@jtalk22/slack-mcp 3.0.0 → 3.2.0

package/src/web-server.js

@@ -5,7 +5,7 @@
  * Exposes Slack MCP tools as REST endpoints for browser access.
  * Run alongside or instead of the MCP server for web-based access.
  *
- * @version 3.0.0
+ * @version 3.2.0
  */
 
 import express from "express";
@@ -30,6 +30,11 @@ import {
   handleSendMessage,
   handleGetThread,
   handleListUsers,
+  handleAddReaction,
+  handleRemoveReaction,
+  handleConversationsMark,
+  handleConversationsUnreads,
+  handleUsersSearch,
 } from "../lib/handlers.js";
 
 const app = express();
@@ -66,6 +71,8 @@ const API_KEY = getOrCreateAPIKey();
 // Middleware
 app.use(express.json());
 app.use(express.static(join(__dirname, "../public")));
+// Compatibility alias so local web mode supports GitHub Pages-style /public/* URLs.
+app.use("/public", express.static(join(__dirname, "../public")));
 // Keep /docs URL compatibility for demo media and documentation links.
 app.use("/docs", express.static(join(__dirname, "../docs")));
 
@@ -84,7 +91,7 @@ app.use((req, res, next) => {
     res.header("Access-Control-Allow-Origin", origin);
   }
   res.header("Access-Control-Allow-Headers", "Content-Type, Authorization");
-  res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
+  res.header("Access-Control-Allow-Methods", "GET, POST, DELETE, OPTIONS");
   if (req.method === "OPTIONS") {
     return res.sendStatus(200);
   }
@@ -134,7 +141,7 @@ function extractContent(result) {
 app.get("/", (req, res) => {
   res.json({
     name: "Slack Web API Server",
-    version: "3.0.0",
+    version: "3.2.0",
     status: "ok",
     code: "ok",
     message: "Web API server is running.",
@@ -149,6 +156,11 @@ app.get("/", (req, res) => {
       "POST /messages",
       "GET  /users",
       "GET  /users/:id",
+      "POST /reactions",
+      "DELETE /reactions",
+      "POST /conversations/:id/mark",
+      "GET  /conversations/unreads",
+      "GET  /users/search",
     ],
     docs: "Add Authorization: Bearer <api-key> header to all requests"
   });
@@ -205,6 +217,19 @@ app.get("/conversations", authenticate, async (req, res) => {
   }
 });
 
+// Get unread conversations
+app.get("/conversations/unreads", authenticate, async (req, res) => {
+  try {
+    const result = await handleConversationsUnreads({
+      types: req.query.types || "im,mpim,public_channel,private_channel",
+      limit: parseInt(req.query.limit) || 50
+    });
+    res.json(extractContent(result));
+  } catch (e) {
+    sendStructuredError(res, 500, "unreads_failed", String(e?.message || e));
+  }
+});
+
 // Get conversation history
 app.get("/conversations/:id/history", authenticate, async (req, res) => {
   try {
@@ -251,6 +276,28 @@ app.get("/conversations/:id/thread/:ts", authenticate, async (req, res) => {
   }
 });
 
+// Mark conversation as read
+app.post("/conversations/:id/mark", authenticate, async (req, res) => {
+  try {
+    if (!req.body.timestamp) {
+      return sendStructuredError(
+        res,
+        400,
+        "invalid_request",
+        "timestamp is required",
+        "Include timestamp in request JSON."
+      );
+    }
+    const result = await handleConversationsMark({
+      channel_id: req.params.id,
+      timestamp: req.body.timestamp
+    });
+    res.json(extractContent(result));
+  } catch (e) {
+    sendStructuredError(res, 500, "mark_failed", String(e?.message || e));
+  }
+});
+
 // Search messages
 app.get("/search", authenticate, async (req, res) => {
   try {
@@ -308,6 +355,28 @@ app.get("/users", authenticate, async (req, res) => {
   }
 });
 
+// Search users (must be registered before /users/:id to avoid Express matching "search" as an ID)
+app.get("/users/search", authenticate, async (req, res) => {
+  try {
+    if (!req.query.q) {
+      return sendStructuredError(
+        res,
+        400,
+        "invalid_request",
+        "Query parameter 'q' is required",
+        "Set the q query string and retry."
+      );
+    }
+    const result = await handleUsersSearch({
+      query: req.query.q,
+      limit: parseInt(req.query.limit) || 20
+    });
+    res.json(extractContent(result));
+  } catch (e) {
+    sendStructuredError(res, 500, "user_search_failed", String(e?.message || e));
+  }
+});
+
 // Get user info
 app.get("/users/:id", authenticate, async (req, res) => {
   try {
@@ -320,6 +389,52 @@ app.get("/users/:id", authenticate, async (req, res) => {
   }
 });
 
+// Add reaction
+app.post("/reactions", authenticate, async (req, res) => {
+  try {
+    if (!req.body.channel_id || !req.body.timestamp || !req.body.reaction) {
+      return sendStructuredError(
+        res,
+        400,
+        "invalid_request",
+        "channel_id, timestamp, and reaction are required",
+        "Include channel_id, timestamp, and reaction in request JSON."
+      );
+    }
+    const result = await handleAddReaction({
+      channel_id: req.body.channel_id,
+      timestamp: req.body.timestamp,
+      reaction: req.body.reaction
+    });
+    res.json(extractContent(result));
+  } catch (e) {
+    sendStructuredError(res, 500, "add_reaction_failed", String(e?.message || e));
+  }
+});
+
+// Remove reaction
+app.delete("/reactions", authenticate, async (req, res) => {
+  try {
+    if (!req.body.channel_id || !req.body.timestamp || !req.body.reaction) {
+      return sendStructuredError(
+        res,
+        400,
+        "invalid_request",
+        "channel_id, timestamp, and reaction are required",
+        "Include channel_id, timestamp, and reaction in request JSON."
+      );
+    }
+    const result = await handleRemoveReaction({
+      channel_id: req.body.channel_id,
+      timestamp: req.body.timestamp,
+      reaction: req.body.reaction
+    });
+    res.json(extractContent(result));
+  } catch (e) {
+    sendStructuredError(res, 500, "remove_reaction_failed", String(e?.message || e));
+  }
+});
+
 // Start server
 async function main() {
   // Check for credentials
@@ -335,7 +450,7 @@ async function main() {
   app.listen(PORT, '127.0.0.1', () => {
     // Print to stderr to keep logs clean (stdout reserved for JSON in some setups)
     console.error(`\n${"═".repeat(60)}`);
-    console.error(`  Slack Web API Server v3.0.0`);
+    console.error(`  Slack Web API Server v3.2.0`);
     console.error(`${"═".repeat(60)}`);
     console.error(`\n  Dashboard: http://localhost:${PORT}/?key=${API_KEY}`);
     console.error(`\n  API Key:   ${API_KEY}`);

package/docs/CLOUDFLARE-BROWSER-TOOLKIT.md

@@ -1,67 +0,0 @@
-# Cloudflare Browser Toolkit
-
-Use Cloudflare Browser Rendering from this repo to run resilient page checks and captures when local browser automation is blocked.
-
-## Prerequisites
-
-- `CLOUDFLARE_ACCOUNT_ID` set
-- `CLOUDFLARE_API_TOKEN` **or** `CF_TERRAFORM_TOKEN` set
-- Token needs Browser Rendering access
-- Account API tokens are supported (recommended for this workflow)
-
-## Verify Access
-
-```bash
-npm run cf:browser -- verify
-```
-
-The verifier checks account-token auth (`/accounts/{account_id}/tokens/verify`) first and falls back to user-token verification automatically.
-
-## Quick Commands
-
-Rendered HTML:
-
-```bash
-npm run cf:browser -- content "https://example.com"
-```
-
-Markdown extract:
-
-```bash
-npm run cf:browser -- markdown "https://example.com"
-```
-
-Link extraction:
-
-```bash
-npm run cf:browser -- links "https://example.com"
-```
-
-Selector scrape:
-
-```bash
-npm run cf:browser -- scrape "https://example.com" --selectors "h1,.card a"
-```
-
-Screenshot:
-
-```bash
-npm run cf:browser -- screenshot "https://example.com" --out ./tmp/example.png --type png
-```
-
-PDF:
-
-```bash
-npm run cf:browser -- pdf "https://example.com" --out ./tmp/example.pdf
-```
-
-Structured JSON:
-
-```bash
-npm run cf:browser -- json "https://example.com" --schema '{"title":"string","links":["string"]}'
-```
-
-## Notes
-
-- This toolkit is for page rendering, extraction, and evidence capture.
-- It does not manage third-party account logins for posting workflows.

package/docs/COMMUNICATION-STYLE.md

@@ -1,66 +0,0 @@
-# Communication Style Guide
-
-Use this guide for release notes, issue replies, and changelog entries.
-
-## Rules
-
-1. Keep text technical, concise, and factual.
-2. Do not include model/tool credit lines.
-3. Do not include co-author trailers from tooling.
-4. State exact versions and commands when relevant.
-5. Avoid speculative claims.
-6. Release titles use `vX.Y.Z — <concrete operational outcome>`.
-
-## Issue Reply Template
-
-```md
-Thanks for reporting this.
-
-Status: fixed in `<version>`.
-
-Included:
-- `<fix 1>`
-- `<fix 2>`
-
-Verify:
-- `npx -y @jtalk22/slack-mcp --version`
-- `npx -y @jtalk22/slack-mcp --status`
-
-Install/update:
-- `npx -y @jtalk22/slack-mcp`
-- `npm i -g @jtalk22/slack-mcp@<version>`
-
-If it still reproduces, reply with OS, Node version, runtime mode (`stdio|web|http|worker`), and exact error output.
-```
-
-## Release Notes Template
-
-````md
-## <version> — <short title>
-
-### Improved
-- <item>
-- <item>
-
-### Compatibility
-- No API/tool schema changes.
-
-### Verify
-```bash
-npx -y @jtalk22/slack-mcp --version
-npx -y @jtalk22/slack-mcp --setup
-npx -y @jtalk22/slack-mcp --status
-```
-````
-
-## Changelog Entry Template
-
-```md
-## [<version>] - YYYY-MM-DD
-
-### Fixed
-- <item>
-
-### Changed
-- <item>
-```

package/docs/COMPATIBILITY.md

@@ -1,19 +0,0 @@
-# Compatibility Matrix
-
-Use this matrix to choose a known working client/runtime path before rollout.
-
-| Client | Mode | Token path | Status | Quick verify command |
-|---|---|---|---|---|
-| Claude Desktop (macOS) | `stdio` | `~/.slack-mcp-tokens.json` via `--setup` auto-extract | Supported | `npx -y @jtalk22/slack-mcp --setup && npx -y @jtalk22/slack-mcp --status` |
-| Claude Desktop (Windows) | `stdio` | `env` (`SLACK_TOKEN`, `SLACK_COOKIE`) in config | Supported | `npx -y @jtalk22/slack-mcp --status` |
-| Claude Desktop (Linux) | `stdio` | `env` or token file via guided setup | Supported | `npx -y @jtalk22/slack-mcp --status` |
-| Claude Code CLI | `stdio` | `~/.slack-mcp-tokens.json` or `env` | Supported | `npx -y @jtalk22/slack-mcp --version && npx -y @jtalk22/slack-mcp --status` |
-| Local Browser UI | `web` | token file or `env` | Supported | `npx -y @jtalk22/slack-mcp web` |
-| Hosted Node Runtime | `http` | `env` in host runtime | Supported with operator controls | `node src/server-http.js` then `curl -s http://localhost:8080/health` |
-| Cloudflare Worker / Smithery transport | `worker` | runtime env/query handoff per deployment config | Supported with deployment validation | `wrangler deploy --config workers/wrangler.toml` and verify `/health` |
-
-## Notes
-
-1. Runtime baseline is Node 20+.
-2. `--doctor` is the fastest first check when setup status is unknown.
-3. For hosted/team deployment, use [DEPLOYMENT-MODES.md](DEPLOYMENT-MODES.md) before production rollout.

package/docs/DEPLOYMENT-MODES.md

@@ -1,55 +0,0 @@
-# Deployment Modes
-
-Use this guide to choose the right operating mode before rollout.
-
-## Quick Chooser
-
-- Choose `stdio` for personal use in Claude Desktop/Claude Code.
-- Choose local `web` for browser workflows and manual Slack browsing.
-- Choose hosted HTTP only when you need remote execution and can handle token operations.
-- Choose Smithery/Worker only when your consumers require registry-hosted MCP transport.
-
-## Mode Matrix
-
-| Mode | Start Command | Best For | Auth Material | Exposure | Notes |
-|------|---------------|----------|---------------|----------|-------|
-| Local MCP (`stdio`) | `npx -y @jtalk22/slack-mcp` | Individual daily usage in Claude | `SLACK_TOKEN` + `SLACK_COOKIE` via token file/env | Local process | Lowest ops burden |
-| Local Web UI (`web`) | `npx -y @jtalk22/slack-mcp web` | Browser-first usage, manual search/send | Same as above + generated API key | `localhost` by default | Useful when MCP is not available |
-| Hosted MCP (`http`) | `node src/server-http.js` | Controlled hosted integration | Env-injected Slack token/cookie + HTTP bearer token | Remote endpoint | `/mcp` is bearer-protected by default; configure CORS allowlist |
-| Smithery/Worker | `wrangler deploy` + Smithery publish flow | Registry distribution for hosted consumers | Query/env token handoff | Remote endpoint | Keep worker version parity with npm release |
-
-## Team Deployment Guidance
-
-If you are deploying for more than one operator:
-
-1. Start with one maintainer on local `stdio`.
-2. Document token lifecycle and rotation ownership.
-3. Define support window and incident contact before enabling hosted mode.
-4. Validate `/health` and MCP initialize responses on every release.
-
-## Release Checklist by Mode
-
-### Local `stdio`
-
-1. `npx -y @jtalk22/slack-mcp --status`
-2. `npx -y @jtalk22/slack-mcp --help`
-3. Confirm tool list in Claude client.
-
-### Local `web`
-
-1. `npx -y @jtalk22/slack-mcp web`
-2. Verify API key generation at `~/.slack-mcp-api-key`.
-3. Verify `/health`, `/conversations`, and `/search` endpoints.
-
-### Hosted (`http` or Worker)
-
-1. Verify `version` parity across `package.json`, server metadata, and health responses.
-2. Verify HTTP auth behavior:
-   - missing `SLACK_MCP_HTTP_AUTH_TOKEN` returns `503`
-   - bad bearer token returns `401`
-   - valid bearer token succeeds
-3. Verify CORS behavior:
-   - denied by default
-   - allowed origins work when listed in `SLACK_MCP_HTTP_ALLOWED_ORIGINS`
-4. Confirm `slack_get_thread`, `slack_search_messages`, and `slack_users_info` behavior.
-5. Confirm token handling mode (ephemeral vs env persistence) is documented.

package/docs/HN-LAUNCH.md

@@ -1,72 +0,0 @@
-# HN Launch Kit (v3.0.0)
-
-Use this for Show HN and follow-up comments.
-
-## Title Options
-
-- `Show HN: Slack MCP Server v3.0.0 (secure-default hosted mode, local-first unchanged)`
-- `Show HN: Slack MCP Server v3.0.0 (session-based Slack access for MCP clients)`
-- `Show HN: Slack MCP Server v3.0.0 (hosted HTTP now auth-by-default)`
-
-## Main Post Draft
-
-```md
-Released `@jtalk22/slack-mcp@3.0.0`.
-
-This release keeps local session-mirroring intact (`stdio`, `web`) and hardens hosted HTTP defaults:
-- `/mcp` requires bearer auth by default
-- CORS requires explicit origin allowlisting
-- no MCP tool renames/removals
-- `--doctor` stays deterministic (`0/1/2/3`)
-- `--status` stays read-only
-
-Verify in 30 seconds:
-- `npx -y @jtalk22/slack-mcp@latest --version`
-- `npx -y @jtalk22/slack-mcp@latest --doctor`
-- `npx -y @jtalk22/slack-mcp@latest --status`
-
-Repo: https://github.com/jtalk22/slack-mcp-server
-npm: https://www.npmjs.com/package/@jtalk22/slack-mcp
-Release notes: https://github.com/jtalk22/slack-mcp-server/blob/main/.github/v3.0.0-release-notes.md
-Maintainer/operator: `jtalk22` (`james@revasser.nyc`)
-```
-
-## First Comment Draft
-
-```md
-Additional operator notes:
-- Local users (`stdio`, `web`) do not need migration.
-- Hosted users need `SLACK_MCP_HTTP_AUTH_TOKEN` and `SLACK_MCP_HTTP_ALLOWED_ORIGINS` configured.
-- Emergency local fallback is available via `SLACK_MCP_HTTP_INSECURE=1`.
-
-If something fails, include:
-- OS + Node version
-- runtime mode (`stdio|web|http|worker`)
-- exact command + output
-```
-
-## Reply Macros
-
-### Why not Slack OAuth?
-
-Session mirroring uses the access already present in the signed-in Slack web session, which is useful for operator workflows where a bot scope model is too limiting.
-
-### Is hosted required?
-
-No. Local-first use is still the default and fully supported.
-
-### Did the tool API change?
-
-No MCP tool names were removed or renamed in `v3.0.0`.
-
-### Why a major version?
-
-Hosted HTTP defaults changed to auth-by-default behavior, which can change existing hosted deployments.
-
-### What should users run first?
-
-```bash
-npx -y @jtalk22/slack-mcp@latest --version
-npx -y @jtalk22/slack-mcp@latest --doctor
-npx -y @jtalk22/slack-mcp@latest --status
-```

package/docs/INDEX.md

@@ -1,40 +0,0 @@
-# Documentation Index
-
-Start here for setup, compatibility checks, operations, and support.
-
-## Core
-
-- [Setup Guide](SETUP.md)
-- [Compatibility Matrix](COMPATIBILITY.md)
-- [API Reference](API.md)
-- [Web API Reference](WEB-API.md)
-- [Troubleshooting](TROUBLESHOOTING.md)
-
-## Operations
-
-- [Deployment Modes](DEPLOYMENT-MODES.md)
-- [Cloudflare Browser Toolkit](CLOUDFLARE-BROWSER-TOOLKIT.md)
-- [Use Case Recipes](USE_CASE_RECIPES.md)
-- [Support Boundaries](SUPPORT-BOUNDARIES.md)
-
-## Launch and Communication
-
-- [HN Launch Kit](HN-LAUNCH.md)
-- [Launch Copy (v3.0.0)](LAUNCH-COPY-v3.0.0.md)
-- [Launch Ops Runbook](LAUNCH-OPS.md)
-- [Capability Matrix](LAUNCH-MATRIX.md)
-- [Install Proof Block](INSTALL-PROOF.md)
-- [Release Notes (v3.0.0)](../.github/v3.0.0-release-notes.md)
-- [Communication Style](COMMUNICATION-STYLE.md)
-- [Release Health Guide](RELEASE-HEALTH.md)
-- [Latest Release Health Snapshot](release-health/latest.md)
-- [Version Parity Report](release-health/version-parity.md)
-- [Prepublish Dry Run Report](release-health/prepublish-dry-run.md)
-- [Launch Log Template](release-health/launch-log-template.md)
-- [Changelog](../CHANGELOG.md)
-
-## Issue Intake
-
-- [Bug Report Template](../.github/ISSUE_TEMPLATE/bug_report.md)
-- [Feature Request Template](../.github/ISSUE_TEMPLATE/feature_request.md)
-- [Deployment Intake Template](../.github/ISSUE_TEMPLATE/deployment-intake.md)

package/docs/INSTALL-PROOF.md

@@ -1,18 +0,0 @@
-# Install Proof Block (v3.0.0)
-
-Use this command block in release notes, HN/X/Reddit follow-ups, and issue replies.
-
-```bash
-npx -y @jtalk22/slack-mcp@latest --version
-npx -y @jtalk22/slack-mcp@latest --doctor
-npx -y @jtalk22/slack-mcp@latest --status
-```
-
-Expected:
-- `--version` prints `slack-mcp-server v3.0.0`
-- `--doctor` exits with:
-  - `0` ready
-  - `1` missing credentials
-  - `2` invalid or expired credentials
-  - `3` runtime or connectivity issue
-- `--status` is read-only and does not trigger Chrome extraction.

package/docs/LAUNCH-COPY-v3.0.0.md

@@ -1,73 +0,0 @@
-# Launch Copy (v3.0.0)
-
-Canonical text blocks for GitHub release surfaces, listings, and operator updates.
-
-## Short Summary (Public)
-
-`@jtalk22/slack-mcp v3.0.0` is live. This release keeps local-first operation unchanged (`stdio`, `web`) and hardens hosted HTTP mode with secure defaults. Hosted `/mcp` now requires bearer authentication using `SLACK_MCP_HTTP_AUTH_TOKEN`, and browser-origin access now uses explicit allowlisting via `SLACK_MCP_HTTP_ALLOWED_ORIGINS`. The major version reflects this hosted behavior change; local workflows and MCP tool names remain stable. Diagnostics remain deterministic (`--doctor` returns `0|1|2|3`), and `--status` remains read-only for safe checks. Public demo/media checks are now included in web verification so broken assets are caught before publish. Maintainer/operator: `jtalk22` (`james@revasser.nyc`).
-
-## GitHub Release Block
-
-```md
-`v3.0.0` secures hosted HTTP defaults while keeping local-first workflows stable.
-
-What changed:
-- `/mcp` requires bearer auth by default
-- CORS is origin-allowlist driven (`SLACK_MCP_HTTP_ALLOWED_ORIGINS`)
-- no MCP tool renames/removals
-- deterministic diagnostics are preserved
-
-Verify:
-`npx -y @jtalk22/slack-mcp@latest --version`
-`npx -y @jtalk22/slack-mcp@latest --doctor`
-`npx -y @jtalk22/slack-mcp@latest --status`
-```
-
-## Hosted Migration Block
-
-```md
-Hosted migration in under a minute:
-`SLACK_TOKEN=xoxc-...`
-`SLACK_COOKIE=xoxd-...`
-`SLACK_MCP_HTTP_AUTH_TOKEN=change-this`
-`SLACK_MCP_HTTP_ALLOWED_ORIGINS=https://claude.ai`
-`node src/server-http.js`
-
-Requests must include:
-`Authorization: Bearer <SLACK_MCP_HTTP_AUTH_TOKEN>`
-
-Emergency local fallback only:
-`SLACK_MCP_HTTP_INSECURE=1 node src/server-http.js`
-```
-
-## GitHub Discussion Announcement
-
-```md
-`v3.0.0` is published.
-
-- Hosted HTTP now enforces auth-by-default and explicit CORS policy.
-- Local-first paths (`stdio`, `web`) remain unchanged.
-- MCP tool names remain unchanged.
-
-If you hit a deployment blocker, open deployment intake and include runtime mode + exact output.
-```
-
-## Listing Snippet (awesome-mcp-servers / registries)
-
-```md
-Session-based Slack MCP server for local-first operators. `v3.0.0` hardens hosted HTTP defaults (bearer auth + origin allowlist) while keeping local tool contracts stable.
-```
-
-## Support Intake Snippet
-
-```md
-Need guided hosted deployment help?
-- Open deployment intake: `https://github.com/jtalk22/slack-mcp-server/issues/new?template=deployment-intake.md`
-- Continue in Discussions: `https://github.com/jtalk22/slack-mcp-server/discussions`
-```
-
-## Propagation Note
-
-Use when listing or registry caches lag:
-
-`Release is published. Metadata propagation is in progress as of <UTC timestamp>.`

package/docs/LAUNCH-MATRIX.md

@@ -1,22 +0,0 @@
-# Capability Matrix (v3.0.0)
-
-Comparison matrix for release notes and channel posts. Keep competitor references unnamed.
-
-| Capability | This Release (`v3.0.0`) | Typical Session-Based Alternatives |
-|---|---|---|
-| Read-only status checks | Enforced and verified in install flow | Often undocumented or mixed with refresh side effects |
-| Deterministic doctor exits | Enforced (`0/1/2/3`) with install-path coverage | Often ad-hoc or text-only |
-| Structured diagnostics | Shared fields in MCP/web error payloads | Mixed payload shapes |
-| Hosted HTTP auth default | Bearer required on `/mcp` by default | Often permissive by default |
-| Hosted HTTP CORS | Explicit allowlist (`SLACK_MCP_HTTP_ALLOWED_ORIGINS`) | Often wildcard/implicit |
-| Unknown token age handling | Explicit `unknown_age` semantics | Missing timestamp may appear as stale/failing |
-| Tool contract stability | No MCP tool rename/removal | Varies by release |
-| Local-first operator path | First-class (`stdio`, `web`) | Varies by runtime emphasis |
-| Version parity check | Scripted local/npm/registry report | Often manual |
-| Smithery/registry alignment | Metadata prepared in release wave | Often delayed post-release |
-
-## Usage Guidance
-
-1. Use this table in release notes and social threads.
-2. Do not name external projects.
-3. Keep claims tied to verifiable commands and docs.