docs(release): expand Unreleased section with full 4.0 changelog#2124
Merged
docs(release): expand Unreleased section with full 4.0 changelog#2124
Conversation
Expands the Unreleased section from 10 Added bullets to a complete Keep-a-Changelog layout with Added/Changed/Deprecated/Removed/Fixed/ Security subsections covering 185 merged PRs since v3.0.0+33. Sourced from the 4.0 feature audit at docs/releases/wheels-4.0-audit.md (see #2123). Covers: - Added: 46 bullets across ORM, Migrations, Routing, Middleware, Views, Jobs, SSE, DI, Testing, Packages, Engine Adapters, Legacy Compat, CLI/LuCLI, Config/DX - Changed: 18 bullets (7 marked Breaking for upgrade guide reference) - Deprecated: plugins/ folder, RocketUnit, wheels.Test - Removed: RocketUnit scaffolding, Railo workaround, server.cfc, stale monorepo artifacts - Fixed: 11 behavior-affecting bug fixes with user-visible impact - Security: 40+ hardening PRs grouped by theme (SQL injection, path traversal, session/cookie/CSRF, console/reload, CORS, rate limiter, SSE, MCP, XSS, JWT, CLI shell args) Minor CLI/docker/installer fixes folded into a single catchall bullet under Fixed to avoid 25+ individual entries. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
bpamiri
force-pushed
the
peter/changelog-4.0-catchup
branch
from
6c3302d to
dca3731
Compare
bpamiri
added a commit
that referenced
this pull request
Apr 16, 2026
Companion to the 4.0 feature audit (#2123) and the CHANGELOG catch-up (#2124). Shows, category by category, every capability that changed between the 3.0.0 stable release and 4.0. Rows that didn't change are omitted so the "ground made up" story is readable. Structure: - At-a-glance stats - 12 category tables (ORM, Migrations, Routing, Controllers, Middleware, Views, DI, Jobs/Real-time, Testing, CLI, Packages, Infra/DevOps) — each with 3.0 state, 4.0 state, and delta label - Security posture section — 40+ hardening PRs grouped by area - Peer-framework context — rows where 3.0 trailed Rails/Laravel/Django and 4.0 closed the gap - Reading key Uses strikethrough formatting in the 3.0 column to visually encode "this was missing and is no longer" so readers' eyes land on the 4.0 state. Sourced from CHANGELOG [3.0.0] section + the feature audit. Deltas labeled: New / Formalized / Hardened / Fixed / Breaking / Deprecated / Removed / Renamed / Refactored / Refreshed / Streamlined / Changed. Lives in docs/releases/ alongside the audit for discoverability. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
5 tasks
bpamiri
added a commit
that referenced
this pull request
Apr 16, 2026
Companion to the 4.0 feature audit (#2123) and the CHANGELOG catch-up (#2124). Shows, category by category, every capability that changed between the 3.0.0 stable release and 4.0. Rows that didn't change are omitted so the "ground made up" story is readable. Structure: - At-a-glance stats - 12 category tables (ORM, Migrations, Routing, Controllers, Middleware, Views, DI, Jobs/Real-time, Testing, CLI, Packages, Infra/DevOps) — each with 3.0 state, 4.0 state, and delta label - Security posture section — 40+ hardening PRs grouped by area - Peer-framework context — rows where 3.0 trailed Rails/Laravel/Django and 4.0 closed the gap - Reading key Uses strikethrough formatting in the 3.0 column to visually encode "this was missing and is no longer" so readers' eyes land on the 4.0 state. Sourced from CHANGELOG [3.0.0] section + the feature audit. Deltas labeled: New / Formalized / Hardened / Fixed / Breaking / Deprecated / Removed / Renamed / Refactored / Refreshed / Streamlined / Changed. Lives in docs/releases/ alongside the audit for discoverability. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
bpamiri
added a commit
that referenced
this pull request
Apr 16, 2026
Follow-up to #2123 (audit) and #2124 (CHANGELOG catch-up), which merged before inline rename edits could land. Applies the same three-bucket rename rubric to the just-merged content: 1. Current framework identity → rename to WheelsTest 2. BDD style name → drop TestBox qualifier (just "BDD syntax") 3. Historical / rename-event references → preserved as-is (factual) 6 targeted edits: - CHANGELOG.md line 88: TestBox test suite → WheelsTest test suite - CHANGELOG.md line 109: Breaking prefix drops "TestBox" (redundant) - CHANGELOG.md line 123: TestBox BDD → BDD syntax (via WheelsTest) - audit line 118: TestBox BDD is → WheelsTest (BDD syntax) is - audit line 137: TestBox test suite → WheelsTest test suite - audit line 236: TestBox BDD is mandatory → WheelsTest (BDD syntax) Preserved as historical / rename-event references (unchanged): - CHANGELOG.md line 114: "WireBox/TestBox replaced" - CHANGELOG.md line 237: 3.0 dep "TestBox (^6.0.0) requirements" - audit line 116: "testbox → wheelstest namespace rename" (the event) - audit line 205: "WireBox replaced + TestBox replaced" (the event) - audit line 292: "WireBox/TestBox replacement" (blog theme context) Follow-up: a broader repo-wide sweep covering ~30 other files (docs/src/, CLAUDE.md, tests/README, examples, .ai/wheels/testing/) will apply the same rubric in a separate PR. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
3 tasks
bpamiri
added a commit
that referenced
this pull request
Apr 16, 2026
Companion to the 4.0 feature audit (#2123) and the CHANGELOG catch-up (#2124). Shows, category by category, every capability that changed between the 3.0.0 stable release and 4.0. Rows that didn't change are omitted so the "ground made up" story is readable. Structure: - At-a-glance stats - 12 category tables (ORM, Migrations, Routing, Controllers, Middleware, Views, DI, Jobs/Real-time, Testing, CLI, Packages, Infra/DevOps) — each with 3.0 state, 4.0 state, and delta label - Security posture section — 40+ hardening PRs grouped by area - Peer-framework context — rows where 3.0 trailed Rails/Laravel/Django and 4.0 closed the gap - Reading key Uses strikethrough formatting in the 3.0 column to visually encode "this was missing and is no longer" so readers' eyes land on the 4.0 state. Sourced from CHANGELOG [3.0.0] section + the feature audit. Deltas labeled: New / Formalized / Hardened / Fixed / Breaking / Deprecated / Removed / Renamed / Refactored / Refreshed / Streamlined / Changed. Lives in docs/releases/ alongside the audit for discoverability. Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
bpamiri
added a commit
that referenced
this pull request
Apr 16, 2026
Follow-up to #2123 (audit) and #2124 (CHANGELOG catch-up), which merged before inline rename edits could land. Applies the same three-bucket rename rubric to the just-merged content: 1. Current framework identity → rename to WheelsTest 2. BDD style name → drop TestBox qualifier (just "BDD syntax") 3. Historical / rename-event references → preserved as-is (factual) 6 targeted edits: - CHANGELOG.md line 88: TestBox test suite → WheelsTest test suite - CHANGELOG.md line 109: Breaking prefix drops "TestBox" (redundant) - CHANGELOG.md line 123: TestBox BDD → BDD syntax (via WheelsTest) - audit line 118: TestBox BDD is → WheelsTest (BDD syntax) is - audit line 137: TestBox test suite → WheelsTest test suite - audit line 236: TestBox BDD is mandatory → WheelsTest (BDD syntax) Preserved as historical / rename-event references (unchanged): - CHANGELOG.md line 114: "WireBox/TestBox replaced" - CHANGELOG.md line 237: 3.0 dep "TestBox (^6.0.0) requirements" - audit line 116: "testbox → wheelstest namespace rename" (the event) - audit line 205: "WireBox replaced + TestBox replaced" (the event) - audit line 292: "WireBox/TestBox replacement" (blog theme context) Follow-up: a broader repo-wide sweep covering ~30 other files (docs/src/, CLAUDE.md, tests/README, examples, .ai/wheels/testing/) will apply the same rubric in a separate PR. Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
bpamiri
added a commit
that referenced
this pull request
Apr 16, 2026
Design doc for a new standalone upgrade guide at docs/src/introduction/upgrading-to-4.0.md. Scope: - Breaking + migration path (~350 lines) - 10 Breaking items covered with consistent 4-part format: what changed / how to detect / how to fix / opt-out - Legacy Compatibility Adapter documented as soft-landing option - Recommended (not required) migrations section - Single callout link added to existing upgrading.md Spec companion to the feature audit (#2123), 3.0 → 4.0 comparison (#2125), and CHANGELOG catch-up (#2124), which together form the 4.0 release-documentation stack. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
bpamiri
added a commit
that referenced
this pull request
Apr 16, 2026
New standalone upgrade guide at docs/src/introduction/upgrading-to-4.0.md
covering the 10 Breaking changes in 4.0 plus migration paths:
- Before you start (backup, test environment, CHANGELOG)
- 5-minute upgrade checklist (scannable table)
- Breaking changes — detailed:
* 6 security-hardening default flips (CORS, env-switch, HSTS,
CSRF SameSite, RateLimiter trustProxy, RateLimiter proxy
strategy)
* 1 CLI rename (wheels snippets → wheels code)
* 3 namespace / directory renames (wheels.Test → WheelsTest,
tests/specs/functions/ → functional/, application.wirebox →
application.wheelsdi)
- Legacy Compatibility Adapter (#2015) — soft landing
- Recommended (not required) migrations — 10 items
- Still stuck? — links to audit, comparison, adapter, discussions
Each Breaking item uses a consistent 4-part format:
What changed / How to detect / How to fix / Opt-out
Plus a one-line callout added to the top of the existing
docs/src/introduction/upgrading.md linking to the new guide.
Companion to:
#2123 — 4.0 feature audit
#2124 — CHANGELOG Unreleased expansion
#2125 — 3.0 → 4.0 comparison doc
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
7 tasks
bpamiri
added a commit
that referenced
this pull request
Apr 16, 2026
New standalone upgrade guide at docs/src/introduction/upgrading-to-4.0.md
covering the 10 Breaking changes in 4.0 plus migration paths:
- Before you start (backup, test environment, CHANGELOG)
- 5-minute upgrade checklist (scannable table)
- Breaking changes — detailed:
* 6 security-hardening default flips (CORS, env-switch, HSTS,
CSRF SameSite, RateLimiter trustProxy, RateLimiter proxy
strategy)
* 1 CLI rename (wheels snippets → wheels code)
* 3 namespace / directory renames (wheels.Test → WheelsTest,
tests/specs/functions/ → functional/, application.wirebox →
application.wheelsdi)
- Legacy Compatibility Adapter (#2015) — soft landing
- Recommended (not required) migrations — 10 items
- Still stuck? — links to audit, comparison, adapter, discussions
Each Breaking item uses a consistent 4-part format:
What changed / How to detect / How to fix / Opt-out
Plus a one-line callout added to the top of the existing
docs/src/introduction/upgrading.md linking to the new guide.
Companion to:
#2123 — 4.0 feature audit
#2124 — CHANGELOG Unreleased expansion
#2125 — 3.0 → 4.0 comparison doc
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
bpamiri
added a commit
that referenced
this pull request
Apr 16, 2026
New standalone upgrade guide at docs/src/introduction/upgrading-to-4.0.md
covering the 10 Breaking changes in 4.0 plus migration paths:
- Before you start (backup, test environment, CHANGELOG)
- 5-minute upgrade checklist (scannable table)
- Breaking changes — detailed:
* 6 security-hardening default flips (CORS, env-switch, HSTS,
CSRF SameSite, RateLimiter trustProxy, RateLimiter proxy
strategy)
* 1 CLI rename (wheels snippets → wheels code)
* 3 namespace / directory renames (wheels.Test → WheelsTest,
tests/specs/functions/ → functional/, application.wirebox →
application.wheelsdi)
- Legacy Compatibility Adapter (#2015) — soft landing
- Recommended (not required) migrations — 10 items
- Still stuck? — links to audit, comparison, adapter, discussions
Each Breaking item uses a consistent 4-part format:
What changed / How to detect / How to fix / Opt-out
Plus a one-line callout added to the top of the existing
docs/src/introduction/upgrading.md linking to the new guide.
Companion to:
#2123 — 4.0 feature audit
#2124 — CHANGELOG Unreleased expansion
#2125 — 3.0 → 4.0 comparison doc
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
bpamiri
added a commit
that referenced
this pull request
Apr 16, 2026
* docs: spec for Wheels 4.0 upgrade guide Design doc for a new standalone upgrade guide at docs/src/introduction/upgrading-to-4.0.md. Scope: - Breaking + migration path (~350 lines) - 10 Breaking items covered with consistent 4-part format: what changed / how to detect / how to fix / opt-out - Legacy Compatibility Adapter documented as soft-landing option - Recommended (not required) migrations section - Single callout link added to existing upgrading.md Spec companion to the feature audit (#2123), 3.0 → 4.0 comparison (#2125), and CHANGELOG catch-up (#2124), which together form the 4.0 release-documentation stack. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * docs: implementation plan for Wheels 4.0 upgrade guide 12-task plan covering: - File scaffold (front-matter + H1) - Before-you-start + 5-minute checklist - 10 Breaking items (3 tasks grouped by theme) - Legacy Compatibility Adapter section - Recommended migrations section - Still-stuck section - Callout link added to upgrading.md - Link integrity audit - Commit + push + PR Each task includes the actual prose/code to write, with verification via grep / wc / link-integrity script. No placeholders; plan is executable end-to-end. Companion to: docs/superpowers/specs/2026-04-16-wheels-4.0-upgrade-guide-design.md Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * docs: add Wheels 4.0 upgrade guide New standalone upgrade guide at docs/src/introduction/upgrading-to-4.0.md covering the 10 Breaking changes in 4.0 plus migration paths: - Before you start (backup, test environment, CHANGELOG) - 5-minute upgrade checklist (scannable table) - Breaking changes — detailed: * 6 security-hardening default flips (CORS, env-switch, HSTS, CSRF SameSite, RateLimiter trustProxy, RateLimiter proxy strategy) * 1 CLI rename (wheels snippets → wheels code) * 3 namespace / directory renames (wheels.Test → WheelsTest, tests/specs/functions/ → functional/, application.wirebox → application.wheelsdi) - Legacy Compatibility Adapter (#2015) — soft landing - Recommended (not required) migrations — 10 items - Still stuck? — links to audit, comparison, adapter, discussions Each Breaking item uses a consistent 4-part format: What changed / How to detect / How to fix / Opt-out Plus a one-line callout added to the top of the existing docs/src/introduction/upgrading.md linking to the new guide. Companion to: #2123 — 4.0 feature audit #2124 — CHANGELOG Unreleased expansion #2125 — 3.0 → 4.0 comparison doc Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Expands
CHANGELOG.md[Unreleased]from 10 Added bullets to a full Keep-a-Changelog layout covering 185 merged PRs since v3.0.0+33 (2026-01-10). Closes the ~60-item gap identified in the 4.0 feature audit (#2123).Before: 10 Added bullets, no other subsections.
After: 46 Added + 18 Changed + 3 Deprecated + 4 Removed + 11 Fixed + 12 Security-theme bullets.
Structure
**Breaking:**items flagged for upgrade guide (CORS deny-all default,allowEnvironmentSwitchViaUrldefault, reload password requirement, HSTS default-on, CSRF SameSite, RateLimiter defaults,snippets→codeCLI rename, test-base namespace rename, directory renames).plugins/folder, RocketUnit,wheels.Test.server.cfc(Remove the server.cfc file #1902), stale monorepo artifacts (Remove stale monorepo artifacts #1988).$canonicalizeexception handling, etc.). Bulk CLI/docker/installer fixes folded into a single catchall.Test plan
(#1234)PR links use the existing CHANGELOG.md style**Breaking:**prefix for grep-ability from the upgrade guide (follow-up PR)Follow-ups (separate PRs)
🤖 Generated with Claude Code