RubyGems - carson - Versions diffs - 1.0.0 → 1.0.1 - Mend

carson 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/README.md +62 -28
data/VERSION +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f56a11a84e2d19363137153a34302874e8ad0941e4fb330012a1ec92a124eb6a
-  data.tar.gz: 060f8f8c2fbe673321255c32d6b064c674358908b4171a71cf778ab2215cf3aa
+  metadata.gz: a136a4bb80b1d4f339596760492eb0f692d1fc13dab6c2eb9192ed5aaa7d7345
+  data.tar.gz: 3c71649e9457b2fab7a3091f3b3100f853cf407c1f419c07973b55969082cd7e
 SHA512:
-  metadata.gz: 39c24b390c66d13428e7bede056a0465481759ec3abf64a380118c954c84705242645d772a3ecd9f52e85a9b61a33f27e345b641a7b8af63757d7fd8383904e4
-  data.tar.gz: 25612172dd0f5649f8fc54af37cba2a43727d3848caac284805ee0e3c7ba6b40da4ce9fedab8fd7cd780e05ff370862e2b03d0d259572f741b064df442af952d
+  metadata.gz: 9bd6d9169e1b7e5cdc5aabbcb5213f8c39c34e65f8f5800e69abb8bf5d13cd91bee4bedc05208e2ae63102bb5d412551527ea81fb90ab69572fa8f241a54970a
+  data.tar.gz: 104447d9c905aff8f0960f037b669634eb1cc35307d002231066ca15f979e7ab9d87f76b10508a2ac5a9069a9b62b70f865934aacad5a73d3b01edc08319b85d

data/README.md CHANGED Viewed

@@ -1,48 +1,82 @@
 # Carson
-Carson is an outsider governance runtime for teams that need predictable GitHub policy controls without placing Carson-owned tooling inside client repositories.
+Enforce the same governance rules across every repository you manage — from a single install, without polluting any of them with governance tooling.
-## Introduction
-Repository governance often drifts over time: local protections weaken, review actions are missed, and policy checks become inconsistent between contributors.
-Carson solves this by running from your workstation or CI, applying a deterministic governance baseline, and managing only selected GitHub-native policy files where necessary.
-This model is effective because ownership stays explicit: Carson runtime assets remain outside host repositories, while merge authority remains with GitHub branch protection and human review.
+## The Problem
+If you govern more than a handful of repositories, you know the pattern: lint configs drift between repos, PR templates go stale, reviewer feedback gets quietly ignored, and what passes on a developer's laptop fails in CI.
+The usual fix is to copy governance scripts into each repository. That works until you need to update them — now you are maintaining dozens of copies, each free to diverge.
+## What Carson Does
+Carson is a governance runtime that lives on your workstation and in CI, never inside the repositories it governs. You install it once, point it at each repository, and it enforces a consistent baseline — same checks, same rules, same exit codes — everywhere.
+**One command to onboard a repo.**
+`carson init` installs git hooks, synchronises PR and AI-coding templates, and runs a first governance audit. From that point, every commit is checked automatically.
+**Same checks locally and in CI.**
+The `pre-commit` hook runs `carson audit` before every commit. The same `carson audit` runs in your GitHub Actions workflow. If it passes locally, it passes in CI. No surprises.
+**Review accountability.**
+`carson review gate` blocks merge until every actionable reviewer comment — risk keywords, change requests — has been formally acknowledged by the PR author. No more "I missed that comment" after merge.
+**Template consistency.**
+Carson keeps PR templates and AI coding guidelines identical across all governed repositories. `carson template check` detects drift; `carson template apply` repairs it.
+**Centralised lint policy.**
+Lint rules come from a single policy source you control. Carson owns the lint execution path — repo-local config overrides are hard-blocked so teams cannot silently weaken the baseline.
+**Branch hygiene.**
+`carson sync` fast-forwards your local main. `carson prune` removes branches whose upstream is gone, including squash-merged branches verified through the GitHub API.
+**Clean boundary.**
+No Carson scripts, config files, or governance payloads are ever placed inside your repositories. Carson actively blocks if it detects its own artefacts in a host repo.
+## When to Use Carson
+- A platform team standardising policy across many product repositories — one governance flow for all of them, no per-repo tooling.
+- A consultancy governing client repositories you do not own — enforce rules without committing your tooling into their repos.
+- A regulated engineering team that needs auditable, reproducible gates — every merge decision has a deterministic pass/block result.
+- A solo developer who wants the same lint and review discipline everywhere — without maintaining governance scripts in each project.
 ## Quickstart
-Prerequisites:
-- Ruby `>= 4.0`
-- `gem` and `git` available in `PATH`
-- `gh` available in `PATH` for PR/check reporting (recommended, not required for core local commands)
+Prerequisites: Ruby `>= 4.0`, `git`, and `gem` in your PATH.
+`gh` (GitHub CLI) is recommended for full review governance features.
 ```bash
-gem install --user-install carson -v 1.0.0
+# Install
+gem install --user-install carson
 carson version
-carson lint setup --source /path/to/ai-policy-repo
+# Prepare your lint policy baseline
+carson lint setup --source /local/path/of/policy-repo
+# Onboard a repository
 carson init /local/path/of/repo
 ```
-Expected result:
-- `carson version` prints `1.0.0` (or newer).
-- `carson lint setup` seeds `~/AI/CODING` from your explicit source.
-- Ruby lint policy data is sourced from `~/AI/CODING/rubocop.yml`; Ruby lint execution stays Carson-owned.
-- Policy files live directly under `~/AI/CODING/` (no per-language subdirectories).
-- `carson init` aligns remote naming, installs Carson-managed hooks, synchronises managed `.github/*` files, and runs an initial audit.
-- Your repository is ready for daily governance commands.
+After `carson init`, your repository has:
+- Git hooks that run `carson audit` on every commit.
+- Managed `.github/*` templates synchronised from Carson.
+- An initial governance audit report.
+Commit the generated `.github/*` changes, and the repository is governed.
+**Daily workflow:**
+```bash
+carson sync                 # fast-forward local main
+carson audit                # full governance check (also runs on every commit via hook)
+carson review gate          # block or approve merge based on review status
+carson prune                # clean up stale local branches
+```
 ## Where to Read Next
 - User manual: `MANUAL.md`
 - API reference: `API.md`
 - Release notes: `RELEASE.md`
-## Core Capabilities
-- Outsider boundary enforcement that blocks Carson-owned host artefacts (`.carson.yml`, `bin/carson`, `.tools/carson/*`).
-- Deterministic governance checks with stable exit codes for local and CI automation.
-- Ruby lint governance from `~/AI/CODING/rubocop.yml` with Carson-owned execution and deterministic local/CI blocking.
-- Hard policy block when a client repository contains repo-local `.rubocop.yml`.
-- Non-Ruby lint language entries remain present but disabled by default in this phase.
-- Managed `.github/*` template synchronisation with drift detection and repair.
-- Review governance controls (`review gate`, `review sweep`) for actionable feedback handling.
-- Local branch hygiene and fast-forward sync workflow (`sync`, `prune`).
 ## Support
 - Open or track issues: <https://github.com/wanghailei/carson/issues>
 - Review version-specific upgrade actions: `RELEASE.md`

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.0.0
1	+ 1.0.1

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: carson
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.1
 platform: ruby
 authors:
 - Hailei Wang