chore(release): v0.6.1 — Claude plugin wired into release process#396
Merged
Conversation
…eat/sync-github-archive
chore(github-archive): add scheduled issue and PR sync
docs: mirror Astro site vision issue
fix(github-archive): detect untracked archive files
fix(github-archive): populate pull request stats
fix(site): resolve product page asset paths
chore(github-archive): sync issues and pull requests
…e-skill docs(skills): add improve-codebase-architecture skill
docs(project-review): add issue mirror evidence checks
Refs T-V06-006.
Refs T-V06-006.
…-posture docs(release): record provenance posture
docs(release): record SBOM posture
…lease-attestations
ci(release): attest release tarballs
feat(plugin): add Claude Code plugin package skeleton
…ump v0.6.1
- build:claude-plugin emits plugin.json with version derived from
package.json#version; manifest is no longer hand-edited.
- check:claude-plugin runs in npm run verify (and contentCheckTasks),
so manifest drift fails the local gate before push.
- Layer 1 release readiness asserts plugin manifest version equals the
release version. New diagnostic codes:
RELEASE_READINESS_PLUGIN_VERSION_MISMATCH
RELEASE_READINESS_PLUGIN_MANIFEST_MISSING
- Bump package.json + plugin.json to 0.6.1; refresh README, docs/specorator.md,
CHANGELOG, and the regenerated release-readiness diagnostic codes doc.
chore(release): wire claude plugin into verify + release readiness, bump v0.6.1
…1 release) (#395) * fix(security): avoid regex comment stripping for #366 * fix(ci): unblock #366 promotion checks * fix(cli): address #366 review feedback * fix(cli): derive specorator CLI version from package.json Resolves Codex P2 on PR #394: scripts/cli.ts hardcoded VERSION = "0.6.0" drifted from the bumped package.json (0.6.1), so `specorator --help` reported the wrong version. Read package.json#version at startup so the CLI version stays in sync with the package version automatically — same pattern as the auto-derived plugin manifest version landed in v0.6.1. * fix(check-product-page): broaden YAML step-boundary regex Resolves Codex P2 on PR #395. The earlier STEP_START regex matched only `- name:`, `- uses:`, `- run:`. GitHub Actions steps may legitimately start with `- if:`, `- id:`, `- env:`, etc., so when the upload step had no `path:` (misconfigured) and the next step started with one of those keys, `inUploadStep` leaked across the step boundary and a later unrelated `with.path` was misread as the Pages upload path. Match any `- <key>:` list-item to reset step scope. Add Case 3e covering the leak scenario: upload step without `path:`, followed by `- if:` step whose `with.path` must NOT satisfy the upload-step check. * fix(check-product-page): match quoted upload-pages-artifact uses scalars Codex P2 follow-up on PR #395: USES_UPLOAD_PAGES_ARTIFACT only matched the unquoted form, so `uses: "actions/upload-pages-artifact@v3"` (a valid YAML scalar) never set inUploadStep, and a correct `path: sites/dist` was misreported as missing. Accept double- and single-quoted forms via an optional `["']?` prefix and add Case 3f covering the quoted-uses scenario. --------- Co-authored-by: Luis Mendez <hallo@luis-mendez.de>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: d2740daa42
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Codex P1 on PR #396: `specorator init --target <relative-path>` resolved the path against process.cwd(), but the CLI launches subcommands with cwd=PACKAGE_ROOT, so relative targets were created inside the installed package directory instead of the user's project. The CLI already forwards the user's invocation cwd via SPECORATOR_TARGET_ROOT — this anchors path.resolve() against that env var so relative targets land where the user expects. Add Codex-#396 regression test demonstrating the bug fix.
Luis85
changed the title
Owner
Author
|
@chatgpt-codex-connector P1 addressed in 8d4896e — |
Summary
Checks run
|
4 tasks
Luis85
added a commit
that referenced
this pull request
May 8, 2026
* fix(security): avoid regex comment stripping for #366 * fix(ci): unblock #366 promotion checks * fix(cli): address #366 review feedback * fix(init): resolve --target relative paths against caller cwd Codex P1 on PR #396: `specorator init --target <relative-path>` resolved the path against process.cwd(), but the CLI launches subcommands with cwd=PACKAGE_ROOT, so relative targets were created inside the installed package directory instead of the user's project. The CLI already forwards the user's invocation cwd via SPECORATOR_TARGET_ROOT — this anchors path.resolve() against that env var so relative targets land where the user expects. Add Codex-#396 regression test demonstrating the bug fix. * chore(release): log v0.6.2 publish Append `Release published - v0.6.2` entry to specs/version-0-6-plan/implementation-log.md per docs/release-operator-guide.md §8: tag SHA, Release URL, package URL, attestation result, dispatch run URLs, waiver justification, operator, immutable-releases probe note, rollback status. --------- Co-authored-by: Luis Mendez <hallo@luis-mendez.de>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Release branch for v0.6.1. Cut from
developafter #395 merged; mergesorigin/mainto share commit history (resolves conflicts that re-appeared after squash-merge of #395). Replaces #394.v0.6.1 highlights
build:claude-pluginauto-derivesplugin.json#versionfrompackage.json#version. Manifest no longer hand-edited.check:claude-pluginruns innpm run verify. Drift fails locally pre-push.RELEASE_READINESS_PLUGIN_VERSION_MISMATCHRELEASE_READINESS_PLUGIN_MANIFEST_MISSINGscripts/cli.tsVERSIONnow derived frompackage.json#version(no more drift on bump).scripts/check-product-page.tsstep-boundary regex broadened (- <key>:matches any step) andUSES_UPLOAD_PAGES_ARTIFACTaccepts quoted scalars.docs/specorator.mdheader,CHANGELOG.md.Includes (since v0.6.0)
Post-merge
v0.6.1onmain:release.yml:version=0.6.1,dry_run=true.dry_run=false,confirm=0.6.1,publish_package=trueif shipping the npm package.Test plan
npm run verifygreen onrelease/v0.6.1.v0.6.1post-merge.release.yml.🤖 Generated with Claude Code