andself-distill-agent(run manifest) — so a pasted key is redacted before it lands on
disk, and into theexport-dpo-pairsandexport-databricks-bundleexporters so published/shared
datasets cannot leak captured secrets (the DPO redaction also cleans the HF preferences split).
Prompted by a 2026-06-10 incident where a live Stripesk_live_key was found in plaintext in
.thumbgate/conversation-window.jsonl.Note: the
feedback-log.jsonl/memory-log.jsonlwriters infeedback-loop.jsare covered at
the export boundary (both exporters redact when reading them); adding at-rest redaction inside
feedback-loop.jsis deferred to a follow-up because that file carries unrelated pre-existing
SonarCloud findings that would block this security PR's quality gate. -
#2697
c25724cThanks @IgorGanapolsky! - Refactor Reddit browser notification watch script to reduce cognitive complexity and resolve SonarCloud issues. -
#2785
adfbcecThanks @IgorGanapolsky! - Release 1.27.20 — ship a complete npm tarball.Published 1.27.19 was cut from an untracked working directory and omitted 32 files (including
scripts/feedback-sanitizer.js), which crashed the UserPromptSubmit hook on every prompt. This release publishes the full file set frommainthrough CI (tagged, provenance-signed) and includes the pack-integrity regression guard so an incomplete tarball can never publish again. -
#2773
6f6b022Thanks @IgorGanapolsky! - Remove budget gates from the PreToolUse hook path (self-lockout fix). A stale~/.thumbgate/budget-state.json(session_start never reset across sessions) permanently blocked every Bash/Edit/Write call — including the edits needed to repair the gate itself. The hook no longer consults budget gates at all; spend tracking remains advisory-only.evaluateBudget()is now advisory by default (deny requires explicitTHUMBGATE_BUDGET_ENFORCE=1), auto-resets state older than 2× the time cap, and scopes state to asessionIdwhen provided. Regression testtests/hook-no-budget-lockout.test.jsspawns the real hook with poisoned budget state and asserts it can never block. -
#2754
8f28fe4Thanks @IgorGanapolsky! - Remove internal operator report, proof-artifact, and memory-log directories from the public repository, and extend the leak gate (gitignore, pre-commit hook, CI test) so they cannot return. Public guide/compare pages and the pro/landing templates now point their evidence links at docs/VERIFICATION_EVIDENCE.md instead of tracked proof-report JSON files. -
#2559
d4f6774Thanks @IgorGanapolsky! - chore: remove orphaned scripts/feedback-aggregate-stats.js (+ its unit test). The statusline aggregation that ships is feedback-aggregate.js (computeAggregateFeedbackStats); the feedback-aggregate-stats module from PR #2545 was superseded by a parallel implementation that landed concurrently and is referenced nowhere. Dead code removed; bundle file count decreases (within existing ceilings). -
#2560
26a9752Thanks @IgorGanapolsky! - Repo credibility cleanup wave 1, after Reddit r/devops thread (2026-06-06) called the project out as a "vibe-coded" bot operation. Removes 22 social/marketing/orchestration GitHub workflows (linkedin/reddit/zernio/instagram/video dispatchers, daily-revenue-loop, gtm-autonomous-loop, weekly-social-post, reply-monitor, social-analytics-poll, etc.) and 6 root-level launch-theater markdown files (LAUNCH.md, LAUNCH_NOW.md, LAUNCH_POSTS.md, FIRST_CUSTOMER_BATTLE_PLAN.md, ALL_ENHANCEMENTS_COMPLETE.md, TEST_EVIDENCE_E2E_HYBRID_CLAW.md). Extends the pre-commit guard and CI test to permanently block re-introduction of either path family. Workflow count: 52 → 30. Tracked-line delta: -3164. -
#2538
8117974Thanks @IgorGanapolsky! - Add a shared owned-site revenue assist on high-traffic ThumbGate pages with Pro checkout, workflow diagnostic CTAs, and Plausible abandonment-reason telemetry so buyer objections can be measured before Stripe checkout. -
#2562
fa0155fThanks @IgorGanapolsky! - Tighten public repo hygiene and revenue observability: remove tracked internal agent scratchpads/social automation artifacts, add CI guards against reintroducing them, schedule Stripe checkout diagnostics on main, document canonical analytics/search-console env, and surface Google Search Console generative-AI visibility readiness in the revenue rollup. -
#2644
a89d7c9Thanks @IgorGanapolsky! - Register the diagnostic and workflow sprint tracked offer routes and auto-list guide pages in the sitemap so paid CTAs and AI-search guide pages stay discoverable. -
#2700
38ab7d4Thanks @IgorGanapolsky! - Revert the brand logo assets to the original TG gate monogram design to align with the branding displayed on Stripe checkout pages. -
#2632
ddc17f3Thanks @IgorGanapolsky! - Route the sticky workflow-help CTA to intake instead of a blind $499 diagnostic checkout. -
#2725
92b7f41Thanks @IgorGanapolsky! - Redactbilling:setupoperator keys by default so revenue readback setup no longer leaks live secrets into agent transcripts or shell logs. -
#2627
4c533edThanks @IgorGanapolsky! - Surface the self-improving positioning visibly on the landing page (it was only in structured-data before). The "three steps" section now leads with "Self-improving enforcement" and a subhead clarifying the axis — self-improving for safety, not capability: every 👎 compiles into a hard rule, and each rule regression-tests itself so it blocks the repeat, never the safe action. -
#2523
e3a2452Thanks @IgorGanapolsky! - seo: add canonical PreToolUse / beforeMCPExecution / MCP tool-call gating guideTargets the Cycode-owned IDE-security lexicon (
PreToolUse hook,beforeMCPExecution,beforeReadFile,beforeSubmitPrompt) so ThumbGate occupies the indie/MIT slot beneath funded enterprise vendors in LLM answer-engine citations (Perplexity, ChatGPT, Gemini, Claude, Grok) for buyer-intent queries like "how do I stop Claude Code from running dangerous commands". Verified-absence finding in the 2026-06-05 deep-research report: ThumbGate is currently invisible in awesome-mcp-servers, the General Analysis enterprise guardrails roundup, and the Cycode-anchored category lexicon. This page fills the lexicon gap.New route:
/guides/claude-code-pretooluse-hook. Registered in the seo-gsd build list and the prove-seo-gsd sitemap pin. No new dependencies, no public-bundle-ratchet impact. -
#2792
ad57632Thanks @IgorGanapolsky! - Add signed-entitlement boundary (the real paid-tier protection). Newscripts/entitlement.jsverifies Ed25519-signed license tokens offline (tier, features, expiry, customer id, key id, signature) against a shipped public keyset;requireEntitlement(feature)gates paid features — advisory by default, enforced viaTHUMBGATE_ENFORCE_ENTITLEMENTS=1. The DPO/HuggingFace/Databricks exporters now call the gate. Replaces the bypassabletg_/tg_pro_prefix check: fake prefix keys and tampered/expired/wrong-key tokens all fail verification (proven intests/entitlement.test.js). The private signing key never ships (hosted billing secret / local gitignored dev key only). -
#2521
054c10dThanks @IgorGanapolsky! - GEO:/sitemap.xmlnow auto-includes everypublic/compare/*.htmlcomparison page (derived from the filesystem instead of a hand-maintained list, so pages can no longer silently fall out of the sitemap), and the ThumbGate-vs-Rein comparison and Agent Manager landing pages gained FAQPage structured data — making them eligible to surface in AI Overviews / AI Mode and discoverable by AI answer engines on their buyer-intent queries. -
#2695
bf739a7Thanks @IgorGanapolsky! - Fix premium landing page logo rendering and statusline test telemetry timeout. -
#2564
5d84509Thanks @IgorGanapolsky! - Harden PreToolUse enforcement against helper-script and package-script bypasses by correlating recent helper writes with later risky execution chains. -
#2549
10f8585Thanks @IgorGanapolsky! - Statusline now aggregates across every livestatusline_cache.jsonso the displayed thumbs-up/down reflects the user's true totals instead of whichever folder happens to be cwd. On a host with multiple per-project caches the same product was previously showing 74% / 20% / 0% approval depending on cwd; the aggregated readout is the correct cross-folder total. Cache writes remain per-folder so attribution is preserved; opt out of aggregation withTHUMBGATE_STATUSLINE_AGGREGATE=0. -
#2545
109968cThanks @IgorGanapolsky! - fix(statusline): aggregate feedback across all stores so the statusline shows the true cross-project total instead of only the slice for the folder it runs in. Previously the statusline read a single resolved feedback store, so it could show 8👍/0👎 in one repo while ~150 thumbs-down lived in another project's store. Adds a read-only cross-store sum (deduped by feedback id) over the global stores + the active project; opt back to per-folder counts with THUMBGATE_STATUSLINE_SCOPE=project. Capture/write path unchanged. -
#2554
dcc8d66Thanks @IgorGanapolsky! - Fix statusline display showing inflated thumbs counts (e.g. 1152↑/747↓ when the true cross-store total was 727↑/600↓).scripts/statusline-cache-read.jswas summingthumbs_up/thumbs_downacross every per-folderstatusline_cache.json, but the canonical global aggregate at~/.thumbgate/statusline_cache.jsonis itself written as the cross-store sum (byfeedback-aggregate.js). Summing the aggregate plus the per-folder caches counted every event twice. The helper now resolves the highest-priority existing cache and returns its content unchanged. -
#2558
e0d4cd1Thanks @IgorGanapolsky! - Add a true end-to-end test that spawns scripts/statusline-local-stats.js as a child process and proves cross-store feedback aggregation (deduped by id), the project-scope opt-out, and the zero-store case. -
#2549
10f8585Thanks @IgorGanapolsky! - Fix ThumbGate statusline, dashboard, feedback stats, and local chat reads to aggregate known feedback stores instead of showing only the current folder's slice. The statusline now prefers a global aggregate cache, dedupes feedback by id across active, parent, and global project stores, and keeps a local-only opt-out withTHUMBGATE_STATUSLINE_AGGREGATE=0. -
#2522
3989ee5Thanks @IgorGanapolsky! - ci: wire codex marketplace pack regeneration into sync-version.jsThe codex marketplace pack (
docs/marketing/codex-marketplace-revenue-pack.md)
embeds the release version in areleases/download/v<VERSION>/URL, but was
not async-versiontarget — so every release tripped the
"checked-in Codex marketplace pack stays in sync with the generator output"
test (caught on 1.27.3, 1.27.4/1.27.6, would have caught every future bump).Fix: add a
POST_SYNC_GENERATORSstep that, after the simple field-level
version sync, invokes registered regenerator scripts (currently just
scripts/codex-marketplace-revenue-pack.js --write-docs). On--checkthe
generators are skipped (the existing per-generator test catches drift); on a
real sync they run and re-emit the pack with the new version. Generator
failures are logged as warnings, never break the version sync — the
per-generator test is still the source of truth.Live-verified by simulating 1.27.6 → 1.27.7: pack URL auto-updated from
v1.27.6/...ziptov1.27.7/...zipand the codex test passes 10/10.Co-Authored-By: Claude Opus 4.8 noreply@anthropic.com
-
#2578
96f5d11Thanks @IgorGanapolsky! - AddTHREAT_MODEL.md— an honest, public statement of what the PreToolUse hook enforces (policy + observability layer) versus what it cannot contain (execution one layer down: curl|bash, write-then-run, package-script wrappers, subprocess handoff), and the recommended architecture of pairing the policy layer with an OS/sandbox containment boundary. Documents the shippedstateful-helper-script-bypassgate as defense-in-depth, not a containment substitute. Answers the r/devops review of the enforcement model. -
#2703
306ee02Thanks @IgorGanapolsky! - Repair ThumbGate 1.27.15 plugin distribution metadata across Cursor, Codex, Claude, OpenCode, VS Code, MCP server cards, and public version surfaces. Add a Cursor Marketplace doctor that separates local bundle readiness from public listing approval, document the current non-live Cursor listing truth, reinstall the repo-local Codex plugin at 1.27.15, remove obsolete Zernio-only tests from the aggregate release suite, and add Z.ai helper exports used by the revenue automation smoke checks. -
#2592
2d887deThanks @IgorGanapolsky! - Add animated demo GIF to homepage hero; web asset only. -
#2593
ec21c78Thanks @IgorGanapolsky! - Add homepage section answering 'why not write my own hooks'; web copy only. -
#2595
41299acThanks @IgorGanapolsky! - Add /compare/snowflake-cortex-agents comparison page and seo-gsd supporting entries. -
#2596
e2df6f8Thanks @IgorGanapolsky! - Clarify README local-first retrieval wording to remove overclaim; docs-only, no behavior change. -
#2640
a2864e4Thanks @IgorGanapolsky! - Add vLLM serving guardrails positioning for self-hosted model-routing rollouts. -
#2654
155d86dThanks @IgorGanapolsky! - Patch worker development dependencies to remove npm audit findings and add CI/Dependabot coverage for worker dependency vulnerabilities. -
#2790
c11d1f4Thanks @IgorGanapolsky! - Security: complete HTML-attribute escaping to close reflected XSS (CodeQL js/reflected-xss #252).escapeHtmlAttribute()now escapes single quotes and backticks in addition to& " < >, so a?emailsearch param reflected into the checkout page'svalue="..."attribute can no longer break out of the attribute context (and CodeQL recognizes it as a full sanitizer). Addstests/xss-checkout-escape.test.js.
Verification Standard
- Publish only runs from
mainafter version sync, tests, and runtime proof pass. - The npm package is smoke-tested after publish by installing
thumbgate@VERSIONin a clean runtime. - GitHub Release notes are generated from Changesets, not only GitHub auto-generated PR titles.