Skip to content

v0.3.5

Choose a tag to compare

@geanatz geanatz released this 30 Jun 10:06

v0.3.5 — 2026-06-30

Documentation-only patch release. No source-code, runtime, MCP-surface, or release-engineering changes. npm Trusted Publishing + provenance unchanged.

Changed

  • README top-level file links are now absolute GitHub URLs. The License badge target and License body link, plus the Contributing section's CONTRIBUTING.md, CODE_OF_CONDUCT.md, and SECURITY.md links, now point at https://github.com/geanatz/curion/blob/main/<file>. GitHub renders both forms identically; the absolute form is required on the npm registry because only LICENSE, README.md, and package.json ship at the top of the npm tarball, so the relative CONTRIBUTING.md, CODE_OF_CONDUCT.md, and SECURITY.md links silently 404'd for consumers reading the README from the npm page.

Fixed

  • .mcp.json is now gitignored. Claude Code's claude mcp add --scope project writes a project-scoped .mcp.json that may contain environment-variable bindings and must not be committed.

Verification

  • npm: npm view @geanatz/curion version0.3.5, dist-tags.latest0.3.5.
  • npm tarball top-level files: LICENSE, README.md, package.json (no CHANGELOG.md / CONTRIBUTING.md / CODE_OF_CONDUCT.md / SECURITY.md shipped — README links now absolute).
  • Provenance: SLSA v1 attestation present.
  • Publish workflow: https://github.com/geanatz/curion/actions/runs/28436276404 → success.