Skip to content

v1.0.4

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 29 Jun 04:54
v1.0.4
c8f4f78
This commit was signed with the committer’s verified signature.
Nick2bad4u Typpi
GPG key ID: CF975FEFD36D2AF5
Verified
Learn about vigilant mode.

[1.0.4] - 2026-06-29

✨ Features

  • c8f4f78 — ✨ [feat] Add strict Python coverage and Codecov CI

✨ [feat] Harden the Bundlephobia helper for strict Python validation with typed query options, safer JSON boundaries, validated API URLs, deterministic npm pack parsing, and CLI output helpers.

🧪 [test] Replace the legacy unittest coverage with pytest scenarios for package scanning, Bundlephobia endpoint handling, threshold failures, npm pack parsing, audit composition, and text rendering; enforce 75 percent coverage with pytest-cov and Codecov-ready XML/JUnit outputs.

👷 [ci] Add a Python Quality workflow that runs lint, mypy, Pyright, pytest coverage, compile checks, and Codecov OIDC uploads for test results and coverage; update the release workflow to install Python dependencies before release verification.

🔧 [chore] Add strict Python, Pyright, Ruff, pytest, coverage, VS Code, skillcheck, and pinned requirements configuration so local and CI gates use the same commands.

📝 [docs] Move detailed Bundlephobia helper guidance into a reference file and link it from the skill and README to keep SKILL.md compact.

[1.0.3] - 2026-06-27

️ Bug Fixes

  • 3061946 — 🔒️ [fix] Mark Bundlephobia API text as untrusted

Dependencies

[dependabot]actions: [dependency] Update actions/dependency-review-action 5.0.0

  • 22854e9(deps) [dependency] Update actions/dependency-review-action

️ Security

  • ff7f770 — 👷 [ci] Use shared workflow callers

👷 [ci] Switches the Dependabot auto-merge caller to workflow-templates@main and replaces local security and maintenance workflows with shared reusable callers.

⬆️ [build] Updates eslint-config-nick2bad4u to the published caller override version and records any peer dependency needed for the shared ESLint config to load.

Testing

CI/CD

  • 6659699 — Update Dependabot auto-merge workflow pin

  • 3b2b121 — Add Dependabot auto-merge workflow

[1.0.2] - 2026-05-29

Documentation

  • 7c7faf1 — Document universal skill installs

[1.0.1] - 2026-05-29

✨ Features

  • 8de6f6e — ✨ [feat] (bundle-size-analysis) Introduce Bundlephobia skill for package size analysis

  • Added a new Python script for querying Bundlephobia, npm pack, and local artifact sizes.

  • Implemented functionality to fetch package sizes, dependencies, and export data from Bundlephobia.

  • Included commands for scanning package.json files and measuring local build artifacts.

  • Enhanced documentation to reflect the new skill and its capabilities.

  • Updated release workflow to package the new skill correctly.

  • Changed repository references from SonarCloud to Bundlephobia throughout documentation and scripts.

️ Other Changes

  • 09cc39a — Use git-cliff release notes and npm publish

  • 74c91c9 — Add SonarLint project binding

  • 342de4d — Reduce Bundlephobia helper complexity

  • 1a3c94b — Fix SonarCloud findings

  • ef3b130 — Rename npm package for skill publishing

  • 7e10752 — Move skill package to repository root

  • 046f94c — Allow npm package publishing

  • 8e4f1f1 — Use staged npm publishing for skill releases

  • c834ea6 — Add npm trusted publishing release setup

  • b839467 — Remove stale Sonar skill payload

  • 4cfca14 — Add Codex skill metadata

  • 372df90 — Initial commit

⭐ Contributors

Thanks to all the contributors for their hard work!

License

This project is licensed under the Unlicense.
This changelog was automatically generated with git-cliff.

Assets 3
Loading