v0.5.0

What's Changed

• Move effort/thinking to row 3; add tokens_in/tokens_out segments by @bart-turczynski in #33

Full Changelog: v0.4.0...v0.5.0

v0.4.0

What's Changed

• chore: migrate package manager from npm to pnpm by @bart-turczynski in #25
• Chore/harden install and ci by @bart-turczynski in #26
• feat: enable all segments by default; add --show/--hide/--set config flags by @bart-turczynski in #27
• feat: enable all segments by default + --show/--hide/--set CLI flags by @bart-turczynski in #28
• chore: v6 — refactor & supply-chain hardening by @bart-turczynski in #29
• test: in-process unit tests for orphan.js (55% → 100% line coverage) by @bart-turczynski in #32
• chore: bump actions/setup-node from 5.0.0 to 6.4.0 by @dependabot[bot] in #30
• chore: bump actions/checkout from 5.0.1 to 6.0.3 by @dependabot[bot] in #31

New Contributors

• @dependabot[bot] made their first contribution in #30

Full Changelog: v0.3.6...v0.4.0

v0.3.6

What's Changed

• Fix plugin-cache bloat: move payload into plugin/ subdir by @bart-turczynski in #19
• Fix /cc-cream:setup --force (forward $ARGUMENTS) by @bart-turczynski in #20
• Release 0.3.5: deliver plugin-cache + --force fixes via /plugin update by @bart-turczynski in #21
• Add PLUGIN-DISTRIBUTION.md — plugin cache-bloat & update-propagation notes by @bart-turczynski in #22
• Salvage session-lifecycle notes into PLUGIN-DISTRIBUTION.md by @bart-turczynski in #23
• Add sync-catalogue workflow by @bart-turczynski in #24

Full Changelog: v0.3.4...v0.3.6

v0.3.4

Full Changelog: v0.3.3...v0.3.4

v0.3.3

Full Changelog: v0.3.2...v0.3.3

v0.3.2

What's Changed

• Fix markdown-stripped placeholder in uninstall receipt by @bart-turczynski in #17
• Untrack internal docs/ and fp-managed FP_CLAUDE.md by @bart-turczynski in #18

Full Changelog: v0.3.1...v0.3.2

v0.3.1

What's Changed

• Use an annotated release tag so --follow-tags pushes it by @bart-turczynski in #15
• Make /cc-cream:setup and :uninstall display their receipt by @bart-turczynski in #16

Full Changelog: v0.3.0...v0.3.1

v0.3.0

What's Changed

• v5: install/uninstall UX hardening, ghost-bar self-defense, one-command releases by @bart-turczynski in #12
• Harden release script: stage only bump files, ignore untracked by @bart-turczynski in #13
• Make release version-bump surgical (preserve manifest formatting) by @bart-turczynski in #14

Full Changelog: v0.2.0...v0.3.0

v0.2.0 — internal hardening

Internal hardening + diagnosability (v4). See CHANGELOG for detail.

Added

• cc-cream-setup --check-config — lint your cc-cream.json for unknown / out-of-range keys.
• CC_CREAM_DEBUG=1 — opt-in diagnostics to ~/.claude/cc-cream-debug.log explaining why segments are hidden (stdout untouched, zero tokens).

Changed (breaking)

• The plugin status line no longer self-resolves its version via a shell glob (ls|grep|sort -V|tail). It now bakes the current version's absolute path, and the SessionStart hook re-pins it after /plugin update. Plugin users: the bar re-wires itself on the next session; if you set it up manually, re-run /cc-cream:setup.

Internal

• Shared src/settings.js for installer + hook; pure segment rendering (no filesystem access in segments.js); schema-table config normalization.

🤖 Generated with Claude Code

v0.1.18 — security hardening

Security hardening for the status-line engine and installer.

Security

• Strip terminal control bytes (ESC/BEL/DEL, C0/C1) from status-line text, so escape sequences in model.display_name, session_name, or effort.level can't reach the terminal.
• Reject __proto__/constructor/prototype as session_id keys.

Fixed

• Atomic writes to settings.json and the state file (temp + rename), so an interrupted write can't truncate user config.
• Quote the node binary path in the plugin auto-update command.

Changed

• Cap the session-state map at 50 entries (LRU by timestamp).

See CHANGELOG for details. Published to npm via OIDC trusted publishing.