chore(release): 0.4.1 — dependency policy + ecosystem floor bump (closes #21)#22
Merged
Merged
Conversation
…oses #21) Issue #21: dependency-update policy across the Simplicio ecosystem. Policy + enforcement: - .specs/workflow/DEPENDENCY_POLICY.md declares ecosystem rules: semver, >= floor-pinning, 15-day floor-bump rule after each upstream release, no cyclic deps, release-sync checklist (bump + CHANGELOG + PyPI/npm publish + git tag + GitHub Release + dependent PRs). - .github/workflows/check-deps.yml runs the CI side: daily cron and on every PR touching pyproject.toml, it queries PyPI for the latest version of each ecosystem dep, compares against the >= floor in pyproject, and fails with ::error:: annotations if any floor is at least a minor behind upstream. - .github/dependabot.yml schedules weekly updates: pip ecosystem deps grouped (simplicio-*), cargo for rust/simplicio-core, and github-actions. Patches set up to auto-merge; minor and major wait for human review per policy. Drift the new CI surfaced on first run: simplicio-mapper >=0.5.0 -> >=0.6.0 (upstream 0.6.0 already on PyPI) simplicio-prompt >=1.7.0 -> >=1.9.0 (upstream 1.9.0 already on PyPI) Bumped in the same PR so the policy is satisfied the moment it lands. pytest tests/python: 38/38 green with the upgraded versions installed. simplicio-cli version: 0.4.0 -> 0.4.1 (patch -- dep-floor bump + policy docs / CI; no public API change). Wheel built locally: dist/simplicio_cli-0.4.1-py3-none-any.whl 47 KB dist/simplicio_cli-0.4.1.tar.gz 64 KB https://claude.ai/code/session_01SUTucCkHHddcSsUPs4oKkT
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #21.
What ships
Policy
.specs/workflow/DEPENDENCY_POLICY.md— ecosystem rules:>=), not by exact versionmapper → prompt → cliEnforcement (CI)
.github/workflows/check-deps.yml:pyproject.toml>=floor against the latest version::error::annotations if any floor is ≥ 1 minor behind upstream.github/dependabot.yml:simplicio-*)rust/simplicio-coreDrift the new CI surfaced on first run
Both bumps applied in this PR so the policy is satisfied the moment it lands.
Release
simplicio-cliversion:0.4.0 → 0.4.1(patch — dep-floor bump + policy docs/CI; no public API change)CHANGELOG.mdgains a[0.4.1]entryValidation
pytest tests/python— 38/38 green with the upgraded ecosystem versions installedcheck-deps.ymllogic dry-run locally — correctly flagged the original driftpython -m build— wheel + sdist produced (simplicio_cli-0.4.1-*)Release process continuing after this merge
dist/simplicio_cli-0.4.1-*to PyPIv0.4.1on the merge commit and push it (manual — proxy git in the sandbox blocks tag push)[0.4.1]CHANGELOG bodyhttps://claude.ai/code/session_01SUTucCkHHddcSsUPs4oKkT
Generated by Claude Code