diff --git a/.bumpversion.toml b/.bumpversion.toml index 5042bda..89d128f 100644 --- a/.bumpversion.toml +++ b/.bumpversion.toml @@ -2,7 +2,7 @@ # SPDX-License-Identifier: Apache-2.0 [tool.bumpversion] -current_version = "2.4.0" +current_version = "2.5.0" parse = "(?P\\d+)\\.(?P\\d+)\\.(?P\\d+)" serialize = ["{major}.{minor}.{patch}"] @@ -47,4 +47,4 @@ replace = '''| `{new_version}` (current) | ✅ All security fixes | # bump-my-version does NOT manage these files; they are listed here for discoverability. # --------------------------------------------------------------------------- [tool.bumpversion.custom_variables.core_version] -current = "0.18.0" +current = "0.19.0" diff --git a/CHANGELOG.md b/CHANGELOG.md index fd8a423..6bf1b54 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,8 @@ All notable changes to zenzic-action are documented in this file. The project ad ## [Unreleased] +## [2.5.0] - 2026-07-01 + ## [2.4.0] - 2026-06-28 ### Changed diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 84f3033..cc05272 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -120,7 +120,7 @@ Releases are managed by the internal `just` orchestrator to ensure strict synchr just verify # 2. Update the Zenzic core pin to the target version -just pin-core # e.g., just pin-core 0.18.0 +just pin-core # e.g., just pin-core 0.19.0 # 3. Check alignment between core and action dependencies just versions diff --git a/README.md b/README.md index dd0ff62..2467aed 100644 --- a/README.md +++ b/README.md @@ -55,7 +55,7 @@ The minimal configuration — zero Python setup, SARIF to Code Scanning in one s - name: Run Zenzic Documentation Quality Gate uses: PythonWoods/zenzic-action@v2 with: - version: "0.18.0" + version: "0.19.0" format: sarif upload-sarif: "true" permissions: @@ -210,7 +210,7 @@ Fail-closed rule: | Input | Default | Description | |---|---|---| -| `version` | `0.18.0` | Zenzic version to install. Pin to a specific release for reproducible CI. Set `latest` for continuous evaluation. | +| `version` | `0.19.0` | Zenzic version to install. Pin to a specific release for reproducible CI. Set `latest` for continuous evaluation. | | `format` | `sarif` | Output format: `text`, `json`, or `sarif`. | | `sarif-file` | `zenzic-results.sarif` | SARIF output path (when `format: sarif`). Must be a **relative** path inside the workspace. | | `upload-sarif` | `true` | Upload SARIF to GitHub Code Scanning. | diff --git a/RELEASE.md b/RELEASE.md index 6cf1b8c..0dfd0c2 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -6,17 +6,17 @@ | Field | Value | | :------ | :--------- | -| Version | v2.4.0 | -| Date | 2026-06-28 | +| Version | v2.5.0 | +| Date | 2026-07-01 | | Status | Stable | ## Release Checklist Before tagging, every item must be green: -- [ ] `action.yml` — `default:` pin updated to the latest Zenzic core version (`0.18.0`) -- [ ] `package.json` version bumped to `2.4.0` -- [ ] `pyproject.toml` — synchronized with core pin (`zenzic>=0.18.0`) +- [ ] `action.yml` — `default:` pin updated to the latest Zenzic core version (`0.19.0`) +- [ ] `package.json` version bumped to `2.5.0` +- [ ] `pyproject.toml` — synchronized with core pin (`zenzic>=0.19.0`) - [ ] `just versions` — returns `✅ Ecosystem alignment verified.` - [ ] `just verify` — exits 0 - [ ] `zenzic check .` — zero findings (DQS 100/100) @@ -32,15 +32,15 @@ git pull origin main just release # 3. Create the release tag and push -git tag v2.4.0 +git tag v2.5.0 git push && git push --tags # 4. Move the floating v2 tag to the new release: -git tag -fa v2 v2.4.0^{} -m "release: v2.4.0" +git tag -fa v2 v2.5.0^{} -m "release: v2.5.0" git push origin v2 --force # Verification (Atomic Parity Check): -git rev-parse v2^{} v2.4.0^{} +git rev-parse v2^{} v2.5.0^{} # SUCCESS: Both hashes must be identical. ``` diff --git a/SECURITY.md b/SECURITY.md index 3d65703..0a2a25e 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -75,8 +75,8 @@ by the wrapper script — it is consumed exclusively by `github/codeql-action/up | Version | Support status | |---------|----------------| -| `2.4.0` (current) | ✅ All security fixes | -| `< 2.4.0` | ❌ End of life — no support | +| `2.5.0` (current) | ✅ All security fixes | +| `< 2.5.0` | ❌ End of life — no support | --- diff --git a/action.yml b/action.yml index df9c3df..4874b15 100644 --- a/action.yml +++ b/action.yml @@ -16,7 +16,7 @@ inputs: version: description: "Zenzic version to use. Defaults to latest stable." required: false - default: "0.18.0" # x-zenzic-core-pin + default: "0.19.0" # x-zenzic-core-pin format: description: "Output format: 'text', 'json', or 'sarif'." required: false diff --git a/package.json b/package.json index abc36a4..ea55251 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "zenzic-action", - "version": "2.4.0", + "version": "2.5.0", "private": true, "description": "Official GitHub Action for Zenzic — Documentation Quality Gate", "license": "Apache-2.0", diff --git a/pyproject.toml b/pyproject.toml index c74a3ec..34615be 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -10,7 +10,7 @@ license = {text = "Apache-2.0"} authors = [{name = "PythonWoods", email = "dev@pythonwoods.dev"}] dynamic = ["version"] dependencies = [ - "zenzic>=0.18.0", + "zenzic>=0.19.0", ] [project.urls]