chore: release v0.8.2 — security fixes + growth features + flashy README

[rohitg00]

Release v0.8.2

This release ships 6 security fixes, growth features (demo command, competitor comparison, OpenClaw plugin, token savings dashboard), and a full README redesign with 60 custom SVG tags.

Users on v0.8.1 should upgrade immediately — v0.8.1 ships with vulnerabilities in default deployments (default 0.0.0.0 binding, unauthenticated mesh sync, curl|sh install, stored XSS in viewer, path traversal in Obsidian export, incomplete secret redaction).

What's in this PR

• Version bumps across package.json, package-lock.json, plugin/.claude-plugin/plugin.json, src/version.ts, src/types.ts, src/functions/export-import.ts, test/export-import.test.ts
• New CHANGELOG.md in Keep-a-Changelog format with full v0.8.2 release notes
• Minor fix to src/types.ts — the ExportData version union was using commas instead of pipes (broken syntax from a prior release)

Content already merged

All content for v0.8.2 is already on main via these merged PRs:

• security: harden local defaults, viewer CSP, mesh auth, and export confinement #108 — security hardening (6 CVEs)
• feat: demo command, benchmark comparison, OpenClaw integration #113 — demo command, COMPARISON.md, OpenClaw plugin, token savings
• feat: real agent logos + paste-this-prompt blocks for integrations #114 — flashy README with real agent logos + custom SVG section headers + paste-this-prompt blocks
• feat: light-mode SVG variants for GitHub dark theme compatibility #115 — light-mode SVG variants for GitHub dark theme

This PR is the formal release cut.

After merge

1. Tag v0.8.2 on the merge commit
2. gh release create v0.8.2 with notes from CHANGELOG.md
3. Publish 6 GitHub Security Advisories (CVSS-scored, one per finding)
4. npm publish (manual, needs maintainer's npm token)

Validation

• npm run build — clean
• npm test — 654/654 passing
• All 8 files version-bumped to 0.8.2
• CHANGELOG.md linked in Keep-a-Changelog format

Summary by CodeRabbit

• Security

  • Fixed 6 vulnerabilities including stored XSS, CLI startup exposure, default binding issues, unauthenticated sync, path traversal, and incomplete secret redaction.

• New Features

  • Added demo CLI command and benchmark documentation.
  • Introduced new integrations plugin with lifecycle hooks.
  • Enhanced token savings dashboard with 60 new SVG tags and agent logos.

• Changed

  • Redesigned README and UI components; updated default configuration for localhost and Docker environments.

• Fixed

  • Corrected cost calculation reporting, TypeScript union types, dynamic import optimization, plugin payload contracts, and logo URL reliability.

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

📝 Walkthrough

Walkthrough

This PR bumps the package version from 0.8.1 to 0.8.2 across package.json, plugin manifest, version constants, and export version support lists, with a new CHANGELOG.md documenting the release.

Changes

Cohort / File(s)	Summary
Version Metadata package.json, plugin/.claude-plugin/plugin.json, src/version.ts	Version field incremented from 0.8.1 to 0.8.2 across package metadata, plugin manifest, and exported VERSION constant.
Export Compatibility src/types.ts, src/functions/export-import.ts	ExportData interface version union and supportedVersions set extended to include "0.8.2" as a valid export version.
Documentation & Tests CHANGELOG.md, test/export-import.test.ts	New CHANGELOG.md documenting 0.8.2 release with security fixes, features, and infrastructure updates; test assertion updated to expect "0.8.2".

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

• fix: resolve 6 issues — performance, scheduling, TTL, plugin #78: Modifies plugin/.claude-plugin/plugin.json version field with same manifest version bump pattern.
• feat: cross-encoder reranking, working memory, skill extraction #93: Updates the same versioning codepaths (src/version.ts, src/types.ts ExportData union, src/functions/export-import.ts) for backward compatibility support.

Poem

🐰 Hop along to point-eight-two!
Version bumped with careful care,
Export paths now versioned true,
Changelog documents it fair!
Bunny stamps the release with flair! 🎉

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: a version release (v0.8.2) that bundles security fixes, new features, and README improvements, all documented in CHANGELOG.md and version bumps.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch release/v0.8.2

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}