Skip to content

chore(main): release hve-core 4.0.0#1184

Open
hve-core-release-please[bot] wants to merge 1 commit into
mainfrom
release-please--branches--main--components--hve-core
Open

chore(main): release hve-core 4.0.0#1184
hve-core-release-please[bot] wants to merge 1 commit into
mainfrom
release-please--branches--main--components--hve-core

Conversation

@hve-core-release-please

@hve-core-release-please hve-core-release-please Bot commented Mar 24, 2026

Copy link
Copy Markdown
Contributor

🤖 I have created a release beep boop

4.0.0 (2026-06-30)

⚠ BREAKING CHANGES

✨ Features

  • add experimental Caveman response style skill (#1861) (3620737)
  • add Vally evaluation infrastructure (#1590) (8f3914c)
  • agents: add acceptance criteria template and issue type hierarchy strategy to backlog manager (#1597) (a780b7f)
  • agents: add accessibility planner, reviewer, and code-review accessibility agents (#1735) (1ca6269)
  • agents: add enablement dimension to Experiment Designer for code-with MVEs (#1416) (84077a8)
  • agents: add PR Walkthrough narrative orientation agent (#1947) (b98f527)
  • agents: add Privacy Planner, SSSC reviewer, and privacy-standards skill (#2168) (0bc13ee)
  • agents: add Task Challenger adversarial questioning agent (#1315) (a9014c9)
  • agents: add Vally evaluation agents and prompts (#1834) (18ce4c6)
  • agents: align sssc planner with rai parity, add signing and validation (#1497) (f5e8513)
  • agents: consolidate code-review agents and add orientation-first review loop (#2100) (7ca4cb2)
  • agents: document plain-text path convention for .copilot-tracking artifacts (#2147) (3362577)
  • agents: keep internal workflow references out of comments (#2023) (0d6a3f0)
  • agents: optimize RPI agent context management with discipline rules (#1492) (35e5924)
  • agents: per-agent model selection for cost optimization and /compact loop fix (#1541) (e158d88)
  • agents: remove issue-triage decomposition and improve labeling (#2223) (3420081)
  • agents: security-planner SSSC parity (#1642) (f4f6b3c)
  • agents: upgrade ADR Planner with phased identity and adr-author skill (#1554) (d2868d5)
  • collections: register Vally artifacts and regenerate plugins (#1836) (74f0e86)
  • evals: add behavior eval corpora and Pester test suite (#1832) (d44ad1e)
  • evals: add npm eval scripts and shared environments (#1626) (1102901)
  • graphify: Add graphify skill with thin prompt + applyTo instructions (#1600) (878843c)
  • hooks: add local session telemetry hooks (#2008) (34fe036)
  • Improve quality of rpi-agent.agent.md (#1949) (0d9c746)
  • instructions: add accessibility instruction set and shared planner identity base (#1733) (2158ced)
  • instructions: disclaimer SSOT migration (stacked on #1497) (#1639) (a09b333)
  • instructions: harden ADR Creator against untrusted content and sensitive data (#1811) (02e353d)
  • planning: add Security Planner state schema with contract suite and fixtures (#1638) (8947038)
  • prompts: add cspell-config prompt for automated spell check maintenance (#1516) (79db525)
  • prompts: add jira-setup credential configuration prompt (#1698) (b30a75d)
  • rpi: introduce skill-forward RPI workflows (#1953) (44b42d4)
  • rpi: update skill workflows and eval coverage (#2202) (01052e3)
  • scripts: add accessibility state schema and noticeLog audit trail to planner schemas (#1734) (4044819)
  • scripts: add evals orchestration modules and runners (#1831) (3175b5c)
  • scripts: add instruction applyTo scope Pester suite (#1640) (d7a7a1c)
  • scripts: add lint:py:fix to apply ruff autofixes across Python skills (#1450) (2b6dca7)
  • scripts: add structured JSON log output to Validate-Collections.ps1 (57ea279)
  • scripts: add structured JSON log output to Validate-Marketplace.ps1 (#1430) (ec2aa53)
  • scripts: allowlist accessibility skills subdomain and recognize templates subdir (#1731) (81f379a)
  • security: extract supply-chain-security skill and thin SSSC Planner (#1950) (2e9608c)
  • security: migrate Security Planner to skill (#2045) (5202b71)
  • skills: add 6 PowerPoint skill enhancements (#1481) (97c40e8)
  • skills: add accessibility standards skills and shared backlog-templates skill (#1732) (a206f47)
  • skills: add experimental mural skill with Python CLI, instructions, and agent integrations (#1561) (c5fcf0b)
  • skills: add github-security code-scanning skill (#1418) (5bedf80)
  • skills: add seven project-planning BRD skills (#1856) (2919d48)
  • skills: add telemetry-foundations shared skill with consumer overlays (#1681) (ea0bec0)
  • skills: add tts-voiceover skill for Azure Speech SDK voice-over generation (#1415) (c330c7a)
  • skills: add vally-tests skill (#1830) (da9ffa2)
  • skills: expand fuzz_has_formatting_variation to cover all formatting properties (#1143) (#1296) (d51b4d3)
  • skills: replace doc-ops agents with unified documentation agent and skill (#2095) (a441419)
  • workflows: add beval behavioral evaluation workflow for dt-coach agent (#1129) (f1a7043)
  • workflows: add devcontainer lockfile integrity check (#1874) (d2996b7)
  • workflows: add Pre-Release-As trailer override to pre-release w… (#1565) (310c68c)
  • workflows: add weekly GitHub code scanning automation (#1495) (d307f8a)
  • workflows: convert pr-review to manual /review slash command (#1544) (84e47f0)
  • workflows: SLSA L3 provenance verify gate + branch-protection doc (#2231) (cae5d6d)

🐛 Bug Fixes

  • 1633: docs: update docs/architecture/workflows.md npm script table for eval commands (#1655) (a586699)
  • 1634: docs: sync lint:all chain in build-system.md with package.json (#1679) (ec35cec)
  • build: bump basic-ftp override to 6.0.1 to clear high-severity advisory (#1545) (4353df1)
  • build: override ip-address to 10.2.0 for GHSA-v2v4-37r5-5v8g (#1539) (ba520aa)
  • build: pin tmp >=0.2.6 to resolve GHSA-ph9p-34f9-6g65 (#1686) (af67fec)
  • build: pin uuid and postcss via overrides to resolve Dependabot alerts (#1491) (af1f9ca)
  • ci: add composite action for PS module install with cache and retry (#2134) (78e3e8d)
  • ci: align actionlint curl download with uv step pattern (#1870) (2ad24fd)
  • ci: stabilize gitleaks fixture suppressions (#1883) (7d82c22)
  • clarify markdownlint marker placement in PRD Builder (#2098) (b5c695f)
  • deps: bump qs from 6.15.0 to 6.15.2 to resolve GHSA-q8mj-m7cp-5q26 (#1650) (6665e95)
  • deps: remediate cryptography advisories and harden PowerPoint scripts (#2037) (2286c67)
  • docs: adopt Docusaurus Faster and pin 3.10.1 (#1893) (011e69a)
  • docs: harden homepage hero and search contrast for WCAG AA (#2250) (6da5316)
  • docs: improve contrast for badges and search hint (#1922) (b0a0bda)
  • docs: patch Docusaurus npm vulnerabilities and extend Dependabot scope (#1889) (65fe619)
  • improve DT Coach Phase 1 initialization reliability and state schema (#2055) (027606c)
  • instructions: enforce human review checkbox gate for backlog processing (#1920) (1ca08d7)
  • instructions: update design thinking image prompt generation guidelines (fixes #1587) (#1629) (e8d4b8c)
  • mural: send API-compliant arrow widget payload (#2136) (aaef669)
  • scripts: Exclude plugins/ from ms.date freshness check to prevent duplicate stale reports (#1586) (0b617ce)
  • scripts: npm run test:py fails when skills have uv-managed dev dependencies (#1938) (32a47dd)
  • scripts: remove duplicate Included Artifacts heading in collection.md generation (#1855) (a343b5d)
  • scripts: remove redundant moderation requirements.txt (#2273) (b6bb6ba)
  • settings: remove markdownlint exclusion for collections/*.collection.md (#1372) (42cc137)
  • skills: harden powerpoint PyMuPDF integration against malformed PDFs (#1018) (#1904) (c6d1ace)
  • skills: remove "Brought to you by" attribution (#2047) (#2238) (a4769a0)
  • skills: resolve pip-audit findings in tts-voiceover skill lock file (#1627) (2f206b5)
  • skills: tighten strict-tier cite-only licensing in ADR standards (#1859) (ceb8c47)
  • workflows: grant id-token write to docusaurus-tests callers for Codecov OIDC (#2085) (b69e34a)
  • workflows: install PS modules with CurrentUser scope for copilot-setup-steps (#2244) (222f5bc)
  • workflows: migrate gh-aw compiler to v0.79.4 and refresh lock files (#1903) (c3ced2b)
  • workflows: refresh Dependabot PR Review and upgrade gh-aw to v0.76.1 (#1690) (cb4d871)

📚 Documentation

  • add content policies, refresh environment versions, drop description attribution (#2192) (691cdea)
  • add reactivation workflow subsection to ai-artifacts.md (#1882) (b869504)
  • add Responsible AI Transparency Note (#1900) (75029d0)
  • ado-backlog: correct ADO Backlog Manager workflow documentation (#2205) (3d4dbad)
  • adrs: adopt Vally as agent and skill behavior evaluation framework (#1828) (3e27fc3)
  • agents: add accessibility planner and reviewer documentation (#1736) (716922a)
  • agents: align language-skills.md with semantic skill selection (#1891) (fd908f0)
  • agents: refresh stale docs/agents pages for accuracy (#2211) (342c138)
  • align Transparency Note with AI Messaging Guidance (#2039) (04c9331)
  • docs: clarify getting-started method guides (#1851) (b054051)
  • docs: refresh workflow, tool-checksums, and environment documentation (#2201) (6d227bd)
  • expand providerAllowlist and document model field in customization guide (#2014) (6cc41e1)
  • Fix stale eval:lint references in documentation (#1951) (1cd3c0d)
  • hve-guide: refresh 22 stale guide pages and fix broken refs (#2207) (88dc7f2)
  • improve new user onboarding with terminology, CLI plugins, and collections clarity (#1520) (66b524a)
  • Improve readme.md and contributing.md (#1635) (b836ac0)
  • instructions: adopt "this" singleton naming for terraform resources and data sources (#2164) (311e570)
  • realign stale references with current source of truth (#2220) (9ac46ed)
  • refresh design-thinking, customization, getting-started, and scripts documentation for accuracy (#2208) (d720f85)
  • refresh stale agent catalog, getting-started counts, and security/evals docs (#2203) (39365cc)
  • refresh stale documentation and update ms.date across 12 files (#1625) (46c0c03)
  • remove generated footers (#1919) (1bf0c2b)
  • scripts: fix stale linting README descriptions for Invoke-PythonTests.ps1 and Invoke-PythonLint.ps1 (#2017) (fac1b19)
  • update docs to reflect updated changes (#2167) (85db9d5)
  • update ms.date frontmatter for 13 stale documentation files (#1588) (940773c)
  • update sssc-planning agent-overview for consolidated instructions (#2212) (d06b518)

♻️ Refactoring

  • agents: align security and rai planner wording (#1854) (6f00d3e)
  • skills: consolidate accessibility planner phases into playbook skill (#2021) (33e0429)
  • skills: consolidate RAI instructions into rai-standards and rai-planner-playbook skills (#2062) (bd6f996)
  • skills: migrate design-thinking tier-2 instructions to skills (#1857) (da1ee1b)
  • skills: replace arch-diagram-builder agent with reusable architecture-diagrams skill (#2068) (979e454)

🔧 Maintenance

  • agents: strip attribution suffix from descriptions (#1723) (69f6ffa), closes #1714
  • build: add evals config and dependency foundation (#1829) (ef978c9)
  • build: dependabot uv moderation coverage + dependency remediation (#2237) (edb2688)
  • deps-dev: bump @vscode/vsce from 3.9.1 to 3.9.2 in the npm-dependencies group (#1871) (dd9c5a7)
  • deps-dev: bump fast-uri from 3.1.0 to 3.1.2 (#1549) (7a2ee69)
  • deps-dev: bump markdownlint-cli2 from 0.22.0 to 0.22.1 in the npm-dependencies group (#1452) (5440396)
  • deps-dev: bump the npm-dependencies group across 1 directory with 3 updates (#1810) (2bdcb8d)
  • deps-dev: bump the npm-dependencies group across 2 directories with 2 updates (#1952) (4d23c18)
  • deps-dev: bump tmp from 0.2.5 to 0.2.7 (#1687) (5e83fac)
  • deps-dev: bump ws from 7.5.10 to 7.5.11 in /docs/docusaurus (#2002) (f3fa829)
  • deps: bump actions/checkout from 6.0.2 to 7.0.0 in the github-actions group (#2104) (ba0840d)
  • deps: bump brace-expansion from 5.0.5 to 5.0.6 in /docs/docusaurus (#1614) (e5dcd9a)
  • deps: bump fast-uri from 3.1.0 to 3.1.2 in /docs/docusaurus (#1548) (80fbddd)
  • deps: bump launch-editor from 2.13.1 to 2.14.1 in /docs/docusaurus (#2004) (86e17ab)
  • deps: bump qs and express in /docs/docusaurus (#1632) (a2159fc)
  • deps: bump the github-actions group across 1 directory with 5 updates (#1872) (31eb145)
  • deps: bump the github-actions group with 2 updates (#1657) (2bf7e51)
  • deps: bump the github-actions group with 2 updates (#2206) (c4b724b)
  • deps: bump the github-actions group with 3 updates (#1453) (a3ee84e)
  • deps: bump the github-actions group with 3 updates (#1601) (173d558)
  • deps: bump the github-actions group with 6 updates (#2197) (59e5e81)
  • deps: bump the npm-dependencies group across 1 directory with 11 updates (#1894) (a2eee65)
  • deps: bump torch from 2.9.1 to 2.12.0 in /scripts/evals/moderation (#2011) (a847cfa)
  • deps: bump urllib3 from 2.6.3 to 2.7.0 in /.github/skills/experimental/tts-voiceover (#1583) (8d3b095)
  • deps: bump webpack-dev-server from 5.2.3 to 5.2.4 in /docs/docusaurus (#1613) (f689272)
  • deps: bump webpack-dev-server from 5.2.4 to 5.2.5 in /docs/docusaurus (#2043) (85fbba9)
  • instructions: strip attribution suffix from descriptions (#1721) (aa4b4c1), closes #1712
  • prompts: strip attribution suffix from descriptions (#1722) (23be43f), closes #1713
  • scripts: refine extension prep and editor settings (#1852) (f8b2672)
  • scripts: standardize copyright headers to canonical 2026 format (#2169) (05a8e1a)
  • skills: strip attribution suffix from descriptions (#1724) (50b5447), closes #1715

This PR was generated with Release Please. See documentation.

@hve-core-release-please hve-core-release-please Bot requested a review from a team as a code owner March 24, 2026 00:37
@hve-core-release-please hve-core-release-please Bot added the autorelease: pending Release-please: PR awaiting merge label Mar 24, 2026
@hve-core-release-please hve-core-release-please Bot force-pushed the release-please--branches--main--components--hve-core branch from 38697fe to 434c6ff Compare March 24, 2026 00:37
@codecov-commenter

codecov-commenter commented Mar 24, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 81.39%. Comparing base (b6bb6ba) to head (e362977).

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #1184      +/-   ##
==========================================
+ Coverage   81.32%   81.39%   +0.07%     
==========================================
  Files         130      120      -10     
  Lines       19142    19066      -76     
  Branches       12        0      -12     
==========================================
- Hits        15567    15519      -48     
+ Misses       3572     3547      -25     
+ Partials        3        0       -3     
Flag Coverage Δ
docusaurus ?
pester 86.02% <ø> (-0.02%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.
see 11 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@github-actions

github-actions Bot commented Mar 24, 2026

Copy link
Copy Markdown
Contributor

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/hve-core 4.0.0 UnknownUnknown

Scanned Files

  • package.json

@hve-core-release-please hve-core-release-please Bot changed the title chore(main): release hve-core 3.3.0 chore(main): release hve-core 3.3.2 Mar 24, 2026
@hve-core-release-please hve-core-release-please Bot force-pushed the release-please--branches--main--components--hve-core branch 2 times, most recently from 6f7e6e2 to e23970e Compare March 24, 2026 18:02
@hve-core-release-please hve-core-release-please Bot changed the title chore(main): release hve-core 3.3.2 chore(main): release hve-core 3.4.0 Mar 24, 2026
@hve-core-release-please hve-core-release-please Bot force-pushed the release-please--branches--main--components--hve-core branch 4 times, most recently from 85fae28 to bb6f76c Compare March 24, 2026 18:51
@hve-core-release-please hve-core-release-please Bot changed the title chore(main): release hve-core 3.4.0 chore(main): release hve-core 3.3.11 Mar 30, 2026
@hve-core-release-please hve-core-release-please Bot force-pushed the release-please--branches--main--components--hve-core branch 6 times, most recently from 806a440 to 04a860f Compare March 30, 2026 20:34
@hve-core-release-please hve-core-release-please Bot changed the title chore(main): release hve-core 3.3.11 chore(main): release hve-core 3.3.28 Mar 31, 2026
@hve-core-release-please hve-core-release-please Bot force-pushed the release-please--branches--main--components--hve-core branch from 04a860f to 8e1c338 Compare March 31, 2026 16:21
@hve-core-release-please hve-core-release-please Bot changed the title chore(main): release hve-core 3.3.28 chore(main): release hve-core 3.4.0 Apr 1, 2026
@hve-core-release-please hve-core-release-please Bot force-pushed the release-please--branches--main--components--hve-core branch 7 times, most recently from 0048223 to 01e02c8 Compare April 1, 2026 18:49
@hve-core-release-please hve-core-release-please Bot force-pushed the release-please--branches--main--components--hve-core branch 6 times, most recently from e80e45c to 0170c47 Compare April 9, 2026 00:42
@hve-core-release-please hve-core-release-please Bot force-pushed the release-please--branches--main--components--hve-core branch 9 times, most recently from cfb1035 to 02438a6 Compare April 15, 2026 05:28
@hve-core-release-please hve-core-release-please Bot force-pushed the release-please--branches--main--components--hve-core branch 6 times, most recently from 64594e7 to a0c4f22 Compare April 22, 2026 07:10

@bindsi bindsi left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Automated review (bindsi batch). Routine release-please major release bump (3.3.101 → 4.0.0). Version strings updated consistently across all plugin.json, marketplace.json, package.json, extension template, and manifest files. No breakage observed. LGTM.

@bindsi bindsi left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved: this release-please update consistently applies the 4.0.0 release version across package and plugin metadata. I did not find actionable issues in the generated release changes.

@bindsi bindsi left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved: this release-please update consistently applies the release version and generated metadata. I did not find actionable issues in the current release changes.

@bindsi bindsi left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved: this release-please update applies the release metadata and changelog changes consistently. No actionable issues found.

@bindsi bindsi left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved: this release-please PR consistently applies the 4.0.0 release metadata and changelog updates. I did not find actionable issues in the generated release changes.

@github-actions

github-actions Bot commented Jun 23, 2026

Copy link
Copy Markdown
Contributor

Eval Execution

⚠️ No eval summary was produced.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

autorelease: pending Release-please: PR awaiting merge

Projects

None yet

3 participants