v2.2.0 — onboarding, contributor-safety hardening, inbound contribution review
The first release since v2.1.0 (M6). Additive + backward-compatible (MINOR) — the factory and the opt-in phase pipeline are unchanged.
M7 — onboarding & docs
- Prerequisites: getting an AI coding agent (Claude Code / Gemini Antigravity / ChatGPT Codex), plus the no-agent deterministic path.
- Windows/PowerShell install + render variants beside every Unix snippet.
- The
project.yamlmanifest documented field-by-field (+ amanifest-templateguard so it can't silently break). - An end-to-end phase walkthrough (
init → audit) against a worked example. - The
rfc_checkscope clarified — a repo's own meta-RFCs are out of scope by design.
Contributor-safety hardening (eados_lint #13–#16)
- gate-coverage meta-gate + data-file-validity floor: no factory file can ship ungated — a new ungated file class fails CI.
- manifest-template + workflow-safety gates: the consumer-copied manifest stays valid, and the sensitive CI triggers (
pull_request_target/workflow_run) need a justification — in this repo and in the workflow templates shipped to every generated repo.
M8 — inbound contribution review
- The contribution policy as data (
os/contribution/), thecontribution-reviewerrole,pr_review.py, the/eados reviewcommand, and the cross-cuttingcontribution-reviewgate. - The principle (ADR-0014): never merge a non-owner's commits — adopt a good idea via a co-author re-implementation; the human disposes; always thank.
Full notes: CHANGELOG.md. The consumer bundle (pgs-eados-bundle.tar.gz / .zip) attaches automatically once this release is published.