@lcv-ideas-software/cross-review 4.1.0 → 4.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +28 -0
- package/README.md +74 -73
- package/dist/scripts/runtime-smoke.js +10 -3
- package/dist/scripts/runtime-smoke.js.map +1 -1
- package/dist/scripts/smoke.js +25 -0
- package/dist/scripts/smoke.js.map +1 -1
- package/dist/src/core/config.d.ts +1 -1
- package/dist/src/core/config.js +1 -1
- package/dist/src/core/session-store.js +7 -9
- package/dist/src/core/session-store.js.map +1 -1
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -7,6 +7,34 @@ standard `v00.00.00`; npm package versions remain SemVer.
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
+
## [v04.01.01] — 2026-05-17
|
|
11
|
+
|
|
12
|
+
**Patch — release the hard-gate cleanup as a published package.** The previous
|
|
13
|
+
hard-gate cleanup was synchronized without a package-version bump; this patch
|
|
14
|
+
formalizes the change as npm package `4.1.1`, preserving the rule that every
|
|
15
|
+
patch shipped to `main` receives a publishable SemVer increment.
|
|
16
|
+
|
|
17
|
+
### Fixed
|
|
18
|
+
|
|
19
|
+
- Removed the dead global ESLint waiver for
|
|
20
|
+
`@typescript-eslint/no-explicit-any`; strict enforcement already passes on the
|
|
21
|
+
current source tree.
|
|
22
|
+
- Restored README coverage under Prettier by removing the README masks from
|
|
23
|
+
`.prettierignore` and formatting the file instead of hiding the drift.
|
|
24
|
+
- Added smoke coverage that prevents future linter/formatter masking of
|
|
25
|
+
`README.md`, `src/**`, and `scripts/**`, and pins the TypeScript unused-var
|
|
26
|
+
rule as an error.
|
|
27
|
+
- Made `runtime-smoke` polling terminal-outcome aware and increased the polling
|
|
28
|
+
deadline to 60 seconds so slow-but-converged stub sessions are not reported as
|
|
29
|
+
timeouts.
|
|
30
|
+
- Replaced two CodeQL `js/file-system-race` patterns with atomic/file-descriptor
|
|
31
|
+
based flows: session metadata placeholder creation now relies directly on
|
|
32
|
+
`writeFileSync(..., { flag: "wx" })`, and the migration race harness snapshots
|
|
33
|
+
lock state through `openSync` + `fstatSync` on the opened descriptor.
|
|
34
|
+
- Added a scoped StepSecurity suppression for generated `dist/**` artifacts in
|
|
35
|
+
the publish workflow's pre-publish build job, then resolved the existing
|
|
36
|
+
actionable generated-file detections.
|
|
37
|
+
|
|
10
38
|
## [v04.01.00] — 2026-05-17
|
|
11
39
|
|
|
12
40
|
**Minor — security hardening of session-store concurrency, write-path
|