@fvc/card 3.0.2 → 3.0.3-next-d4799a7fa99a8ef4e7e8adfc3793fd349346277e

package/CHANGELOG.md

@@ -0,0 +1,183 @@
+# @fvc/card
+
+## 3.0.3-next-d4799a7fa99a8ef4e7e8adfc3793fd349346277e
+
+### Patch Changes
+
+- 51a1a4c: Include `CHANGELOG.md` inside every published `@fvc/*` tarball.
+
+  Until this patch, `packages/<pkg>/package.json#files` only declared
+  `dist/lib/index.js`, `dist/lib/<pkg>`, and `package.json`, which
+  meant `npm pack` skipped the package's `CHANGELOG.md` even though
+  it is generated by Changesets at release time and lives at the
+  package root. Consumers had no way to read the changelog after
+  installing the package — they had to visit GitLab.
+
+  This patch adds `"CHANGELOG.md"` to every publishable package's
+  `files` array, including the scaffolder template
+  (`codegen/templates/component/package.json.hbs`) so new packages
+  inherit the setting from day one. After this ships, running
+  `npm view @fvc/<pkg>@<latest>` returns a tarball whose manifest
+  includes `CHANGELOG.md`, and `cat node_modules/@fvc/<pkg>/CHANGELOG.md`
+  on the consumer side returns the changelog content directly.
+
+  No component source changes. This is metadata-only, but it is a
+  patch bump on every package because the published-tarball contents
+  change — a deliberately conservative semver choice for a release
+  that materially affects what consumers receive on `npm install`.
+
+- Updated dependencies [48791ab]
+- Updated dependencies [51a1a4c]
+  - @fvc/typography@3.0.3-next-d4799a7fa99a8ef4e7e8adfc3793fd349346277e
+  - @fvc/box@1.1.3-next-d4799a7fa99a8ef4e7e8adfc3793fd349346277e
+  - @fvc/utils@3.0.3-next-d4799a7fa99a8ef4e7e8adfc3793fd349346277e
+
+## 3.0.2
+
+### Patch Changes
+
+- 325c540: README and keywords
+- Updated dependencies [e601138]
+- Updated dependencies [cd80d11]
+- Updated dependencies [325c540]
+  - @fvc/utils@3.0.2
+  - @fvc/typography@3.0.2
+  - @fvc/box@1.1.2
+
+## 3.0.2-rc.0
+
+### Patch Changes
+
+- 325c540: README and keywords
+- Updated dependencies [cd80d11]
+- Updated dependencies [325c540]
+  - @fvc/typography@3.0.2-rc.0
+  - @fvc/utils@3.0.2-rc.0
+  - @fvc/box@1.1.2-rc.0
+
+## 3.0.1
+
+### Patch Changes
+
+- f176af2: Clean up stale pre-release suffix from @fvc/\* peer dependency ranges
+
+  The v3.0.0 release shipped to npm with peer dependency ranges still
+  carrying the `-rc.0` pre-release suffix from the release branch's
+  pre-mode bump. Concretely, `@fvc/card@3.0.0`'s manifest on npm
+  @latest declared:
+
+  ```json
+  "peerDependencies": {
+    "@fvc/utils": "^3.0.0-rc.0",
+    "@fvc/typography": "^3.0.0-rc.0"
+  }
+  ```
+
+  Root cause is the interaction between Changesets' exit-mode behaviour
+  and the `onlyUpdatePeerDependentsWhenOutOfRange` experimental flag,
+  which we had set to `true`. Inside `@changesets/apply-release-plan`'s
+  `shouldUpdateDependencyBasedOnConfig`:
+
+  ```js
+  if (!semverSatisfies(release.version, depVersionRange)) {
+    // out of range → always update
+    return true;
+  }
+  if (depType === 'peerDependencies') {
+    shouldUpdate = !onlyUpdatePeerDependentsWhenOutOfRange;
+  }
+  ```
+
+  In exit mode `utils` goes from `3.0.0-rc.0` to `3.0.0`. The
+  peer-range `^3.0.0-rc.0` still semver-satisfies `3.0.0` (rc.0 sorts
+  before stable per semver), so the `out-of-range` branch is skipped.
+  With the flag set to `true`, `shouldUpdate` collapses to `false`
+  and peer ranges are intentionally left untouched. The package then
+  ships to @latest with a stale pre-release range.
+
+  This is not a Changesets bug — the library is correctly honouring
+  its configured behaviour — but the combination is wrong for our
+  monorepo's lifecycle. This patch:
+  1. Removes the `___experimentalUnsafeOptions_WILL_CHANGE_IN_PATCH`
+     block from `.changeset/config.json`, restoring Changesets' default
+     behaviour of updating internal peer-dep ranges on every bump of
+     the peer package. This eliminates the stale-suffix path
+     permanently: every future release of `@fvc/utils` (or any other
+     internal peer) will refresh its dependents' peer ranges
+     deterministically.
+  2. Patch-bumps every package whose peer-deps need to be refreshed
+     on `@latest`: `utils` (driver of the cascade), plus `card`,
+     `input`, `provider`, and `typography` (the four packages whose
+     on-disk peer ranges still carry the `-rc.0` suffix from the
+     v3.0.0 cycle). When `prepare:latest` runs `bunx changeset
+version` against this changeset under the new config, the
+     pre-release suffix is rewritten away as part of the normal
+     peer-range update path.
+
+  Trade-off accepted: every future bump of an internal peer (utils
+  in particular) will trigger a peer-range refresh in its dependents.
+  At our current scale (~5 internal-peer relationships) this is a
+  non-issue and produces tighter peer pinning, which is desirable for
+  a controlled monorepo. The alternative — a custom CI sanitiser
+  script — would have been a permanent workaround for a config we
+  were never supposed to set in the first place.
+
+  No source code in any package changes.
+
+- Updated dependencies [f176af2]
+  - @fvc/utils@3.0.1
+  - @fvc/typography@3.0.1
+
+## 3.0.0
+
+## 3.0.0-rc.0
+
+### Patch Changes
+
+- Updated dependencies [f3dcc20]
+  - @fvc/utils@3.0.0-rc.0
+  - @fvc/typography@3.0.0-rc.0
+
+## 2.0.1
+
+### Patch Changes
+
+- b2d9ee6: fix(peer): drop the `-rc.0` suffix from `@fvc/*` peer dependency ranges
+
+  After release/2.0.0 was finalised, the `release:exit` step did not
+  strip the pre-release suffix from peer dependency ranges in five
+  packages. The published manifests on `@latest` therefore announced
+  that they accept pre-release versions of their internal peers (for
+  example `@fvc/utils@^2.0.0-rc.0`) when the intent was the stable
+  range (`^2.0.0`). This patch restores the stable ranges.
+
+  Ranges corrected on this release:
+  - `@fvc/card` peer `@fvc/typography`: `^2.0.0-rc.0` → `^2.0.0`
+  - `@fvc/card` peer `@fvc/utils`: `^2.0.0-rc.0` → `^2.0.0`
+  - `@fvc/input` peer `@fvc/utils`: `^2.0.0-rc.0` → `^2.0.0`
+  - `@fvc/provider` peer `@fvc/utils`: `^2.0.0-rc.0` → `^2.0.0`
+  - `@fvc/typography` peer `@fvc/utils`: `^2.0.0-rc.0` → `^2.0.0`
+  - `@fvc/richtext` peer `@fvc/button`: `^1.2.5-rc.0` → `^1.2.5`
+
+  No code change is shipped with this patch. Consumers already
+  running stable versions of the affected peers (`@fvc/utils@2.0.0`,
+  `@fvc/typography@2.0.0`, `@fvc/button@1.2.5`) were not seeing a
+  runtime break — the pre-release range still semantically satisfies
+  the stable peer — but the manifest was misleading and could trip
+  dependency analysers, registry tooling, and stricter package
+  managers.
+
+  A follow-up CI change will harden `release:exit` so the suffix is
+  guaranteed to be stripped on every future release.
+
+## 2.0.0
+
+## 2.0.0-rc.0
+
+### Patch Changes
+
+- Updated dependencies [45936ec]
+- Updated dependencies [e0a3c27]
+- Updated dependencies [0d71f57]
+  - @fvc/utils@2.0.0-rc.0
+  - @fvc/typography@2.0.0-rc.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fvc/card",
-  "version": "3.0.2",
+  "version": "3.0.3-next-d4799a7fa99a8ef4e7e8adfc3793fd349346277e",
   "keywords": [
     "react",
     "react-component",
@@ -16,7 +16,8 @@
   "files": [
     "dist/lib/index.js",
     "dist/lib/card",
-    "package.json"
+    "package.json",
+    "CHANGELOG.md"
   ],
   "exports": {
     ".": {
@@ -37,9 +38,9 @@
     "test": "bun test --preload ../../tests/happydom.ts --preload ../../tests/testing-library.tsx"
   },
   "peerDependencies": {
-    "@fvc/box": "^1.1.2",
-    "@fvc/typography": "^3.0.2",
-    "@fvc/utils": "^3.0.2",
+    "@fvc/box": "1.1.3-next-d4799a7fa99a8ef4e7e8adfc3793fd349346277e",
+    "@fvc/typography": "3.0.3-next-d4799a7fa99a8ef4e7e8adfc3793fd349346277e",
+    "@fvc/utils": "3.0.3-next-d4799a7fa99a8ef4e7e8adfc3793fd349346277e",
     "react": "^18.0.0",
     "antd": "^5.0.0"
   }