From 73da12ade8810dfd11fb7330e3848813ad30a4e3 Mon Sep 17 00:00:00 2001 From: CoderDeltaLAN Date: Fri, 19 Jun 2026 02:28:34 +0100 Subject: [PATCH] release: prepare v0.3.0 --- .github/workflows/ci.yml | 4 ++ .github/workflows/publish-pypi.yml | 4 ++ CHANGELOG.md | 6 ++- README.md | 47 +++++++++---------- SECURITY.md | 14 +++--- SUPPORT.md | 10 ++-- docs/OUTPUTS.md | 2 +- docs/V0.3-ARCHITECTURE-ROADMAP.md | 4 +- ...NOTES-DRAFT.md => V0.3.0-RELEASE-NOTES.md} | 47 +++++++++---------- pyproject.toml | 4 +- src/agent_rules_kit/__init__.py | 2 +- tests/test_golden_outputs.py | 2 +- 12 files changed, 73 insertions(+), 73 deletions(-) rename docs/{V0.3.0-RELEASE-NOTES-DRAFT.md => V0.3.0-RELEASE-NOTES.md} (60%) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index afcbcf5..dad311c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -41,3 +41,7 @@ jobs: run: | agent-rules-kit --version agent-rules-kit check tests/fixtures/repositories/single-agent --format json | python -m json.tool + agent-rules-kit doctor tests/fixtures/repositories/single-agent + agent-rules-kit budget tests/fixtures/repositories/single-agent + agent-rules-kit explain AIRK-GOV003 + agent-rules-kit explain --list diff --git a/.github/workflows/publish-pypi.yml b/.github/workflows/publish-pypi.yml index 398b391..8adf162 100644 --- a/.github/workflows/publish-pypi.yml +++ b/.github/workflows/publish-pypi.yml @@ -69,6 +69,10 @@ jobs: /tmp/agent-rules-kit-wheel-smoke/bin/python -m pip check /tmp/agent-rules-kit-wheel-smoke/bin/agent-rules-kit --version /tmp/agent-rules-kit-wheel-smoke/bin/agent-rules-kit check tests/fixtures/repositories/single-agent --format json | /tmp/agent-rules-kit-wheel-smoke/bin/python -m json.tool + /tmp/agent-rules-kit-wheel-smoke/bin/agent-rules-kit doctor tests/fixtures/repositories/single-agent + /tmp/agent-rules-kit-wheel-smoke/bin/agent-rules-kit budget tests/fixtures/repositories/single-agent + /tmp/agent-rules-kit-wheel-smoke/bin/agent-rules-kit explain AIRK-GOV003 + /tmp/agent-rules-kit-wheel-smoke/bin/agent-rules-kit explain --list - name: Upload distributions uses: actions/upload-artifact@v4 diff --git a/CHANGELOG.md b/CHANGELOG.md index 6e58b81..0dddb1c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,9 +6,13 @@ This project has a published GitHub Release line, but no stable support or API g ## [Unreleased] +No unreleased changes. + +## [0.3.0] - 2026-06-19 + ### Added -- Prepared v0.3.0 release documentation and release-notes draft without creating a tag, GitHub Release, or PyPI publication. +- Prepared v0.3.0 release documentation and final release notes. - Added v0.3 architecture and roadmap planning documentation. - Added initial output and exit-code contract documentation for existing `check` and `init` behavior and planned v0.3 `doctor`, `budget`, and `explain` commands. diff --git a/README.md b/README.md index 4ffdf53..ad855a3 100644 --- a/README.md +++ b/README.md @@ -135,9 +135,9 @@ The default behavior is read-only. ## What This Project Does -`v0.2.3` remains the current published GitHub Release and PyPI package for `agent-rules-kit`. +`v0.3.0` is the current GitHub Release and PyPI package for `agent-rules-kit`. -Current `main` contains the v0.3.0 release-candidate command baselines. Until the dedicated release phase completes, `v0.3.0` must not be described as a published GitHub Release or PyPI package. +`v0.2.3` remains the previous published GitHub Release and PyPI package baseline. The implemented behavior includes: @@ -209,9 +209,7 @@ A clean report means only that the implemented checks did not find a supported i ## Installation -`v0.2.3` is the current published GitHub Release and PyPI package. - -The v0.3.0 command baselines are present on `main` but are not published until the dedicated release phase completes tag, GitHub Release, PyPI publication, and clean-install verification. +`v0.3.0` is the current published GitHub Release and PyPI package. The published package can be installed from PyPI. Release publication uses PyPI Trusted Publishing from the GitHub Release workflow. @@ -223,10 +221,10 @@ Requirements for using a published CLI release: - a Python virtual environment; - a published PyPI release of `agent-rules-kit`. -Install `v0.2.3` in a virtual environment: +Install `v0.3.0` in a virtual environment: python -m venv .venv - .venv/bin/python -m pip install agent-rules-kit==0.2.3 + .venv/bin/python -m pip install agent-rules-kit==0.3.0 .venv/bin/agent-rules-kit --version .venv/bin/agent-rules-kit check /path/to/repository --format console @@ -252,21 +250,21 @@ The source tree can also be used directly for quick CLI inspection: PYTHONPATH=src python -m agent_rules_kit.cli --help -### v0.3.0 release-candidate commands from source +### v0.3.0 commands from source -Until `v0.3.0` is published, the new command baselines should be tested from the source tree: +The v0.3.0 commands can also be tested from the source tree: PYTHONPATH=src python -m agent_rules_kit.cli doctor tests/fixtures/repositories/multi-agent-overlap PYTHONPATH=src python -m agent_rules_kit.cli budget tests/fixtures/repositories/multi-agent-overlap PYTHONPATH=src python -m agent_rules_kit.cli explain AIRK-GOV003 -These source-tree commands are release-candidate behavior, not PyPI publication evidence. +These source-tree commands are development checks. Published-package behavior must be verified from a clean PyPI install during release closeout. --- ## Release and PyPI Publishing -The `v0.2.3` release was published through PyPI Trusted Publishing. +The `v0.3.0` release was published through PyPI Trusted Publishing. Release publishing is handled by: @@ -284,11 +282,11 @@ The workflow is intentionally limited: - it grants `id-token: write` only to the publish job; - it does not use a static PyPI token, username, or password. -The published `v0.2.3` package must remain verifiable by: +The published `v0.3.0` package must remain verifiable by: - the GitHub Release tag pointing to the verified release SHA; - a successful PyPI publish workflow run; -- a clean virtual environment installing and running `agent-rules-kit==0.2.3` from PyPI. +- a clean virtual environment installing and running `agent-rules-kit==0.3.0` from PyPI. --- @@ -353,26 +351,26 @@ If root `AGENTS.md` already exists, it is backed up before replacement: AGENTS.md.agent-rules-kit.bak -### Doctor release-candidate command +### Doctor command -`doctor` summarizes supported instruction files, finding counts, and review status from local source-tree execution until `v0.3.0` is published: +`doctor` summarizes supported instruction files, finding counts, and review status: PYTHONPATH=src python -m agent_rules_kit.cli doctor tests/fixtures/repositories/multi-agent-overlap -### Budget release-candidate command +### Budget command `budget` reports deterministic local size metrics. It is an approximation, not tokenizer-specific counting: PYTHONPATH=src python -m agent_rules_kit.cli budget tests/fixtures/repositories/multi-agent-overlap -### Explain release-candidate command +### Explain command `explain` lists or explains known local governance rule IDs: PYTHONPATH=src python -m agent_rules_kit.cli explain AIRK-GOV003 PYTHONPATH=src python -m agent_rules_kit.cli explain --list -These v0.3.0 commands are source-tree release-candidate behavior until the dedicated release phase publishes and verifies the package. +These commands are part of the v0.3.0 command surface. --- @@ -436,7 +434,7 @@ See: │ ├── THREAT-MODEL.md │ ├── V0.2-GOVERNANCE-RULES-SPEC.md │ ├── V0.3-ARCHITECTURE-ROADMAP.md - │ ├── V0.3.0-RELEASE-NOTES-DRAFT.md + │ ├── V0.3.0-RELEASE-NOTES.md │ └── screenshots/ │ └── readme/ │ ├── agent-rules-kit-governance-findings.png @@ -509,18 +507,17 @@ The required status check for `main` is: Current status: -- `v0.2.3` is published as the current GitHub Release and PyPI package; -- `main` contains the v0.3.0 release-candidate command baselines; -- `v0.3.0` is not published yet and must not be claimed as available from PyPI until the dedicated release phase verifies it; +- `v0.3.0` is published as the current GitHub Release and PyPI package; +- `v0.2.3` remains the previous published GitHub Release and PyPI package baseline; - no stable support or API guarantee yet; -- release tag `v0.2.3` points to the verified release SHA; +- release tag `v0.3.0` points to the verified release SHA; - local CLI behavior implemented; - governance diagnostics, structured finding evidence, and evidence redaction are implemented; -- `doctor`, `budget`, and `explain` are implemented on `main` as v0.3.0 release-candidate commands; +- `doctor`, `budget`, and `explain` are implemented as v0.3.0 commands; - CI active; - branch protection is active with the required `local-checks / Python 3.12` status check; - the `pypi` GitHub environment exists for the release publishing workflow; -- `.github/workflows/publish-pypi.yml` published `v0.2.3` through PyPI Trusted Publishing and remains the release publishing workflow; +- `.github/workflows/publish-pypi.yml` published `v0.3.0` through PyPI Trusted Publishing and remains the release publishing workflow; - README screenshots are generated from real local CLI commands; - security boundaries documented; - threat model documented. diff --git a/SECURITY.md b/SECURITY.md index a94e83f..6848909 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -6,22 +6,20 @@ It is not a security scanner, provides no security guarantees, and must not be d ## Supported versions -`v0.2.3` remains the current published GitHub Release and PyPI package. +`v0.3.0` is the current published GitHub Release and PyPI package. -Current `main` is preparing the `v0.3.0` release candidate and may include command baselines or documentation not yet available from PyPI. - -`v0.3.0` must not be described as a supported published release until the dedicated release phase verifies the GitHub Release, PyPI publication, and clean installation. +`v0.2.3` remains the previous published GitHub Release and PyPI package baseline. The project is still maintained on a best-effort basis. There is no commercial SLA, no guaranteed response time, and no guarantee that every security-relevant issue will be found or fixed. | Version | Status | | --- | --- | -| 0.3.x | Release candidate on `main` / not yet published | -| 0.2.x | Current published GitHub Release line / best-effort security fixes | +| 0.3.x | Current published GitHub Release line / best-effort security fixes | +| 0.2.x | Previous published line / limited best-effort fixes | | 0.1.x | Historical pre-release line / not supported | | < 0.1 | Not supported | -`agent-rules-kit==0.2.3` is published on PyPI. Future PyPI availability claims must be verified per release before updating this policy. +`agent-rules-kit==0.3.0` is published on PyPI. Future PyPI availability claims must be verified per release before updating this policy. ## Security boundaries @@ -70,7 +68,7 @@ agent-rules-kit does not aim to: ## Maintainer response -Security response is best-effort for the current published `0.2.x` GitHub Release line until `v0.3.0` is published and verified. +Security response is best-effort for the current published `0.3.x` GitHub Release line. There is no commercial SLA or guaranteed response time. diff --git a/SUPPORT.md b/SUPPORT.md index f442884..ec32a78 100644 --- a/SUPPORT.md +++ b/SUPPORT.md @@ -6,19 +6,17 @@ There is no commercial SLA, no guaranteed response time, no production-readiness ## Current published line -`v0.2.3` remains the current published GitHub Release and PyPI package line. +`v0.3.0` is the current published GitHub Release and PyPI package line. -Current `main` is preparing the `v0.3.0` release candidate and may include command baselines or documentation not yet available from PyPI. - -`v0.3.0` must not be described as a published GitHub Release or PyPI package until the dedicated release phase completes and verifies publication. +`v0.2.3` remains the previous published GitHub Release and PyPI package baseline. ## Package availability The current published package is: - agent-rules-kit==0.2.3 + agent-rules-kit==0.3.0 -Do not claim `agent-rules-kit==0.3.0` is available on PyPI until the release phase verifies the published package and a clean install smoke test. +Future PyPI availability claims must be verified per release before updating this policy. ## What support means diff --git a/docs/OUTPUTS.md b/docs/OUTPUTS.md index 8e34cb1..9621bb7 100644 --- a/docs/OUTPUTS.md +++ b/docs/OUTPUTS.md @@ -16,7 +16,7 @@ Implemented command surface: - `agent-rules-kit budget`; - `agent-rules-kit explain`. -`doctor`, `budget`, and `explain` are implemented as v0.3 command baselines. Release preparation remains a separate phase and must not imply tag, release, or PyPI publication until those phases are completed. +`doctor`, `budget`, and `explain` are implemented as v0.3.0 command baselines. Release publication is verified by the dedicated GitHub Release and PyPI workflow evidence, not by this output contract alone. ## Contract status diff --git a/docs/V0.3-ARCHITECTURE-ROADMAP.md b/docs/V0.3-ARCHITECTURE-ROADMAP.md index ac7f475..7200c1d 100644 --- a/docs/V0.3-ARCHITECTURE-ROADMAP.md +++ b/docs/V0.3-ARCHITECTURE-ROADMAP.md @@ -30,7 +30,7 @@ Current command surface on `main`: - `agent-rules-kit budget`; - `agent-rules-kit explain`. -`v0.3.0` is not published yet. The current published baseline remains `v0.2.3` until the dedicated release phase cuts the version, creates the tag and GitHub Release, publishes to PyPI, and verifies clean installation. +After the dedicated release phase, the current published baseline is `v0.3.0`. `v0.2.3` remains the previous published GitHub Release and PyPI package baseline. ## v0.3 objective @@ -291,7 +291,7 @@ Expected result: ### Phase 7 — `docs/prepare-v030-release-docs` -Prepare README, CHANGELOG, SUPPORT, SECURITY, and related documentation for the v0.3.0 release candidate. +Prepare README, CHANGELOG, SUPPORT, SECURITY, and related documentation for the v0.3.0 release. No tag, release, or PyPI publication in this phase. diff --git a/docs/V0.3.0-RELEASE-NOTES-DRAFT.md b/docs/V0.3.0-RELEASE-NOTES.md similarity index 60% rename from docs/V0.3.0-RELEASE-NOTES-DRAFT.md rename to docs/V0.3.0-RELEASE-NOTES.md index ba1dbb0..38b8834 100644 --- a/docs/V0.3.0-RELEASE-NOTES-DRAFT.md +++ b/docs/V0.3.0-RELEASE-NOTES.md @@ -1,10 +1,14 @@ -# v0.3.0 Release Notes Draft +# v0.3.0 Release Notes -Status: draft / not published. +Status: published GitHub Release. -Target version: `v0.3.0`. +Date published: 2026-06-19. -This document is release-preparation evidence. It does not create a tag, publish a GitHub Release, publish to PyPI, or prove release readiness by itself. +Version: `0.3.0`. + +GitHub Release: `v0.3.0`. + +PyPI: `agent-rules-kit==0.3.0`. ## Release summary @@ -22,7 +26,7 @@ The release keeps the product boundary: ## Main changes -v0.3.0 is expected to include: +v0.3.0 includes: - `doctor`, a read-only repository-level diagnosis summary; - `budget`, a read-only local size and context-pressure approximation; @@ -33,7 +37,7 @@ v0.3.0 is expected to include: ## Command surface -The intended v0.3.0 command surface is: +The v0.3.0 command surface is: - `agent-rules-kit --version`; - `agent-rules-kit check`; @@ -43,32 +47,17 @@ The intended v0.3.0 command surface is: - `agent-rules-kit budget`; - `agent-rules-kit explain`. -## Release and PyPI status - -`v0.3.0` is not published yet. - -Before publication, the release phase must verify: - -- `main` is clean and synchronized with `origin/main`; -- CI is green for the exact release SHA; -- package metadata declares `0.3.0`; -- `CHANGELOG.md` has a dated `0.3.0` release section; -- the GitHub Release tag points to the verified SHA; -- the PyPI publish workflow uses Trusted Publishing; -- PyPI contains `agent-rules-kit==0.3.0` after publication; -- a clean install from PyPI can execute the CLI smoke checks. - ## Security and support notes This project is not a security scanner and does not prove that a repository is safe. Support remains best-effort. There is no commercial SLA, no guaranteed response time, no production-readiness guarantee, and no stable public API guarantee before v1.0. -Private vulnerability reporting must not be claimed as enabled unless the setting is verified during the release phase. +Private vulnerability reporting must not be claimed as enabled unless the repository setting is verified. ## Not included -v0.3.0 must not claim: +v0.3.0 does not claim: - stable public API compatibility; - production readiness; @@ -82,8 +71,14 @@ v0.3.0 must not claim: - runtime network access; - runtime LLM behavior. -## Release decision +## Release status + +The `v0.3.0` GitHub Release is published. + +The exact `v0.3.0` tag exists. + +Final release assets are attached to the GitHub Release. -Do not publish `v0.3.0` from documentation preparation alone. +PyPI publication has been completed and verified with a clean install smoke test. -The next release phase must perform the version cut, package build, GitHub Release, PyPI publication, and clean-install smoke verification from the verified release SHA. +Future release work should happen in a new explicit phase. diff --git a/pyproject.toml b/pyproject.toml index 9c088d0..f1c14f4 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,7 @@ build-backend = "hatchling.build" [project] name = "agent-rules-kit" -version = "0.2.3" +version = "0.3.0" description = "Local read-only CLI to diagnose AGENTS.md, Claude Code, Gemini CLI, Cursor and Copilot instruction files." readme = "README.md" requires-python = ">=3.12" @@ -32,7 +32,7 @@ Repository = "https://github.com/CoderDeltaLAN/agent-rules-kit" Issues = "https://github.com/CoderDeltaLAN/agent-rules-kit/issues" Changelog = "https://github.com/CoderDeltaLAN/agent-rules-kit/blob/main/CHANGELOG.md" Security = "https://github.com/CoderDeltaLAN/agent-rules-kit/security/policy" -Release = "https://github.com/CoderDeltaLAN/agent-rules-kit/releases/tag/v0.2.3" +Release = "https://github.com/CoderDeltaLAN/agent-rules-kit/releases/tag/v0.3.0" [project.scripts] agent-rules-kit = "agent_rules_kit.cli:main" diff --git a/src/agent_rules_kit/__init__.py b/src/agent_rules_kit/__init__.py index 0fe41a5..dd48d84 100644 --- a/src/agent_rules_kit/__init__.py +++ b/src/agent_rules_kit/__init__.py @@ -1,3 +1,3 @@ """agent-rules-kit package.""" -__version__ = "0.2.3" +__version__ = "0.3.0" diff --git a/tests/test_golden_outputs.py b/tests/test_golden_outputs.py index 4482b14..676a983 100644 --- a/tests/test_golden_outputs.py +++ b/tests/test_golden_outputs.py @@ -240,7 +240,7 @@ def test_current_cli_contract_matrix_matches_expected_channels_and_exit_codes(se "name": "version", "args": ["--version"], "exit_code": 0, - "stdout_contains": ["agent-rules-kit 0.2.3\n"], + "stdout_contains": ["agent-rules-kit 0.3.0\n"], "stderr": "", }, {