@easonwumac/computer-linker 0.1.6 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/CHANGELOG.md +12 -0
  2. package/docs/architecture.md +3 -3
  3. package/docs/release-checklist.md +4 -3
  4. package/package.json +1 -1
package/CHANGELOG.md CHANGED
@@ -5,6 +5,18 @@ All notable changes to Computer Linker will be documented in this file.
5
5
  This project follows a small pre-1.0 changelog: breaking contract changes are
6
6
  called out even when the package version is still `0.x`.
7
7
 
8
+ ## 0.1.7 - 2026-06-27
9
+
10
+ ### Changed
11
+
12
+ - Public release audit now scans tracked and packed text files for suspicious
13
+ third-party provenance markers, including source-copy, adaptation,
14
+ snippet-site, and vendored-code references before public release.
15
+ - Public release audit now blocks retired product-name markers without keeping
16
+ that retired name in repository text.
17
+ - Release checklist now documents the provenance marker scan alongside license
18
+ and secret checks.
19
+
8
20
  ## 0.1.6 - 2026-06-27
9
21
 
10
22
  ### Changed
package/docs/architecture.md CHANGED
@@ -5,9 +5,9 @@ architecture should serve that spec: a local computer MCP service for controlled
5
5
  file access, commands, Codex, screenshots, computer info, and audit history.
6
6
  ChatGPT-specific setup is a client helper, not the product axis.
7
7
 
8
- ## Product Name
9
-
10
- The product is named **Computer Linker**. It intentionally does not reuse DevSpace.
8
+ ## Product Name
9
+
10
+ The product is named **Computer Linker**.
11
11
 
12
12
  ## Mental Model
13
13
 
package/docs/release-checklist.md CHANGED
@@ -130,9 +130,10 @@ This is the release-oriented alpha readiness gate. It requires fresh external
130
130
  MCP evidence and a dated `CHANGELOG.md` heading for the current package version,
131
131
  so it reports both final blockers in one place before `public:mirror`.
132
132
 
133
- This adds the public-release audit: packed-file inspection, tracked and
134
- non-ignored untracked file secret-shape scanning, production `npm audit`,
135
- dependency license allowlist checks, and a high-risk Git history secret scan.
133
+ This adds the public-release audit: packed-file inspection, tracked and
134
+ non-ignored untracked file secret-shape scanning, production `npm audit`,
135
+ dependency license allowlist checks, third-party provenance marker scanning,
136
+ retired product-name marker scanning, and a high-risk Git history secret scan.
136
137
 
137
138
  Before changing the current GitHub repository to public visibility while
138
139
  preserving its Git history, run the stricter one-command gate:
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@easonwumac/computer-linker",
3
- "version": "0.1.6",
3
+ "version": "0.1.7",
4
4
  "description": "One computer, one permissioned MCP linker for local workspaces.",
5
5
  "type": "module",
6
6
  "main": "dist/client.js",