nativesoul 1.0.0 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -15,6 +15,60 @@ product after ADR-045; there is no Free/Pro split.
15
15
  ### Product
16
16
  - _Nothing yet._
17
17
 
18
+ ## [1.1.1] — 2026-07-07
19
+
20
+ Patch release (ADR-043 §1 — bugfix, no API change; free update within your
21
+ 12-month window). `dependencies: {}` preserved; still local-first, no telemetry.
22
+
23
+ ### Fixed
24
+ - **`nativesoul scan` on large repos** — the scan now reads root-level manifests,
25
+ lockfiles, README and git remotes in a root-first pass before the bounded
26
+ directory walk. Previously, a large monorepo could exhaust the traversal
27
+ budget in big early directories before reaching the root `package.json`, so
28
+ the scan reported "none detected" at the repo root. It now detects your stack
29
+ regardless of tree size. Same guardrails: read-only, denylist-before-read, no
30
+ secrets, no network.
31
+ - **Local dashboard layout** — `nativesoul dashboard viewer` no longer overflows:
32
+ panels flow in a balanced grid and cap their height with the record list
33
+ scrolling internally, and long rows truncate cleanly instead of spilling past
34
+ the card. Still self-contained, read-only, and local.
35
+
36
+ ## [1.1.0] — 2026-07-07
37
+
38
+ Additive feature release (EPIC-026 — Onboarding v2 + dev-environment context).
39
+ Backward-compatible: no breaking CLI/MCP/schema changes, so this is a free
40
+ update within your 12-month window (ADR-043 §3). `dependencies: {}` preserved;
41
+ still local-first, no telemetry, nothing uploaded.
42
+
43
+ ### Product
44
+ - **`nativesoul scan`** — an optional, read-only, local scan of your current
45
+ project (or `nativesoul scan <path>`). Dry-run by default; it proposes
46
+ engineering preferences for `USER.md`, tool conventions for `TOOLS.md`, and
47
+ candidate memories from your metadata, README, and structure. It never reads
48
+ secrets or source content (denylist-before-read), makes no network calls, and
49
+ writes only under `~/.nativesoul/` after you confirm — each write policy-gated
50
+ and audited. SOUL.md/POLICY.md are never touched.
51
+ - **Guided onboarding v2** — the host AI now proactively opens a warm identity
52
+ interview on first run, with per-theme guidance and a dry-run → confirm →
53
+ apply flow (SOUL.md still requires explicit confirmation). After identity, it
54
+ offers the optional heartbeat and dev-environment scan with clear consent;
55
+ hosts without a native scheduler (Grok/Gemini) are handled honestly.
56
+ - **Every workspace file now has a wired function** — `TOOLS.md` is consulted
57
+ before tool work, `MEMORY.md` is a live managed-block mirror of your curated
58
+ memory (SQLite source), and `HEARTBEAT.md` is a checklist surfaced on a
59
+ heartbeat run. No inert files.
60
+ - **Region-neutral defaults** — new workspaces default to a host-detected/UTC
61
+ timezone and English recall keywords (was BR-specific).
62
+ - **Detailed workspace docs** — `reference/workspace.mdx` now explains each file
63
+ in depth (purpose, who writes it, how it's used, protections, example).
64
+
65
+ ### Fixed
66
+ - **Claude hot-scan robustness** — the capability hot scan (`claude mcp list` /
67
+ `plugin list`) now allows 5s (was 1.2s) before giving up. A missing CLI still
68
+ fails fast; the longer ceiling only applies when the CLI exists but is slow
69
+ (cold start on a busy machine), preventing a spurious "degraded" capability
70
+ scan under load.
71
+
18
72
  ## [1.0.0] — 2026-07-06
19
73
 
20
74
  First stable major. NativeSoul now commits to SemVer stability on its CLI, MCP,
package/README.md CHANGED
@@ -351,7 +351,9 @@ npm run release:security:audit # lint + typecheck + policy + tests + build + s
351
351
  npm run release:provenance:dry-run
352
352
  ```
353
353
 
354
- `nativesoul@0.1.0` has been published to npm. Future publish/dist-tag operations remain @devops-only (see [`docs/guides/npm-beta-release-rollback.md`](docs/guides/npm-beta-release-rollback.md)). The security audit does not read npm tokens, sign with real keys, or claim public SLSA/registry attestation.
354
+ **Continuous integration:** CI runs on **CircleCI** (`.circleci/config.yml`) the full quality gate (lint, typecheck, policy, build, non-e2e suite) on **Linux, Windows, and macOS**, plus the e2e suite and the site build. A dynamic-config setup job inspects the changed paths on each push and only runs what's relevant — **docs-only pushes skip the build entirely** (no Linux/Windows/macOS spin-up); `site/` changes run the site build; code/tooling changes run the full 3-OS gate. The GitHub Actions workflows under `.github/workflows/` are kept for reference but set to manual-only (`workflow_dispatch`) while Actions billing is unavailable.
355
+
356
+ `nativesoul@1.0.0` (first stable major) has been published to npm on the `beta` and `latest` channels. Future publish/dist-tag operations remain @devops-only (see [`docs/guides/npm-beta-release-rollback.md`](docs/guides/npm-beta-release-rollback.md)). The security audit does not read npm tokens, sign with real keys, or claim public SLSA/registry attestation.
355
357
 
356
358
  ---
357
359
 
package/dist/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "nativesoul",
3
- "version": "1.0.0",
3
+ "version": "1.1.1",
4
4
  "description": "Local-first continuity layer for coding agents.",
5
5
  "type": "module",
6
6
  "license": "UNLICENSED",