proof-pr v0.2.14

proof-pr v0.2.14

This release lets reusable workflow callers choose the filename for the rendered proof summary inside the uploaded proof bundle.

Changes

• Added proof_summary_filename workflow input for workflow_call and workflow_dispatch.
• Default remains proof-pr-summary.md.
• Slash and backslash filenames are rejected so the summary stays inside the upload directory.
• Docs now show the input in the reusable workflow examples.

Verification

• PR #29 passed validate-proof on the release commit.
• Main workflow_dispatch passed on 194f0864a1f17374d27bcc11e7d26a65bba2ffb3.
• Local and installed-package CLI checks passed.
• Custom summary filename smoke rendered gra-proof-summary.md with Pattern: Workflow dogfood.
• gitleaks detect --source . --no-banner --redact --verbose found no leaks.
• Public git metadata check passed after the annotated v0.2.14 tag was created.

Receipt JSON is attached as release evidence, not supply-chain provenance.

proof-pr v0.2.13

proof-pr v0.2.13

This release makes the reusable workflow's rendered proof block downloadable, not just visible in the GitHub job summary.

Changes

• Reusable workflow now writes proof-pr-summary.md into the uploaded proof bundle.
• The job summary reuses the same rendered file, keeping summary and artifact output consistent.
• Docs now describe the artifact contract as receipt + rendered summary + optional caller artifacts.

Verification

• PR #28 passed validate-proof on the release commit.
• Main workflow_dispatch passed on 49b5de55bd1aab52ed6cbc1418fffe44f784f4a4.
• Local and installed-package CLI checks passed.
• Summary artifact smoke rendered a receipt with Pattern: Workflow dogfood into proof-pr-summary.md.
• gitleaks detect --source . --no-banner --redact --verbose found no leaks.
• Public git metadata check passed after the annotated v0.2.13 tag was created.

Receipt JSON is attached as release evidence, not supply-chain provenance.

proof-pr v0.2.12

proof-pr v0.2.12

This release makes example receipts part of the authoring flow instead of a side reference.

Changes

• proof-pr init now attaches optional producer.example_pattern metadata from the selected tier or --example.
• proof-pr collect --suggest-example refreshes the pattern after config updates risk tier or changed surfaces.
• proof-pr render shows the selected pattern as authoring guidance, not evidence.
• proof-pr examples --json --tier <T0-T4> filters the example catalog for tool-driven authoring.
• CI now covers example-pattern metadata through the installed proof-pr command.

Verification

• PR #27 passed validate-proof on the release commit.
• Main workflow_dispatch passed on aa0d0824883f039c4a040adcce938bf5d12686b5.
• Local and installed-package CLI checks passed.
• gitleaks detect --source . --no-banner --redact --verbose found no leaks.
• Public git metadata check passed after the annotated v0.2.12 tag was created.

Receipt JSON is attached as release evidence, not supply-chain provenance.

proof-pr v0.2.11

Changes

• Adds proof-pr examples to list copyable receipt patterns from the CLI.
• Adds proof-pr examples --json for scripted consumers.
• Adds CI coverage for the examples CLI.
• Includes the example receipt docs, test-only proof example, and receipt-hygiene CLI harness accumulated since v0.2.10.

Verification

• PR #26 validate-proof check passed.
• Manual main workflow_dispatch run 27872971356 passed on a8ae488f7cbc7b9896d7bd33de3489fdfd6569d8.
• Local examples text and JSON smoke checks passed.
• Fresh venv installed-entrypoint examples harness passed.
• Receipt-hygiene harness, receipt validation, public git metadata scan, sample render, and gitleaks passed.

proof-pr v0.2.10

Changes

• Makes proof-pr receipt-hygiene --explain --check <id> --fix-only print a clean stdout no-action-needed note when the selected check has no finding.
• Preserves the strict stderr/exit-2 behavior for ordinary --check with no matching finding.
• Bumps package/runtime version to 0.2.10.

Verification

• PR #21 validate-proof check passed.
• Manual main workflow_dispatch run 27872174944 passed on 1060a495053c8ca425f7ca55004d36de7a4baddc.
• Focused no-finding, focused finding, and ordinary no-finding CLI behavior checks passed.
• Simulated reusable workflow summary for the no-finding case passed.
• Local receipt validation, fresh venv install, sample render, public git metadata scan, and gitleaks passed.

proof-pr v0.2.9

Changes

• Adds a focused public git metadata fix block to reusable workflow receipt hygiene job summaries when that finding exists.
• Preserves strict-mode failure after writing the focused fix guidance.
• Aligns the runtime package version with 0.2.9.

Verification

• PR #19 and PR #20 validate-proof checks passed.
• Manual main workflow_dispatch run 27871824364 passed on cdd8b9d1745a832892c32c6341e25e1b0e42f92a.
• Local advisory, strict, and no-finding summary simulations passed.
• Local receipt validation, fresh venv install, sample render, public git metadata scan, and gitleaks passed.

proof-pr v0.2.8

Changes

• Adds proof-pr receipt-hygiene --check <id> to focus output on one hygiene finding.
• Adds proof-pr receipt-hygiene --explain --fix-only to print only the remediation command and compact receipt patch.
• Keeps receipt hygiene read-only.

Verification

• PR #18 validate-proof check passed.
• Local focused hygiene output, JSON filtering, error cases, receipt validation, compileall, JSON parse checks, diff check, and gitleaks passed.

proof-pr v0.2.7

Changes

• Adds proof-pr receipt-hygiene --explain for copyable remediation commands and compact receipt patch examples.
• Includes structured command and receipt_patch remediation in JSON hygiene findings.
• Keeps receipt hygiene read-only and advisory by default.

Verification

• PR #17 validate-proof check passed.
• Local receipt validation, strict hygiene behavior, compileall, JSON parse checks, diff check, and gitleaks passed.

proof-pr v0.2.6

proof-pr v0.2.6

This patch release writes receipt hygiene suggestions into reusable workflow job summaries by default.

Highlights:

• Runs proof-pr receipt-hygiene after receipt validation in the reusable workflow.
• Writes a dedicated receipt hygiene section to the GitHub job summary.
• Adds receipt_hygiene and receipt_hygiene_strict inputs.
• Keeps hygiene advisory by default; strict mode remains opt-in.

Proof:

• PR #16 passed validate-proof before fast-forward merge.
• Manual main self-check passed after merge.
• Local hygiene, validation, compile, YAML parse, metadata, diff, and secrets checks passed.
• Attached release receipt validates under proof-pr.v1.
• Receipt SHA-256: 16b5a8d492ff875dde367ba174fcd3ab46ddd0b3580225bb4e47f8b2da69546b.

Hygiene note: the release tag, target commit, and receipt use noreply/public-safe metadata. This receipt is release review evidence, not supply-chain provenance. No wheel, sdist, SBOM, or artifact attestation is published for v0.2.6.

proof-pr v0.2.5

proof-pr v0.2.5

This patch release adds read-only receipt hygiene suggestions for common missing proof evidence.

Highlights:

• Adds proof-pr receipt-hygiene for pre-review evidence nudges.
• Checks public metadata evidence, secrets posture, workflow permission posture, and rollback specificity.
• Supports --json for automation and --strict for future soft gating.
• Keeps the receipt schema stable and does not mutate receipts.

Proof:

• PR #15 passed validate-proof before fast-forward merge.
• Manual main self-check passed after merge.
• Hygiene text, JSON, warning/strict, and clean/strict smoke checks passed locally.
• Attached release receipt validates under proof-pr.v1.
• Receipt SHA-256: 916371034df9d29e4ee0706a9fc98abe5067290ab1675633d76fe7f7c9bcd817.

Hygiene note: the release tag, target commit, and receipt use noreply/public-safe metadata. This receipt is release review evidence, not supply-chain provenance. No wheel, sdist, SBOM, or artifact attestation is published for v0.2.5.