@jhizzard/termdeck-stack 0.2.6 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/CHANGELOG.md +91 -0
  2. package/package.json +1 -1
package/CHANGELOG.md CHANGED
@@ -5,6 +5,97 @@ underlying packages (`@jhizzard/termdeck`, `@jhizzard/mnestra`,
5
5
  `@jhizzard/rumen`) ship on their own cadences and have their own
6
6
  changelogs — see the root `CHANGELOG.md` for `@jhizzard/termdeck`.
7
7
 
8
+ ## [0.3.0] — 2026-04-26
9
+
10
+ ### Documentation
11
+ - Audit-trail update: validated against `@jhizzard/termdeck@0.7.0`,
12
+ the runtime-correctness companion to the v0.6.9 install-time
13
+ audit/verify framework. v0.7.0 ships three runtime-side fixes:
14
+ (1) theme persistence — `session.meta.theme` becomes a render-time
15
+ getter that resolves against the live config instead of a SQLite
16
+ snapshot, so editing `~/.termdeck/config.yaml` actually changes
17
+ existing terminals' themes; (2) auth cookie persists 30 days
18
+ (HttpOnly, SameSite=Lax, conditional Secure) so users don't re-type
19
+ the token at every browser session; (3) new `GET /api/health/full`
20
+ endpoint that answers "is this install actually healthy right now?"
21
+ by reusing the v0.6.9 preconditions helpers at runtime — Postgres,
22
+ pg_cron, pg_net, Vault, cron.job activity, SQLite, Mnestra webhook,
23
+ Rumen pool. Cached 30s. See the root `CHANGELOG.md` v0.7.0 entry
24
+ for the full check list and test counts.
25
+
26
+ ### Why a minor bump (not patch)
27
+ - v0.7.0 is a minor on the underlying TermDeck package — it adds two
28
+ new feature surfaces (`/api/health/full` and the cookie max-age
29
+ semantics) and changes a load-bearing internal contract (theme
30
+ resolution moves from snapshot to live). The meta-installer's
31
+ audit-trail bump matches that minor cadence so the published
32
+ versions read as a coordinated set: TermDeck 0.7.0 ↔
33
+ termdeck-stack 0.3.0, mirroring the 0.6.x ↔ 0.2.x correspondence.
34
+ - Strict reading of `docs/SEMVER-POLICY.md` would treat a docs-only
35
+ audit-trail bump as patch. We're stretching to minor here on
36
+ purpose, same way 0.2.0 was — to keep the published version
37
+ surface legible alongside the underlying TermDeck minor.
38
+
39
+ ### Notes
40
+ - No installer behavior change. `npx @jhizzard/termdeck-stack`
41
+ always pulls `@jhizzard/termdeck@latest`, so existing installs
42
+ pick up v0.7.0 automatically. Mnestra (0.2.2) and Rumen (0.4.3)
43
+ unchanged through this bump.
44
+ - This closes the v0.6.x → v0.7.0 narrative cleanly: v0.6.x =
45
+ install-time correctness, v0.7.0 = runtime correctness. The same
46
+ audit/verify principle locked into both.
47
+
48
+ ## [0.2.8] — 2026-04-26
49
+
50
+ ### Documentation
51
+ - Audit-trail update: validated against `@jhizzard/termdeck@0.6.9`,
52
+ the deliberate close to the v0.6.x incident saga. v0.6.9 introduces
53
+ `auditPreconditions()` and `verifyOutcomes()` — a front-loaded check
54
+ before any state-changing operation, plus a closing check that
55
+ confirms what was just done actually took. Closes the failure class
56
+ that produced four of the eight v0.6.x patches: a documented manual
57
+ step that wasn't verified in code. The wizard now refuses to proceed
58
+ on missing extensions, missing access tokens, missing Vault secrets,
59
+ or any other unmet external precondition. See the root
60
+ `CHANGELOG.md` v0.6.9 entry for the full list of checks and the
61
+ 10 regression fixtures.
62
+
63
+ ### Notes
64
+ - Fifth and final audit-trail bump in the v0.6.5–v0.6.9 arc. Eight
65
+ underlying patches in 48 hours, three meta-installer audit-trail
66
+ bumps tracking them. The principle that emerged and is now locked
67
+ into the codebase: *"Documentation is not verification."*
68
+ - v0.7.0 is the next minor release, planned to extend the audit/verify
69
+ pattern from install-time into runtime via `/api/health/full` plus
70
+ fixes for theme persistence and auth-cookie UX. Not bundled into
71
+ v0.6.9 to keep the narrative clean: v0.6.x = install-time correctness,
72
+ v0.7.x = runtime correctness.
73
+
74
+ ## [0.2.7] — 2026-04-26
75
+
76
+ ### Documentation
77
+ - Audit-trail update: validated against `@jhizzard/termdeck@0.6.8`.
78
+ v0.6.8 fixes a meta-installer-induced bug: the meta-installer
79
+ installs `@jhizzard/mnestra` globally as a peer, and TermDeck's
80
+ migration loader was preferring that peer over its own bundled
81
+ migrations. When a user upgraded TermDeck without also upgrading
82
+ the sibling Mnestra package, a stale Mnestra silently shadowed
83
+ newer bundled migrations. v0.6.5's source_session_id fix was
84
+ invisible to anyone with stale Mnestra-in-global-node_modules.
85
+ v0.6.8 flips the precedence — bundled first, peer node_modules as
86
+ a fallback only when bundled is missing. See the root
87
+ `CHANGELOG.md` v0.6.8 entry and the new
88
+ `tests/migration-loader-precedence.test.js` for the four
89
+ regression cases that pin this guarantee.
90
+
91
+ ### Notes
92
+ - Fourth audit-trail bump in the v0.6.5–v0.6.8 arc. No installer
93
+ behavior change. The longer-term consideration: a future
94
+ meta-installer release should consider whether to keep installing
95
+ `@jhizzard/mnestra` as a global peer at all, given that TermDeck
96
+ now treats its bundled migrations as canonical. Tracked as a
97
+ follow-up; not blocking this audit-trail bump.
98
+
8
99
  ## [0.2.6] — 2026-04-26
9
100
 
10
101
  ### Documentation
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@jhizzard/termdeck-stack",
3
- "version": "0.2.6",
3
+ "version": "0.3.0",
4
4
  "description": "One-command installer for the TermDeck developer memory stack: TermDeck + Mnestra + Rumen + Supabase MCP",
5
5
  "bin": {
6
6
  "termdeck-stack": "./src/index.js"