release: v0.0.19 (quiet per-project skill install)#53
Conversation
Ships PR #52. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01GMbAe5K1RfwaAcge5inX7P
|
Bugbot is not enabled for your account, so this pull request was not reviewed. Enable Bugbot in the Cursor dashboard to get automatic reviews on future PRs. |
jwfing
left a comment
There was a problem hiding this comment.
Review — release: v0.0.19
Summary: Clean, in-scope single-line release bump (package.json 0.0.18 → 0.0.19) to ship #52; no functional, security, or performance surface, and it matches the repo's established release-PR convention.
Requirements context
No /docs/superpowers/ (or docs/specs/) directory exists in insta-cli — no spec/plan to consult, so this is assessed against the PR description, the developing-insta-cli repo skill, and the version-release flow. Per .claude/skills/developing-insta-cli/SKILL.md §"Shipping a release", step 1 is "a PR changing package.json version (main is protected — never commit the bump directly)". This PR is exactly that bump PR, and #52 (b6c23c7 fix(project create): don't stream the per-project skill install's clack UI) is present as the PR's base commit, so the release genuinely ships it.
Findings
Critical — (none)
Suggestion — (none)
Information
- Software engineering: Diff is a 1-line version bump (
package.json:3), identical in shape to the previous release PR (#51, alsopackage.jsononly). No tests are expected for a version string change — the shipped behavior (#52) carried its own tests through its own PR. In scope, clean. ✅ - Functionality:
0.0.19is a valid patch increment over0.0.18, and nov0.0.19tag exists yet (onlyv0.0.18locally), consistent with the release not having been cut — correct ordering per the release flow (bump merges tomainbefore the tag is pushed). ✅ - Lockfile (informational only):
package-lock.json's rootversionfield is0.0.0(package-lock.json:3and:9) and is not moved by this PR. This is pre-existing — the lockfile has read0.0.0across every prior release (0.0.14–0.0.18), all of which shipped successfully, so neithernpm ci(ci.yml) norbun install --frozen-lockfile(release.yml) gates on the root project version. Not a blocker; flagging only as an optional future cleanup (npm versionwould keep both in sync). - Security: No security-relevant changes — version-string edit only; no user input, secrets, auth, or dependency changes. ✅
- Performance: No runtime code touched; N/A. ✅
Verdict
approved — zero Critical findings. (Informational; the GitHub green-checkmark approval remains a separate human action via the approval-bot flow. CI ci/cubic still apply per branch protection.)
jwfing
left a comment
There was a problem hiding this comment.
Code Review — PR #53 release: v0.0.19 (quiet per-project skill install)
Summary: A one-line release bump of package.json version 0.0.18 → 0.0.19 to ship the already-merged #52; it is correct, in-scope, and follows the established release convention.
Requirements context
No matching spec/plan found — this branch has no docs/ directory (CLI specs normally live under docs/specs/, but none are present here and none pertain to a version bump). Assessed against the PR description, the version-release skill's preconditions, and the repo's release history. Note: this is the "bump version in package.json, merged to main before tagging" precondition PR — creating the actual v0.0.19 tag/npm publish is a separate downstream action, out of scope for this diff.
Findings
Critical
(none)
Suggestion
(none)
Software engineering / functionality / security / performance — verification notes
- Software engineering: No tests needed or expected for a version bump; the change matches the established release convention exactly — the prior release commit
c0bcd5f(v0.0.18) also touched onlypackage.json:3with a single-line bump. No lockfile or CHANGELOG churn is expected:package-lock.jsonuses a decoupled"version": "0.0.0"root sentinel and is not version-pinned topackage.json, so no lockfile update is required. No security-relevant changes. No performance-relevant changes. - Functionality: Verified the bump is coherent and genuinely enables the release:
0.0.18 → 0.0.19is a valid next patch (package.json:3).- The
v0.0.18tag exists butv0.0.19does not, so the downstream tag/publish will pass the idempotency check. - The shipped feature #52 (
b6c23c7—fix(project create): don't stream the per-project skill install's clack UI) is already merged tomainand is the direct base of this branch, so v0.0.19 will actually carry it. The only commit unique to this PR is the release bumpadfb828.
Information
package-lock.jsonrootversionis0.0.0(decoupled frompackage.json). This is pre-existing, unchanged by this PR, and consistent across releases — flagged only for awareness, not action.
Verdict
approved (informational — no Critical findings). This is a clean, correctly-scoped release bump. GitHub approval remains a separate human action.
Bumps to v0.0.19 to ship #52.
🤖 Generated with Claude Code
https://claude.ai/code/session_01GMbAe5K1RfwaAcge5inX7P
Summary by cubic
Releases
instav0.0.19. Adds a quiet per‑project skill install during project creation to reduce CLI noise and streamline setup.Written for commit adfb828. Summary will update on new commits.