Files
Gitea-Tools/CHANGELOG.md
T
sysadmin 0cdbf63660 chore: refresh v1.1.0 release notes with all work merged since v1.0.1 (#63)
Merge current master (4f5b732) into the release branch and expand the
CHANGELOG v1.1.0 section to cover every merge since the v1.0.1 tag:
identity/eligibility tooling (#9, #11, #13, #14), gated review/merge
workflows (#15, #16), execution profiles (#12, #19), audit logging (#18),
Retry-After backoff (#27), API pagination + failure handling (#67),
release-tag helper (#50), status:in-progress automation (#56, #58),
LLM-Agent-SHA Phase 0 (#86), provenance helper (#3), manage_labels modes
(#6), and documentation (#8, #70, #72, #77).

PRs #82 (#68 release SOP) and #84 (#69 Linux portability) were closed
without merging and are intentionally NOT listed.

No feature code changed; CHANGELOG.md only. No tag created.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-07-02 15:22:52 -04:00

2.5 KiB

Changelog

All notable changes to this project will be documented in this file.

[v1.1.0] - 2026-07-02

Added

  • Read-only identity and eligibility tooling: gitea_whoami authenticated-user lookup (#11), gitea_get_profile runtime-profile discovery (#13), and gitea_check_pr_eligibility fail-closed PR eligibility checks (#14).
  • Identity lookup aliases (gitea_get_authenticated_user and gitea_get_current_user) for common MCP/LLM tool discovery (#9).
  • Gated PR review actions (gitea_submit_pr_review) reusing the eligibility gates (#15).
  • Gated PR merge workflow (gitea_merge_pr) with explicit MERGE PR <n> confirmation, head-SHA and changed-file pinning, and self-merge blocking as the only merge path (#16).
  • Task-scoped Gitea MCP execution profiles: documented profile model (#12) and runtime profiles via environment config with allowed_operations (#19).
  • Audit logging for all mutating MCP actions with execution-profile metadata and secret redaction (#18).
  • Shared API pagination (api_get_all) and hardened failure handling in gitea_auth.api_request: request timeouts, clear network/DNS errors, explicit 502/503/504 upstream errors, malformed-JSON handling, and redacted error text (#67).
  • scripts/release-tag SemVer-gated annotated-tag helper (safe-by-default, master-only, tests required) (#50).
  • Automatic status:in-progress release on issue close and PR close/merge (#56, #58).
  • LLM-Agent-SHA opaque agent attribution convention (Phase 0): documentation, handoff/review templates, and negative tests proving the SHA can never bypass self-review/self-merge gates (#86).
  • macOS com.apple.provenance cleanup helper tool and documentation (#3).
  • manage_labels.py refactored into reusable modes (--create-labels, --apply-mapping, --add-label) (#6).

Changed

  • HTTP 429 responses now honor Retry-After with jittered exponential backoff (#27).
  • Read-only list tools (gitea_list_issues, gitea_list_prs, gitea_list_labels) now paginate across pages with bounded page caps (#67).
  • Automatic status:in-progress cleanup on issue/PR close and merge.
  • Label cleanup now utilizes safe targeted label deletion behavior rather than replacing the entire label set.

Documentation

  • MCP security model and trust-boundary documentation (#8).
  • Developer testing guidelines (#70).
  • Jenkins read-only build-status tools design (#72).
  • Jenkins repo/branch/PR → job mapping design (#77).

[v1.0.1]

  • Fix Recent Timesheets Remove button text clipping and copy theme/whats_new in build.

[v1.0.0]

  • Initial versioned release.