167 lines
8.2 KiB
Markdown
167 lines
8.2 KiB
Markdown
# Changelog
|
|
|
|
All notable changes to CmdForge will be documented in this file.
|
|
|
|
## [Unreleased]
|
|
|
|
### Added
|
|
|
|
#### Transitive Dependency Resolution
|
|
- **Full transitive dependency resolution**: When installing dependencies, CmdForge now resolves and installs the complete dependency tree
|
|
- `DependencyGraph` and `DependencyNode` dataclasses for structured dependency tracking
|
|
- `DependencyGraphBuilder` class for recursive resolution with cycle detection
|
|
- Topological sorting ensures dependencies are installed before dependents (Kahn's algorithm)
|
|
- Version conflict detection with provenance tracking (which package requested each version)
|
|
- Registry config caching during resolution to avoid duplicate fetches
|
|
|
|
- **Semver version constraint matching**: Full semantic versioning support
|
|
- Caret constraints: `^1.2.3` (>=1.2.3 <2.0.0), `^0.2.3` (>=0.2.3 <0.3.0), `^0.0.3` (exact match)
|
|
- Tilde constraints: `~1.2.3` (>=1.2.3 <1.3.0)
|
|
- Comparison operators: `>=`, `<=`, `>`, `<`, `=`
|
|
- Wildcards: `*`, `latest`
|
|
- Prerelease version handling per semver spec
|
|
|
|
- **New CLI commands**:
|
|
- `cmdforge deps tree` - Show full dependency tree with transitive dependencies
|
|
- `cmdforge deps tree --verbose` - Show detailed resolution info
|
|
|
|
- **Enhanced install command**:
|
|
- `--dry-run` - Show what would be installed without installing
|
|
- `--force` - Install despite version conflicts (first constraint wins)
|
|
- `--verbose` - Show detailed resolution info
|
|
|
|
#### Lock File Support
|
|
- **Lock file for reproducible installs**: `cmdforge.lock` records exact versions of all dependencies
|
|
- `Lockfile`, `LockedPackage`, `LockfileMetadata` dataclasses
|
|
- Records direct and transitive dependencies with provenance (`required_by`)
|
|
- Integrity verification via SHA256 hashes (uses registry `config_hash`)
|
|
- Normalized YAML hashing via `hash_utils.compute_yaml_hash()` for consistent integrity checks
|
|
- Platform and Python version metadata for debugging
|
|
|
|
- **New CLI commands**:
|
|
- `cmdforge lock` - Generate or update `cmdforge.lock`
|
|
- `cmdforge lock --force` - Force regenerate even if up to date
|
|
- `cmdforge verify` - Verify installed tools match lock file
|
|
|
|
- **Lock-aware install**:
|
|
- `cmdforge install` - Uses lock file when present for reproducible installs
|
|
- `--frozen` - Fail if lock file is missing (for CI)
|
|
- `--strict-frozen` - Fail if lock file is stale (manifest changed)
|
|
- `--ignore-lock` - Ignore lock file and resolve fresh from manifest
|
|
|
|
#### Local Collections Support
|
|
- **Local collection definitions**: Create and manage collections locally before publishing
|
|
- Collections stored as YAML files in `~/.cmdforge/collections/`
|
|
- `Collection` dataclass with name, display_name, description, tools, pinned versions, tags
|
|
- `published`, `registry_name`, `pending_approval`, `pending_tools` fields for tracking state
|
|
|
|
- **CLI commands for local collections**:
|
|
- `cmdforge collections list --local` - List local collections
|
|
- `cmdforge collections create <name>` - Create new local collection
|
|
- `cmdforge collections show <name>` - View collection details
|
|
- `cmdforge collections add <name> <tool>` - Add tool to collection
|
|
- `cmdforge collections remove <name> <tool>` - Remove tool from collection
|
|
- `cmdforge collections delete <name>` - Delete local collection
|
|
- `cmdforge collections publish <name>` - Publish collection to registry
|
|
- `cmdforge collections status <name>` - Check tool visibility and approval status
|
|
- Flags: `--dry-run`, `--force`, `--continue` for publish workflow
|
|
|
|
- **GUI Collections page**: New page for managing collections
|
|
- Local collections tab: Create, edit, delete local collections
|
|
- Registry collections tab: Browse and install from registry
|
|
- Publish workflow with tool resolution analysis
|
|
- Background workers for non-blocking install/publish operations
|
|
|
|
- **Collection publishing workflow**:
|
|
- `resolve_tool_references()` function to transform local tool names to registry refs
|
|
- Visibility checking (tools must be public)
|
|
- Approval status checking (tools must have approved version)
|
|
- Options: publish tools first, skip unpublished, or cancel
|
|
- `ToolResolutionResult` dataclass for structured resolution data
|
|
|
|
- **New API endpoints**:
|
|
- `GET /api/v1/me` - Get current authenticated user info
|
|
- `GET /api/v1/tools/<owner>/<name>/approved` - Check if tool has approved public version
|
|
- `POST /api/v1/collections` - Publish/update collection (authenticated)
|
|
|
|
- **New RegistryClient methods**:
|
|
- `get_me()` - Get current user info
|
|
- `has_approved_public_tool(owner, name)` - Check tool approval status
|
|
- `publish_collection(data)` - Publish collection to registry
|
|
|
|
#### Registry Features
|
|
- **Fork tracking and display**: Tools now track their fork origin with `forked_from` and `forked_version` metadata
|
|
- Forked tools show a "Forked from" notice on the tool detail page
|
|
- Original tools display a "Forks" section listing all forks
|
|
- Fork count displayed in tool stats
|
|
- API endpoint: `GET /api/v1/tools/<owner>/<name>/forks`
|
|
|
|
- **Version selector for installs**: Users can select specific versions when installing tools from the registry
|
|
- Version dropdown in registry page populated via `GET /api/v1/tools/<owner>/<name>/versions`
|
|
- "Latest" option plus all available versions listed
|
|
- Selected version passed to install worker
|
|
|
|
- **Auto-cleanup rejected versions**: Admin maintenance feature to purge rejected tool submissions
|
|
- API endpoint: `POST /api/v1/admin/cleanup/rejected`
|
|
- Parameters:
|
|
- `days` (default: 7) - grace period before deletion
|
|
- `dry_run` (default: false) - preview mode without actual deletion
|
|
- Admin dashboard UI with "Dry Run" and "Run Cleanup" buttons
|
|
- Shows count of rejected versions pending cleanup
|
|
|
|
#### GUI Improvements
|
|
- Version display and bump buttons in publish dialog
|
|
- Auto-fetch registry version when opening publish dialog
|
|
- Fork detection during publish workflow
|
|
- Always refresh tools page after publish dialog closes
|
|
- **Startup connection validation**: GUI validates registry token on startup
|
|
- Automatically clears invalid/revoked tokens
|
|
- Shows status bar message when connection is cleared
|
|
- Prevents confusing errors when trying to publish with stale credentials
|
|
- **Help menu and quick guides**: Added Help menu with documentation guides
|
|
- Getting Started guide with quick start steps and keyboard shortcuts
|
|
- How to Create a Tool guide with step-by-step instructions
|
|
- How to Install Tools guide for registry browsing
|
|
- How to Publish Tools guide for sharing tools
|
|
- Keyboard Shortcuts reference
|
|
- About CmdForge dialog
|
|
- F1 shortcut opens Getting Started guide
|
|
- **Enhanced tooltips**: Added contextual tooltips throughout the GUI
|
|
- Section headings in Tool Builder (Arguments, Steps, Output Template)
|
|
- Registry page controls (search, filters, pagination, install)
|
|
- Sidebar navigation items with keyboard shortcuts
|
|
|
|
#### CLI Features
|
|
- `cmdforge config disconnect` - Clear registry token from local configuration
|
|
|
|
#### Admin Features
|
|
- Maintenance section in admin dashboard
|
|
- Rejected version count display
|
|
- Cleanup result modal with detailed output
|
|
|
|
#### Fabric Sync Improvements
|
|
- **AI review logging**: Added comprehensive logging to `run_ai_scrutiny_review()` function
|
|
- Logs tool path checks, warning counts, timing, success/failure states
|
|
- Logs timeout events, JSON parse errors, and all exception types
|
|
- Previously failures were silently swallowed with `return None`
|
|
- **`--skip-ai-review` flag**: Skip AI secondary review for large bulk imports
|
|
- Prevents rate limiting and timeouts during initial large imports
|
|
- Usage: `python fabric_sync.py --sync --skip-ai-review`
|
|
- Logs when AI review is skipped with reason
|
|
|
|
### Fixed
|
|
- **Registry search partial matching**: Search now supports prefix matching (e.g., "summ" matches "summarize")
|
|
- VERSION_EXISTS error showing after successful publish (made endpoint idempotent by checking config_hash)
|
|
- My Tools page listing every version separately (now consolidated by tool name)
|
|
- GUI not refreshing after publish dialog closes
|
|
|
|
### Changed
|
|
- Publish endpoint now returns success if same config_hash already exists (idempotent)
|
|
- My Tools page groups versions by tool name, showing version count and list
|
|
|
|
---
|
|
|
|
## Previous Changes
|
|
|
|
See git history for changes prior to this changelog.
|