@@ -0,0 +1,62 @@ |
| | 1 | +# Changelog |
| | 2 | + |
| | 3 | +All notable changes to shithub are documented here. This project |
| | 4 | +follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/) |
| | 5 | +conventions and [Semantic Versioning](https://semver.org/spec/v2.0.0.html). |
| | 6 | + |
| | 7 | +## [Unreleased] |
| | 8 | + |
| | 9 | +### Added |
| | 10 | +- Public docs site (`docs/public/`) built with mdBook. |
| | 11 | +- Contributor + security disclosure docs finalized for post-launch |
| | 12 | + posture (DCO sign-off, security@ mailbox). |
| | 13 | +- Architecture overview + internal docs index. |
| | 14 | +- Operator runbooks: rotate-secrets, rotate-keys, regenerate-akc, |
| | 15 | + drain-workers, read-only-mode. |
| | 16 | +- `THIRD_PARTY_NOTICES.md` with a CI-verified generator script. |
| | 17 | + |
| | 18 | +### Changed |
| | 19 | +- README pivoted to post-launch framing (still flags WIP areas |
| | 20 | + honestly). |
| | 21 | + |
| | 22 | +## [1.0.0] — TBD |
| | 23 | + |
| | 24 | +The first stable release. Core forge loop: |
| | 25 | + |
| | 26 | +- Identity: signup, email verification, password reset, TOTP 2FA |
| | 27 | + + recovery codes, SSH keys, scoped PATs, sessions with |
| | 28 | + per-account epoch invalidation. |
| | 29 | +- Repositories: create, fork, archive, transfer, soft-delete with |
| | 30 | + grace, rename with redirects, visibility toggles, branch |
| | 31 | + protection (force-push / deletion / required reviews / required |
| | 32 | + status checks), default-branch swap, topics, README/license/ |
| | 33 | + .gitignore templates. |
| | 34 | +- Git: bare repos on disk; HTTPS smart-HTTP push/pull; pre/post- |
| | 35 | + receive hook integration for size accounting and event emission. |
| | 36 | +- Code browsing: tree, blob (chroma syntax highlighting with |
| | 37 | + light/dark themes), raw, blame, commit history, individual |
| | 38 | + commit views, branch/tag listings, compare views, file finder. |
| | 39 | +- Issues + PRs: full CRUD; pull requests with diff rendering, |
| | 40 | + file-by-file review, line comments, reviews, required-reviewer |
| | 41 | + enforcement, status-check gates, three merge methods. |
| | 42 | +- Social: stars, watches with notification level, forks |
| | 43 | + (clone-on-create), `/explore`, stargazer/watcher lists. |
| | 44 | +- Search: code, repo, user. |
| | 45 | +- Notifications: per-user inbox + email fan-out, watch-level |
| | 46 | + routing, one-click HMAC-signed unsubscribe. |
| | 47 | +- Organizations + teams: create, member roles, invitations, |
| | 48 | + one-level team nesting, team grants on repos with |
| | 49 | + max-of-sources policy. |
| | 50 | +- Webhooks: outbound delivery with HMAC-SHA256 signing, |
| | 51 | + exponential backoff with jitter, auto-disable on persistent |
| | 52 | + failure, SSRF defense, redelivery UI, ping events. |
| | 53 | +- Observability: structured logs, Prometheus metrics, optional |
| | 54 | + OTel tracing, Sentry-protocol error reporting. |
| | 55 | +- Security: AGPLv3, threat model + security checklist, package |
| | 56 | + boundary lints (markdown, policy, secret-logs, CSRF). |
| | 57 | +- Operations: Ansible playbook, systemd units, Caddy edge, |
| | 58 | + WireGuard mesh for monitoring, Postgres WAL archive + daily |
| | 59 | + logical backups to Spaces, cross-region DR, restore drill. |
| | 60 | + |
| | 61 | +[Unreleased]: https://github.com/tenseleyFlow/shithub/compare/v1.0.0...HEAD |
| | 62 | +[1.0.0]: https://github.com/tenseleyFlow/shithub/releases/tag/v1.0.0 |
