From e22236b8df4d286c9f249432630346cf7e269406 Mon Sep 17 00:00:00 2001 From: Micah Alpern Date: Sat, 13 Jun 2026 09:05:09 -0500 Subject: [PATCH] Release prep 1.0.0: version bump, appcast cleanup, stable-release tagging MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Prepares master for the 1.0.0 stable cut (run release.sh with no version arg so its in-place CFBundleVersion= auto-bump never runs). - Info.plist: CFBundleShortVersionString 1.0.0-beta3 → 1.0.0; CFBundleVersion 3 → 4 so Sparkle sees 1.0.0 as newer than beta3 (build-and-sign.sh writes from CFBundleVersion). - appcast.xml: remove the stale "Version 1.0.0" entry (sparkle:version=1, pointing at a non-existent v1.0.0 release) left over from a prior local run — it would otherwise sit alongside the real 1.0.0 entry as a broken, never-offered update. - release.sh: mark GitHub Release --prerelease only for versions carrying a semver pre-release suffix; stable X.Y.Z publishes as "Latest release". Scalar + ${x:+...} keeps it safe under set -u on bash 3.2. - CHANGELOG.md: cut [1.0.0] section from [Unreleased] (security: cmd-feature removal; features; known limitations). Helper Info.plist intentionally untouched: bumping it changes the bundled privileged helper and can trigger a re-approval prompt on auto-update. Co-Authored-By: Claude Opus 4.8 --- CHANGELOG.md | 46 ++++++++++++++++++++++++++++------- Scripts/release.sh | 12 ++++++++- Sources/KeyPathApp/Info.plist | 4 +-- appcast.xml | 16 ------------ 4 files changed, 50 insertions(+), 28 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2aefc421e..a8dde9dad 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,26 +7,54 @@ Versioning once public release tags are established. ## [Unreleased] +## [1.0.0] - 2026-06-13 + +First stable public release. + +### Security + +- The bundled Kanata engine is compiled without the `cmd` feature: the root + daemon physically cannot execute shell commands regardless of config + contents — a stronger guarantee than the previous opt-in toggle. Hand-written + `(cmd …)` actions now fail validation with a clear message; use the + consent-gated **Script Execution** actions (which run as the user, not root) + instead. + ### Added -- Release-governance docs: `SECURITY.md`, `CODE_OF_CONDUCT.md`, and this - changelog. -- CI/release-readiness tracking issues labeled as `release-blocker` in GitHub. +- 22 ready-to-use rule packs (Home Row Mods, Caps Lock remapping, Vim & Neovim + navigation, Quick Launcher, Window Snapping, Auto Shift, Numpad/Symbol/Function + layers, and more), each installable in one click from the Gallery with a live + preview. +- Live keyboard overlay showing per-layer key behavior in real time, including + tap-hold and chord behavior. +- The Mapper: visual remap builder for tap/hold/shift/combo behaviors, multi-tap, + app-specific overrides, system actions, app launches, and layer jumps. +- QMK (`keymap.c`) and Karabiner (`karabiner.json`) import. QMK import is + comprehensive; Karabiner import covers simple key-to-key remaps. - Mapper/overlay support for optional per-key shifted output customization: - `Shift + key` can now send a separate output from tap/default output for + `Shift + key` can send a separate output from the tap/default output for global keystroke mappings. +- Release-governance docs: `SECURITY.md`, `CODE_OF_CONDUCT.md`, and this + changelog. ### Changed -- Documentation and CI policy are being aligned for open source release quality -gates. -- CI now enforces coverage non-regression for the narrow baseline lane: - `KeyPathErrorTests` + `PermissionOracleTests` with an initial floor of - `0.29%` TOTAL line coverage. - Shifted-output editing is intentionally constrained to global keystroke mappings and is disabled for app-specific mappings, system actions, URLs, and advanced hold/combo/tap-dance behaviors. +### Known limitations + +- Home Row Layer Toggles in "Toggle" mode assume the layers they point at are + also enabled; if not, those keys no-op on hold (the rest of the keyboard is + unaffected). +- Karabiner import covers simple remaps only — tap-hold, layer/variable, and + device/app-conditional rules are not translated yet and are skipped with a + summary. +- Changing the Leader key is done in the Rules tab; the CLI and hand-edited + config files don't yet propagate Leader-key changes. + ## [0.0.0-internal] ### Notes diff --git a/Scripts/release.sh b/Scripts/release.sh index 813f5a244..43037b188 100755 --- a/Scripts/release.sh +++ b/Scripts/release.sh @@ -226,11 +226,21 @@ fi git tag "v${VERSION}" echo "📤 Creating GitHub Release..." +# Mark as pre-release only for versions carrying a semver pre-release suffix +# (e.g. 1.0.0-beta4). Stable versions (1.0.0) publish as "Latest release". +# Scalar + ${x:+...} keeps this safe under `set -u` on bash 3.2 (macOS). +PRERELEASE_FLAG="" +if [[ "$VERSION" == *-* ]]; then + PRERELEASE_FLAG="--prerelease" + echo " $VERSION is a pre-release → marking GitHub Release as pre-release" +else + echo " $VERSION is stable → publishing as Latest release" +fi gh release create "v${VERSION}" \ "$SPARKLE_ZIP" \ "$SPARKLE_DMG" \ --title "KeyPath ${VERSION}" \ - --prerelease \ + ${PRERELEASE_FLAG:+"$PRERELEASE_FLAG"} \ --notes "See [release notes](https://github.com/malpern/KeyPath/releases/tag/v${VERSION}) for details." echo "📝 Updating appcast.xml..." diff --git a/Sources/KeyPathApp/Info.plist b/Sources/KeyPathApp/Info.plist index 815309910..9c3b0d121 100644 --- a/Sources/KeyPathApp/Info.plist +++ b/Sources/KeyPathApp/Info.plist @@ -11,9 +11,9 @@ CFBundleDisplayName KeyPath CFBundleVersion - 3 + 4 CFBundleShortVersionString - 1.0.0-beta3 + 1.0.0 CFBundlePackageType APPL CFBundleIconFile diff --git a/appcast.xml b/appcast.xml index 8f928a4f1..c557311f4 100644 --- a/appcast.xml +++ b/appcast.xml @@ -107,21 +107,5 @@ ]]> - - Version 1.0.0 - 1 - 1.0.0 - 15.0 - Mon, 15 Dec 2025 22:07:37 -0800 - - - https://github.com/malpern/KeyPath/releases/tag/v1.0.0 - - -