shithub Public

Watch 1 Fork 0 Star 0

markdown · 4592 bytes Raw Blame History

Changelog

All notable changes to shithub are documented here. This project follows Keep a Changelog conventions and Semantic Versioning.

Pre-1.0 versioning: minor versions may break the API. The stability contract begins at v1.0.0; until then, expect changes between minor releases.

Unreleased

Added

REST API contract (S50 §0). GET /api/v1/meta returns the server's version stamp and a list of feature capability strings for client-side feature detection. Every /api/v1/* response now carries X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, and (when PAT-authenticated) X-OAuth-Scopes. The 403 scope-reject response also carries X-Accepted-OAuth-Scopes. Operators tune the API rate-limit budgets via ratelimit.api.authed_per_hour / ratelimit.api.anon_per_hour (defaults: 5000 / 60).
Pagination helper internal/web/handlers/api/apipage — emits canonical RFC 8288 Link headers (first/prev/next/last) with absolute URLs rooted at the configured public base URL.
REST: user emails (S50 §1). GET /api/v1/user/emails lists the authenticated user's emails. Optional ?verified=true|false filter. Scope: user:read.
REST: user SSH keys (S50 §1). GET/POST /api/v1/user/keys and GET/DELETE /api/v1/user/keys/{id} expose CRUD for git authentication keys. Signing keys are tracked separately by a new kind column on user_ssh_keys and remain on the HTML surface for now. Scopes: user:read for GETs, user:write for mutations.
Capabilities: user-emails, ssh-keys added to /api/v1/meta response.

Changed

JSON error envelope on /api/v1/*. 401 and 403 responses now emit {"error": "..."} with Content-Type: application/json (previously text/plain). Existing 4xx/5xx responses from the handler bodies are unchanged.

0.1.0 — TBD (operator fills in cutover date)

The first public release of shithub. Pre-1.0: there is no backward-compatibility promise yet. Migrations are forward-only; schema may change between minor versions.

Initial public surface

Identity — signup, email verification, password reset, TOTP 2FA + recovery codes, SSH keys, scoped PATs, sessions with per-account epoch invalidation.
Repositories — create, fork, archive, transfer, soft-delete with grace, rename with redirects, visibility toggles, branch protection, default-branch swap, topics, README/license/ .gitignore templates.
Git — bare repos on disk; HTTPS smart-HTTP push/pull; pre/post-receive hook integration.
Code browsing — tree, blob (chroma syntax highlighting), raw, blame, commit history, individual commit views, branch/tag listings, compare views, file finder.
Issues + PRs — full CRUD; reviews; required-reviewer enforcement; status-check gates; three merge methods.
Social — stars, watches, forks, /explore, stargazer/ watcher lists.
Search — code, repo, user, issue.
Notifications — in-app inbox, email fan-out, one-click unsubscribe.
Orgs + teams — roles, invitations, one-level nesting, max-of-sources policy.
Webhooks — HMAC-signed delivery, exponential backoff, auto-disable, SSRF defense, redelivery UI.
Observability — structured logs, Prometheus metrics, optional OTel tracing, Sentry-protocol error reporting.
Operations — Ansible playbook, systemd units, Caddy edge, WireGuard mesh for monitoring, Postgres WAL archive + daily logical backups to Spaces, cross-region DR, restore drill.
Public landing page on / for anonymous viewers; signed-in viewers get a quick-link dashboard.
Lightweight status page at docs.<host>/status.html.
Cutover artifacts under deploy/cutover/.
Public docs site built with mdBook.
Operator runbooks for incidents, backups, restore, upgrade, rollback, rotate-secrets, rotate-keys, regenerate-akc, drain-workers, read-only-mode, day-one.
a11y tooling (pa11y + axe) and k6 load-test scenarios.
THIRD_PARTY_NOTICES.md with a CI-verified generator.

Known gaps at v0.1.0

SSH git transport (HTTPS only)
Actions / CI runner
Packages, Releases, Pages, Projects, Gists
GraphQL API (only a small REST surface today)
Activity feed UI

These are all on the post-MVP roadmap.

View source

  
        1
        # Changelog
      
        2
        
        3
        All notable changes to shithub are documented here. This project
      
        4
        follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/)
      
        5
        conventions and [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
      
        6
        
        7
        Pre-1.0 versioning: minor versions may break the API. The
      
        8
        stability contract begins at v1.0.0; until then, expect changes
      
        9
        between minor releases.
      
        10
        
        11
        ## [Unreleased]
      
        12
        
        13
        ### Added
      
        14
        
        15
        - **REST API contract (S50 §0).** `GET /api/v1/meta` returns the
      
        16
          server's version stamp and a list of feature capability strings
      
        17
          for client-side feature detection. Every `/api/v1/*` response
      
        18
          now carries `X-RateLimit-Limit`, `X-RateLimit-Remaining`,
      
        19
          `X-RateLimit-Reset`, and (when PAT-authenticated) `X-OAuth-Scopes`.
      
        20
          The 403 scope-reject response also carries
      
        21
          `X-Accepted-OAuth-Scopes`. Operators tune the API rate-limit
      
        22
          budgets via `ratelimit.api.authed_per_hour` /
      
        23
          `ratelimit.api.anon_per_hour` (defaults: 5000 / 60).
      
        24
        - **Pagination helper** `internal/web/handlers/api/apipage` —
      
        25
          emits canonical RFC 8288 Link headers (`first`/`prev`/`next`/`last`)
      
        26
          with absolute URLs rooted at the configured public base URL.
      
        27
        - **REST: user emails (S50 §1).** `GET /api/v1/user/emails` lists
      
        28
          the authenticated user's emails. Optional `?verified=true|false`
      
        29
          filter. Scope: `user:read`.
      
        30
        - **REST: user SSH keys (S50 §1).** `GET/POST /api/v1/user/keys`
      
        31
          and `GET/DELETE /api/v1/user/keys/{id}` expose CRUD for git
      
        32
          authentication keys. Signing keys are tracked separately by a
      
        33
          new `kind` column on `user_ssh_keys` and remain on the HTML
      
        34
          surface for now. Scopes: `user:read` for GETs, `user:write` for
      
        35
          mutations.
      
        36
        - **Capabilities:** `user-emails`, `ssh-keys` added to
      
        37
          `/api/v1/meta` response.
      
        38
        
        39
        ### Changed
      
        40
        
        41
        - **JSON error envelope on `/api/v1/*`.** `401` and `403`
      
        42
          responses now emit `{"error": "..."}` with
      
        43
          `Content-Type: application/json` (previously `text/plain`).
      
        44
          Existing `4xx`/`5xx` responses from the handler bodies are
      
        45
          unchanged.
      
        46
        
        47
        ## [0.1.0] — TBD (operator fills in cutover date)
      
        48
        
        49
        The first public release of shithub. Pre-1.0: there is no
      
        50
        backward-compatibility promise yet. Migrations are forward-only;
      
        51
        schema may change between minor versions.
      
        52
        
        53
        ### Initial public surface
      
        54
        
        55
        - **Identity** — signup, email verification, password reset, TOTP
      
        56
          2FA + recovery codes, SSH keys, scoped PATs, sessions with
      
        57
          per-account epoch invalidation.
      
        58
        - **Repositories** — create, fork, archive, transfer, soft-delete
      
        59
          with grace, rename with redirects, visibility toggles, branch
      
        60
          protection, default-branch swap, topics, README/license/
      
        61
          .gitignore templates.
      
        62
        - **Git** — bare repos on disk; HTTPS smart-HTTP push/pull;
      
        63
          pre/post-receive hook integration.
      
        64
        - **Code browsing** — tree, blob (chroma syntax highlighting),
      
        65
          raw, blame, commit history, individual commit views, branch/tag
      
        66
          listings, compare views, file finder.
      
        67
        - **Issues + PRs** — full CRUD; reviews; required-reviewer
      
        68
          enforcement; status-check gates; three merge methods.
      
        69
        - **Social** — stars, watches, forks, `/explore`, stargazer/
      
        70
          watcher lists.
      
        71
        - **Search** — code, repo, user, issue.
      
        72
        - **Notifications** — in-app inbox, email fan-out, one-click
      
        73
          unsubscribe.
      
        74
        - **Orgs + teams** — roles, invitations, one-level nesting,
      
        75
          max-of-sources policy.
      
        76
        - **Webhooks** — HMAC-signed delivery, exponential backoff,
      
        77
          auto-disable, SSRF defense, redelivery UI.
      
        78
        - **Observability** — structured logs, Prometheus metrics,
      
        79
          optional OTel tracing, Sentry-protocol error reporting.
      
        80
        - **Operations** — Ansible playbook, systemd units, Caddy edge,
      
        81
          WireGuard mesh for monitoring, Postgres WAL archive + daily
      
        82
          logical backups to Spaces, cross-region DR, restore drill.
      
        83
        - **Public landing page** on `/` for anonymous viewers; signed-in
      
        84
          viewers get a quick-link dashboard.
      
        85
        - **Lightweight status page** at `docs.<host>/status.html`.
      
        86
        - **Cutover artifacts** under `deploy/cutover/`.
      
        87
        - **Public docs site** built with mdBook.
      
        88
        - **Operator runbooks** for incidents, backups, restore, upgrade,
      
        89
          rollback, rotate-secrets, rotate-keys, regenerate-akc,
      
        90
          drain-workers, read-only-mode, day-one.
      
        91
        - **a11y tooling** (pa11y + axe) and **k6 load-test scenarios**.
      
        92
        - **THIRD_PARTY_NOTICES.md** with a CI-verified generator.
      
        93
        
        94
        ### Known gaps at v0.1.0
      
        95
        
        96
        - SSH git transport (HTTPS only)
      
        97
        - Actions / CI runner
      
        98
        - Packages, Releases, Pages, Projects, Gists
      
        99
        - GraphQL API (only a small REST surface today)
      
        100
        - Activity feed UI
      
        101
        
        102
        These are all on the post-MVP roadmap.
      
        103
        
        104
        [Unreleased]: https://shithub.sh/shithub/shithub/compare/v0.1.0...trunk
      
        105
        [0.1.0]: https://shithub.sh/shithub/shithub/releases/tag/v0.1.0

1	# Changelog
2
3	All notable changes to shithub are documented here. This project
4	follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/)
5	conventions and [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
6
7	Pre-1.0 versioning: minor versions may break the API. The
8	stability contract begins at v1.0.0; until then, expect changes
9	between minor releases.
10
11	## [Unreleased]
12
13	### Added
14
15	- REST API contract (S50 §0). `GET /api/v1/meta` returns the
16	server's version stamp and a list of feature capability strings
17	for client-side feature detection. Every `/api/v1/*` response
18	now carries `X-RateLimit-Limit`, `X-RateLimit-Remaining`,
19	`X-RateLimit-Reset`, and (when PAT-authenticated) `X-OAuth-Scopes`.
20	The 403 scope-reject response also carries
21	`X-Accepted-OAuth-Scopes`. Operators tune the API rate-limit
22	budgets via `ratelimit.api.authed_per_hour` /
23	`ratelimit.api.anon_per_hour` (defaults: 5000 / 60).
24	- Pagination helper `internal/web/handlers/api/apipage` —
25	emits canonical RFC 8288 Link headers (`first`/`prev`/`next`/`last`)
26	with absolute URLs rooted at the configured public base URL.
27	- REST: user emails (S50 §1). `GET /api/v1/user/emails` lists
28	the authenticated user's emails. Optional `?verified=true\|false`
29	filter. Scope: `user:read`.
30	- REST: user SSH keys (S50 §1). `GET/POST /api/v1/user/keys`
31	and `GET/DELETE /api/v1/user/keys/{id}` expose CRUD for git
32	authentication keys. Signing keys are tracked separately by a
33	new `kind` column on `user_ssh_keys` and remain on the HTML
34	surface for now. Scopes: `user:read` for GETs, `user:write` for
35	mutations.
36	- Capabilities: `user-emails`, `ssh-keys` added to
37	`/api/v1/meta` response.
38
39	### Changed
40
41	- *JSON error envelope on `/api/v1/`.** `401` and `403`
42	responses now emit `{"error": "..."}` with
43	`Content-Type: application/json` (previously `text/plain`).
44	Existing `4xx`/`5xx` responses from the handler bodies are
45	unchanged.
46
47	## [0.1.0] — TBD (operator fills in cutover date)
48
49	The first public release of shithub. Pre-1.0: there is no
50	backward-compatibility promise yet. Migrations are forward-only;
51	schema may change between minor versions.
52
53	### Initial public surface
54
55	- Identity — signup, email verification, password reset, TOTP
56	2FA + recovery codes, SSH keys, scoped PATs, sessions with
57	per-account epoch invalidation.
58	- Repositories — create, fork, archive, transfer, soft-delete
59	with grace, rename with redirects, visibility toggles, branch
60	protection, default-branch swap, topics, README/license/
61	.gitignore templates.
62	- Git — bare repos on disk; HTTPS smart-HTTP push/pull;
63	pre/post-receive hook integration.
64	- Code browsing — tree, blob (chroma syntax highlighting),
65	raw, blame, commit history, individual commit views, branch/tag
66	listings, compare views, file finder.
67	- Issues + PRs — full CRUD; reviews; required-reviewer
68	enforcement; status-check gates; three merge methods.
69	- Social — stars, watches, forks, `/explore`, stargazer/
70	watcher lists.
71	- Search — code, repo, user, issue.
72	- Notifications — in-app inbox, email fan-out, one-click
73	unsubscribe.
74	- Orgs + teams — roles, invitations, one-level nesting,
75	max-of-sources policy.
76	- Webhooks — HMAC-signed delivery, exponential backoff,
77	auto-disable, SSRF defense, redelivery UI.
78	- Observability — structured logs, Prometheus metrics,
79	optional OTel tracing, Sentry-protocol error reporting.
80	- Operations — Ansible playbook, systemd units, Caddy edge,
81	WireGuard mesh for monitoring, Postgres WAL archive + daily
82	logical backups to Spaces, cross-region DR, restore drill.
83	- Public landing page on `/` for anonymous viewers; signed-in
84	viewers get a quick-link dashboard.
85	- Lightweight status page at `docs.<host>/status.html`.
86	- Cutover artifacts under `deploy/cutover/`.
87	- Public docs site built with mdBook.
88	- Operator runbooks for incidents, backups, restore, upgrade,
89	rollback, rotate-secrets, rotate-keys, regenerate-akc,
90	drain-workers, read-only-mode, day-one.
91	- a11y tooling (pa11y + axe) and k6 load-test scenarios.
92	- THIRD_PARTY_NOTICES.md with a CI-verified generator.
93
94	### Known gaps at v0.1.0
95
96	- SSH git transport (HTTPS only)
97	- Actions / CI runner
98	- Packages, Releases, Pages, Projects, Gists
99	- GraphQL API (only a small REST surface today)
100	- Activity feed UI
101
102	These are all on the post-MVP roadmap.
103
104	[Unreleased]: https://shithub.sh/shithub/shithub/compare/v0.1.0...trunk
105	[0.1.0]: https://shithub.sh/shithub/shithub/releases/tag/v0.1.0