v3.2.20260415 - Vigilant Mantis

v3.2.20260415 - Vigilant Mantis

"Sharp eyes, patient method, adversarial by nature."

Changelog

Added

• Adversarial verification mandate: Reviewer's default hypothesis is now "the code is broken despite green checks" — job is to find the failure mode, not confirm it works (#54)
• Production-grade gate: New step 3 in verification — app must exit cleanly AND output must change when input changes; static output regardless of input = REJECTED (#54)
• UUID Drift bash check: One-liner detects duplicate UUIDs across test functions; any duplicate = REJECTED with fix instructions (#54)
• docs/academic_research.md: 15 cognitive and social science mechanisms with full citations grounding every workflow design decision (#54)
• Design pattern decision table: Added to developer.md and implementation/SKILL.md; any detected anti-pattern = REJECTED (#54)
• Architecture contradiction check: Developer must cross-check ADRs against ACs before writing production code (#54)
• PO pre-mortem: Added at scope step and acceptance step (#54)
• Semantic alignment rule: Tests must operate at same abstraction level as AC (#54)
• Integration test requirement: Multi-component features require at least one integration test through the public entry point (#54)
• Verification Philosophy section: Added to AGENTS.md (#54)

Changed

• Verification order: Code review before automated commands; run app first as production-grade gate (#54)
• All review sections converted to tables: Correctness, KISS, SOLID, ObjCal, Design Patterns, Tests, Versions/Build all have PASS/FAIL/Fix columns (#54)
• UUID Uniqueness rule: If only Given varies it is a property — use Hypothesis @given + @example, not multiple test functions (#54)
• Production-grade self-check in implementation: Developer must verify output changes with input before handoff (#54)
• AGENTS.md: Research foundations reference removed — academic research doc is for stakeholders only, not agent context (#55)

Summary

This release hardens the verification workflow against the failure modes identified in the ping-pong incident: no adversarial review, rules as prose that LLMs can hedge, and tests that verify functions instead of user-observable behavior. The reviewer is now explicitly adversarial, all checklists are structured tables with PASS/FAIL/Fix columns, and a production-grade gate ensures the app produces real behavior before code review begins. The name reflects the release theme: a mantis is precise, patient, and adversarial by nature.

---

SHA: 8be1b47

v3.1.20260414 - Tidal Capybara

v3.1.20260414 - Tidal Capybara

A steady, methodical current of standards flowing into place.

Changelog

Added

• extend-criteria skill: Any agent can now add acceptance criteria discovered mid-flight or post-merge, with decision rule, per-role procedures, and commit protocol
• Source: field on acceptance criteria: Mandatory traceability field (stakeholder | po | developer | reviewer | bug) — records who originated each requirement

Changed

• Test function naming: test_<short_title> replaces test_<condition>_should_<outcome>
• Test docstring first line: UUID only, no trailing description
• Commands: All skill/agent files use uv run task consistently
• tests/ layout: Documented as flat (no unit/ or integration/ subdirs)
• pytest.skip: Allowed with written justification in the docstring
• TODO.md markers: [~] (in progress) and [-] (cancelled) documented
• exit code wording: exit non-124 (was ambiguous exit 0 or 124)
• README: uv sync --all-extras and uv run task throughout

Fixed

• Removed stale auto-publish-docs.md from in-progress
• Split compound acceptance criterion into two single-outcome criteria
• Added @pytest.mark.slow to Hypothesis tests in reference implementation
• Removed duplicate assertion from reference test
• StringIO import moved to module level

---

SHA: ea8b9a7

Release v3.0.20260414 - Drifting Axolotl

Release v3.0.20260414 - Drifting Axolotl

"Like an axolotl drifting through clear water, this release simplifies everything — fewer roles, fewer skills, cleaner workflow."

Changelog

Breaking Changes

• Workflow redesigned: 8-phase/6-role system replaced with 6-step/3-role (Product Owner, Developer, Reviewer)
• Roles removed: architect, manager, repo-manager, requirements-gatherer, overseer agents deleted
• Feature directories restructured: `docs/features/{business,architecture}/` replaced with flat `docs/features/{backlog,in-progress,completed}/`

Features

• Add product-owner agent: defines scope, picks features, accepts deliveries (Steps 1+6)
• Add reviewer agent: read+bash only, runs all commands, APPROVED/REJECTED report (Step 5)
• Add scope skill: PO guide for user stories + UUID acceptance criteria
• Add verify skill: reviewer guide for command verification and code review
• Add unified docs site: `docs/index.html` landing page linking to API, Coverage, Tests
• Add ghp-import: `task doc-publish` is now a one-liner

Refactoring

• developer agent now owns all of Steps 2-4+6 including architecture, tests, code, and release
• 9 skills rewritten lean (<150 lines each): session-workflow, tdd, implementation, code-quality, pr-management, git-release, create-skill
• setup-project agent no longer uses setup_project.py — applies changes directly
• CI workflow cleaned up to use `uv run task ` consistently
• License check switched from allow-list to deny-list (avoids SPDX compound expression mismatch)

Documentation

• Rewrite README for v3: 3 roles, 6 steps, correct commands, no stale references
• Update CHANGELOG

Removed

• 11 skills deleted (architectural-analysis, delegation-coordination, epic-workflow, feature-definition, qa-enforcement, requirements-management, signature-design, workflow-coordination, prototype-script, create-agent, reference/)
• `setup_project.py` script and `.opencode/templates/` directory
• Wrong `dotenv` dependency (unused and wrong package name)
• `mutmut` dev dependency (YAGNI)

Summary

v3.0 is a ground-up simplification. The v2 system had 6 specialized roles, 8 development phases, 17 skills, and QA gates enforced by documents rather than commands. v3 reduces this to 3 roles, 6 steps, 9 skills, and a single rule: every quality check must be answerable by running a command.

---

SHA: `cfd466f`

Release v2.2.20260413 - Luminous Kestrel 🦅

Release v2.2.20260413 - Luminous Kestrel 🦅

"Like a kestrel hovering in clarity, this release streamlines and sharpens our tools"

Changelog

Added

• Architecture-First Feature System - New directory structure separating business and architecture features
• Architectural Analysis Skill - Systematic architecture documentation for each feature
• 8-Phase Development Cycle - Expanded from 7-phase with dedicated Architecture Analysis phase

Changed

• BDD → Acceptance Criteria - Renamed gherkin-validation to acceptance-criteria-validation for accurate terminology
• Consistency Updates - Fixed phase numbering, cross-references, and documentation across all agents and skills
• Epic-Workflow Refactor - Converted from epic-based to feature-selection with architecture-first priority
• Manager Agent - Enhanced with test signature creation capabilities

Removed

• detect-secrets tooling - Removed as overkill for this template's use case
• Redundant template files - Cleaned up CI templates, CodeQL, dependency-review templates

Migration Notes

• No breaking changes in this release
• Projects can continue using existing workflow

---

SHA: c4c07e4

Release v2.1.20260413 - Polished Gecko

Release v2.1.20260413 - Polished Gecko 🦎

"Like a gecko scaling a wall, this release polishes and adheres to better practices"

Why "Polished Gecko"?

This release is named Polished Gecko because:

• Polished: Extensive cleanup and streamlining of Docker, documentation, and CI/CD workflows
• Gecko: The gecko's feet represent strong adherence - we've fixed CI compliance issues (complexity, CodeQL config) to ensure tight grip on quality standards

Changelog

🐛 Bug Fixes

• fix: remove custom CodeQL workflow to resolve config conflict
• fix: reduce complexity in run function to pass CI checks
• fix: remove Python examples from gherkin-validation skill
• fix: update CI workflow to use app package name
• Fix: Update pyproject.toml to use app package name

✨ Features

• feat: add workflow coordination skills and enhanced QA enforcement
• feat: enhance setup_project.py and update README documentation
• feat: V2 Development Workflow with CI/CD Fixes (#32)
• Adding back codeql

🔧 Refactoring

• Refactor: Update template to use generic app package and restructure setup
• simplify: consolidate Docker setup to single development-focused configuration

📖 Documentation

• docs: clean up README badges and Docker references

🔀 Merges

• Merge pull request #34 from nullhack/feature/app_hardcoded
• Merge pull request #33 from nullhack/V2/init
• Merge pull request #31 from nullhack/V2/init

Summary

This release focuses on polishing the template:

• Removed unused files and streamlined Docker configs
• Fixed CI compliance issues (McCabe complexity, CodeQL conflicts)
• Added enhanced QA enforcement skills for better development workflow
• Refactored to use generic "app" package name for easier templating

---

** SHA**: 80be795

v2.0.20260411 - Armored Pangolin

🚀 MAJOR RELEASE - V1 → V2 Architecture Transition

This represents a fundamental architectural shift from V1 (template validation workflows) to V2 (project development workflows).

Breaking Changes

• Workflow Architecture: Complete transition from template validation (V1) to project development (V2)
• CI/CD Pipeline: New comprehensive GitHub Actions workflow replacing template-specific workflows
• Branch Structure: V2/init becomes the new development foundation
• Agent Configuration: Updated agent roles and capabilities for project development

Security Improvements

• Enhanced GitHub Actions workflow security with proper permissions blocks
• Removed risky PIP_USER environment variable from CI/CD pipeline
• Added secure error handling to shell scripts with 'set -euo pipefail'
• Implemented job-level permissions for all CI workflow operations

Infrastructure & DevOps

• Modernized Docker setup with security-first containerization approach
• Comprehensive CI/CD pipeline with GitHub Actions integration
• Improved workflow security following GitHub Advanced Security recommendations
• Full project development workflow implementation

Development Experience

• Complete project-focused development environment
• Better error handling and security practices in automation
• Enhanced development workflow with secure defaults
• Improved CI/CD reliability and security posture

Migration Notes

• BREAKING: This is a major version requiring migration from V1 template workflows
• V1 template validation workflows are replaced by V2 project development workflows
• Projects using V1 should plan migration to V2 architecture
• All security improvements follow GitHub security best practices

Vivid Cardinal

Release v1.7.20260410 - Vivid Cardinal

Added

• QA-gated epic workflow with mandatory QA checkpoints
• Requirements-gatherer agent (Business Analyst using BABOK methodology)
• Overseer agent (QA Specialist enforcing quality standards)
• Epic-workflow skill for automatic feature progression

Changed

• All agent descriptions use industry-standard roles
• Model specifications removed (template is model-agnostic)
• Documentation updated to reflect all components

Quality Assurance This release introduces a complete QA-gated epic workflow that mirrors enterprise development practices with dedicated business analyst and QA specialist agents. The workflow enforces quality at 4 mandatory checkpoints.

v1.6.20260409 - Guardian Owl

Release: v1.6.20260409 - Guardian Owl

Added

• Overseer Agent - Quality assurance agent that reviews work after each test implementation and requests changes if needed
• Requirements Gatherer Agent - Agent that asks questions to understand project needs, updates documentation, creates detailed analysis for architect

Changed

• Updated developer workflow to include @overseer calls after Phase 3 (TDD tests) and Phase 7 (Quality Assurance)
• Updated AGENTS.md with new agents and workflow examples

v1.5.20260403 - Crystal Jellyfish

What's New

• pdoc for API documentation with search
• pytest-html-plus for BDD-style HTML test reports
• BDD docstrings display as test names in HTML report
• New task for GitHub Pages deployment

Changes

• Replace mkdocs/mkdocstrings with pdoc
• Add pytest-html-plus with JSON report
• Update conftest.py for BDD docstring extraction
• Coverage reports now in docs/coverage/

Versioning Update

• Removed rN revision suffix
• Format now: v{major}.{minor}.{YYYYMMDD}

elegant swan

v1.6.20260313 - elegant swan

Refactored

• Extract prototype/test patterns to reference files
• Add reference/prototype-patterns.md with guidelines for creating, using, and disposing prototype scripts (MANDATORY deletion after use)
• Add reference/test-patterns.md with TDD test patterns and guidelines
• Update prototype-script skill to reference the new patterns file
• Update tdd skill to reference patterns and embed test data directly
• Update implementation skill to use embedded test data
• Update developer agent workflow to include prototype disposal step