contract-driven-delivery 2.0.9 → 2.0.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +88 -0
- package/dist/cli/index.js +1639 -1584
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,93 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [2.0.11] - 2026-05-04
|
|
4
|
+
|
|
5
|
+
Final portability fix in the digest series. After 2.0.10 made digests
|
|
6
|
+
repo-relative and content-keyed, a real consumer repo on Windows
|
|
7
|
+
(`core.autocrlf=true`) still produced different digests than the same
|
|
8
|
+
repo on Linux/Mac (`core.autocrlf=false`) — because the file BYTES
|
|
9
|
+
differ even when the file content is logically identical.
|
|
10
|
+
|
|
11
|
+
### Fixed
|
|
12
|
+
|
|
13
|
+
- **All hash inputs are now line-ending normalized**. `\r\n` and stand-alone
|
|
14
|
+
`\r` are converted to `\n` before SHA-256 is computed. Applied uniformly
|
|
15
|
+
across the four places that hash files for cdd-kit's digests:
|
|
16
|
+
- `inputsDigest()` in `src/commands/context-scan.ts`
|
|
17
|
+
(project-map / contracts-index)
|
|
18
|
+
- `inputDigest()` in `src/commands/doctor.ts`
|
|
19
|
+
(freshness check against committed indexes)
|
|
20
|
+
- `inputsDigest()` in `src/commands/new-change.ts`
|
|
21
|
+
(auto-rerun decision in /cdd-new flow)
|
|
22
|
+
- `computeSourcesDigest()` in `src/commands/code-map.ts`
|
|
23
|
+
(`# sources-digest:` header in code-map.yml)
|
|
24
|
+
|
|
25
|
+
All four now share `src/utils/digest.ts → sha256OfFileNormalized()`,
|
|
26
|
+
so the rule is in exactly one place.
|
|
27
|
+
|
|
28
|
+
### Migration
|
|
29
|
+
|
|
30
|
+
After upgrading, re-run **once**:
|
|
31
|
+
|
|
32
|
+
```bash
|
|
33
|
+
cdd-kit context-scan
|
|
34
|
+
cdd-kit code-map
|
|
35
|
+
git add specs/context/ .cdd/code-map.yml
|
|
36
|
+
git commit -m "chore: regenerate indexes & code-map (cdd-kit 2.0.11)"
|
|
37
|
+
```
|
|
38
|
+
|
|
39
|
+
From then on, fresh clones on any OS / autocrlf setting produce identical
|
|
40
|
+
digests, eliminating the last source of false-positive doctor warnings.
|
|
41
|
+
|
|
42
|
+
## [2.0.10] - 2026-05-04
|
|
43
|
+
|
|
44
|
+
Two more context-scan determinism bugs, both surfaced verifying the 2.0.9
|
|
45
|
+
fix on the same consumer repo.
|
|
46
|
+
|
|
47
|
+
### Fixed
|
|
48
|
+
|
|
49
|
+
- **`inputs-digest` is now portable across clones**: previously the digest
|
|
50
|
+
was computed from `<absolute-path>:<content-sha>`, so the value depended
|
|
51
|
+
on `cwd`. A user's local repo at `D:\TODO\` and a fresh CI clone at
|
|
52
|
+
`/runner/work/TODO/` would always produce different digests for the
|
|
53
|
+
same content, causing `cdd-kit doctor` to report "inputs changed"
|
|
54
|
+
permanently after every fresh clone. Now uses repo-relative path —
|
|
55
|
+
digest depends only on the file's logical location and content.
|
|
56
|
+
Applied identically to `src/commands/context-scan.ts`,
|
|
57
|
+
`src/commands/doctor.ts`, and `src/commands/new-change.ts`.
|
|
58
|
+
- **Nested build outputs (`dist/`, `build/`, `out/`) excluded at any depth**:
|
|
59
|
+
`FORBIDDEN_DIRECTORY_NAMES` now lists these as basename matches, so
|
|
60
|
+
`frontend/dist/`, `apps/web/build/`, `packages/lib/out/` get pruned
|
|
61
|
+
from the project-map tree. Previously only top-level `dist/` and
|
|
62
|
+
`build/` were caught.
|
|
63
|
+
|
|
64
|
+
- **Hash-based code-map freshness**: previously `cdd-kit gate` and
|
|
65
|
+
`cdd-kit doctor` used file mtime to decide whether the code-map was
|
|
66
|
+
fresh. mtime is unreliable across `git clone` (clone resets mtimes in
|
|
67
|
+
unpredictable order), so any fresh clone reported `code-map stale: N
|
|
68
|
+
files` even when content was bit-identical — and `cdd-kit gate` treats
|
|
69
|
+
that as a hard error.
|
|
70
|
+
|
|
71
|
+
Fix: code-map.yml now embeds `# sources-digest: <sha256>` in its header
|
|
72
|
+
(covers all input file paths + content). Freshness check first does
|
|
73
|
+
the fast mtime check; when mtime says stale, falls back to verifying
|
|
74
|
+
the digest. Real content changes are still detected; mtime-only drift
|
|
75
|
+
is silently overridden. Maps generated by cdd-kit < 2.0.10 lack the
|
|
76
|
+
digest line; for those, the legacy mtime verdict is used.
|
|
77
|
+
|
|
78
|
+
### Migration
|
|
79
|
+
|
|
80
|
+
After upgrading, re-run `cdd-kit context-scan` once and commit the new
|
|
81
|
+
`specs/context/*.md`. Same for `cdd-kit code-map` — the new map will
|
|
82
|
+
include the `# sources-digest:` line that gate/doctor use for portable
|
|
83
|
+
freshness.
|
|
84
|
+
|
|
85
|
+
The new `inputs-digest` and `sources-digest` are in different formats
|
|
86
|
+
than 2.0.9 (repo-relative paths, content-keyed) so existing maps will
|
|
87
|
+
look stale until regenerated. This is one-time. From then on, fresh
|
|
88
|
+
clones and CI will produce stable digests that match the committed
|
|
89
|
+
values, eliminating false-positive doctor warnings.
|
|
90
|
+
|
|
3
91
|
## [2.0.9] - 2026-05-04
|
|
4
92
|
|
|
5
93
|
Bug-fix patch. Discovered when verifying a real consumer repo (TODOLIST)
|