npm - beth-copilot - Versions diffs - 1.0.11 → 1.0.12 - Mend

beth-copilot 1.0.11 → 1.0.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,130 @@
+# Changelog
+> *"Here's what changed. I don't repeat myself."*
+All notable changes to Beth are documented here. Format based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), versioning follows [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+---
+## [1.0.11] - 2026-02-01
+### Changed
+- Reverted to fire animation for BETH banner (the way it should be)
+### Fixed
+- SBOM regeneration for accurate dependency tracking
+---
+## [1.0.10] - 2026-01-31
+### Added
+- **Path validation security** — 33 tests covering traversal detection, injection prevention, and allowlist validation
+- **Work tracking for all agents** — Every agent now uses the dual tracking system (beads for agents, Backlog.md for humans)
+- **Cross-platform npm installation** — Consistent installation across macOS, Linux, and Windows
+### Security
+- Path validation for user-supplied binary paths to prevent command injection
+- Documented shell:true security constraints in SECURITY.md
+---
+## [1.0.6] - 2026-01-29
+### Added
+- **Multi-agent coordination system** — Epic patterns with dependencies, parallel execution, and hierarchical issue tracking
+- **Beads integration** — Structured work tracking with `bd` CLI for agent memory and coordination
+- **Subagent templates** — Ready-to-use patterns for spawning specialists
+### Changed
+- Beth instructions now include full orchestration workflows
+- Updated SYSTEM-FLOW.md with multi-agent patterns
+---
+## [1.0.5] - 2026-01-28
+### Added
+- Beads multi-agent coordination documentation
+---
+## [1.0.4] - 2026-01-27
+### Added
+- **backlog.md CLI installation prompt** — Auto-prompts during init for human-readable tracking
+- **.vscode/settings.json template** — Auto-configured agent settings for VS Code
+---
+## [1.0.3] - 2026-01-26
+### Added
+- **Version check** — CLI warns users when a newer version is available
+---
+## [1.0.2] - 2026-01-25
+### Added
+- **Security automation** — GitHub Actions workflow with npm audit, gitleaks, CodeQL, SBOM generation
+- **Pre-commit hooks** — Secret scanning with gitleaks before commits
+- **Subagent delegation settings** — Documentation for enabling autonomous agent coordination
+### Changed
+- Clarified Product Manager vs UX Designer roles in documentation
+### Fixed
+- Security hardening for enterprise production readiness
+---
+## [1.0.1] - 2026-01-24
+### Added
+- **Security Reviewer agent** — OWASP Top 10, compliance audits, threat modeling
+- **Security Analysis skill** — Vulnerability assessment workflows
+- **MCP setup guide** — docs/MCP-SETUP.md with all optional servers
+- **Installation guide** — docs/INSTALLATION.md with full setup instructions
+- **Dependabot configuration** — Weekly npm/GH Actions updates with grouped PRs
+### Changed
+- **Consolidated frontend-engineer into developer** — Developer now handles UI, full-stack, and shadcn-ui MCP integration
+- Updated all agent handoffs to include security-reviewer
+### Security
+- Full enterprise security review completed
+- HIGH findings addressed
+- SECURITY.md created with security policies
+---
+## [1.0.0] - 2026-01-23
+### Added
+- **Beth orchestrator** — The ruthless, hyper-competent AI coordinator
+- **Six specialist agents** — Product Manager, Researcher, UX Designer, Developer, Tester, (later Security Reviewer)
+- **Five skills** — PRD generation, Framer components, Vercel React best practices, Web Design guidelines, shadcn-ui
+- **npm package** — `npx beth-copilot init` for one-command installation
+- **IDEO Design Thinking workflow** — Empathize → Define → Ideate → Prototype → Test
+- **Dual tracking system** — beads for agents, Backlog.md for humans
+- **ASCII art animation** — Beth's entrance with fire effect banner
+### Architecture
+- Agent definition format with YAML frontmatter
+- Skills as domain-knowledge modules loaded on-demand
+- Subagent vs handoff patterns for different control levels
+- Hierarchical issue tracking for complex workflows
+---
+## What's Next
+See [Backlog.md](Backlog.md) for planned work:
+- MCP skill enhancements (web search, Playwright, Azure, Microsoft Learn)
+- Agent consistency review
+- Additional skills for API security and performance profiling
+---
+*"That's the history. Now stop looking backward and let's build something."*

package/README.md CHANGED Viewed

@@ -73,6 +73,7 @@ Beth's team comes equipped:
 | **Framer Components** | Build custom React components with property controls |
 | **React/Next.js Best Practices** | Vercel-grade performance patterns |
 | **Web Design Guidelines** | WCAG compliance, UI review, accessibility |
+| **shadcn/ui** | Component library patterns, installation, and best practices |
 | **Security Analysis** | OWASP, threat modeling, vulnerability assessment |
 ## How Beth Works
@@ -220,6 +221,13 @@ Beth's agents work fine without them, but these make them smarter:
 Full details: [docs/MCP-SETUP.md](docs/MCP-SETUP.md)
+## Documentation
+- [Installation Guide](docs/INSTALLATION.md) — Full setup instructions
+- [MCP Setup](docs/MCP-SETUP.md) — Optional server integrations
+- [Changelog](CHANGELOG.md) — Version history and updates
+- [Security Policy](SECURITY.md) — Vulnerability reporting
 ## License
 MIT — Take it. Run it. Build empires.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "beth-copilot",
-  "version": "1.0.11",
+  "version": "1.0.12",
   "description": "Beth - A ruthless, hyper-competent AI orchestrator for GitHub Copilot multi-agent workflows",
   "keywords": [
     "github-copilot",
@@ -29,7 +29,8 @@
     "bin/",
     "templates/",
     "assets/",
-    "sbom.json"
+    "sbom.json",
+    "CHANGELOG.md"
   ],
   "scripts": {
     "test": "node --test bin/lib/*.test.js",

package/sbom.json CHANGED Viewed

@@ -3,15 +3,15 @@
   "bomFormat": "CycloneDX",
   "specVersion": "1.6",
   "version": 1,
-  "serialNumber": "urn:uuid:eb42feb4-edf5-4986-8f30-8a0b9b8418d3",
+  "serialNumber": "urn:uuid:d65254d0-0268-4133-9580-2fd3dca6cb0f",
   "metadata": {
-    "timestamp": "2026-02-01T09:13:32.721Z",
+    "timestamp": "2026-02-01T09:19:13.714Z",
     "tools": {
       "components": [
         {
           "type": "application",
           "name": "npm",
-          "version": "10.8.2"
+          "version": "10.9.4"
         },
         {
           "type": "application",
@@ -82,8 +82,8 @@
     "component": {
       "type": "application",
       "name": "beth-copilot",
-      "version": "1.0.11",
-      "bom-ref": "beth-copilot@1.0.11",
+      "version": "1.0.12",
+      "bom-ref": "beth-copilot@1.0.12",
       "author": "Steph Schofield",
       "description": "Beth - A ruthless, hyper-competent AI orchestrator for GitHub Copilot multi-agent workflows",
       "licenses": [
@@ -94,7 +94,7 @@
           }
         }
       ],
-      "purl": "pkg:npm/beth-copilot@1.0.11?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fstephschofield%2Fbeth.git",
+      "purl": "pkg:npm/beth-copilot@1.0.12?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fstephschofield%2Fbeth.git",
       "externalReferences": [
         {
           "url": "git+https://github.com/stephschofield/beth.git",
@@ -123,7 +123,7 @@
   "components": [],
   "dependencies": [
     {
-      "ref": "beth-copilot@1.0.11"
+      "ref": "beth-copilot@1.0.12"
     }
   ]
 }