shithub Public

Watch 1 Fork 0 Star 0

markdown · 2830 bytes Raw Blame History

Changelog

All notable changes to shithub are documented here. This project follows Keep a Changelog conventions and Semantic Versioning.

Unreleased

Added

Public docs site (docs/public/) built with mdBook.
Contributor + security disclosure docs finalized for post-launch posture (DCO sign-off, security@ mailbox).
Architecture overview + internal docs index.
Operator runbooks: rotate-secrets, rotate-keys, regenerate-akc, drain-workers, read-only-mode.
THIRD_PARTY_NOTICES.md with a CI-verified generator script.

Changed

README pivoted to post-launch framing (still flags WIP areas honestly).

1.0.0 — TBD

The first stable release. Core forge loop:

Identity: signup, email verification, password reset, TOTP 2FA
- recovery codes, SSH keys, scoped PATs, sessions with per-account epoch invalidation.
Repositories: create, fork, archive, transfer, soft-delete with grace, rename with redirects, visibility toggles, branch protection (force-push / deletion / required reviews / required status checks), default-branch swap, topics, README/license/ .gitignore templates.
Git: bare repos on disk; HTTPS smart-HTTP push/pull; pre/post- receive hook integration for size accounting and event emission.
Code browsing: tree, blob (chroma syntax highlighting with light/dark themes), raw, blame, commit history, individual commit views, branch/tag listings, compare views, file finder.
Issues + PRs: full CRUD; pull requests with diff rendering, file-by-file review, line comments, reviews, required-reviewer enforcement, status-check gates, three merge methods.
Social: stars, watches with notification level, forks (clone-on-create), /explore, stargazer/watcher lists.
Search: code, repo, user.
Notifications: per-user inbox + email fan-out, watch-level routing, one-click HMAC-signed unsubscribe.
Organizations + teams: create, member roles, invitations, one-level team nesting, team grants on repos with max-of-sources policy.
Webhooks: outbound delivery with HMAC-SHA256 signing, exponential backoff with jitter, auto-disable on persistent failure, SSRF defense, redelivery UI, ping events.
Observability: structured logs, Prometheus metrics, optional OTel tracing, Sentry-protocol error reporting.
Security: AGPLv3, threat model + security checklist, package boundary lints (markdown, policy, secret-logs, CSRF).
Operations: Ansible playbook, systemd units, Caddy edge, WireGuard mesh for monitoring, Postgres WAL archive + daily logical backups to Spaces, cross-region DR, restore drill.

View source

  
        1
        # Changelog
      
        2
        
        3
        All notable changes to shithub are documented here. This project
      
        4
        follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/)
      
        5
        conventions and [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
      
        6
        
        7
        ## [Unreleased]
      
        8
        
        9
        ### Added
      
        10
        - Public docs site (`docs/public/`) built with mdBook.
      
        11
        - Contributor + security disclosure docs finalized for post-launch
      
        12
          posture (DCO sign-off, security@ mailbox).
      
        13
        - Architecture overview + internal docs index.
      
        14
        - Operator runbooks: rotate-secrets, rotate-keys, regenerate-akc,
      
        15
          drain-workers, read-only-mode.
      
        16
        - `THIRD_PARTY_NOTICES.md` with a CI-verified generator script.
      
        17
        
        18
        ### Changed
      
        19
        - README pivoted to post-launch framing (still flags WIP areas
      
        20
          honestly).
      
        21
        
        22
        ## [1.0.0] — TBD
      
        23
        
        24
        The first stable release. Core forge loop:
      
        25
        
        26
        - Identity: signup, email verification, password reset, TOTP 2FA
      
        27
          + recovery codes, SSH keys, scoped PATs, sessions with
      
        28
          per-account epoch invalidation.
      
        29
        - Repositories: create, fork, archive, transfer, soft-delete with
      
        30
          grace, rename with redirects, visibility toggles, branch
      
        31
          protection (force-push / deletion / required reviews / required
      
        32
          status checks), default-branch swap, topics, README/license/
      
        33
          .gitignore templates.
      
        34
        - Git: bare repos on disk; HTTPS smart-HTTP push/pull; pre/post-
      
        35
          receive hook integration for size accounting and event emission.
      
        36
        - Code browsing: tree, blob (chroma syntax highlighting with
      
        37
          light/dark themes), raw, blame, commit history, individual
      
        38
          commit views, branch/tag listings, compare views, file finder.
      
        39
        - Issues + PRs: full CRUD; pull requests with diff rendering,
      
        40
          file-by-file review, line comments, reviews, required-reviewer
      
        41
          enforcement, status-check gates, three merge methods.
      
        42
        - Social: stars, watches with notification level, forks
      
        43
          (clone-on-create), `/explore`, stargazer/watcher lists.
      
        44
        - Search: code, repo, user.
      
        45
        - Notifications: per-user inbox + email fan-out, watch-level
      
        46
          routing, one-click HMAC-signed unsubscribe.
      
        47
        - Organizations + teams: create, member roles, invitations,
      
        48
          one-level team nesting, team grants on repos with
      
        49
          max-of-sources policy.
      
        50
        - Webhooks: outbound delivery with HMAC-SHA256 signing,
      
        51
          exponential backoff with jitter, auto-disable on persistent
      
        52
          failure, SSRF defense, redelivery UI, ping events.
      
        53
        - Observability: structured logs, Prometheus metrics, optional
      
        54
          OTel tracing, Sentry-protocol error reporting.
      
        55
        - Security: AGPLv3, threat model + security checklist, package
      
        56
          boundary lints (markdown, policy, secret-logs, CSRF).
      
        57
        - Operations: Ansible playbook, systemd units, Caddy edge,
      
        58
          WireGuard mesh for monitoring, Postgres WAL archive + daily
      
        59
          logical backups to Spaces, cross-region DR, restore drill.
      
        60
        
        61
        [Unreleased]: https://github.com/tenseleyFlow/shithub/compare/v1.0.0...HEAD
      
        62
        [1.0.0]: https://github.com/tenseleyFlow/shithub/releases/tag/v1.0.0

1	# Changelog
2
3	All notable changes to shithub are documented here. This project
4	follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/)
5	conventions and [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
6
7	## [Unreleased]
8
9	### Added
10	- Public docs site (`docs/public/`) built with mdBook.
11	- Contributor + security disclosure docs finalized for post-launch
12	posture (DCO sign-off, security@ mailbox).
13	- Architecture overview + internal docs index.
14	- Operator runbooks: rotate-secrets, rotate-keys, regenerate-akc,
15	drain-workers, read-only-mode.
16	- `THIRD_PARTY_NOTICES.md` with a CI-verified generator script.
17
18	### Changed
19	- README pivoted to post-launch framing (still flags WIP areas
20	honestly).
21
22	## [1.0.0] — TBD
23
24	The first stable release. Core forge loop:
25
26	- Identity: signup, email verification, password reset, TOTP 2FA
27	+ recovery codes, SSH keys, scoped PATs, sessions with
28	per-account epoch invalidation.
29	- Repositories: create, fork, archive, transfer, soft-delete with
30	grace, rename with redirects, visibility toggles, branch
31	protection (force-push / deletion / required reviews / required
32	status checks), default-branch swap, topics, README/license/
33	.gitignore templates.
34	- Git: bare repos on disk; HTTPS smart-HTTP push/pull; pre/post-
35	receive hook integration for size accounting and event emission.
36	- Code browsing: tree, blob (chroma syntax highlighting with
37	light/dark themes), raw, blame, commit history, individual
38	commit views, branch/tag listings, compare views, file finder.
39	- Issues + PRs: full CRUD; pull requests with diff rendering,
40	file-by-file review, line comments, reviews, required-reviewer
41	enforcement, status-check gates, three merge methods.
42	- Social: stars, watches with notification level, forks
43	(clone-on-create), `/explore`, stargazer/watcher lists.
44	- Search: code, repo, user.
45	- Notifications: per-user inbox + email fan-out, watch-level
46	routing, one-click HMAC-signed unsubscribe.
47	- Organizations + teams: create, member roles, invitations,
48	one-level team nesting, team grants on repos with
49	max-of-sources policy.
50	- Webhooks: outbound delivery with HMAC-SHA256 signing,
51	exponential backoff with jitter, auto-disable on persistent
52	failure, SSRF defense, redelivery UI, ping events.
53	- Observability: structured logs, Prometheus metrics, optional
54	OTel tracing, Sentry-protocol error reporting.
55	- Security: AGPLv3, threat model + security checklist, package
56	boundary lints (markdown, policy, secret-logs, CSRF).
57	- Operations: Ansible playbook, systemd units, Caddy edge,
58	WireGuard mesh for monitoring, Postgres WAL archive + daily
59	logical backups to Spaces, cross-region DR, restore drill.
60
61	[Unreleased]: https://github.com/tenseleyFlow/shithub/compare/v1.0.0...HEAD
62	[1.0.0]: https://github.com/tenseleyFlow/shithub/releases/tag/v1.0.0