## Context v0.10.9 planning docs included several CI hardening items that were deferred. Track them here for v0.10.10/v0.10.11. ## v0.10.10 scope - [ ] Add `publint` to CI (catches broken exports, missing types, bad ESM/CJS boundaries) - [ ] Add CJS smoke test to `pack-install-smoke.sh` (currently ESM-only) - [ ] Fix `docs/ARCHITECTURE.md` version (still says 0.9.18) - [ ] Add terminology section to `docs/specs/PROTOCOL-BEHAVIOR.md` - [ ] Run performance benchmark (p95 verify/issue) and record baseline - [ ] Fix kernel tarball `dist/__tests__/` leak (see separate issue) ## v0.10.11 scope - [ ] Add SBOM generation (CycloneDX) as CI artifact - [ ] Add `pnpm audit` to CI (non-blocking initially) - [ ] Document dependency policy in contributing guide - [ ] Configure required status checks on main branch protection ## Reference - v0.10.9 release verification record: `reference/releases/v0.10.9.md` - Issue #326: Make `typecheck:apps` mandatory in CI
Context
v0.10.9 planning docs included several CI hardening items that were deferred. Track them here for v0.10.10/v0.10.11.
v0.10.10 scope
publintto CI (catches broken exports, missing types, bad ESM/CJS boundaries)pack-install-smoke.sh(currently ESM-only)docs/ARCHITECTURE.mdversion (still says 0.9.18)docs/specs/PROTOCOL-BEHAVIOR.mddist/__tests__/leak (see separate issue)v0.10.11 scope
pnpm auditto CI (non-blocking initially)Reference
reference/releases/v0.10.9.mdtypecheck:appsmandatory in CI