diff --git a/CHANGELOG.md b/CHANGELOG.md index 8216002..2c7647a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,14 +5,31 @@ All notable changes to this project will be documented in this file. ## [v1.1.0] - 2026-07-02 ### Added -- Identity lookup aliases (`gitea_get_authenticated_user` and `gitea_get_current_user`) for common MCP/LLM tool discovery. -- macOS `com.apple.provenance` cleanup helper tool and documentation. -- `manage_labels.py` refactored into reusable modes (`--create-labels`, `--apply-mapping`, `--add-label`). +- Read-only identity and eligibility tooling: `gitea_whoami` authenticated-user lookup (#11), `gitea_get_profile` runtime-profile discovery (#13), and `gitea_check_pr_eligibility` fail-closed PR eligibility checks (#14). +- Identity lookup aliases (`gitea_get_authenticated_user` and `gitea_get_current_user`) for common MCP/LLM tool discovery (#9). +- Gated PR review actions (`gitea_submit_pr_review`) reusing the eligibility gates (#15). +- Gated PR merge workflow (`gitea_merge_pr`) with explicit `MERGE PR ` confirmation, head-SHA and changed-file pinning, and self-merge blocking as the only merge path (#16). +- Task-scoped Gitea MCP execution profiles: documented profile model (#12) and runtime profiles via environment config with `allowed_operations` (#19). +- Audit logging for all mutating MCP actions with execution-profile metadata and secret redaction (#18). +- Shared API pagination (`api_get_all`) and hardened failure handling in `gitea_auth.api_request`: request timeouts, clear network/DNS errors, explicit 502/503/504 upstream errors, malformed-JSON handling, and redacted error text (#67). +- `scripts/release-tag` SemVer-gated annotated-tag helper (safe-by-default, master-only, tests required) (#50). +- Automatic `status:in-progress` release on issue close and PR close/merge (#56, #58). +- `LLM-Agent-SHA` opaque agent attribution convention (Phase 0): documentation, handoff/review templates, and negative tests proving the SHA can never bypass self-review/self-merge gates (#86). +- macOS `com.apple.provenance` cleanup helper tool and documentation (#3). +- `manage_labels.py` refactored into reusable modes (`--create-labels`, `--apply-mapping`, `--add-label`) (#6). ### Changed +- HTTP 429 responses now honor `Retry-After` with jittered exponential backoff (#27). +- Read-only list tools (`gitea_list_issues`, `gitea_list_prs`, `gitea_list_labels`) now paginate across pages with bounded page caps (#67). - Automatic `status:in-progress` cleanup on issue/PR close and merge. - Label cleanup now utilizes safe targeted label deletion behavior rather than replacing the entire label set. +### Documentation +- MCP security model and trust-boundary documentation (#8). +- Developer testing guidelines (#70). +- Jenkins read-only build-status tools design (#72). +- Jenkins repo/branch/PR → job mapping design (#77). + ## [v1.0.1] - Fix Recent Timesheets Remove button text clipping and copy theme/whats_new in build.