diff --git a/.github/workflows/pr-orchestrator.yml b/.github/workflows/pr-orchestrator.yml index 4ae4f6f9..8fed7b25 100644 --- a/.github/workflows/pr-orchestrator.yml +++ b/.github/workflows/pr-orchestrator.yml @@ -73,6 +73,8 @@ jobs: contents: read steps: - uses: actions/checkout@v4 + with: + fetch-depth: 0 - name: Set up Python 3.12 uses: actions/setup-python@v5 diff --git a/CHANGELOG.md b/CHANGELOG.md index bc28bc34..8b983ccd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,16 @@ All notable changes to this project will be documented in this file. **Important:** Changes need to be documented below this block as this is the header section. Each section should be separated by a horizontal rule. Newer changelog entries need to be added on top of prior ones to keep the history chronological with most recent changes first. +--- + +## [0.37.1] - 2026-02-24 + +### Fixed + +- Fixed module signing script YAML serialization crash (`TypeError` from invalid `safe_dump` + custom dumper usage) by switching to a compatible dumper path. +- Fixed `pr-orchestrator` signature verification regression by forcing full git history checkout in `verify-module-signatures` so version-bump diff checks do not fail on shallow clones. +- Stabilized module manifest formatting/signing flow to remain compatible with `yamllint` while preserving deterministic checksum/signature verification behavior. + --- ## [0.37.0] - 2026-02-23 diff --git a/modules/backlog-core/module-package.yaml b/modules/backlog-core/module-package.yaml index bfc1710d..5e49ab37 100644 --- a/modules/backlog-core/module-package.yaml +++ b/modules/backlog-core/module-package.yaml @@ -1,7 +1,7 @@ name: backlog-core -version: 0.1.1 +version: 0.1.2 commands: -- backlog + - backlog command_help: backlog: Backlog dependency analysis, delta workflows, and release readiness pip_dependencies: [] @@ -22,8 +22,8 @@ publisher: url: https://github.com/nold-ai/specfact-cli-modules email: oss@nold.ai integrity: - checksum: sha256:0a7682f56e9d5fb3d4da59ae673825a652351fede244f4efd5382cae2560e062 - signature: Cph0v8bwE0tddnSm5P2FRHRs1PPk760GvK3/+JU1KEdAs5UAk3f/BDQzdDlAX9jMTsis9qlCU3Ji5AJkI+QZCA== + checksum: sha256:fce946fdc3a423b448bb85925df64687ed736c36dc5485e1e64531ae3dd75fe8 + signature: dgEEokYsULOxQRWE6WjRFkxCVGQ2Oo8kSmKg0qxfMauNE8hsRL9GY9vDrvn/ppPfX870BwgB+I7XxnvCZnwWBw== dependencies: [] description: Provide advanced backlog analysis and readiness capabilities. license: Apache-2.0 diff --git a/modules/bundle-mapper/module-package.yaml b/modules/bundle-mapper/module-package.yaml index 85567227..5e7b8380 100644 --- a/modules/bundle-mapper/module-package.yaml +++ b/modules/bundle-mapper/module-package.yaml @@ -1,5 +1,5 @@ name: bundle-mapper -version: 0.1.1 +version: 0.1.2 commands: [] pip_dependencies: [] module_dependencies: [] @@ -19,8 +19,8 @@ publisher: url: https://github.com/nold-ai/specfact-cli-modules email: oss@nold.ai integrity: - checksum: sha256:47ae7b777a2e04b9686cc0c14e6edeff685dd36fd93029178cf70ac88bec8d7c - signature: U6yBPMJW1en5KpsNKNL4XYY6NRund4SucU4axWOeW4860ds3IXO2q8ZN06Tr3ngqlt4IC671xb1FIfWl9KbcAA== + checksum: sha256:1012f453bc4ae83b22e2cfabce13e5e324d9b4cdf454ce0159b5c5e17dd36f77 + signature: LlPqbIH6uD70AInX28PpVurOEv+W/Ztarj5yQhZ3MkC3yORcQrh6ISvJsQeFHFiV1cmnYck7RfDipl4FJyzDAA== dependencies: [] description: Map backlog items to best-fit modules using scoring heuristics. license: Apache-2.0 diff --git a/pyproject.toml b/pyproject.toml index 4c746179..cccd7963 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,7 @@ build-backend = "hatchling.build" [project] name = "specfact-cli" -version = "0.37.0" +version = "0.37.1" description = "The swiss knife CLI for agile DevOps teams. Keep backlog, specs, tests, and code in sync with validation and contract enforcement for new projects and long-lived codebases." readme = "README.md" requires-python = ">=3.11" diff --git a/scripts/sign-modules.py b/scripts/sign-modules.py index 23c6528a..348b8b1a 100755 --- a/scripts/sign-modules.py +++ b/scripts/sign-modules.py @@ -20,6 +20,13 @@ _IGNORED_MODULE_FILE_SUFFIXES = {".pyc", ".pyo"} +class _IndentedSafeDumper(yaml.SafeDumper): + """Safe dumper that indents sequence items under their parent key.""" + + def increase_indent(self, flow: bool = False, indentless: bool = False): + return super().increase_indent(flow=flow, indentless=False) + + def _canonical_payload(manifest_data: dict[str, Any]) -> bytes: payload = dict(manifest_data) payload.pop("integrity", None) @@ -245,8 +252,9 @@ def sign_manifest(manifest_path: Path, private_key: Any | None) -> None: raw["integrity"] = integrity manifest_path.write_text( - yaml.safe_dump( + yaml.dump( raw, + Dumper=_IndentedSafeDumper, sort_keys=False, allow_unicode=False, default_flow_style=False, diff --git a/setup.py b/setup.py index 00d0bb74..2c91e333 100644 --- a/setup.py +++ b/setup.py @@ -7,7 +7,7 @@ if __name__ == "__main__": _setup = setup( name="specfact-cli", - version="0.37.0", + version="0.37.1", description=( "The swiss knife CLI for agile DevOps teams. Keep backlog, specs, tests, and code in sync with " "validation and contract enforcement for new projects and long-lived codebases." diff --git a/src/specfact_cli/__init__.py b/src/specfact_cli/__init__.py index 5d00f77c..fe315e24 100644 --- a/src/specfact_cli/__init__.py +++ b/src/specfact_cli/__init__.py @@ -8,6 +8,6 @@ - Supporting agile ceremonies and team workflows """ -__version__ = "0.37.0" +__version__ = "0.37.1" __all__ = ["__version__"] diff --git a/src/specfact_cli/modules/analyze/module-package.yaml b/src/specfact_cli/modules/analyze/module-package.yaml index d30d9c03..61f6888b 100644 --- a/src/specfact_cli/modules/analyze/module-package.yaml +++ b/src/specfact_cli/modules/analyze/module-package.yaml @@ -1,7 +1,7 @@ name: analyze -version: 0.37.0 +version: 0.37.1 commands: -- analyze + - analyze command_help: analyze: Analyze codebase for contract coverage and quality pip_dependencies: [] @@ -15,5 +15,5 @@ publisher: description: Analyze codebase quality, contracts, and architecture signals. license: Apache-2.0 integrity: - checksum: sha256:f6b3bbe0d380cd6ce305be4af8649fc6343b8fb1829da6218278ce37213bbec5 - signature: z5Lmf++lduoS+dlL0iNRP535Yug4yN/L6B4jJs1KAoIeVtIfZ/xA/veSxUD/24WSAGx4fPHZE6kwvb74hC07CA== + checksum: sha256:81401deb9416cb772437ab806dbc377778f7cf4d2986e8169765de59d1708733 + signature: YfTBJOyF5OxkRkIg5Fffqtbc3DHa/eXoewyav97FwEMRZoqRXH6Fhhu80UUjKPEYMWP5JzRU8dWgvi8FgfFqBQ== diff --git a/src/specfact_cli/modules/auth/module-package.yaml b/src/specfact_cli/modules/auth/module-package.yaml index 715db2d9..948eec75 100644 --- a/src/specfact_cli/modules/auth/module-package.yaml +++ b/src/specfact_cli/modules/auth/module-package.yaml @@ -1,7 +1,7 @@ name: auth -version: 0.37.0 +version: 0.37.1 commands: -- auth + - auth command_help: auth: Authenticate with DevOps providers (GitHub, Azure DevOps) pip_dependencies: [] @@ -15,5 +15,5 @@ publisher: description: Authenticate SpecFact with supported DevOps providers. license: Apache-2.0 integrity: - checksum: sha256:ebb79ba19875e6669778e9ed490d51a676fdd0ac91823521a049a3565b486bb3 - signature: 86T1P4Tem3AD92shR1R5ie9eLzRJ6nX9/FRjW00quaYyZRgvFgePdvc+cXHUAkaPRDtu+kMG0kKvF1TkH5ovAw== + checksum: sha256:d085de940d5de887f858462eff10a75e5acdb2e31cc61ed7dc79bfe6e4527e76 + signature: SyoiHxZHlmQLzdnqn45c8B/dzZuqyWzflAo/hf0PWsckPSfeGN6ytlGgTJPV8Rq8IG96aVnPkir2dEJ4gavxAQ== diff --git a/src/specfact_cli/modules/backlog/module-package.yaml b/src/specfact_cli/modules/backlog/module-package.yaml index 73ea33a4..c6d8aa81 100644 --- a/src/specfact_cli/modules/backlog/module-package.yaml +++ b/src/specfact_cli/modules/backlog/module-package.yaml @@ -1,7 +1,7 @@ name: backlog -version: 0.37.0 +version: 0.37.1 commands: -- backlog + - backlog command_help: backlog: Backlog refinement and template management pip_dependencies: [] @@ -9,18 +9,18 @@ module_dependencies: [] tier: community core_compatibility: '>=0.28.0,<1.0.0' service_bridges: -- id: ado - converter_class: specfact_cli.modules.backlog.src.adapters.ado.AdoConverter - description: Azure DevOps backlog payload converter -- id: jira - converter_class: specfact_cli.modules.backlog.src.adapters.jira.JiraConverter - description: Jira issue payload converter -- id: linear - converter_class: specfact_cli.modules.backlog.src.adapters.linear.LinearConverter - description: Linear issue payload converter -- id: github - converter_class: specfact_cli.modules.backlog.src.adapters.github.GitHubConverter - description: GitHub issue payload converter + - id: ado + converter_class: specfact_cli.modules.backlog.src.adapters.ado.AdoConverter + description: Azure DevOps backlog payload converter + - id: jira + converter_class: specfact_cli.modules.backlog.src.adapters.jira.JiraConverter + description: Jira issue payload converter + - id: linear + converter_class: specfact_cli.modules.backlog.src.adapters.linear.LinearConverter + description: Linear issue payload converter + - id: github + converter_class: specfact_cli.modules.backlog.src.adapters.github.GitHubConverter + description: GitHub issue payload converter publisher: name: nold-ai url: https://github.com/nold-ai/specfact-cli-modules @@ -28,5 +28,5 @@ publisher: description: Manage backlog ceremonies, refinement, and dependency insights. license: Apache-2.0 integrity: - checksum: sha256:7d03208b0b6b801a9c6e146846391211f7cffe57c88640337ce43e7448c3f673 - signature: ZOQNPi4ydBZqqbhJ9Li8JuT2+X1os27/1VCYt2HRojJLAeJvIjNd7NsXuoZorAC6frm7thJTjqEnJB/805leCA== + checksum: sha256:db36a40672119b436b50bd4142400feec3398ae2732cfa357eacb7b40d8b8582 + signature: NXgVtRf+ubB+upfAacJUTX8yaGw/cdZa9SSxqusak3ijGZe5POtK+ud+n2lnVMCg/9pOzoq8wdgsTrVr3mkCDA== diff --git a/src/specfact_cli/modules/contract/module-package.yaml b/src/specfact_cli/modules/contract/module-package.yaml index 6fe47c55..c3b05cf9 100644 --- a/src/specfact_cli/modules/contract/module-package.yaml +++ b/src/specfact_cli/modules/contract/module-package.yaml @@ -1,7 +1,7 @@ name: contract -version: 0.37.0 +version: 0.37.1 commands: -- contract + - contract command_help: contract: Manage OpenAPI contracts for project bundles pip_dependencies: [] @@ -15,5 +15,5 @@ publisher: description: Validate and manage API contracts for project bundles. license: Apache-2.0 integrity: - checksum: sha256:7125e2fbf321727e41bbb2546577dc11d04a51669e57f809f77ad4da3c0232ed - signature: yQGYWpda3Kgg+HK5HSw9Oqo3L0tghwt/3yMXPo9I7bn1bzFduc8cdVe3E8bP9kLZ+QL2MnSrp8Ojxvd0shvdBw== + checksum: sha256:577b9ee6af8075c0ebf58665a50ec5be6b2de935f401454f831447905320b649 + signature: gHyTzZkYnLDxf27XFNHH/pauUhZ5ZZfTwPNQBwWCZ/v4oEdDV8gGjDr84g2KSsH8myrE7J8q47iBChxqO+FjBw== diff --git a/src/specfact_cli/modules/drift/module-package.yaml b/src/specfact_cli/modules/drift/module-package.yaml index fa31f9cc..7f8cafd4 100644 --- a/src/specfact_cli/modules/drift/module-package.yaml +++ b/src/specfact_cli/modules/drift/module-package.yaml @@ -1,7 +1,7 @@ name: drift -version: 0.37.0 +version: 0.37.1 commands: -- drift + - drift command_help: drift: Detect drift between code and specifications pip_dependencies: [] @@ -15,5 +15,5 @@ publisher: description: Detect and report drift between code, plans, and specs. license: Apache-2.0 integrity: - checksum: sha256:71f48b98ece0d271d1013a93021cc082d178c7876895d1033065d4be26adc1a0 - signature: 8yhxRp9pvVuKVBSjgi+6L5vJDjBgtepyWzHLVNC+OHv/e5zg5vUilw89V1tuxxvZHo89Cp8tAcsQgKxk2VVLDg== + checksum: sha256:5bf84d0a840bbdb47ccacda4490d19685d1298c3f7fd3b8e48ca641a08727e08 + signature: S8djuQsc+7LBZH8myx+aUNeSfSpnLHXL70iCrK9yCfyYJbqDklQpKNxBGJQ4DjzrApm6ZyTBoxZdmA1BxDvDBw== diff --git a/src/specfact_cli/modules/enforce/module-package.yaml b/src/specfact_cli/modules/enforce/module-package.yaml index 05269112..60903b55 100644 --- a/src/specfact_cli/modules/enforce/module-package.yaml +++ b/src/specfact_cli/modules/enforce/module-package.yaml @@ -1,12 +1,12 @@ name: enforce -version: 0.37.0 +version: 0.37.1 commands: -- enforce + - enforce command_help: enforce: Configure quality gates pip_dependencies: [] module_dependencies: -- plan + - plan tier: community core_compatibility: '>=0.28.0,<1.0.0' publisher: @@ -16,5 +16,5 @@ publisher: description: Apply governance policies and quality gates to bundles. license: Apache-2.0 integrity: - checksum: sha256:ad5d5ca9629147a1163dda4c03ee63914048e456e07fdcbb52c3cb7016a56fc9 - signature: IIeQPnCLs09tqK9h9NJRRB48gutllpgmLiORM0Mj1d9d6Rr2XDPbAlrQiX2NhB3OcDjBQW32Co3rPQHXcy/WDQ== + checksum: sha256:16a8bc8d027b175321696f01fceb40a3cbc4a0567fe165c560be94221e412f88 + signature: OuAE5iZ7AxSsD6VDfm5YKCtxQLJ33i4ACEW/5ejiWY0wlsgQtpkf2CMZaXWUBvS9GvxhID6PS3+yJMgzAaHBAA== diff --git a/src/specfact_cli/modules/generate/module-package.yaml b/src/specfact_cli/modules/generate/module-package.yaml index 44463800..a52baeb7 100644 --- a/src/specfact_cli/modules/generate/module-package.yaml +++ b/src/specfact_cli/modules/generate/module-package.yaml @@ -1,12 +1,12 @@ name: generate -version: 0.37.0 +version: 0.37.1 commands: -- generate + - generate command_help: generate: Generate artifacts from SDD and plans pip_dependencies: [] module_dependencies: -- plan + - plan tier: community core_compatibility: '>=0.28.0,<1.0.0' publisher: @@ -16,5 +16,5 @@ publisher: description: Generate implementation artifacts from plans and SDD. license: Apache-2.0 integrity: - checksum: sha256:d840cf1cf34cc1c19411a9e99a71ade573cd6f877a9b76f5b3a5db338ba176c1 - signature: LqNTq2SXu2h47H74Tgenh0EYyIgxnQ1HGG2U7PECuPH187hchgY5azT+JSvXR6mE+jX2jXRX1/pYWY0pVt+HBQ== + checksum: sha256:d9dd799f0a13dc07d2200fdfbe5a4ce3cf869c2737d08f4101cebf3d4ff983fd + signature: 7IWVqUEAcD06JdiOinxBUQYp1coH81AecR0KXBQiy+O4XWg9/zI9YQVwWurXWozsSgCBeT/D4HOQ4bxOvrw3DQ== diff --git a/src/specfact_cli/modules/import_cmd/module-package.yaml b/src/specfact_cli/modules/import_cmd/module-package.yaml index 1f44a5f6..4cfcfb55 100644 --- a/src/specfact_cli/modules/import_cmd/module-package.yaml +++ b/src/specfact_cli/modules/import_cmd/module-package.yaml @@ -1,7 +1,7 @@ name: import_cmd -version: 0.37.0 +version: 0.37.1 commands: -- import + - import command_help: import: Import codebases and external tool projects (e.g., Spec-Kit, OpenSpec, generic-markdown) pip_dependencies: [] @@ -15,5 +15,5 @@ publisher: description: Import projects and requirements from code and external tools. license: Apache-2.0 integrity: - checksum: sha256:0afde8c650b21b7e2a9e921ced829b47967b07dc0b39c5fd73570b20de75f51a - signature: 5upSkjAkCRIN/BJZwAHnJ9vt61i+cESzvt922Cjvez84OX5u4fd3NjSGNsseMUpmrUzExLNY4zYahxEyOTLZCQ== + checksum: sha256:290a3dbe86dce079ed7cde343893830725ff80068fa89a8d0b0fd935bb746dfa + signature: ITiHkBu+zHOChLHGlXh3IQakaHxcFasY+ifLkWhbY9J8/d7hb3fEMz3t0IB3F3/VXi+dvsQdPhxha+baAVpvAA== diff --git a/src/specfact_cli/modules/init/module-package.yaml b/src/specfact_cli/modules/init/module-package.yaml index 530bcad6..04ab8086 100644 --- a/src/specfact_cli/modules/init/module-package.yaml +++ b/src/specfact_cli/modules/init/module-package.yaml @@ -1,7 +1,7 @@ name: init -version: 0.37.0 +version: 0.37.1 commands: -- init + - init command_help: init: Bootstrap SpecFact and manage module lifecycle (use `init ide` for IDE setup) pip_dependencies: [] @@ -15,5 +15,5 @@ publisher: description: Initialize SpecFact workspace and bootstrap local configuration. license: Apache-2.0 integrity: - checksum: sha256:6d984c7e66a51171cdc0d9a01f7085bb25ba8e62cdaff66b56d94cda5cf7536c - signature: KF4bJEJD3rM0JsVm5IFV9qn5qdp8hZorBDZA8cXBAwP6nJfH4tGcTXkGFu60kFKsRpxf8C3qlR6aVHRWAcbtDA== + checksum: sha256:e6d6cdf1c10a6a760388db5a66e0f666f93b0835dfff1c3db13b19f8da9bce13 + signature: IvGAdhMfLOyArra2PKdxqN0ozHw6m4gvZh0sEjiLSWx/2hiDDSXHSy6uHx4hEx0868bhknE6mvyUAAL3PZ4XCg== diff --git a/src/specfact_cli/modules/migrate/module-package.yaml b/src/specfact_cli/modules/migrate/module-package.yaml index 6ba26fbb..692884bd 100644 --- a/src/specfact_cli/modules/migrate/module-package.yaml +++ b/src/specfact_cli/modules/migrate/module-package.yaml @@ -1,7 +1,7 @@ name: migrate -version: 0.37.0 +version: 0.37.1 commands: -- migrate + - migrate command_help: migrate: Migrate project bundles between formats pip_dependencies: [] @@ -15,5 +15,5 @@ publisher: description: Migrate project bundles across supported structure versions. license: Apache-2.0 integrity: - checksum: sha256:c4199b9d28d97ae3f3198c4b6d4086cf20a71b14eba3c78b27111368419c3767 - signature: cs2H0NB10jZTrh0tkk8TybW8wogCax2Dt9gjxR/0pS9Z0zz1ZDBbV5JgoibHRU48UWXwuUiPkbLRJYwWnsVqBw== + checksum: sha256:3e2b5ea6a71f3917dbec01c92739e5280ff51163b8c64a60e757c33e5a334e6d + signature: 0USQ8OTre4Czs0lMzK2Oa2q2CwquGwPdLKnpVNZmSh9ytdiQqG2fx0BvdqDFi460gxx0sxOKAiWDJ+0/coKBBw== diff --git a/src/specfact_cli/modules/module_registry/module-package.yaml b/src/specfact_cli/modules/module_registry/module-package.yaml index b8d7b0ff..a1b78192 100644 --- a/src/specfact_cli/modules/module_registry/module-package.yaml +++ b/src/specfact_cli/modules/module_registry/module-package.yaml @@ -1,7 +1,7 @@ name: module-registry -version: 0.37.0 +version: 0.37.1 commands: -- module + - module command_help: module: Manage marketplace modules (install, uninstall, search, list, show, upgrade) pip_dependencies: [] @@ -15,5 +15,5 @@ publisher: description: 'Manage modules: search, list, show, install, and upgrade.' license: Apache-2.0 integrity: - checksum: sha256:1dff9652feedc61a8c9431148732a611588a2a5f5f0ed6a65c431b4d123a6254 - signature: ctvLzRFWkRqVAZFUF0Tj/RNmaa/BDGieRDoNNjbtB++AtxmK4KhF1c4bqYkjhJ5SkG9xGHC6nK06P4UOEFcBAA== + checksum: sha256:71f9c1bc5ae79c2a234920b5dcb1be415b4b2255de5827786344280320291629 + signature: rNpk992cIrwe9BATaH26EPTVgkj1W1ZJcYnAnOikYqGAPxr+f2xprf4kAvHMym2naI0N+P1fjbT8ZnpP2zenCw== diff --git a/src/specfact_cli/modules/patch_mode/module-package.yaml b/src/specfact_cli/modules/patch_mode/module-package.yaml index 452e2ca5..eadf6cd2 100644 --- a/src/specfact_cli/modules/patch_mode/module-package.yaml +++ b/src/specfact_cli/modules/patch_mode/module-package.yaml @@ -1,7 +1,7 @@ name: patch-mode -version: 0.37.0 +version: 0.37.1 commands: -- patch + - patch command_help: patch: Preview and apply patches (backlog body, OpenSpec, config); --apply local, --write upstream with confirmation. @@ -16,5 +16,5 @@ publisher: description: Prepare, review, and apply structured repository patches safely. license: Apache-2.0 integrity: - checksum: sha256:b77c31a7d7e3d96e5d34dab9507e241dd939c3d45a1e9e8f69e04d5817488d21 - signature: Hdb11DFA7/yJlrFywntr0GKrupDUnKgyFAQ/y6DEqretqjKA/+x+FICDKAGCq7Mm5uoPcD7/ZCMsZJdjHDyYAA== + checksum: sha256:05cb624a43ac45da4a467e1a990b8ceb378a7f5d9a1d4edbf583198a8d9bc73b + signature: txeDUarIvALJFnaZVWky9OjJ04m9yHPnuKrA4MzOSZaOwaq9OqfLn10dPFwENveOkJ09MErBycS3QaeD8UL6AQ== diff --git a/src/specfact_cli/modules/plan/module-package.yaml b/src/specfact_cli/modules/plan/module-package.yaml index 7b78e3e1..ab327f4c 100644 --- a/src/specfact_cli/modules/plan/module-package.yaml +++ b/src/specfact_cli/modules/plan/module-package.yaml @@ -1,12 +1,12 @@ name: plan -version: 0.37.0 +version: 0.37.1 commands: -- plan + - plan command_help: plan: Manage development plans pip_dependencies: [] module_dependencies: -- sync + - sync tier: community core_compatibility: '>=0.28.0,<1.0.0' publisher: @@ -16,5 +16,5 @@ publisher: description: Create and manage implementation plans for project execution. license: Apache-2.0 integrity: - checksum: sha256:e2a19eda7ab371371e7e387b46326471e49224163afbbf9934bf776e433f21e0 - signature: th+bRnk+OtJXXWU1tfQWDwOstfJ2fIy2v1T4nLSqpoaMT1dcV4mPS0yNBenUbhok0DA5mEoRggILwVm1LlneBQ== + checksum: sha256:5e2ccf7212f590f19e6b68e0a6a90e6f72e1bebd28d570f1005cf3fbe320663a + signature: QQxUVU+cB2XP9rs5VsYdANzrr9S5Y4VKu5B0PY+h+wx3F7mdfLsyg9xzQj4mgDeby3/XIjXQC4jywNqoqErtDg== diff --git a/src/specfact_cli/modules/policy_engine/module-package.yaml b/src/specfact_cli/modules/policy_engine/module-package.yaml index cd2f17cd..44c39060 100644 --- a/src/specfact_cli/modules/policy_engine/module-package.yaml +++ b/src/specfact_cli/modules/policy_engine/module-package.yaml @@ -1,7 +1,7 @@ name: policy-engine -version: 0.37.0 +version: 0.37.1 commands: -- policy + - policy command_help: policy: Policy validation and suggestion workflows (DoR/DoD/Flow/PI) pip_dependencies: [] @@ -9,17 +9,18 @@ module_dependencies: [] core_compatibility: '>=0.28.0,<1.0.0' tier: community schema_extensions: -- target: ProjectBundle - field: policy_engine_policy_status - type_hint: dict[str, Any] | None - description: Latest policy validation status snapshot for the current project bundle. + - target: ProjectBundle + field: policy_engine_policy_status + type_hint: dict[str, Any] | None + description: Latest policy validation status snapshot for the current project + bundle. publisher: name: nold-ai url: https://github.com/nold-ai/specfact-cli-modules email: oss@nold.ai integrity: - checksum: sha256:c799eff0bf16445c403b7b3037524c1bca71b51673ae5c55885860886e2c5dc8 - signature: 5Osen9Zt1GZjIxAiBQUYZKJZMcP/zkvQXzHhn0NYLK4M5jFeLgPsZiEH9l4NRBkQBJREIyQ+2z/npLZPCfwTBw== + checksum: sha256:88003e837e99353e8c1a5df988c296c784097c6d4c81fcf0b195c610adc6ab2a + signature: mGxDYiHVqmH+Iy9Ekzw9fS6cYS41W/O/eQyc75kg8PMj1FF1kWlCIRTkuE9TTHLmdD3ePz4cwGX5+PbkVioWAQ== dependencies: [] description: Run policy evaluations with recommendation and compliance outputs. license: Apache-2.0 diff --git a/src/specfact_cli/modules/project/module-package.yaml b/src/specfact_cli/modules/project/module-package.yaml index 7a2e28e1..36c49b3a 100644 --- a/src/specfact_cli/modules/project/module-package.yaml +++ b/src/specfact_cli/modules/project/module-package.yaml @@ -1,7 +1,7 @@ name: project -version: 0.37.0 +version: 0.37.1 commands: -- project + - project command_help: project: Manage project bundles with persona workflows pip_dependencies: [] @@ -15,5 +15,5 @@ publisher: description: Manage project bundles, contexts, and lifecycle workflows. license: Apache-2.0 integrity: - checksum: sha256:356ab38ff9a044f26c4c9750ad6eec7192303a5f6b4b25f829cca5aee3e41192 - signature: AmbkEPXATKCZsTVmAzUpB/Ou8DVnLM/ffEpP05lOqM/f5XQvTbNyPpuNq6tq85KKaJJDSLKNACHCOHv3dlmFCg== + checksum: sha256:130e53a4266f90a6236d892c513692641e6675387bf7a63c8ac51871a27494eb + signature: Nu1HNs0tAWUzLrXcHWpUWqpxsq68uYgBZWcR34nmH7iGdejEvBRh7zIC/Gx7G0nQBdVbfc4rtZEvJx55CT38CA== diff --git a/src/specfact_cli/modules/repro/module-package.yaml b/src/specfact_cli/modules/repro/module-package.yaml index ccae2815..4856f03e 100644 --- a/src/specfact_cli/modules/repro/module-package.yaml +++ b/src/specfact_cli/modules/repro/module-package.yaml @@ -1,7 +1,7 @@ name: repro -version: 0.37.0 +version: 0.37.1 commands: -- repro + - repro command_help: repro: Run validation suite pip_dependencies: [] @@ -15,5 +15,5 @@ publisher: description: Run reproducible validation and diagnostics workflows end-to-end. license: Apache-2.0 integrity: - checksum: sha256:f9c90f35d3285ea9bfa4ebfcc0f304f43394848ab3bbe6063acd515404a85f06 - signature: lj69naFWhg9Va5c3XSCkCNJ68UOhRIwUbIP+yANLTpmK24eAEpfHgUzyQEKCZh9X+a4+f7IDv4elYGvLyl2gDg== + checksum: sha256:9167dc7b6d87478d39b5597262cd36e491b62e38253f6bd984f83ecaf5c6a36c + signature: DeyWsQRqOQsqlevDAZVMl9GO8K8JxCnbRddH5rhuJCQKIaLQ/gVilYklpzfK6hGota5tUi9zs88gFMFrBN1jCw== diff --git a/src/specfact_cli/modules/sdd/module-package.yaml b/src/specfact_cli/modules/sdd/module-package.yaml index 6fd6756a..d5556fa1 100644 --- a/src/specfact_cli/modules/sdd/module-package.yaml +++ b/src/specfact_cli/modules/sdd/module-package.yaml @@ -1,7 +1,7 @@ name: sdd -version: 0.37.0 +version: 0.37.1 commands: -- sdd + - sdd command_help: sdd: Manage SDD (Spec-Driven Development) manifests pip_dependencies: [] @@ -15,5 +15,5 @@ publisher: description: Create and validate Spec-Driven Development manifests and mappings. license: Apache-2.0 integrity: - checksum: sha256:044352d6e7dd4d3a3b29019ca95676a4c96ff4594e692829e31467dd9d348c28 - signature: YUNrc6PF7TJdGSwrGnh320g7VeSbUFoyeKOYWhcP64DD4vonRUPqeuUj6IvXFczTGEcbkGJ6zrrOktuxyUSUAQ== + checksum: sha256:91e50b4ba782527c1bd5acd60ff9b492cbbb51acb510e2253466af17598b0109 + signature: 2ZsXXuUgxbkK/cvAyyOooe/rLeUocQaxG4EkV5A+qgQL9k8WLEZnRpfcleSza6nMqMPjWJ9zgi1ksh4JZu0eBA== diff --git a/src/specfact_cli/modules/spec/module-package.yaml b/src/specfact_cli/modules/spec/module-package.yaml index 6cd48ac9..0565fe71 100644 --- a/src/specfact_cli/modules/spec/module-package.yaml +++ b/src/specfact_cli/modules/spec/module-package.yaml @@ -1,7 +1,7 @@ name: spec -version: 0.37.0 +version: 0.37.1 commands: -- spec + - spec command_help: spec: Specmatic integration for API contract testing pip_dependencies: [] @@ -15,5 +15,5 @@ publisher: description: Integrate and run API specification and contract checks. license: Apache-2.0 integrity: - checksum: sha256:e43ae430e82e59f4cf546df353e94a5be3c36ff5b6e3efba37ad5ca84a894e3c - signature: ltxYz9kloJQ+OCWWnB/B9P95PVNxM+lsQ0VOGjlsU0uZL5EaByAUjCuoAF5/NsQ1fsmaLpOWRsJYviYYL+6WBA== + checksum: sha256:25ee99befd2371e1f3fcc8548883d0e7c73bd9f80e4362dd14280654246b22f0 + signature: QeyKrrHL4X4qL6ZjR9x5z80pBmRIJBa/SSchgs025/t/deaDbm+tqIykWTN7X7v5xPCY1ddA75kimGpddbBzAA== diff --git a/src/specfact_cli/modules/sync/module-package.yaml b/src/specfact_cli/modules/sync/module-package.yaml index 4fd40136..f7d6bfe0 100644 --- a/src/specfact_cli/modules/sync/module-package.yaml +++ b/src/specfact_cli/modules/sync/module-package.yaml @@ -1,14 +1,14 @@ name: sync -version: 0.37.0 +version: 0.37.1 commands: -- sync + - sync command_help: sync: Synchronize external tool artifacts and repository changes (Spec-Kit, OpenSpec, GitHub, ADO, Linear, Jira, etc.) pip_dependencies: [] module_dependencies: -- plan -- sdd + - plan + - sdd tier: community core_compatibility: '>=0.28.0,<1.0.0' publisher: @@ -18,5 +18,5 @@ publisher: description: Synchronize repository state with connected external systems. license: Apache-2.0 integrity: - checksum: sha256:748a6875c0dc83cc24992445f6a5f28fdfd01be52eec22bd956bc9965c6d4120 - signature: GwFyWP/QN5MHgP3zQt6nfWRTutNxFysinBTZrf6O80MpNmr0+6PwciQ3zLl0OrMVmml6Rm0TzjHszh3XypA1Bg== + checksum: sha256:7e70d5256aba0bcca3dbed4f6e777453b16cd03b463d49738f07e554b7bdab96 + signature: mqaNTclocVTrfrImqoryxSr5BhUPbqZS+6C2jCeLThaTMmSwlzkDB9OPQvDcHatdInWW/YQ1x/iaxdj56Gi+CQ== diff --git a/src/specfact_cli/modules/upgrade/module-package.yaml b/src/specfact_cli/modules/upgrade/module-package.yaml index 28a34c6f..3026411f 100644 --- a/src/specfact_cli/modules/upgrade/module-package.yaml +++ b/src/specfact_cli/modules/upgrade/module-package.yaml @@ -1,7 +1,7 @@ name: upgrade -version: 0.37.0 +version: 0.37.1 commands: -- upgrade + - upgrade command_help: upgrade: Check for and install SpecFact CLI updates pip_dependencies: [] @@ -15,5 +15,5 @@ publisher: description: Check and apply SpecFact CLI version upgrades. license: Apache-2.0 integrity: - checksum: sha256:76305e1fb38f2b6e8d30180beee67c6cfd60636d7ca8d4becdde7b02246f152a - signature: vflvfJCcZA2km2ClnJQQ4eFAY5GbTUOTvH2Mj1onu1FRpFsJ0K62yay9DFLrinobcTOyMVfdYNUe+0B54Wo+Cg== + checksum: sha256:d8c5f2fb4ed4c252701c07125cba0587262700b6738740ef1c8c174611cc5c3b + signature: MDFyw5rJ3GBJ+PVMEwCMHsqtiItxryM4XpKm/h+M4bxJKFRHDww5i8Uzpl1MDBucnpW6KGoMeo7GNKgQjeHxBA== diff --git a/src/specfact_cli/modules/validate/module-package.yaml b/src/specfact_cli/modules/validate/module-package.yaml index 0a27498a..198742a2 100644 --- a/src/specfact_cli/modules/validate/module-package.yaml +++ b/src/specfact_cli/modules/validate/module-package.yaml @@ -1,7 +1,7 @@ name: validate -version: 0.37.0 +version: 0.37.1 commands: -- validate + - validate command_help: validate: Validation commands including sidecar validation pip_dependencies: [] @@ -15,5 +15,5 @@ publisher: description: Run schema, contract, and workflow validation suites. license: Apache-2.0 integrity: - checksum: sha256:0cfd33fa7ea7a02016c96324b7853875019e7666909f4af8cc50c4c85bf740e1 - signature: KXkCKbsoPR2J7U3FnH6r8NtVJaGHMFp3o5yb+Hfj1XXN+pUL2SlV1ZqpzTseh3ZKkoNdKB8yLytkKl0jVa/DBA== + checksum: sha256:cec0b0ed07a1bfb596c4ff0d0e80422b8a28c76d17cf358110550b594a132932 + signature: wDHd+UXbv7luqntwGsRKf4eDRIxDr97hk1avCYHR88TyhGHjZglmzAeFQuDBR4Dx5BLSCl8WKFT8Vh6y/wquDg== diff --git a/tests/e2e/test_init_command.py b/tests/e2e/test_init_command.py index 70177f74..c0ba5b46 100644 --- a/tests/e2e/test_init_command.py +++ b/tests/e2e/test_init_command.py @@ -188,7 +188,6 @@ def mock_find_spec(name): monkeypatch.setattr(importlib.util, "find_spec", mock_find_spec) # Mock get_package_installation_locations to return empty list to avoid slow search - # Must mock in the module where it's imported (init.py) to ensure it works def mock_get_locations(package_name: str) -> list: return [] # Return empty to simulate no package found @@ -196,11 +195,6 @@ def mock_get_locations(package_name: str) -> list: "specfact_cli.utils.ide_setup.get_package_installation_locations", mock_get_locations, ) - # Also mock in the init command module where it's imported - monkeypatch.setattr( - "specfact_cli.modules.init.src.commands.get_package_installation_locations", - mock_get_locations, - ) # Mock find_package_resources_path to return None to avoid slow search def mock_find_resources(package_name: str, resource_subpath: str): diff --git a/tests/unit/specfact_cli/registry/test_init_module_lifecycle_ux.py b/tests/unit/specfact_cli/registry/test_init_module_lifecycle_ux.py index fedae7e3..778ddd37 100644 --- a/tests/unit/specfact_cli/registry/test_init_module_lifecycle_ux.py +++ b/tests/unit/specfact_cli/registry/test_init_module_lifecycle_ux.py @@ -4,6 +4,7 @@ from pathlib import Path +import click from typer.testing import CliRunner from specfact_cli.cli import app @@ -14,31 +15,42 @@ runner = CliRunner() +def _unstyled(text: str) -> str: + """Return console output with ANSI styling removed.""" + return click.unstyle(text) + + def test_init_rejects_deprecated_list_modules_option(tmp_path: Path) -> None: """`specfact init --list-modules` is removed; lifecycle lives under `specfact module`.""" result = runner.invoke(app, ["init", "--repo", str(tmp_path), "--list-modules"]) + output = _unstyled(result.output) assert result.exit_code != 0 - assert "No such option: --list-modules" in result.output + assert "No such option" in output + assert "--list-modules" in output def test_init_rejects_deprecated_enable_module_option(tmp_path: Path) -> None: """`specfact init --enable-module` is removed; use `specfact module enable`.""" result = runner.invoke(app, ["init", "--repo", str(tmp_path), "--enable-module", "sync"]) + output = _unstyled(result.output) assert result.exit_code != 0 - assert "No such option: --enable-module" in result.output + assert "No such option" in output + assert "--enable-module" in output def test_init_rejects_deprecated_disable_module_option(tmp_path: Path) -> None: """`specfact init --disable-module` is removed; use `specfact module disable`.""" result = runner.invoke(app, ["init", "--repo", str(tmp_path), "--disable-module", "sync"]) + output = _unstyled(result.output) assert result.exit_code != 0 - assert "No such option: --disable-module" in result.output + assert "No such option" in output + assert "--disable-module" in output def test_init_bootstrap_only_does_not_run_ide_setup(tmp_path: Path, monkeypatch) -> None: diff --git a/tests/unit/specfact_cli/registry/test_signing_artifacts.py b/tests/unit/specfact_cli/registry/test_signing_artifacts.py index e725f3d3..9d3d9301 100644 --- a/tests/unit/specfact_cli/registry/test_signing_artifacts.py +++ b/tests/unit/specfact_cli/registry/test_signing_artifacts.py @@ -4,6 +4,7 @@ from __future__ import annotations +import re from pathlib import Path import pytest @@ -272,6 +273,11 @@ def test_pr_orchestrator_contains_verify_module_signatures_job(): assert "--enforce-version-bump" in content assert "SPECFACT_MODULE_PRIVATE_SIGN_KEY" in content assert "SPECFACT_MODULE_PRIVATE_SIGN_KEY_PASSPHRASE" in content + assert re.search( + r"verify-module-signatures:.*?uses: actions/checkout@v4.*?fetch-depth: 0", + content, + re.DOTALL, + ) def test_sign_modules_workflow_uses_private_key_and_passphrase_secrets():