oh-my-customcode 0.136.1 → 0.136.2

package/dist/cli/index.js

@@ -2334,7 +2334,7 @@ var init_package = __esm(() => {
     workspaces: [
       "packages/*"
     ],
-    version: "0.136.1",
+    version: "0.136.2",
     description: "Batteries-included agent harness for Claude Code",
     type: "module",
     bin: {

package/dist/index.js

@@ -2014,7 +2014,7 @@ var package_default = {
   workspaces: [
     "packages/*"
   ],
-  version: "0.136.1",
+  version: "0.136.2",
   description: "Batteries-included agent harness for Claude Code",
   type: "module",
   bin: {

package/package.json

@@ -3,7 +3,7 @@
   "workspaces": [
     "packages/*"
   ],
-  "version": "0.136.1",
+  "version": "0.136.2",
   "description": "Batteries-included agent harness for Claude Code",
   "type": "module",
   "bin": {

package/templates/.claude/skills/pipeline/workflows/auto-dev.yaml

@@ -88,25 +88,11 @@ steps:
       - All Agent tool calls MUST pass mode: "bypassPermissions" to prevent permission prompts during unattended execution
 
 
-      ## Universal /tmp Script Bypass for .claude/ paths (R010 Universal /tmp Script Bypass)
+      ## Sensitive Path Handling (CC v2.1.121+)
 
-      ALL tool calls targeting `.claude/` MUST go through `/tmp/*.sh` script via Bash. This applies to read-only measurement (sed/cat/wc/ls), Write, Edit, and write-Bash. Read tool is exempt.
+      Direct Write/Edit/Bash on `.claude/**` is permitted under `mode: "bypassPermissions"` as of CC v2.1.121 (#1101). The legacy `/tmp/*.sh` bypass is no longer required. Structural changes (new agents/skills) still go through mgr-creator with R017 verification.
 
-      Pattern:
-      1. Write(/tmp/fix-{topic}.sh) — script contents may use heredoc/sed/cp targeting .claude/
-      2. Bash(bash /tmp/fix-{topic}.sh) — Bash target is /tmp/, not .claude/
-      3. Read or Bash(head/grep) on .claude/ paths is fine (Read tool sensitive-path exempt; Bash on .claude/ is also exempt for some commands but to stay safe always use /tmp script for any sed/cat/wc on .claude/).
-
-      Rationale: CC sensitive-path check inspects tool-call target paths but does NOT audit script-internal file operations. Direct Write/Edit/Bash on .claude/ triggers user approval prompts even with bypassPermissions, breaking unattended automation.
-
-      Use this pattern for:
-      - Any documentation fix in .claude/
-      - Any frontmatter change
-      - Any read-only measurement / inspection / counting
-      - Count synchronization between source and templates
-      - Structural changes (new agents/skills) MUST still go through mgr-creator with R017 verification, AND mgr-creator itself uses /tmp bypass for the file writes
-
-      References: #1052, #1016 (v0.111.1 origin), #1046 (v0.116.1 delegation directive loss fix), feedback_sensitive_path_tmp_bypass.md memory
+      For CC < v2.1.121 see git history for the legacy bypass pattern.
 
       ## Local CI-mimic verification (MUST run before marking implement done)
 
@@ -160,9 +146,24 @@ steps:
              git branch -D release
            fi
          Reference: issue #1141 (v0.135.0 follow-up), mgr-gitnerd MEMORY.md.
-      1. Version:
+
+      1. Version bump (mandatory):
+         Orchestrator delegates to mgr-updater (R010). mgr-updater executes the following atomic edits:
+         Determine NEW version per semver rules below.
+         npm project (package.json exists):
+           a. package.json: jq '.version = "<NEW>"' package.json > package.json.tmp && mv package.json.tmp package.json
+           b. templates/manifest.json: jq '.version = "<NEW>"' templates/manifest.json > templates/manifest.json.tmp && mv templates/manifest.json.tmp templates/manifest.json
+           c. mgr-gitnerd commit: "chore(release): bump to v<NEW>"
+           d. mgr-gitnerd push develop
+           e. mandatory verification (with existence guard for partial-update safety):
+              [ -f scripts/verify-version-sync.sh ] && bash scripts/verify-version-sync.sh || echo "::warning::verify-version-sync.sh not found, version sync verification skipped"
+              (verify-version-sync.sh 가 exit 1 시 release 단계 halt)
+
+         Version decision (semver):
          - No existing tags → v0.1.0
-         - Otherwise: semver bump (patch for bugfix, minor for features)
+         - Previous tag exists → patch (bugfix) / minor (features) / major (breaking)
+         - Previous tag is ahead of source version (e.g., tag v0.136.1, package.json 0.136.0): use next available skip-version (0.136.2)
+
       2. Release notes via omcustom-release-notes skill
       3. Delegate to mgr-gitnerd:
          - git tag + push
@@ -173,7 +174,7 @@ steps:
       6. Adapt release mechanism to project:
          - npm project: PR + merge + npm publish verification
          - Non-npm: direct tag on main (trunk-based)
-    description: "Git tag + GitHub Release + close milestone/issues"
+    description: "Git tag + GitHub Release + close milestone/issues (with mandatory version sync verification)"
     depends_on: deep-verify
 
   - name: ci-check

package/templates/manifest.json

@@ -1,5 +1,5 @@
 {
-  "version": "0.136.1",
+  "version": "0.136.2",
   "lastUpdated": "2026-05-14T00:00:00.000Z",
   "omcustomMinClaudeCode": "2.1.121",
   "omcustomMinClaudeCodeReason": "Sensitive-path direct Write/Edit on .claude/** under bypassPermissions (R010 deprecation, #1101)",