cargo-allow v0.1.9

cargo-allow v0.1.9

cargo-allow v0.1.9 is a maintenance patch focused on receipt adoption quality
for gate consumers. It does not introduce new scanner features.

Default cargo-allow behavior remains the source-exception ledger:

cargo-allow audit
cargo-allow check --mode no-new
cargo-allow diff --base origin/main
cargo-allow worklist --format json

Highlights

• Populates counts.review_due in check receipts and aligns matcher outcomes
  with list / worklist review-due posture.
• Writes machine-readable error receipts on exit-2 validation failures so
  stale passing evidence cannot linger at a fixed --receipt path.
• Accepts integer schema_version spellings and names ledger file paths in
  policy parse errors.
• Records effective mode, enforcement, policy_config, and tool_version
  in check receipts for gate provenance.
• Carries test hardening, module decomposition, and ripr 0.10.0 readiness
  work without expanding scanner claim boundaries.

Install

cargo install cargo-allow --version 0.1.9 --locked

Claim Boundary

cargo-allow scans source-tree inventory without executing repository code. This
release improves receipt fidelity and adoption ergonomics; it does not add
macro-expanded, type-aware, MIR-level, build-aware, control-flow, data-flow,
unsafe-proof, test-adequacy, or coverage-proof behavior.

More

• Changelog:
  CHANGELOG.md
• Detailed release record:
  docs/release/0.1.9.md

cargo-allow v0.1.8

cargo-allow v0.1.8

cargo-allow v0.1.8 is a cleanup patch for the opt-in spec-system preview
profile introduced in v0.1.7.

Default cargo-allow behavior remains the source-exception ledger:

cargo-allow audit
cargo-allow check --mode no-new
cargo-allow diff --base origin/main
cargo-allow worklist --format json

The spec-system preview remains explicit:

cargo-allow init --profile spec-system
cargo-allow doctor --profile spec-system
cargo-allow check --profile spec-system
cargo-allow worklist --profile spec-system --format json

Highlights

• Makes init --profile spec-system easier to adopt in a new repository by
  starting bootstrap active-goal validation as optional until the repo registers
  a real proposal/spec/plan graph.
• Keeps first-hour doctor --profile spec-system, check --profile spec-system --mode audit, and worklist --profile spec-system --format json
  clean immediately after bootstrap.
• Adds generated comments that explain when to enable active_goal_required = true.
• Simplifies Markdown finding headings so advisory reports do not repeat
  Advisory Findings.
• Updates adoption docs with the bootstrap posture and the promotion point for
  active-goal validation.

Install

cargo install cargo-allow --version 0.1.8 --locked

Preview Boundary

spec-system is preview and opt-in. It is not part of default
cargo-allow check.

The profile validates structural source-tree relationships: IDs, paths,
statuses, required fields, links, support-tier proof fields, active-goal
references, and closeout links.

It does not execute proof commands, call GitHub APIs, run Cargo, rustc, Clippy,
build scripts, proc macros, ripr, unsafe-review, coverage, or network checks as
part of the cargo-allow scan. It does not claim semantic correctness, proof
execution, release readiness, unsafe soundness, test adequacy, or coverage
proof.

More

• Changelog:
  CHANGELOG.md
• Detailed release record:
  docs/release/0.1.8.md
• First-hour spec-system guide:
  docs/how-to/adopt-spec-system-profile.md

cargo-allow v0.1.7

cargo-allow v0.1.7

cargo-allow v0.1.7 adds an opt-in spec-system preview profile for static
source-tree graph validation.

Default cargo-allow behavior remains the source-exception ledger:

cargo-allow audit
cargo-allow check --mode no-new
cargo-allow diff --base origin/main
cargo-allow worklist --format json

The new preview profile is explicit:

cargo-allow init --profile spec-system
cargo-allow doctor --profile spec-system
cargo-allow check --profile spec-system
cargo-allow audit --profile spec-system
cargo-allow worklist --profile spec-system --format json
cargo-allow explain CARGO-ALLOW-SPEC-0001 --profile spec-system

Highlights

• Adds spec-system as one opt-in governance profile for proposals, specs,
  ADRs, implementation plans, active goals, support tiers, policy ledgers,
  proof-command fields, release records, and closeouts.
• Emits cargo-allow.spec-system.v1 JSON artifacts with graph inventory,
  findings, work items, setup readiness, single-artifact explanation, scanner
  limitations, and claim boundary.
• Adds worklist repair items for broken source-of-truth graph structure.
• Adds doctor, init, check, audit, worklist, and explain preview
  surfaces for the profile.
• Dogfoods the profile in the cargo-allow repository with CI artifacts and
  repo-local blocking posture for selected objective structural findings.
• Adds first-hour adoption, CI, profile architecture, cross-repo adoption, and
  adoption-friction guidance.

Install

After the crates.io packages are published:

cargo install cargo-allow --version 0.1.7 --locked

Preview Boundary

spec-system is preview and opt-in. It is not part of default
cargo-allow check.

The profile validates structural source-tree relationships: IDs, paths,
statuses, required fields, links, support-tier proof fields, active-goal
references, and closeout links.

It does not execute proof commands, call GitHub APIs, run Cargo, rustc, Clippy,
build scripts, proc macros, ripr, unsafe-review, coverage, or network checks as
part of the cargo-allow scan. It does not claim semantic correctness, proof
execution, release readiness, unsafe soundness, test adequacy, or coverage
proof.

More

• Changelog:
  CHANGELOG.md
• Detailed release record:
  docs/release/0.1.7.md
• First-hour spec-system guide:
  docs/how-to/adopt-spec-system-profile.md
• Cross-repo adoption playbook:
  docs/how-to/adopt-cargo-allow-across-repos.md