Skip to content

feat(RAN-54): add CHANGELOG.md + docs/README.md to clear bestpractices.dev autofill audit#4

Merged
aksOps merged 1 commit intomainfrom
feat/ran-54-changelog-docs
Apr 26, 2026
Merged

feat(RAN-54): add CHANGELOG.md + docs/README.md to clear bestpractices.dev autofill audit#4
aksOps merged 1 commit intomainfrom
feat/ran-54-changelog-docs

Conversation

@aksOps
Copy link
Copy Markdown
Contributor

@aksOps aksOps commented Apr 26, 2026

Summary

Closes the two remaining bestpractices.dev autofill Unmet criteria flagged in the score audit on RAN-54 (board comment 7cf7ac75):

  • release_notes — "No release notes file found"
  • documentation_basics — "No documentation basics file(s) found"

Single PR per board direction. Auto-merge enabled.

Files

New

  • CHANGELOG.md — Keep-a-Changelog 1.1.0 format with [Unreleased] collecting RAN-54 OpenSSF baseline + RAN-59 schema rewrite + RAN-15 capture-window fix + recent color-bar fixes. Header reserves a ### Security subsection in every release entry so downstream consumers can decide whether to upgrade — covers the release_notes_vulns SHOULD criterion.
  • docs/README.mddocs/ index pointing to the existing docs/mockups/preview-redesign.html design mock plus a table of where each doc surface lives (README, CLAUDE, SECURITY, engineering-standards runbook, CHANGELOG, .bestpractices.json). Conventional discoverability path root README → docs/ → docs/README.md is now satisfied.

Modified

  • .bestpractices.json:
    • release_notes_status: N/AMet (+ release_notes_url)
    • release_notes_vulns_status: N/AMet (Security-subsection contract codified in CHANGELOG.md header; zero fixes to date is honestly stated)
    • documentation_basics_justification refreshed to cite docs/README.md; documentation_basics_url added

Verified locally

  • python3 -c 'import json; json.load(open(".bestpractices.json"))' — 152 top-level keys, 67 _status keys preserved.
  • pwsh -NoProfile -File ./Test-SnipIT.ps184/84 pass (no script changes in this PR).
  • Invoke-ScriptAnalyzer -Path ./SnipIT.ps1 -Severity Error0 errors.

Post-merge

  • Bestpractices.dev autofill should flip both criteria to Met on next scan, closing the audit at 100% on passing.
  • Per the board-approval gate codified on the Bestpractices goal, RAN-54 stays in_review. I will not transition to done until the board posts @TechLead approved.

Test plan

  • JSON validates
  • Headless tests pass (84/84)
  • PSScriptAnalyzer Error gate passes
  • CI on PR (test.yml + security.yml + scorecard.yml) green
  • Bestpractices.dev autofill picks up CHANGELOG.md + docs/README.md (board-side rescan)

🤖 Generated with Claude Code

@aksOps @Paperclip-Paperclip
feat(RAN-54): add CHANGELOG.md + docs/README.md to clear bestpractice…
c56c8b9 
…s.dev autofill audit

bestpractices.dev autofill audit (board comment 7cf7ac75 on RAN-54) flagged two
remaining `Unmet` criteria on the path to 100% on `passing`:

  - `release_notes`         "No release notes file found"
  - `documentation_basics`  "No documentation basics file(s) found"

Added (single PR per board direction):
  - CHANGELOG.md      Keep-a-Changelog 1.1.0 format with [Unreleased] section
                      capturing RAN-54 OpenSSF baseline + RAN-59 schema rewrite
                      + RAN-15 capture-window fix + recent color-bar fixes.
                      Reserves a `### Security` subsection in every release entry
                      so future security fixes are called out for downstream
                      consumers (covers `release_notes_vulns` SHOULD criterion).
  - docs/README.md    docs/ index pointing to the existing
                      docs/mockups/preview-redesign.html design mock plus a
                      table of where each doc surface lives (README, CLAUDE,
                      SECURITY, engineering-standards runbook, CHANGELOG,
                      .bestpractices.json). Conventional discoverability path
                      root README → docs/ → docs/README.md is now satisfied.

Updated:
  - .bestpractices.json
      release_notes_status            N/A -> Met (+ release_notes_url)
      release_notes_vulns_status      N/A -> Met (Security subsection contract
                                              is in CHANGELOG.md header)
      documentation_basics_*          justification refreshed to cite docs/README.md
                                              and add documentation_basics_url

Verified locally: json parses (152 top-level keys, 67 _status keys preserved),
headless tests 84/84 pass, PSScriptAnalyzer Error gate 0 findings — no script
changes in this PR.

After merge the bestpractices.dev autofill should flip both criteria to Met,
closing the score audit. Per the board-approval gate codified on the
Bestpractices goal, RAN-54 stays in_review until board posts `@TechLead approved`.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
@aksOps aksOps enabled auto-merge (squash) April 26, 2026 04:04
@aksOps aksOps merged commit f59ede6 into main Apr 26, 2026
12 checks passed
@aksOps aksOps deleted the feat/ran-54-changelog-docs branch April 26, 2026 04:05
@aksOps aksOps mentioned this pull request Apr 26, 2026
Merged
2 tasks
aksOps added a commit that referenced this pull request Apr 26, 2026
@aksOps @Paperclip-Paperclip
docs(readme): link Project files table to docs/, CHANGELOG, SECURITY …
7f0902e 
…(RAN-64) (#5)

Closes the "README links to it" item on RAN-64. PR #4 already added
CHANGELOG.md and docs/README.md to satisfy the bestpractices.dev
release_notes + documentation_basics autofill criteria; this follow-up
makes the new files discoverable from the top-level README so a human
reader landing on the repo finds them without spelunking the file tree.

Co-authored-by: Paperclip <noreply@paperclip.ing>
@aksOps aksOps mentioned this pull request Apr 26, 2026
Merged
6 tasks
aksOps added a commit that referenced this pull request Apr 26, 2026
@aksOps @Paperclip-Paperclip
release(RAN-66): cut snipIT v0.1.0 — CHANGELOG bump + bestpractices v…
851bd3a 
…ersioning evidence (#8)

CHANGELOG.md
- [Unreleased] → [v0.1.0] - 2026-04-26 with full Added / Changed / Fixed / Security
  subsections covering PR #1 (RAN-54 baseline + Scorecard hardening), PR #3 (RAN-59
  canonical-schema rewrite), PRs #4/#5 (RAN-64 CHANGELOG + docs/ index), PR #6
  (5 SUGGESTED criteria flips), PR #7 (CONTRIBUTING.md + conventional-URL retargets).
- Fresh empty [Unreleased] section opened at top per Keep-a-Changelog 1.1.0.
- Link refs now point at compare/v0.1.0...HEAD and releases/tag/v0.1.0.

.bestpractices.json
- version_unique_url + release_notes_vulns_url added (both pointing at the v0.1.0
  GitHub Release) so the bestpractices.dev autofill bot has a concrete URL to
  verify alongside _status: Met.
- 5 versioning justifications refreshed to cite the concrete v0.1.0 tag instead of
  forward-looking commitments: version_unique, version_semver, version_tags,
  release_notes, release_notes_vulns. These are the criteria the autofill bot
  verifies by checking actual GitHub Releases / git tags exist.

Once the v0.1.0 signed tag + GitHub Release land post-merge, autofill should flip
release_notes to Met (currently Unmet pending evidence) and the 4 SUGGESTED
versioning criteria stay Met with concrete tag-backed URLs.

Co-authored-by: Paperclip <noreply@paperclip.ing>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@aksOps