tinymoon 0.0.1__tar.gz → 0.3.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- tinymoon-0.3.0/.github/workflows/ci-go.yml +26 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.github/workflows/publish.yml +36 -2
- tinymoon-0.3.0/.rlsbl/bases/.github/workflows/ci-go.yml +26 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/bases/.github/workflows/publish.yml +26 -2
- tinymoon-0.3.0/.rlsbl/bases/.rlsbl/lint/go.toml +17 -0
- tinymoon-0.3.0/.rlsbl/bases/VERSION +1 -0
- tinymoon-0.3.0/.rlsbl/changes/0.1.0.jsonl +16 -0
- tinymoon-0.3.0/.rlsbl/changes/0.1.0.md +15 -0
- tinymoon-0.3.0/.rlsbl/changes/0.2.0.jsonl +18 -0
- tinymoon-0.3.0/.rlsbl/changes/0.2.0.md +24 -0
- tinymoon-0.3.0/.rlsbl/changes/0.3.0.jsonl +2 -0
- tinymoon-0.3.0/.rlsbl/changes/0.3.0.md +7 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/config.json +8 -2
- tinymoon-0.3.0/.rlsbl/lint/go.toml +17 -0
- tinymoon-0.3.0/.rlsbl/managed-files.json +16 -0
- tinymoon-0.3.0/.rlsbl/releases/v0.2.0.toml +14 -0
- tinymoon-0.3.0/.rlsbl/releases/v0.3.0.toml +12 -0
- tinymoon-0.3.0/.strictcli/schema.json +66 -0
- tinymoon-0.3.0/CHANGELOG.md +60 -0
- tinymoon-0.3.0/CLAUDE.md +21 -0
- tinymoon-0.3.0/PKG-INFO +131 -0
- tinymoon-0.3.0/README.md +110 -0
- tinymoon-0.3.0/VERSION +1 -0
- tinymoon-0.3.0/assets/css/base.css +113 -0
- tinymoon-0.3.0/assets/css/primitives.css +627 -0
- tinymoon-0.3.0/assets/css/shell.css +135 -0
- tinymoon-0.3.0/assets/css/tokens.css +99 -0
- tinymoon-0.3.0/assets/fonts/ibm-plex-mono-latin-400.woff2 +0 -0
- tinymoon-0.3.0/assets/fonts/ibm-plex-mono-latin-500.woff2 +0 -0
- tinymoon-0.3.0/assets/fonts/ibm-plex-sans-latin.woff2 +0 -0
- tinymoon-0.3.0/assets/fonts/space-grotesk-latin.woff2 +0 -0
- tinymoon-0.3.0/assets/js/controls.js +82 -0
- tinymoon-0.3.0/assets/js/ctxmenu.js +97 -0
- tinymoon-0.3.0/assets/js/dom.js +13 -0
- tinymoon-0.3.0/assets/js/format.js +9 -0
- tinymoon-0.3.0/assets/js/icons.js +42 -0
- tinymoon-0.3.0/assets/js/index.js +18 -0
- tinymoon-0.3.0/assets/js/markdown.js +44 -0
- tinymoon-0.3.0/assets/js/modal.js +63 -0
- tinymoon-0.3.0/assets/js/net.js +24 -0
- tinymoon-0.3.0/assets/js/popover.js +46 -0
- tinymoon-0.3.0/assets/js/select.js +138 -0
- tinymoon-0.3.0/assets/js/settings.js +56 -0
- tinymoon-0.3.0/assets/js/shell.js +211 -0
- tinymoon-0.3.0/assets/js/toast.js +47 -0
- tinymoon-0.3.0/assets/js/tooltip.js +106 -0
- tinymoon-0.3.0/assets/js/wiki.js +122 -0
- tinymoon-0.3.0/gallery/gallery.css +81 -0
- tinymoon-0.3.0/gallery/gallery.js +654 -0
- tinymoon-0.3.0/gallery/index.html +19 -0
- tinymoon-0.3.0/go.mod +3 -0
- tinymoon-0.3.0/index.js +2 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/package.json +10 -5
- {tinymoon-0.0.1 → tinymoon-0.3.0}/pyproject.toml +13 -1
- tinymoon-0.3.0/tests/fixtures/clean/clean.css +30 -0
- tinymoon-0.3.0/tests/fixtures/clean/clean.html +28 -0
- tinymoon-0.3.0/tests/fixtures/clean/clean.js +16 -0
- tinymoon-0.3.0/tests/fixtures/clean/tinymoon-allowlist.txt +2 -0
- tinymoon-0.3.0/tests/fixtures/violations/border-radius.css +15 -0
- tinymoon-0.3.0/tests/fixtures/violations/border-radius.html +7 -0
- tinymoon-0.3.0/tests/fixtures/violations/border-radius.js +8 -0
- tinymoon-0.3.0/tests/fixtures/violations/external-url.css +11 -0
- tinymoon-0.3.0/tests/fixtures/violations/external-url.html +11 -0
- tinymoon-0.3.0/tests/fixtures/violations/external-url.js +8 -0
- tinymoon-0.3.0/tests/fixtures/violations/native-control.html +11 -0
- tinymoon-0.3.0/tests/fixtures/violations/native-control.js +9 -0
- tinymoon-0.3.0/tests/fixtures/violations/raw-color.css +15 -0
- tinymoon-0.3.0/tests/fixtures/violations/raw-color.html +8 -0
- tinymoon-0.3.0/tests/fixtures/violations/raw-color.js +8 -0
- tinymoon-0.3.0/tests/fixtures/violations/title-attr.html +8 -0
- tinymoon-0.3.0/tests/fixtures/violations/title-attr.js +8 -0
- tinymoon-0.3.0/tests/test_assets.py +16 -0
- tinymoon-0.3.0/tests/test_budgets.py +72 -0
- tinymoon-0.3.0/tests/test_checker.py +194 -0
- tinymoon-0.3.0/tests/test_version.py +18 -0
- tinymoon-0.3.0/tinymoon/__init__.py +31 -0
- tinymoon-0.3.0/tinymoon/checker.py +678 -0
- tinymoon-0.3.0/tinymoon/cli.py +65 -0
- tinymoon-0.3.0/tinymoon.go +36 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/uv.lock +14 -1
- tinymoon-0.0.1/.rlsbl/managed-files.json +0 -13
- tinymoon-0.0.1/CHANGELOG.md +0 -11
- tinymoon-0.0.1/PKG-INFO +0 -37
- tinymoon-0.0.1/README.md +0 -17
- tinymoon-0.0.1/index.js +0 -3
- tinymoon-0.0.1/tests/test_placeholder.py +0 -5
- tinymoon-0.0.1/tinymoon/__init__.py +0 -6
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.github/workflows/ci-pypi.yml +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.gitignore +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.npmignore +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/bases/.github/workflows/ci-pypi.yml +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/bases/.gitignore +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/bases/.npmignore +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/bases/.rlsbl/changes/unreleased.jsonl +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/bases/.rlsbl/lint/npm.toml +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/bases/.rlsbl/lint/python.toml +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/bases/CHANGELOG.md +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/changes/0.0.1.jsonl +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/changes/0.0.1.md +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/changes/unreleased.jsonl +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/lint/npm.toml +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/lint/python.toml +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/releases/v0.0.1.toml +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/.rlsbl/version +0 -0
- {tinymoon-0.0.1 → tinymoon-0.3.0}/LICENSE +0 -0
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
name: CI
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [main]
|
|
6
|
+
pull_request:
|
|
7
|
+
branches: [main]
|
|
8
|
+
workflow_dispatch:
|
|
9
|
+
|
|
10
|
+
# Per-SHA group: re-runs of the same commit dedupe, but a new commit never
|
|
11
|
+
# cancels an earlier commit's in-flight run (release CI conclusions stay intact).
|
|
12
|
+
concurrency:
|
|
13
|
+
group: ${{ github.workflow_ref }}-${{ github.sha }}
|
|
14
|
+
cancel-in-progress: true
|
|
15
|
+
|
|
16
|
+
jobs:
|
|
17
|
+
test:
|
|
18
|
+
runs-on: ubuntu-latest
|
|
19
|
+
steps:
|
|
20
|
+
- uses: actions/checkout@v6
|
|
21
|
+
# go.mod: go 1.26
|
|
22
|
+
- uses: actions/setup-go@v6
|
|
23
|
+
with:
|
|
24
|
+
go-version-file: go.mod
|
|
25
|
+
- run: go vet ./...
|
|
26
|
+
- run: go test ./... -race -short -timeout=10m
|
|
@@ -7,7 +7,7 @@ concurrency:
|
|
|
7
7
|
group: ${{ github.workflow_ref }}-${{ github.ref }}
|
|
8
8
|
cancel-in-progress: false
|
|
9
9
|
permissions:
|
|
10
|
-
contents:
|
|
10
|
+
contents: write
|
|
11
11
|
id-token: write
|
|
12
12
|
jobs:
|
|
13
13
|
gate:
|
|
@@ -145,7 +145,8 @@ jobs:
|
|
|
145
145
|
# --access public is hardcoded on purpose: scoped packages are forbidden
|
|
146
146
|
# in this ecosystem, and unscoped public packages require --access public.
|
|
147
147
|
# --provenance is toggled by the pipeline's `provenance` config key.
|
|
148
|
-
- run: npm publish --access public ${{
|
|
148
|
+
- run: npm publish --provenance --access public ${{
|
|
149
|
+
steps.dist-tag.outputs.tag }}
|
|
149
150
|
if: steps.check-npm.outputs.skip != 'true'
|
|
150
151
|
env:
|
|
151
152
|
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
|
|
@@ -166,3 +167,36 @@ jobs:
|
|
|
166
167
|
- uses: pypa/gh-action-pypi-publish@release/v1
|
|
167
168
|
with:
|
|
168
169
|
skip-existing: true
|
|
170
|
+
go:
|
|
171
|
+
needs: gate
|
|
172
|
+
runs-on: ubuntu-latest
|
|
173
|
+
steps:
|
|
174
|
+
- uses: actions/checkout@v6
|
|
175
|
+
with:
|
|
176
|
+
fetch-depth: 0
|
|
177
|
+
- uses: actions/setup-go@v6
|
|
178
|
+
with:
|
|
179
|
+
go-version-file: go.mod
|
|
180
|
+
- name: Install gitleaks
|
|
181
|
+
run: |
|
|
182
|
+
GITLEAKS_VERSION=8.24.3
|
|
183
|
+
curl -sSfL "https://github.com/gitleaks/gitleaks/releases/download/v${GITLEAKS_VERSION}/gitleaks_${GITLEAKS_VERSION}_linux_x64.tar.gz" | tar xz -C /usr/local/bin gitleaks
|
|
184
|
+
- name: Scan source for secrets
|
|
185
|
+
run: |
|
|
186
|
+
gitleaks dir .
|
|
187
|
+
# tinymoon's Go module is a library (embed.FS + http.Handler) -- there
|
|
188
|
+
# is no main package, so goreleaser has nothing to build. For a Go
|
|
189
|
+
# library the pushed tag IS the publish: the module proxy serves it
|
|
190
|
+
# straight from git. This step primes proxy.golang.org and hard-fails
|
|
191
|
+
# if the tagged version does not resolve. Like the gate job, it assumes
|
|
192
|
+
# the run is at the tag ref (release trigger or dispatch at the tag).
|
|
193
|
+
- name: Verify module on the Go proxy
|
|
194
|
+
run: |
|
|
195
|
+
set -euo pipefail
|
|
196
|
+
mod="$(go list -m)"
|
|
197
|
+
ver="$GITHUB_REF_NAME"
|
|
198
|
+
dir="$(mktemp -d)"
|
|
199
|
+
cd "$dir"
|
|
200
|
+
go mod init proxyprime
|
|
201
|
+
GOPROXY=https://proxy.golang.org go mod download "${mod}@${ver}"
|
|
202
|
+
echo "Go proxy serves ${mod}@${ver}"
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
name: CI
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [main]
|
|
6
|
+
pull_request:
|
|
7
|
+
branches: [main]
|
|
8
|
+
workflow_dispatch:
|
|
9
|
+
|
|
10
|
+
# Per-SHA group: re-runs of the same commit dedupe, but a new commit never
|
|
11
|
+
# cancels an earlier commit's in-flight run (release CI conclusions stay intact).
|
|
12
|
+
concurrency:
|
|
13
|
+
group: ${{ github.workflow_ref }}-${{ github.sha }}
|
|
14
|
+
cancel-in-progress: true
|
|
15
|
+
|
|
16
|
+
jobs:
|
|
17
|
+
test:
|
|
18
|
+
runs-on: ubuntu-latest
|
|
19
|
+
steps:
|
|
20
|
+
- uses: actions/checkout@v6
|
|
21
|
+
# go.mod: go 1.26
|
|
22
|
+
- uses: actions/setup-go@v6
|
|
23
|
+
with:
|
|
24
|
+
go-version-file: go.mod
|
|
25
|
+
- run: go vet ./...
|
|
26
|
+
- run: go test ./... -race -short -timeout=10m
|
|
@@ -7,7 +7,7 @@ concurrency:
|
|
|
7
7
|
group: ${{ github.workflow_ref }}-${{ github.ref }}
|
|
8
8
|
cancel-in-progress: false
|
|
9
9
|
permissions:
|
|
10
|
-
contents:
|
|
10
|
+
contents: write
|
|
11
11
|
id-token: write
|
|
12
12
|
jobs:
|
|
13
13
|
gate:
|
|
@@ -145,7 +145,8 @@ jobs:
|
|
|
145
145
|
# --access public is hardcoded on purpose: scoped packages are forbidden
|
|
146
146
|
# in this ecosystem, and unscoped public packages require --access public.
|
|
147
147
|
# --provenance is toggled by the pipeline's `provenance` config key.
|
|
148
|
-
- run: npm publish --access public ${{
|
|
148
|
+
- run: npm publish --provenance --access public ${{
|
|
149
|
+
steps.dist-tag.outputs.tag }}
|
|
149
150
|
if: steps.check-npm.outputs.skip != 'true'
|
|
150
151
|
env:
|
|
151
152
|
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
|
|
@@ -166,3 +167,26 @@ jobs:
|
|
|
166
167
|
- uses: pypa/gh-action-pypi-publish@release/v1
|
|
167
168
|
with:
|
|
168
169
|
skip-existing: true
|
|
170
|
+
go:
|
|
171
|
+
needs: gate
|
|
172
|
+
runs-on: ubuntu-latest
|
|
173
|
+
steps:
|
|
174
|
+
- uses: actions/checkout@v6
|
|
175
|
+
with:
|
|
176
|
+
fetch-depth: 0
|
|
177
|
+
- uses: actions/setup-go@v6
|
|
178
|
+
with:
|
|
179
|
+
go-version-file: go.mod
|
|
180
|
+
- name: Install gitleaks
|
|
181
|
+
run: |
|
|
182
|
+
GITLEAKS_VERSION=8.24.3
|
|
183
|
+
curl -sSfL "https://github.com/gitleaks/gitleaks/releases/download/v${GITLEAKS_VERSION}/gitleaks_${GITLEAKS_VERSION}_linux_x64.tar.gz" | tar xz -C /usr/local/bin gitleaks
|
|
184
|
+
- name: Scan source for secrets
|
|
185
|
+
run: |
|
|
186
|
+
gitleaks dir .
|
|
187
|
+
- uses: goreleaser/goreleaser-action@v7
|
|
188
|
+
with:
|
|
189
|
+
version: ~> v2
|
|
190
|
+
args: release --clean
|
|
191
|
+
env:
|
|
192
|
+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
0.0.1
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
{"id":"18c1cbdfd89f0985a0ff2a57d2ee4b65a7ff437d638fa135","commits":["082cacea8f4b501b69715af612ec1ac9f5e50c49"],"user_facing":false}
|
|
2
|
+
{"id":"18c1cc207af6d28ae50104a7c416497d834df9c5e7eb060d","commits":["cb890eca94f6b4a257119bd8ce27f09cffb87b12"],"user_facing":true,"description":"README now leads with the project philosophy: zero-build vanilla web framework, strict by design.","type":"feature"}
|
|
3
|
+
{"id":"18c1cc216d0e32fa1029e07eadb84cc8a47ea09d511e4fc4","commits":["604bbf9419bf4db817c4ad2a3a6226299b54ce2e"],"user_facing":false}
|
|
4
|
+
{"id":"18c1d16c4ff40426c9396b1d34574a9687d9e70ce70f028e","commits":["477451297681bfbe84958583473fa9dde3256a26"],"user_facing":true,"description":"Design tokens, base styles, app shell, and UI primitives shipped as plain CSS, with vendored fonts.","type":"feature"}
|
|
5
|
+
{"id":"18c1d16c59cfd8eba0d008f9942249e7a407ef9da52d1250","commits":["c178a68686e7cd6f827a2d45b2066906300ef471"],"user_facing":true,"description":"ES-module UI primitives: app shell with hash router, modals, toasts, tooltips, custom select, context menus, popovers, controls, settings store, and mini-wiki builder.","type":"feature"}
|
|
6
|
+
{"id":"18c1d16c62a5f347fe8d55bcfd294566a5cadd9620cd601f","commits":["29a10e0467085db87204b1255e23e5ccbc0e30fc"],"user_facing":true,"description":"Interactive gallery documenting every token and primitive.","type":"feature"}
|
|
7
|
+
{"id":"18c1d16c6be3c768cb6a5bcd8c09475a90fd633aa0b9ce15","commits":["0aae65bc64a8ca820bd7b67bfc7357ddf324a0d9"],"user_facing":true,"description":"Go module exposing the assets as an embed.FS and http.Handler.","type":"feature"}
|
|
8
|
+
{"id":"18c1d16c7517dc51e5b33cf473ca45a5ad21cc8e4fc5b519","commits":["996a1c49badcf2c4edb2ef5c4d1d28c45d51d8b7","3b7e85aedd9d3a813d2456c53571dbeaafdcf76a"],"user_facing":true,"description":"npm package exports the ES modules; the PyPI wheel ships the assets, exposed via `tinymoon.assets_path()`.","type":"feature"}
|
|
9
|
+
{"id":"18c1d16c7e995ce7d5018132b0124ffa89328c3cef44a51c","commits":["b4261db38b071bc5a7d4b83ae206503de249a71b"],"user_facing":false}
|
|
10
|
+
{"id":"18c1d25bee418647d9089eaebbfb4167813a6e53edb43057","commits":["d70a61efb8f76f627a43d204a97d47ec6e5d788e","fac0004d3e14b8f483097c977d8ee32c304566c0"],"user_facing":true,"description":"`tinymoon check` conformance checker: scans HTML/CSS/JS for external URLs, native controls, title attributes, rounded corners, and off-token colors; hard CI gate, no bypass flags.","type":"feature"}
|
|
11
|
+
{"id":"18c1d25bf5a91bee7158b15a377a4597abeb94aac506f2f7","commits":["4f58441627685fb483be937a625b4911269c0f1e"],"user_facing":false}
|
|
12
|
+
{"id":"18c1d359658284a3d564b15a8c5345e89c1840af08132930","commits":["a0327331794a1382163146b058315965b3f813a2"],"user_facing":false}
|
|
13
|
+
{"id":"18c1d369a6b5de997e56f62f572e4c12b8d2f6a51637cc98","commits":["8d4491cbde919706bbe3a6e0f3d21466bde5a66c","b14c8a479c939c4da141001181d1d1e697944ca8"],"user_facing":true,"description":"Icon set trimmed to framework/UI staples (audio-transport icons removed); new `registerIcons()` extension point for consumer icons (hard error on name collision). package.json now declares an `exports` map locking the documented entry points (`tinymoon` and `tinymoon/assets/*`).","type":"fix"}
|
|
14
|
+
{"id":"18c1d36fc6a2bee0ceb0f88bbb914d3f9ba8e6eab8e4d970","commits":["0d4fc35f1568821d402c4232b38f7a5b79669ef4"],"user_facing":false}
|
|
15
|
+
{"id":"18c1d379a83bdaa08da38f9076534ed596435afec77c2712","commits":["de1df0c8c815f7c6401b0cf0b8cc012d3c3cc724"],"user_facing":false}
|
|
16
|
+
{"id":"18c1d382ff296fe949f8bc2ac98e4a1f9b00e33b2e1f9968","commits":["0022b941f2cb31cc5a9330eb00885d994de861fe"],"user_facing":false}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
## 0.1.0
|
|
2
|
+
|
|
3
|
+
### Features
|
|
4
|
+
|
|
5
|
+
- README now leads with the project philosophy: zero-build vanilla web framework, strict by design.
|
|
6
|
+
- Design tokens, base styles, app shell, and UI primitives shipped as plain CSS, with vendored fonts.
|
|
7
|
+
- ES-module UI primitives: app shell with hash router, modals, toasts, tooltips, custom select, context menus, popovers, controls, settings store, and mini-wiki builder.
|
|
8
|
+
- Interactive gallery documenting every token and primitive.
|
|
9
|
+
- Go module exposing the assets as an embed.FS and http.Handler.
|
|
10
|
+
- npm package exports the ES modules; the PyPI wheel ships the assets, exposed via `tinymoon.assets_path()`.
|
|
11
|
+
- `tinymoon check` conformance checker: scans HTML/CSS/JS for external URLs, native controls, title attributes, rounded corners, and off-token colors; hard CI gate, no bypass flags.
|
|
12
|
+
|
|
13
|
+
### Fixes
|
|
14
|
+
|
|
15
|
+
- Icon set trimmed to framework/UI staples (audio-transport icons removed); new `registerIcons()` extension point for consumer icons (hard error on name collision). package.json now declares an `exports` map locking the documented entry points (`tinymoon` and `tinymoon/assets/*`).
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
{"id":"18c1d43b7a2262ff2e0202cd43804fc1ba48268d5e5e2a51","commits":["932014ebb4ebb376e31326dc01dbb2912a83e29c"],"user_facing":false}
|
|
2
|
+
{"id":"18c1d59ca44d85ed8f777e7a40344bc79d266d41d9e236e2","commits":["082cacea8f4b501b69715af612ec1ac9f5e50c49"],"user_facing":false}
|
|
3
|
+
{"id":"18c1d59cbddf5121dd287f4b22d0448d9c0e0c4c38502150","commits":["cb890eca94f6b4a257119bd8ce27f09cffb87b12"],"user_facing":true,"description":"README now leads with the project philosophy: zero-build vanilla web framework, strict by design.","type":"feature"}
|
|
4
|
+
{"id":"18c1d59cda4308380fde673ae46f4dcd8df18d20ac87a7e4","commits":["604bbf9419bf4db817c4ad2a3a6226299b54ce2e"],"user_facing":false}
|
|
5
|
+
{"id":"18c1d59cf535841fc7e98b450a184c989134a9e151148174","commits":["477451297681bfbe84958583473fa9dde3256a26"],"user_facing":true,"description":"Design tokens, base styles, app shell, and UI primitives shipped as plain CSS, with vendored fonts.","type":"feature"}
|
|
6
|
+
{"id":"18c1d59d09485a94390cdfb95b6a4654a0b11fe0c662d4ed","commits":["c178a68686e7cd6f827a2d45b2066906300ef471"],"user_facing":true,"description":"ES-module UI primitives: app shell with hash router, modals, toasts, tooltips, custom select, context menus, popovers, controls, settings store, and mini-wiki builder.","type":"feature"}
|
|
7
|
+
{"id":"18c1d59d1bc2b6642a34bb811d9c44069ff56ab9e0a0dfc4","commits":["29a10e0467085db87204b1255e23e5ccbc0e30fc"],"user_facing":true,"description":"Interactive gallery documenting every token and primitive.","type":"feature"}
|
|
8
|
+
{"id":"18c1d59d2f3afceed9b010336cd842c7a5ae63bdef3a05c2","commits":["0aae65bc64a8ca820bd7b67bfc7357ddf324a0d9"],"user_facing":true,"description":"Go module exposing the assets as an embed.FS and http.Handler.","type":"feature"}
|
|
9
|
+
{"id":"18c1d59d63dd4aa47d26c99423a0428fab687212df723be9","commits":["996a1c49badcf2c4edb2ef5c4d1d28c45d51d8b7","3b7e85aedd9d3a813d2456c53571dbeaafdcf76a"],"user_facing":true,"description":"npm package exports the ES modules; the PyPI wheel ships the assets, exposed via `tinymoon.assets_path()`.","type":"feature"}
|
|
10
|
+
{"id":"18c1d59ffb346491d2e75c3552f74a4cb9e1e08675edb22a","commits":["b4261db38b071bc5a7d4b83ae206503de249a71b"],"user_facing":false}
|
|
11
|
+
{"id":"18c1d5a0236fd39cbf5363a20fb14cf989230047fe0d0a1a","commits":["d70a61efb8f76f627a43d204a97d47ec6e5d788e","fac0004d3e14b8f483097c977d8ee32c304566c0"],"user_facing":true,"description":"`tinymoon check` conformance checker: scans HTML/CSS/JS for external URLs, native controls, title attributes, rounded corners, and off-token colors; hard CI gate, no bypass flags.","type":"feature"}
|
|
12
|
+
{"id":"18c1d5abe5649f48ca9540f667c34a62be80da1c71d6069d","commits":["4f58441627685fb483be937a625b4911269c0f1e"],"user_facing":false}
|
|
13
|
+
{"id":"18c1d5abeeec42bacb98f6f8bf434bdd814ad752ea94599a","commits":["a0327331794a1382163146b058315965b3f813a2"],"user_facing":false}
|
|
14
|
+
{"id":"18c1d5abf8cf452da0f6f26530f549b28075eb2a606e7383","commits":["8d4491cbde919706bbe3a6e0f3d21466bde5a66c","b14c8a479c939c4da141001181d1d1e697944ca8"],"user_facing":true,"description":"Icon set trimmed to framework/UI staples (audio-transport icons removed); new `registerIcons()` extension point for consumer icons (hard error on name collision). package.json now declares an `exports` map locking the documented entry points (`tinymoon` and `tinymoon/assets/*`).","type":"fix"}
|
|
15
|
+
{"id":"18c1d5ac0308b8767c3ae6a92e1b4214a590acb5425b791e","commits":["0d4fc35f1568821d402c4232b38f7a5b79669ef4"],"user_facing":false}
|
|
16
|
+
{"id":"18c1d5ac0e9f013a3065b2908de04c4d8f183f7b6d4e3989","commits":["de1df0c8c815f7c6401b0cf0b8cc012d3c3cc724"],"user_facing":false}
|
|
17
|
+
{"id":"18c1d5ac19479beecbfe680ebdc747aea2f4c5f9478cb8cc","commits":["0022b941f2cb31cc5a9330eb00885d994de861fe"],"user_facing":false}
|
|
18
|
+
{"id":"18c1d5fb7c39c10f0ead38c10d724d78be3530b7444c940e","commits":["8d4db2d807aa5ca5715fda2f7f1a69be46fc2a35"],"user_facing":false}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
## 0.2.0
|
|
2
|
+
|
|
3
|
+
The framework lands: design tokens, base styles, app shell, and UI primitives as zero-build vanilla CSS and ES modules; embeddable Go module; conformance checker CLI.
|
|
4
|
+
|
|
5
|
+
<details>
|
|
6
|
+
<summary>Context</summary>
|
|
7
|
+
|
|
8
|
+
0.0.1 was a name reservation across registries. 0.1.0 was tagged but never published anywhere: a release-tooling failure caused the CI gate to fail, all registry jobs were skipped, and the v0.1.0 tag was subsequently removed. 0.2.0 is therefore the first release that actually ships the framework: npm carries the browser assets (vanilla CSS and native ES modules, zero build step), PyPI carries the same assets plus the `tinymoon check` conformance checker CLI, and the Go module wraps the assets in an embed.FS for server-side embedding. All three targets are versioned together.
|
|
9
|
+
|
|
10
|
+
</details>
|
|
11
|
+
|
|
12
|
+
### Features
|
|
13
|
+
|
|
14
|
+
- README now leads with the project philosophy: zero-build vanilla web framework, strict by design.
|
|
15
|
+
- Design tokens, base styles, app shell, and UI primitives shipped as plain CSS, with vendored fonts.
|
|
16
|
+
- ES-module UI primitives: app shell with hash router, modals, toasts, tooltips, custom select, context menus, popovers, controls, settings store, and mini-wiki builder.
|
|
17
|
+
- Interactive gallery documenting every token and primitive.
|
|
18
|
+
- Go module exposing the assets as an embed.FS and http.Handler.
|
|
19
|
+
- npm package exports the ES modules; the PyPI wheel ships the assets, exposed via `tinymoon.assets_path()`.
|
|
20
|
+
- `tinymoon check` conformance checker: scans HTML/CSS/JS for external URLs, native controls, title attributes, rounded corners, and off-token colors; hard CI gate, no bypass flags.
|
|
21
|
+
|
|
22
|
+
### Fixes
|
|
23
|
+
|
|
24
|
+
- Icon set trimmed to framework/UI staples (audio-transport icons removed); new `registerIcons()` extension point for consumer icons (hard error on name collision). package.json now declares an `exports` map locking the documented entry points (`tinymoon` and `tinymoon/assets/*`).
|
|
@@ -0,0 +1,2 @@
|
|
|
1
|
+
{"id":"18c1d65de3b9d2de86a890bcf7074862b328946e3385930b","commits":["c6a33774c6adba04fc032378956edf906b18c20d"],"user_facing":false}
|
|
2
|
+
{"id":"18c1e67b4ce0af025424ac641be147a984cd844ae78a2fd3","commits":["acaf60b814a213bd132770c2143b33919740f9b0","e4dc2294b4194c08ee5dc8da7d1b2a7351dc1900","fecd63801e77e57eae3cb6b2aea82d797fd7f351"],"user_facing":true,"description":"mountShell gains an onRoute(routeKey, sub) callback and a refreshCurrent() helper; toast errors can be mirrored via setToastErrorHook().","type":"feature"}
|
|
@@ -1,17 +1,23 @@
|
|
|
1
1
|
{
|
|
2
2
|
"targets": [
|
|
3
3
|
"npm",
|
|
4
|
-
"pypi"
|
|
4
|
+
"pypi",
|
|
5
|
+
"go"
|
|
5
6
|
],
|
|
6
7
|
"private": false,
|
|
7
8
|
"pipelines": {
|
|
8
9
|
"npm": {
|
|
9
10
|
"type": "npm",
|
|
10
|
-
"local": false
|
|
11
|
+
"local": false,
|
|
12
|
+
"provenance": true
|
|
11
13
|
},
|
|
12
14
|
"pypi": {
|
|
13
15
|
"type": "pypi",
|
|
14
16
|
"local": false
|
|
17
|
+
},
|
|
18
|
+
"go": {
|
|
19
|
+
"type": "go",
|
|
20
|
+
"local": false
|
|
15
21
|
}
|
|
16
22
|
}
|
|
17
23
|
}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
{
|
|
2
|
+
"version": 1,
|
|
3
|
+
"files": {
|
|
4
|
+
".github/workflows/ci-pypi.yml": "0bf3efb9f0e1ae3b75c2e1b18929bfcee7b69d7341e2093844bcda06a96dedb4",
|
|
5
|
+
".github/workflows/ci-go.yml": "1d32c5f7d5242080895136e2e5773a1ff2a0cf0a3a2bf098b37e78c4239a9a61",
|
|
6
|
+
".npmignore": "7c0eea9785c0318aeb39bf8b670ce8384f4a5b812fde69ce23d7d018057325a3",
|
|
7
|
+
"VERSION": "e6635045e1d2478ec4ca712d8c0e1dfcef8bb7b5b1e8e3bb560d37fe399a9e72",
|
|
8
|
+
".github/workflows/publish.yml": "6738e166964a6f4e3741ef8b634b0829f2559d6eff1d3c5fafed743dc933ae07",
|
|
9
|
+
"CHANGELOG.md": "2565aecb5d684d6cd56b6bf982b956ec807949b67dedb9c8c93f154d09ac943f",
|
|
10
|
+
".gitignore": "80572c78bfc39d5b9de7b7a327b44934ee8c8205dcf7179ff3594d854bb377b6",
|
|
11
|
+
".rlsbl/changes/unreleased.jsonl": "2e04e2b43ae64dcd8b40d7ed1635d58a4559ce07e7293cf31354d376df5051f8",
|
|
12
|
+
".rlsbl/lint/python.toml": "9cfbcef2e010d5fad243437bf2fd8df54a1fae70ee0762f9d11da70fe207501c",
|
|
13
|
+
".rlsbl/lint/npm.toml": "baa36014e65923d8cc5c8b83c77fa651da79351627570476402da66840027645",
|
|
14
|
+
".rlsbl/lint/go.toml": "807d5cf760baad6d571a5bfd43cb163efe356f7462ba9f1918d72de45f62339f"
|
|
15
|
+
}
|
|
16
|
+
}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
# Version bump type: patch, minor, major, hotfix, or prerelease
|
|
2
|
+
bump = "minor"
|
|
3
|
+
# Short description of this release (required)
|
|
4
|
+
description = "The framework lands: design tokens, base styles, app shell, and UI primitives as zero-build vanilla CSS and ES modules; embeddable Go module; conformance checker CLI."
|
|
5
|
+
# Optional context explaining why these changes were made
|
|
6
|
+
context = """
|
|
7
|
+
0.0.1 was a name reservation across registries. 0.1.0 was tagged but never published anywhere: a release-tooling failure caused the CI gate to fail, all registry jobs were skipped, and the v0.1.0 tag was subsequently removed. 0.2.0 is therefore the first release that actually ships the framework: npm carries the browser assets (vanilla CSS and native ES modules, zero build step), PyPI carries the same assets plus the `tinymoon check` conformance checker CLI, and the Go module wraps the assets in an embed.FS for server-side embedding. All three targets are versioned together.
|
|
8
|
+
"""
|
|
9
|
+
# Pre-release identifier: alpha, beta, rc, or stable
|
|
10
|
+
# preid = ""
|
|
11
|
+
# Set to true to generate a blog post for this release
|
|
12
|
+
# blog = false
|
|
13
|
+
include = ["npm", "pypi", "go"]
|
|
14
|
+
exclude = []
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
# Version bump type: patch, minor, major, hotfix, or prerelease
|
|
2
|
+
bump = "minor"
|
|
3
|
+
# Short description of this release (required)
|
|
4
|
+
description = "Shell routing hooks (onRoute, refreshCurrent) and a toast error hook for log mirroring."
|
|
5
|
+
# Optional context explaining why these changes were made
|
|
6
|
+
context = ""
|
|
7
|
+
# Pre-release identifier: alpha, beta, rc, or stable
|
|
8
|
+
# preid = ""
|
|
9
|
+
# Set to true to generate a blog post for this release
|
|
10
|
+
# blog = false
|
|
11
|
+
include = ["npm", "pypi", "go"]
|
|
12
|
+
exclude = []
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
{
|
|
2
|
+
"schema_version": 1,
|
|
3
|
+
"defaults": {
|
|
4
|
+
"schema_version": 1,
|
|
5
|
+
"app": {
|
|
6
|
+
"env_prefix": null,
|
|
7
|
+
"config": false,
|
|
8
|
+
"global_flags": [],
|
|
9
|
+
"commands": {},
|
|
10
|
+
"groups": {},
|
|
11
|
+
"deprecated": {},
|
|
12
|
+
"tag_contracts": {}
|
|
13
|
+
},
|
|
14
|
+
"flag": {
|
|
15
|
+
"short": null,
|
|
16
|
+
"default": null,
|
|
17
|
+
"env": null,
|
|
18
|
+
"choices": null,
|
|
19
|
+
"repeatable": false,
|
|
20
|
+
"unique": false,
|
|
21
|
+
"env_separator": null,
|
|
22
|
+
"negatable": null,
|
|
23
|
+
"hidden": false
|
|
24
|
+
},
|
|
25
|
+
"arg": {
|
|
26
|
+
"type": "str",
|
|
27
|
+
"required": true,
|
|
28
|
+
"default": null,
|
|
29
|
+
"variadic": false,
|
|
30
|
+
"choices": null
|
|
31
|
+
},
|
|
32
|
+
"command": {
|
|
33
|
+
"passthrough": false,
|
|
34
|
+
"flags": [],
|
|
35
|
+
"args": [],
|
|
36
|
+
"tags": [],
|
|
37
|
+
"constraints": [],
|
|
38
|
+
"hidden": false,
|
|
39
|
+
"interactive": false
|
|
40
|
+
},
|
|
41
|
+
"group": {
|
|
42
|
+
"commands": {},
|
|
43
|
+
"groups": {},
|
|
44
|
+
"deprecated": {},
|
|
45
|
+
"tags": [],
|
|
46
|
+
"hidden": false
|
|
47
|
+
}
|
|
48
|
+
},
|
|
49
|
+
"project_id": "tinymoon",
|
|
50
|
+
"name": "tinymoon",
|
|
51
|
+
"version": "0.3.0",
|
|
52
|
+
"help": "Tooling for the tinymoon web framework. Ships the conformance checker that enforces the framework's non-negotiables (no external URLs, no native browser controls, no title= attributes, no rounded corners, no off-token colors) as hard errors.",
|
|
53
|
+
"commands": {
|
|
54
|
+
"check": {
|
|
55
|
+
"name": "check",
|
|
56
|
+
"help": "Recursively scan the .html/.css/.js files under --dir for conformance violations: external URLs (external-url), native browser controls (native-control), title= attributes (title-attr), non-zero border-radius (border-radius), and off-token color literals (raw-color). Prints one line per violation (path:line: [rule-id] message) and a summary count. Exits 0 when clean, 1 on any violation -- there is no bypass. An optional tinymoon-allowlist.txt at the scanned directory root (one exact URL per line, # comments allowed) exempts exact URL matches from the external-url rule.",
|
|
57
|
+
"flags": [
|
|
58
|
+
{
|
|
59
|
+
"name": "dir",
|
|
60
|
+
"type": "str",
|
|
61
|
+
"help": "Directory to scan (required -- the checker never scans the current directory implicitly)"
|
|
62
|
+
}
|
|
63
|
+
]
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
}
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
<!-- Generated by rlsbl from .rlsbl/changes/ — do not edit -->
|
|
2
|
+
|
|
3
|
+
# Changelog
|
|
4
|
+
|
|
5
|
+
## 0.3.0
|
|
6
|
+
|
|
7
|
+
Shell routing hooks (onRoute, refreshCurrent) and a toast error hook for log mirroring.
|
|
8
|
+
|
|
9
|
+
### Features
|
|
10
|
+
|
|
11
|
+
- mountShell gains an onRoute(routeKey, sub) callback and a refreshCurrent() helper; toast errors can be mirrored via setToastErrorHook().
|
|
12
|
+
|
|
13
|
+
## 0.2.0
|
|
14
|
+
|
|
15
|
+
The framework lands: design tokens, base styles, app shell, and UI primitives as zero-build vanilla CSS and ES modules; embeddable Go module; conformance checker CLI.
|
|
16
|
+
|
|
17
|
+
<details>
|
|
18
|
+
<summary>Context</summary>
|
|
19
|
+
|
|
20
|
+
0.0.1 was a name reservation across registries. 0.1.0 was tagged but never published anywhere: a release-tooling failure caused the CI gate to fail, all registry jobs were skipped, and the v0.1.0 tag was subsequently removed. 0.2.0 is therefore the first release that actually ships the framework: npm carries the browser assets (vanilla CSS and native ES modules, zero build step), PyPI carries the same assets plus the `tinymoon check` conformance checker CLI, and the Go module wraps the assets in an embed.FS for server-side embedding. All three targets are versioned together.
|
|
21
|
+
|
|
22
|
+
</details>
|
|
23
|
+
|
|
24
|
+
### Features
|
|
25
|
+
|
|
26
|
+
- README now leads with the project philosophy: zero-build vanilla web framework, strict by design.
|
|
27
|
+
- Design tokens, base styles, app shell, and UI primitives shipped as plain CSS, with vendored fonts.
|
|
28
|
+
- ES-module UI primitives: app shell with hash router, modals, toasts, tooltips, custom select, context menus, popovers, controls, settings store, and mini-wiki builder.
|
|
29
|
+
- Interactive gallery documenting every token and primitive.
|
|
30
|
+
- Go module exposing the assets as an embed.FS and http.Handler.
|
|
31
|
+
- npm package exports the ES modules; the PyPI wheel ships the assets, exposed via `tinymoon.assets_path()`.
|
|
32
|
+
- `tinymoon check` conformance checker: scans HTML/CSS/JS for external URLs, native controls, title attributes, rounded corners, and off-token colors; hard CI gate, no bypass flags.
|
|
33
|
+
|
|
34
|
+
### Fixes
|
|
35
|
+
|
|
36
|
+
- Icon set trimmed to framework/UI staples (audio-transport icons removed); new `registerIcons()` extension point for consumer icons (hard error on name collision). package.json now declares an `exports` map locking the documented entry points (`tinymoon` and `tinymoon/assets/*`).
|
|
37
|
+
|
|
38
|
+
## 0.1.0
|
|
39
|
+
|
|
40
|
+
### Features
|
|
41
|
+
|
|
42
|
+
- README now leads with the project philosophy: zero-build vanilla web framework, strict by design.
|
|
43
|
+
- Design tokens, base styles, app shell, and UI primitives shipped as plain CSS, with vendored fonts.
|
|
44
|
+
- ES-module UI primitives: app shell with hash router, modals, toasts, tooltips, custom select, context menus, popovers, controls, settings store, and mini-wiki builder.
|
|
45
|
+
- Interactive gallery documenting every token and primitive.
|
|
46
|
+
- Go module exposing the assets as an embed.FS and http.Handler.
|
|
47
|
+
- npm package exports the ES modules; the PyPI wheel ships the assets, exposed via `tinymoon.assets_path()`.
|
|
48
|
+
- `tinymoon check` conformance checker: scans HTML/CSS/JS for external URLs, native controls, title attributes, rounded corners, and off-token colors; hard CI gate, no bypass flags.
|
|
49
|
+
|
|
50
|
+
### Fixes
|
|
51
|
+
|
|
52
|
+
- Icon set trimmed to framework/UI staples (audio-transport icons removed); new `registerIcons()` extension point for consumer icons (hard error on name collision). package.json now declares an `exports` map locking the documented entry points (`tinymoon` and `tinymoon/assets/*`).
|
|
53
|
+
|
|
54
|
+
## 0.0.1
|
|
55
|
+
|
|
56
|
+
Initial placeholder release reserving the tinymoon name on npm and PyPI.
|
|
57
|
+
|
|
58
|
+
### Features
|
|
59
|
+
|
|
60
|
+
- Initial name-reservation placeholder release for npm and PyPI.
|
tinymoon-0.3.0/CLAUDE.md
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
# CLAUDE.md
|
|
2
|
+
|
|
3
|
+
These rules are mandatory for every AI session working in this repo. They derive from the project philosophy in `README.md` and are not negotiable.
|
|
4
|
+
|
|
5
|
+
## Shipped assets (the framework itself — HTML/CSS/JS/fonts)
|
|
6
|
+
|
|
7
|
+
- Keep shipped assets pure vanilla: native ES modules and plain CSS only. Never introduce a build step, bundler, transpiler, minifier, or preprocessor for shipped assets. Never add a runtime dependency.
|
|
8
|
+
- Never load anything from the network at runtime: no CDNs, no external fonts, scripts, styles, or images. Vendor everything into the repo.
|
|
9
|
+
- Never use native browser controls (checkbox, radio, select, file input, dialog) or `title=` attributes in framework HTML/JS. Use the framework's own primitives.
|
|
10
|
+
- `border-radius` is `0` everywhere. The identity constants — three-font system, mono-for-data, glow language, 100–180ms motion timing, grain — are non-negotiable. Never add options that disable them.
|
|
11
|
+
- Route all colors, spacing, and typography through design tokens. Never hardcode palette values in CSS or in canvas-rendering JS. Add or derive a token instead.
|
|
12
|
+
|
|
13
|
+
## Tooling side (checker CLI, tests, dev scripts)
|
|
14
|
+
|
|
15
|
+
- Dev-time tooling and own-ecosystem dependencies are permitted for the tooling side only — never for shipped assets.
|
|
16
|
+
- Enforce with hard errors: conformance checks block and exit non-zero. Never add warn-and-continue behavior, `--skip`, `--ignore`, or any bypass flag for a guardrail.
|
|
17
|
+
|
|
18
|
+
## General
|
|
19
|
+
|
|
20
|
+
- Never reference other private projects by name in any file in this repo.
|
|
21
|
+
- This repo is rlsbl-managed: follow the standard changelog and release discipline. Never push manually.
|