You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A regression test now freezes the project's line-length lint exclusion (E501)
at its current hit count, so the previously-unbounded exclusion cannot grow
further. Lowering the pinned count remains a manual follow-up as overlong
lines are cleaned up over time.
[0.9.5] - 2026-07-12
Added
Claude Code plugin marketplace manifest (.claude-plugin/marketplace.json), so /plugin marketplace add tautlines/tautline offers tautline-core and tautline-ops directly from the repository. The README documents the install
flow.
The quickstart names the shell activation and PATH step that the CLI install
depends on, so a fresh clone reaches a working tautline command without
guesswork.
Changed
TERMS.md now describes the auto-update trust model that actually ships rather
than a pre-launch target: install-cli pins the update source to the commit it
installed from by default, --update-policy signed verifies the upstream commit
signature against a trusted key, and both policies fail closed. Baking --dangerously-skip-permissions into a launcher is refused unless one of them is
in effect.
SECURITY.md states the supply-chain posture that actually ships. It opens by
noting the repository is public with published releases, and its trust-posture
section separates what exists from what does not: the commit-level trust gate on
every auto-update re-exec is real and fails closed, but the current releases carry no checksum manifest and the published release tags are not signed. cut-release can compute a SHA-256 manifest and can create a signed tag with the
right flags, and that capability is now described as a capability rather than as
something an adopter can go and verify against today.
SECURITY.md and TERMS.md now note that --update-policy signed applies to an
upstream you control and sign. The canonical upstream does not sign its commits
yet, so a signed policy pointed at it refuses every update (fail-closed, with no
upstream fix available to the adopter); pinned, the install default, is the
working lever against it. Signing the canonical upstream is listed as a roadmap
item.
Public documentation no longer points at maintainer-only paths that a reader of
this repository cannot open; those references now name the maintainer repository
or its backlog in prose instead. The render-adapters deprecation warning for the
legacy goalTracker adapter key drops its pointer to a maintainer-only design
document and keeps the actionable instruction (migrate to backlogProvider).
ROADMAP.md speaks of the public repository in the present tense — its work items
are tracked as issues there and are now backlinked — and its "Recently shipped"
section is current through the 0.9.x line.
ROADMAP.md retitles the near-term section to 0.9.x instead of naming a fixed
0.9.0 target, and states the compatibility sunset explicitly: the legacy minervit-methodology launcher name, MINERVIT_* environment fallbacks, and the .minervit-ai-delivery.json marker stay supported through 0.x and are removed in
1.0.
The renderer-ci workflow accepts workflow_dispatch, so its default-branch badge
can render a status.
[0.9.4] - 2026-07-12
Changed
Public-surface scrub: the changelog and the startup-remediation reference no
longer carry private-tracker issue numbers, incident dates, or internal
backlog/archive paths; the affected passages now describe the same behavior
and follow-up tracking in maintainer-neutral terms. A stray internal
codename was dropped from a .gitignore comment.
The MakerKit community example (examples/community-skills/makerkit-implementation)
is fully de-identified: the internal example codename is gone from its
filename and headings, and exact kit/dependency version pins are replaced
with relative phrasing (the kit's previous and current minor versions). The
Stripe and Better Auth teaching patterns are unchanged.
The internal release-update delivery ledger is excluded from the public
release export, alongside the repo's other maintainer-only records. The
release-update accountability gate now evaluates against the maintainer's
source repository instead of the exported tree, so public-release-export
stays gated on release-update delivery rather than tripping on the ledger's
absence from the export.
[0.9.3] - 2026-07-12
Changed
Brand copy sweep: live reader-facing docs teach the tautline CLI, the tautlines/tautline-dev repository, and the ~/.config/tautline/tautline.env
config surface; a guard test bans the retired "minervit methodology" brand on
those surfaces. Documentation and test expectations only — no runtime changes.
[0.9.2] - 2026-07-12
Changed
Config surface rebrand: the CLI, emitted shims, launchers, and git hooks read ~/.config/tautline/tautline.env first (legacy ~/.config/minervit/methodology.env
kept as a byte-identical mirror and fallback); TAUTLINE_METHODOLOGY_REPO and TAUTLINE_CLAUDE_AUTOCOMPACT_PCT aliases are emitted, and lane/codex child
environments dual-write both families. Re-exec tokens move to ~/.config/tautline/reexec-tokens. Trust configuration (update policy and pins)
keeps its 0.9.1 names and semantics: install-cli pins at the installing HEAD and update-repin afterward widens trust; update-repin keeps both config surfaces'
pins in step. TAUTLINE trust aliases and pin-set preservation ship separately as a
focused security change.
Held-update banners defer to the active trust policy's remedy in the hold detail
(lands the deferred 0.9.1 R2 finding).