zsp/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-05-16 22:03:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

docs: record AgentShield plugin-cache evidence

Browse Source
This commit is contained in:
Affaan Mustafa
2026-05-16 00:27:48 -04:00
parent 6c8e909d63
commit 1eb7b0809d
7 changed files with 43 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/releases/2.0.0-rc.1/preview-pack-manifest.md
View File

@@ -21,7 +21,7 @@ surfaces, or posting announcements.
| `docs/releases/2.0.0-rc.1/launch-checklist.md` | Operator launch checklist | Must remain approval-gated for release, package, plugin, and announcement actions |
| `docs/releases/2.0.0-rc.1/publication-readiness.md` | Release gate | Requires fresh evidence from the exact release commit |
| `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-15.md` | Current May 15 queue, roadmap, security, supply-chain watch, no-lifecycle CI install hardening, AgentShield #86 evidence-pack provenance, ECC Tools billing-gate, Actions cache purge, and `ecc2` test evidence through PR #1941 | Must be superseded by a final clean-checkout evidence file before real publication |
| `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-16.md` | Current May 16 queue cleanup, recsys skill merge, GateGuard triage, dashboard refresh, and combined Node/Rust/release-surface gate evidence through `cecab597` | Must still be repeated from a strict clean checkout before real publication |
| `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-16.md` | Current May 16 queue cleanup, recsys skill merge, GateGuard triage, PR #1947 supply-chain protection, AgentShield #87 plugin-cache confidence evidence, dashboard refresh, and combined Node/Rust/release-surface gate evidence through `6c8e909d` | Must still be repeated from a strict clean checkout before real publication |
| `docs/releases/2.0.0-rc.1/naming-and-publication-matrix.md` | Naming, slug, and publication-path decision record | Keeps `Everything Claude Code / ECC`, npm `ecc-universal`, and plugin slug `ecc` for rc.1 |
| `docs/releases/2.0.0-rc.1/x-thread.md` | X launch draft | Must replace placeholders with live URLs after release/package/plugin publication |
| `docs/releases/2.0.0-rc.1/linkedin-post.md` | LinkedIn launch draft | Must replace placeholders with live URLs after release/package/plugin publication |

10
docs/releases/2.0.0-rc.1/publication-evidence-2026-05-16.md
View File

@@ -7,9 +7,9 @@ npm publication, plugin tag, marketplace submission, or announcement post.
| Field | Evidence |
| --- | --- |
| Upstream main | `cecab59747346ef3988305e5178b00652cb6d042` |
| Upstream main | `6c8e909d630d233370160c10dad113b82002102c` |
| Git remote | `https://github.com/affaan-m/everything-claude-code.git` |
| Evidence scope | Current `main` after PR #1944, PR #1945, issue #1946 triage, ITO-57 sync, and operator dashboard refresh |
| Evidence scope | Current `main` after PR #1944, PR #1945, issue #1946 triage, PR #1947 supply-chain protection, AgentShield PR #87, ITO-57 sync, and operator dashboard refresh |
| Local status caveat | `git status --short --branch` showed `## main...origin/main` plus unrelated untracked `docs/drafts/` |
The actual release operator should repeat all publish-facing checks from the
@@ -22,7 +22,7 @@ final release commit with a strictly clean checkout before publishing.
| Trunk PRs | `gh pr list --state open --json number,title,url --limit 20` | `[]` |
| Trunk issues | `gh issue list --state open --json number,title,url --limit 20` | `[]` |
| Platform audit | `node scripts/platform-audit.js --json --allow-untracked docs/drafts/` | Ready; open PRs 0, open issues 0, discussion maintainer-touch gaps 0, discussion missing-answer gaps 0, blocking dirty files 0 |
| Operator dashboard | `npm run operator:dashboard -- --json --allow-untracked docs/drafts/` | `dashboardReady: true`, `platformReady: true`, head `cecab59747346ef3988305e5178b00652cb6d042` |
| Operator dashboard | `npm run operator:dashboard -- --json --allow-untracked docs/drafts/` | `dashboardReady: true`, `platformReady: true`, head `6c8e909d630d233370160c10dad113b82002102c` |
## Merge And Triage Batch
@@ -31,7 +31,10 @@ final release commit with a strictly clean checkout before publishing.
| PR #1944 | Merged statusline ANSI palette update as `50ac061f9e72d7daa137f1bd08760cf74e9b577d`; targeted `node tests/hooks/ecc-statusline.test.js` and `node scripts/ci/validate-hooks.js` passed before merge |
| PR #1945 | Merged `recsys-pipeline-architect` community skill as `9e973b29fb1a2a0aeb9e6980017b67c3ddb05201`; maintainer patches synced catalog counts and removed emoji blocked by Unicode safety |
| Issue #1946 | Closed as triaged with a corrected maintainer comment; Linear `ITO-60` now tracks GateGuard proactive fact-forcing preflight UX |
| PR #1947 | Merged scheduled supply-chain watch/advisory-source evidence as `4093d1bb7a14db1b4d4ea5bd00f2073baf94bfb0`; trunk now has the TanStack/Mini Shai-Hulud/node-ipc IOC scan plus advisory-source report surfaces wired into scheduled watch evidence |
| AgentShield PR #87 | Merged plugin-cache runtime-confidence classification as `26bb44650663816d07180e0d20c1895e431a326c`; installed Claude plugin cache findings now emit `runtimeConfidence: plugin-cache`, `plugins/cache` only maps to Claude cache under `.claude`, and cached hook implementations are no longer mislabeled as active `hook-code` |
| ITO-57 | Updated with PR #1947 advisory-source evidence, post-merge source refresh, IOC scan, npm audit/signature checks, and OpenAI app update caveat |
| ITO-49 | Updated with AgentShield PR #87 merge, local test evidence, CI status, and live `~/.claude` scan classification counts |
| ITO-44 | Updated with queue cleanup, dashboard refresh, and remaining macro gaps |
## Release Gate Commands
@@ -45,6 +48,7 @@ final release commit with a strictly clean checkout before publishing.
| Harness audit | `npm run harness:audit -- --format json` | 70/70, no top actions |
| Observability readiness | `npm run observability:ready` | 21/21, ready yes |
| Supply-chain IOC scan | `npm run security:ioc-scan` | Passed; 227 files inspected |
| Advisory source refresh | `npm run security:advisory-sources -- --refresh --json` | Ready; 9 active sources; Linear payload still points at `ITO-57` for sync |
| npm audit | `npm audit --audit-level=moderate` | 0 vulnerabilities |
| npm signatures | `npm audit signatures` | 241 verified registry signatures; 30 verified attestations |
| Dashboard renderer | `node tests/scripts/operator-readiness-dashboard.test.js` | 7 passed, 0 failed |

5
docs/releases/2.0.0-rc.1/publication-readiness.md
View File

@@ -21,7 +21,8 @@ AgentShield #86 evidence-pack provenance, and `ecc2` current-dir guard evidence
refresh through PR #1941, see
[`publication-evidence-2026-05-15.md`](publication-evidence-2026-05-15.md).
For the May 16 queue cleanup, recsys skill merge, GateGuard issue triage,
operator dashboard refresh, and combined final-gate rerun on current `main`, see
AgentShield #87 plugin-cache runtime-confidence evidence, operator dashboard
refresh, and combined final-gate rerun on current `main`, see
[`publication-evidence-2026-05-16.md`](publication-evidence-2026-05-16.md).
For the operator-facing prompt-to-artifact readiness dashboard from the same
May 16 pass, see
@@ -78,7 +79,7 @@ Record the exact commit SHA and command output before any publication action:
| Queue baseline | `gh pr list` / `gh issue list` across trunk, AgentShield, JARVIS, ECC Tools, and ECC website | Under 20 open PRs and under 20 open issues | `publication-evidence-2026-05-16.md`: platform audit ready, 0 open PRs and 0 open issues across checked repos |
| Discussion baseline | `node scripts/discussion-audit.js --json` | No unmanaged active discussion queue and no answerable Q&A missing an accepted answer | `publication-evidence-2026-05-15.md`: 58 trunk discussions, 0 without maintainer touch; other tracked repos disabled or 0 |
| Linear roadmap | Linear project and issue readback | Detailed roadmap exists with release, security, AgentShield, ECC Tools, legacy, and observability lanes | `publication-evidence-2026-05-15.md`: project and 16 issue lanes recorded |
| Operator readiness dashboard | `npm run operator:dashboard -- --allow-untracked docs/drafts/ --write docs/releases/2.0.0-rc.1/operator-readiness-dashboard-2026-05-15.md` | Current queue state mapped to macro-goal deliverables and incomplete gaps | `operator-readiness-dashboard-2026-05-15.md`: regenerated from `cecab597`, 0 open PRs, 0 open issues, 0 discussion gaps |
| Operator readiness dashboard | `npm run operator:dashboard -- --allow-untracked docs/drafts/ --write docs/releases/2.0.0-rc.1/operator-readiness-dashboard-2026-05-15.md` | Current queue state mapped to macro-goal deliverables and incomplete gaps | `operator-readiness-dashboard-2026-05-15.md`: regenerated from `6c8e909d`, 0 open PRs, 0 open issues, 0 discussion gaps |
## Do Not Publish If