v0.6.0
[0.6.0] - 2026-07-09
- Commit Range: ➡️
46f5a24...91a77a6
✨ Features
f37b44c— ✨ [feat] Add SchemaStore and dependency update skills (36 files, +1383,-31)
✨ [feat] Add researched SchemaStore PR and dependency update maintenance workflows with metadata, references, icons, and deterministic audit scripts.
🧪 [test] Cover both auditors and extend strict Python coverage sources.
🔧 [chore] Tighten skill descriptions and keep repository linters from traversing generated cache directories.
🛠️ Bug Fixes
91a77a6— 🐛 [fix] Restore trusted release workflow identity (4 files, +227,-206)
Restore release-skill.yml so npm trusted publishing recognizes the workflow's OIDC identity. Add GitHub release-note metadata and exclude generated Python bytecode from npm and ZIP artifacts.
1e87112— 🐛 [fix] Use canonical release workflow path (2 files, +205,-205)
🐛 [fix] Rename the existing skill release workflow to release.yml so fresh repository-compliance lint recognizes the real release configuration.
c0a91b5— 🐛 [fix] Mark Python audit scripts executable (4 files, +0,-0)
🐛 [fix] Store every shebang-bearing Python auditor with executable Git mode so Ruff EXE001 passes on Linux runners.
🛡️ Security
e2fbd48— 🔒️ [fix] Remove custom Git ref inputs (3 files, +46,-61)
🔒️ [fix] Resolve changed files from trusted origin/main and origin/master defaults instead of passing CLI-provided revisions to Git.
🧪 [test] Keep repository-path validation covered for both auditors.
58ae708— 🔒️ [fix] Validate auditor Git inputs (4 files, +111,-19)
🔒️ [fix] Validate repository paths and simple Git refs, resolve bases to verified commit SHAs, and separate revision arguments before invoking Git.
🐛 [fix] Emit audit JSON as CLI output and replace repeated dependency filenames with constants.
🧪 [test] Prove both auditors reject option-shaped base refs.
🧹 Chores
98f7a54— 🔧 [chore] Keep JSCPD and Lychee out of lint all (1 file, +1,-1)
🔧 [chore] Leave the dedicated JSCPD and Lychee scripts available while keeping aggregate CI lint runs focused on existing gates.
46f5a24— 🔧 [chore] Adopt shared validation configs (5 files, +188,-237)
🔧 [chore] Wire JSCPD, git-cliff, and Lychee through shared config packages.
👷 [ci] Point release-note generation at the shared git-cliff config where workflows invoke git-cliff directly.
[0.5.1] - 2026-07-04
- Commit Range: ➡️
4f9b535...4f9b535
🧹 Chores
4f9b535— 🧹 [chore] Make maintenance skills user-invokable (10 files, +987,-619)
🧹 [chore] Add explicit no-implicit-invocation policy metadata for the requested maintenance skills and keep generated OpenAI metadata in sync.
⬆️ [chore] Refresh npm dependency ranges and lockfile versions.
✅ [fix] Harden the Python coverage script against ambient pytest plugins and keep the updated lint stack compatible with the repo's Prettier TOML format.
[0.5.0] - 2026-06-29
- Commit Range: ➡️
b8bf115...a336613
✨ Features
e86be2c— ✨ [feat] Add Sonar quality gate release guidance (2 files, +22,-5)
🧹 Chores
b8bf115— 🔧 [chore] Update VSCode extensions by removing unused Pyright extension (1 file, +0,-1)
👷 CI/CD
-
a336613— 👷 [ci] Install Python tooling in skill release workflow (1 file, +10,-0) -
9ca5e2a— 👷 [ci] Add Python Codecov coverage reporting (6 files, +133,-3)
[0.4.0] - 2026-06-29
- Commit Range: ➡️
8b45759...b83579f
✨ Features
b83579f— ✨ [feat] (python) Add strict Python validation coverage (20 files, +729,-451)
✨ [feat] Add Python strict gate coverage for skills and tests, including compile:python, Windows-safe skillcheck execution, pinned-dev tooling references, and focused tests for bundled Python helpers.
🐛 [fix] Repair strict Python helper scripts for Ruff, mypy, and Pyright by replacing dynamic config reads with typed helpers and removing direct print usage.
📝 [docs] Update Python strict-development and skillcheck guidance with venv setup, coverage/cache defaults, semantic graph linting notes, and root-cause suppression policy.
🚨 [fix] Clean release-gate lint failures in Dependabot, stale workflow casing, remark ignores, and audit tool error checks.
-
02ed7d7— ✨ [feat] (package) Update package.json with new scripts and dependencies (1 file, +131,-130) -
Added new Python linting and testing scripts for improved code quality
-
Enhanced existing scripts for better functionality and organization
-
Updated devDependencies to latest versions for better compatibility
-
8e163d2— ✨ [feat] (package) Enhance project configuration and add Python support (7 files, +1386,-962) -
Updated
package.jsonto include new scripts for Python linting, formatting, and testing. -
Introduced
pyproject.tomlfor Ruff and MyPy configurations, enhancing Python code quality checks. -
Added
requirements-dev.txtto manage Python development dependencies. -
Created
skillcheck.tomlfor skill validation settings, improving skill management. -
8b45759— ✨ [feat] Add skill resource audit helpers (17 files, +1123,-25)
✨ [feat] Adds read-only helper scripts for strict Python tooling audits and VSIcons icon inventory, giving agents deterministic checks for config drift and local icon availability.
📝 [docs] Adds Python project-shape and strict-fix references, VSIcons source-resolution guidance, and contents sections for long skill references.
🧹 [chore] Adds a repo-local skill surface auditor to validate linked references/scripts and long-reference tables of contents through npm run validate.
🎨 [style] Preserves the updated Python strict development brand color and regenerates the associated OpenAI metadata and SVG assets.
🎨 Styling
-
212ef2e— 🎨 [style] Update Python skill documentation for clarity and consistency (2 files, +15,-13) -
Correct grammar in SKILL.md for improved readability
-
Emphasize the use of repo-local scripts in validation commands
[0.3.0] - 2026-06-28
- Commit Range: ➡️
c459581...c459581
✨ Features
c459581— ✨ [feat] Add Python strict development skill (10 files, +524,-2)
✨ [feat] Adds python-strict-development with strict Ruff, mypy, Pyright, pytest, compileall, VS Code, and npm-script guidance based on the reference Python skill package.
📝 [docs] Adds skillcheck strict configuration references for skill creation and review workflows, including semantic graph-linting guidance for --semantic.
🧹 [chore] Registers the new skill in metadata sync so agents/openai.yaml and SVG assets are generated with the existing repository workflow.
[0.2.0] - 2026-06-27
- Commit Range: ➡️
c2193bc...a172d1d
✨ Features
02efe00— ✨ [feat] Expand skill catalog and metadata sync (53 files, +3134,-986)
✨ [feat] Add Mermaid diagram, release publish loop, and Prettier plugin maintenance skills with generated OpenAI metadata and SVG assets.
🚜 [refactor] Rename the icon generator to sync-skill-metadata and make policy/dependencies metadata first-class for generated agents/openai.yaml files.
🎨 [style] Refresh generated skill icons with full titles, emoji badges, color updates, and explicit invocation policy for release, VSIcons, and workspace continuation.
🧪 [test] Verified with npm run release:verify before committing.
-
c2193bc— ✨ [feat] Enhance local custom icon recommendation logic (1 file, +1,-1) -
Update guidance for recommending local custom icons based on semantic matches
-
Clarify conditions for using local icons when bundled options are unavailable
🛡️ Security
a172d1d— 🔒️ [fix] Harden skill audit boundaries (6 files, +323,-7)
🔒️ [fix] Treat CI logs and external VSIcons references as untrusted data, limiting them to diagnostics and verifiable facts instead of agent instructions.
🔧 [fix] Disable implicit invocation for ci-release-readiness in generated OpenAI metadata so log-reading workflows require explicit use.
🔨 [chore] Add an audit:skills CLI wrapper for checking every local skill against the skills.sh audit endpoint.
🧪 [test] Verify the release gate with npm run release:verify.
[0.1.2] - 2026-06-23
- Commit Range: ➡️
b3d3d90...9ecde09
✨ Features
-
9ecde09— ✨ [feat] (github-actions-workflow-maintenance) Introduce GitHub Actions Workflow Maintenance skill (15 files, +1795,-562) -
📝 Add SKILL.md documentation for creating, reviewing, and maintaining GitHub Actions workflows.
-
🧑💻 Create OpenAI agent configuration in openai.yaml for the new skill.
-
🎨 Add SVG icons for the skill in both small and large formats.
-
📝 Include a comprehensive review checklist in review-checklist.md for auditing GitHub Actions workflows.
-
🛠️ Update generate-skill-icons.mjs to include the new skill in the skill generation process.
-
🔧 Modify package.json to update remark-config-nick2bad4u dependency version.
-
11fb710— ✨ [feat] Add VSIcons association recommender skill (5 files, +120,-0)
Add a reusable skill for recommending copy-pasteable vscode-icons file and folder association snippets, including optional local custom icon handling.
Keep generated Codex metadata and SVG assets synchronized through the icon generator.
Validation: npm run release:verify; skillcheck skills/vsicons-association-recommender/SKILL.md
feeb94c— ✨ [feat] Add agent skill and remark maintenance skills (13 files, +272,-0)
Rename the agent instruction workflows to emphasize skill coverage and add a remark/remark-lint plugin maintenance workflow with generated Codex metadata and icons.
Validation: npm run release:verify; skillcheck skills/agent-skill-instruction-review/SKILL.md skills/agent-skill-instruction-creation/SKILL.md skills/remark-plugin-maintenance/SKILL.md
🛠️ Bug Fixes
da9701c— 💚 [fix] Restore workflow lint formatting (8 files, +27744,-27744)
🛡️ Security
3bb7a34— 🔒 [fix] Pin reusable workflow callers (6 files, +6,-6)
Pin all workflow-template reusable workflow references to an immutable commit SHA to satisfy Sonar githubactions:S7637 findings.
Validation: npm run release:verify
b3d3d90— 👷 [ci] Use shared workflow callers (13 files, +27811,-27867)
👷 [ci] Switches the Dependabot auto-merge caller to workflow-templates@main and replaces local security and maintenance workflows with shared reusable callers.
⬆️ [build] Updates eslint-config-nick2bad4u to the published caller override version and records any peer dependency needed for the shared ESLint config to load.
[0.1.1] - 2026-06-19
- Commit Range: ➡️
5fdf450...622d9c2
✨ Features
-
d4212a5— 🎨 [feat] Add skill icons and release notes (33 files, +737,-13) -
5fdf450— ✨ [feat] Add consolidated Codex skills repo (40 files, +5366,-0)
🛡️ Security
622d9c2— 🔒 [fix] Harden release workflow inputs (1 file, +7,-3)
🔧 Build System
-
f13cece— 📦 [build] Use typpi npm package scope (3 files, +4,-5) -
c369ef6— 🚀 [build] Prepare Codex skills package publishing (46 files, +27362,-3115)
⭐ Contributors
Thanks to all the contributors for their hard work!
📜 License
This project license is here: Project License
This changelog was automatically generated with git-cliff.