projectious-work
diff --git a/‎CHANGELOG.md‎
Lines changed: 22 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 22 additions & 0 deletions
diff --git a/‎aibox.lock‎
Lines changed: 1 addition & 1 deletion b/‎aibox.lock‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎context/decisions/DEC-20260422_0926-MerryArch-auto-create-github-releases.md‎
Lines changed: 71 additions & 0 deletions b/‎context/decisions/DEC-20260422_0926-MerryArch-auto-create-github-releases.md‎
Lines changed: 71 additions & 0 deletions
diff --git a/‎context/decisions/DEC-20260422_1348-SnowyWolf-local-only-release-bulletproofing.md‎
Lines changed: 78 additions & 0 deletions b/‎context/decisions/DEC-20260422_1348-SnowyWolf-local-only-release-bulletproofing.md‎
Lines changed: 78 additions & 0 deletions
diff --git a/‎context/logs/2026/04/LOG-20260422_0925-StoutThorn-workitem-created.md‎
Lines changed: 15 additions & 0 deletions b/‎context/logs/2026/04/LOG-20260422_0925-StoutThorn-workitem-created.md‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎context/logs/2026/04/LOG-20260422_0926-SmartAnt-workitem-transitioned.md‎
Lines changed: 15 additions & 0 deletions b/‎context/logs/2026/04/LOG-20260422_0926-SmartAnt-workitem-transitioned.md‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎context/logs/2026/04/LOG-20260422_0926-SpryBird-decision-created.md‎
Lines changed: 16 additions & 0 deletions b/‎context/logs/2026/04/LOG-20260422_0926-SpryBird-decision-created.md‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎context/logs/2026/04/LOG-20260422_1348-QuickFalcon-decision-created.md‎
Lines changed: 16 additions & 0 deletions b/‎context/logs/2026/04/LOG-20260422_1348-QuickFalcon-decision-created.md‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎context/logs/2026/04/LOG-20260422_1354-StrongGrove-decision-superseded.md‎
Lines changed: 15 additions & 0 deletions b/‎context/logs/2026/04/LOG-20260422_1354-StrongGrove-decision-superseded.md‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎context/skills/devops/release-semver/SKILL.md‎
Lines changed: 57 additions & 7 deletions b/‎context/skills/devops/release-semver/SKILL.md‎
Lines changed: 57 additions & 7 deletions
@@ -5,6 +5,28 @@ Versions follow [Semantic Versioning](https://semver.org/).
 
 ---
 
+## [v0.19.1] — 2026-04-22
+
+Local-only release bulletproofing — no CI workflows. Addresses the
+v0.19.0 post-mortem finding that a tag push does not create a GitHub
+Release. Supersedes `DEC-20260422_0926-MerryArch` (CI workflow
+approach, rejected on vendor-lock + cost grounds) with
+`DEC-20260422_1348-SnowyWolf` (skill flow + doctor detection).
+
+### Added
+
+- **feat(pk-doctor): 6th check category `release_integrity`** — walks every local `v*` git tag, probes GitHub via `gh release view` for a matching Release, and WARNs on any tag without one. INFO when `gh` is unavailable or the tag set is empty. Opt-out via `PK_DOCTOR_SKIP_RELEASE_INTEGRITY=1`; tag-scan cap via `PK_DOCTOR_RELEASE_INTEGRITY_MAX` (default 50). Each WARN carries a ready-to-paste `gh release create <TAG>` command with CHANGELOG extraction inlined. See `DEC-20260422_1348-SnowyWolf-local-only-release-bulletproofing`.
+
+### Changed
+
+- **chore(release-semver): collapse /pk-release into a single bulletproof flow.** `SKILL.md` (both trees) rewritten with a 9-step recipe that prepares, publishes, and **verifies** in one turn — the release is not considered complete until `gh release view vX.Y.Z` succeeds (step 8). `/pk-publish` retained as a recovery alias for historical tags that are missing a Release. New Gotcha: "`git push --tags` is not a GitHub Release." Closes `BACK-20260422_0925-MightyOtter-v0-19-1-release`.
+
+### Fixed
+
+- **fix(release flow): v0.19.0 tag was pushed without a corresponding GitHub Release** — the prepare phase of release-semver completed but the publish phase was skipped. v0.19.0 Release was created manually; v0.19.1 ships the prevention (collapsed flow) and detection (`release_integrity` check) mechanisms.
+
+---
+
 ## [v0.19.0] — 2026-04-22
 
 ### Added (v0.19.0 architecture refactor)
 
@@ -4,7 +4,7 @@ synced_at = "2026-04-19T08:03:58.481219+00:00"
 
 [processkit]
 source = "https://github.com/projectious-work/processkit.git"
-version = "v0.19.0"
+version = "v0.19.1"
 src_path = "src"
 release_asset_sha256 = "3c6bf672e3a4ac2bf8c0b807c2e5fe948ff27906b6a0aa0ff73d36a1b2f7c98c"
 installed_at = "2026-04-19T08:03:58.481219+00:00"
@@ -0,0 +1,71 @@
+---
+apiVersion: processkit.projectious.work/v1
+kind: DecisionRecord
+metadata:
+  id: DEC-20260422_0926-MerryArch-auto-create-github-releases
+  created: '2026-04-22T09:26:42+00:00'
+  updated: '2026-04-22T13:54:52+00:00'
+spec:
+  title: Auto-create GitHub Releases via tag-push workflow; mirror to src/ for downstream
+    projects
+  state: superseded
+  decision: 'Ship `.github/workflows/release.yml` at the processkit repo root that,
+    on push of any `v*` tag, extracts the matching section from `CHANGELOG.md` and
+    creates a GitHub Release via `softprops/action-gh-release@v2`. Mirror the same
+    workflow into `src/.github/workflows/release.yml` so downstream projects installed
+    through aibox inherit the automation. Tighten the `release-semver` SKILL.md''s
+    Publish section with a concrete `gh release create` example and the shipped-workflow
+    pattern, and add an explicit Gotcha: "a `git push --tags` is not a GitHub Release."
+    Cut v0.19.1 to deliver this fix and dogfood the workflow.'
+  context: 'During v0.19.0 release, `/pk-release` was invoked (prepare phase: bump
+    + CHANGELOG + tag + push) but `/pk-publish` was not invoked afterwards. The tag
+    landed on GitHub but no Release entry existed — downstream consumers of `gh api`
+    / the Releases page / aibox sync would have missed the release. The fix required
+    a manual `gh release create`. The miss is easy to repeat: a developer can stop
+    after `/pk-release` without realising the publish step is separate.'
+  rationale: '(1) **Automation over discipline.** A tag-push workflow removes the
+    human step entirely: any future `v*` tag push reliably produces a Release with
+    CHANGELOG-derived notes. (2) **Mirror to src/.** processkit is consumed by downstream
+    projects via aibox; shipping the workflow under `src/.github/workflows/` means
+    those projects inherit the automation without needing to copy it by hand. (3)
+    **Doc tightening is secondary but cheap.** The SKILL.md currently says "Publish
+    according to the project''s distribution channel" — too abstract. A concrete `gh
+    release create` command, plus the CI-workflow snippet, makes the publish-phase
+    expectation unambiguous for humans and agents. (4) **Dogfood the fix in the same
+    release.** Cutting v0.19.1 with the workflow already committed means pushing the
+    tag validates the end-to-end automation. Follow-up: the `decisionrecord.yaml`
+    deciders[] pattern still requires `ACTOR-*` — that schema needs TEAMMEMBER-* support;
+    filed separately.'
+  alternatives:
+  - option: 'Discipline-only: require /pk-publish after /pk-release; add a Gotcha
+      but no CI'
+    rejected_because: Relies on every future release-runner remembering the second
+      step. Exactly the failure mode that caused v0.19.0's miss.
+  - option: Merge /pk-release and /pk-publish into a single step
+    rejected_because: Publishing is irreversible; keeping prepare and publish distinct
+      preserves a reviewable checkpoint. Automating publish via CI is safer than short-circuiting
+      the slash command.
+  - option: Pk-doctor category that flags tags missing Releases
+    rejected_because: Good complement but doesn't prevent the miss; we chose to prioritise
+      prevention (CI) over detection (doctor). Doctor check can be added later as
+      a second-line defence.
+  - option: Use release-please or goreleaser instead of softprops/action-gh-release
+    rejected_because: Those tools own the CHANGELOG/versioning workflow; processkit
+      already has its own release-semver skill + manual CHANGELOG. softprops is a
+      minimal single-purpose action that only does the GH Release step — matches our
+      existing pipeline exactly.
+  consequences: '`.github/workflows/` directory created at repo root (first workflow).
+    Requires the repo to allow GitHub Actions (already enabled). `softprops/action-gh-release@v2`
+    added as a transitive dependency (pinned to a major version). `src/.github/workflows/release.yml`
+    shipped in aibox-synced template tree — downstream processkit projects will gain
+    the workflow on next sync. Existing Releases (v0.19.0 and earlier) unchanged.
+    A future tag-push that lacks a matching CHANGELOG section will get a fallback
+    placeholder body; acceptable minor ugliness, not a blocker. v0.19.1 patch release
+    required to ship the workflow. Separately flagged: the schema pattern for deciders[]
+    / assignee is still `ACTOR-*` and needs TEAMMEMBER-* support (not blocking this
+    fix).'
+  related_workitems:
+  - BACK-20260422_0925-MightyOtter-v0-19-1-release
+  decided_at: '2026-04-22T09:26:42+00:00'
+  superseded_by: DEC-20260422_1348-SnowyWolf-local-only-release-bulletproofing
+---
@@ -0,0 +1,78 @@
+---
+apiVersion: processkit.projectious.work/v1
+kind: DecisionRecord
+metadata:
+  id: DEC-20260422_1348-SnowyWolf-local-only-release-bulletproofing
+  created: '2026-04-22T13:48:39+00:00'
+  updated: '2026-04-22T13:54:52+00:00'
+spec:
+  title: 'Local-only release bulletproofing: single-turn release-semver flow + pk-doctor
+    release_integrity check (no CI workflows)'
+  state: accepted
+  decision: 'Supersede `DEC-20260422_0926-MerryArch` (which proposed a `.github/workflows/release.yml`
+    tag-push workflow). Do **not** add GitHub Actions workflows — vendor-specific,
+    metered, and against the owner''s cost stance. Instead, make the release process
+    bulletproof through two strictly local mechanisms: (1) **Prevention** — collapse
+    `/pk-release` into a single end-to-end flow that prepares *and* publishes in the
+    same turn, with an explicit `gh release create` step and a mandatory verification
+    (`gh release view`) before the command is considered complete. Remove the split
+    between `/pk-release` and `/pk-publish` that made half-done releases possible.
+    (2) **Detection** — add a 6th pk-doctor check category `release_integrity` that
+    enumerates every local `v*` git tag, probes GitHub (via `gh release view`) for
+    a matching Release, and emits a WARN for any tag without one. Gracefully INFO
+    when `gh` is unavailable. Both mechanisms ship in v0.19.1, replacing the now-discarded
+    CI workflow approach.'
+  context: 'User rejected the CI-workflow approach on two grounds: vendor lock-in
+    (GitHub Actions only helps GitHub-hosted projects) and cost (Actions minutes are
+    metered on private or heavy-use accounts). Both arguments are durable — processkit
+    should not assume a paid CI runtime. The original v0.19.0 miss was the agent stopping
+    after prepare; the root cause is fixable entirely within the processkit layer
+    (skill flow + doctor check) without reaching for CI.'
+  rationale: (1) **Local-only stays with processkit's value proposition.** processkit
+    is a file-based, provider-neutral toolkit; CI workflow files break that story.
+    (2) **Single-turn /pk-release prevents the miss structurally.** If the slash command's
+    documented flow ends with `gh release create` + verification, an agent that claims
+    "done" without running those steps is violating the skill — caught by skill-reviewer
+    or review. No human discipline required mid-release. (3) **pk-doctor provides
+    the safety net.** Even if the skill is mis-invoked or skipped, `release_integrity`
+    catches missing Releases on the next `/pk-doctor` run. Warnings, not errors —
+    it flags the gap without blocking the repo. (4) **`gh release create` is free.**
+    It's a single REST API call, runs locally, no metered runtime. (5) **Split prepare/publish
+    is the wrong abstraction here.** It was useful when publishing meant pushing to
+    crates.io / PyPI (multi-minute work that justified a checkpoint). For processkit's
+    current reality — the release artifact is the GitHub Release page — the two phases
+    collapse to one natural turn.
+  alternatives:
+  - option: Keep the CI workflow; user just learns to live with the cost
+    rejected_because: User explicitly rejected on cost + vendor-lock grounds; durable
+      objection.
+  - option: Third-party non-GitHub CI (e.g., local runner, custom webhook)
+    rejected_because: Adds more infrastructure than it removes; not provider-neutral
+      either; violates simplicity.
+  - option: Only add pk-doctor detection; don't change the skill flow
+    rejected_because: Detection catches the miss after the fact; it doesn't prevent
+      it. Pairing detection with prevention is stronger and both are cheap.
+  - option: Only change the skill flow; skip the pk-doctor check
+    rejected_because: No safety net if the skill is ever bypassed or a future agent
+      mis-interprets the flow. Belt-plus-suspenders here is worth the ~60 LOC.
+  - option: Pre-commit / pre-push git hook that blocks tag pushes without a prior
+      Release
+    rejected_because: git hooks are local-machine only and not version-controlled
+      by default; unreliable across contributors.
+  consequences: '- `.github/workflows/release.yml` and `src/.github/workflows/release.yml`
+    will NOT ship. Local files removed from this session''s uncommitted state.\n-
+    `release-semver/SKILL.md` (both trees) rewritten: single flow, mandatory verification
+    step, updated Gotcha ("prepare-only is not a release; the flow only completes
+    when `gh release view vX.Y.Z` succeeds").\n- `/pk-publish` slash command deprecated
+    (kept as an alias for recovery scenarios: tag already pushed, Release missing).\n-
+    pk-doctor gains a 6th check category `release_integrity`. Depends on `gh` CLI
+    being installed and authenticated in the local environment — INFO (not ERROR)
+    when unavailable.\n- v0.19.1 still ships this turn, now with the revised scope.
+    The v0.19.1 Release itself will be created via the new single-flow command, dogfooding
+    the prevention mechanism.\n- `DEC-20260422_0926-MerryArch` transitions to `superseded`
+    with a pointer to this DEC.'
+  related_workitems:
+  - BACK-20260422_0925-MightyOtter-v0-19-1-release
+  decided_at: '2026-04-22T13:48:39+00:00'
+  supersedes: DEC-20260422_0926-MerryArch-auto-create-github-releases
+---
@@ -0,0 +1,15 @@
+---
+apiVersion: processkit.projectious.work/v1
+kind: LogEntry
+metadata:
+  id: LOG-20260422_0925-StoutThorn-workitem-created
+  created: '2026-04-22T09:25:57+00:00'
+spec:
+  event_type: workitem.created
+  timestamp: '2026-04-22T09:25:57+00:00'
+  summary: 'Created WorkItem ''BACK-20260422_0925-MightyOtter-v0-19-1-release'': ''v0.19.1
+    — release automation workflow + release-semver SKILL.md tightening'''
+  subject: BACK-20260422_0925-MightyOtter-v0-19-1-release
+  subject_kind: WorkItem
+  actor: BACK-20260422_0925-MightyOtter-v0-19-1-release
+---
@@ -0,0 +1,15 @@
+---
+apiVersion: processkit.projectious.work/v1
+kind: LogEntry
+metadata:
+  id: LOG-20260422_0926-SmartAnt-workitem-transitioned
+  created: '2026-04-22T09:26:25+00:00'
+spec:
+  event_type: workitem.transitioned
+  timestamp: '2026-04-22T09:26:25+00:00'
+  summary: Transitioned WorkItem 'BACK-20260422_0925-MightyOtter-v0-19-1-release'
+    from 'backlog' to 'in-progress'
+  subject: BACK-20260422_0925-MightyOtter-v0-19-1-release
+  subject_kind: WorkItem
+  actor: BACK-20260422_0925-MightyOtter-v0-19-1-release
+---
@@ -0,0 +1,16 @@
+---
+apiVersion: processkit.projectious.work/v1
+kind: LogEntry
+metadata:
+  id: LOG-20260422_0926-SpryBird-decision-created
+  created: '2026-04-22T09:26:42+00:00'
+spec:
+  event_type: decision.created
+  timestamp: '2026-04-22T09:26:42+00:00'
+  summary: 'Created DecisionRecord ''DEC-20260422_0926-MerryArch-auto-create-github-releases'':
+    ''Auto-create GitHub Releases via tag-push workflow; mirror to src/ for downstream
+    projects'''
+  subject: DEC-20260422_0926-MerryArch-auto-create-github-releases
+  subject_kind: DecisionRecord
+  actor: DEC-20260422_0926-MerryArch-auto-create-github-releases
+---
@@ -0,0 +1,16 @@
+---
+apiVersion: processkit.projectious.work/v1
+kind: LogEntry
+metadata:
+  id: LOG-20260422_1348-QuickFalcon-decision-created
+  created: '2026-04-22T13:48:39+00:00'
+spec:
+  event_type: decision.created
+  timestamp: '2026-04-22T13:48:39+00:00'
+  summary: 'Created DecisionRecord ''DEC-20260422_1348-SnowyWolf-local-only-release-bulletproofing'':
+    ''Local-only release bulletproofing: single-turn release-semver flow + pk-doctor
+    release_integrity check (no CI workflows)'''
+  subject: DEC-20260422_1348-SnowyWolf-local-only-release-bulletproofing
+  subject_kind: DecisionRecord
+  actor: DEC-20260422_1348-SnowyWolf-local-only-release-bulletproofing
+---
@@ -0,0 +1,15 @@
+---
+apiVersion: processkit.projectious.work/v1
+kind: LogEntry
+metadata:
+  id: LOG-20260422_1354-StrongGrove-decision-superseded
+  created: '2026-04-22T13:54:52+00:00'
+spec:
+  event_type: decision.superseded
+  timestamp: '2026-04-22T13:54:52+00:00'
+  summary: DecisionRecord 'DEC-20260422_0926-MerryArch-auto-create-github-releases'
+    superseded by 'DEC-20260422_1348-SnowyWolf-local-only-release-bulletproofing'
+  subject: DEC-20260422_0926-MerryArch-auto-create-github-releases
+  subject_kind: DecisionRecord
+  actor: DEC-20260422_0926-MerryArch-auto-create-github-releases
+---
@@ -56,13 +56,61 @@ Group entries under **Added**, **Changed**, **Fixed**, and
 prominently — call them out in their own section if a major bump
 is involved.
 
-### Bump, commit, tag, publish
-
-Update the version in every relevant file (`Cargo.toml`,
-`pyproject.toml`, `package.json`, lockfiles). Commit with a message
-like `chore: bump version to vX.Y.Z`. Tag the commit `vX.Y.Z`.
-Publish according to the project's distribution channel
-(crates.io, PyPI, npm, GitHub Releases, container registry, etc.).
+### The release flow (single turn, bulletproof)
+
+A release is **one continuous sequence** — you do not stop halfway.
+`/pk-release vX.Y.Z` runs every step below in order, in the same
+turn, and is not considered done until the final verification
+passes. See DEC-20260422_1348-SnowyWolf.
+
+1. **Bump version** in every relevant file (`aibox.lock`,
+   `Cargo.toml`, `pyproject.toml`, `package.json`, lockfiles).
+2. **Finalize CHANGELOG** — rename the `[vX.Y.Z-candidate]` section
+   to `[vX.Y.Z] — YYYY-MM-DD`; ensure Added/Changed/Fixed/Removed
+   grouping; call out breaking changes if a major bump.
+3. **Regenerate provenance / transitive artifacts** — for processkit,
+   `scripts/stamp-provenance.sh vX.Y.Z`.
+4. **Commit** the bump with message `chore(release): bump to vX.Y.Z`.
+5. **Tag** the commit: `git tag -a vX.Y.Z -m "<tag summary>"`.
+6. **Push** branch then tag: `git push origin main && git push origin vX.Y.Z`.
+   A tag push alone does **not** create a GitHub Release — it is a
+   git ref, not a distribution-channel artifact.
+7. **Create the GitHub Release** with notes extracted from the
+   CHANGELOG. The single canonical command:
+   ```bash
+   gh release create vX.Y.Z \
+     --repo <org>/<repo> \
+     --title "vX.Y.Z — <one-line summary>" \
+     --notes-file <(awk -v v=X.Y.Z '
+       $0 ~ "^## \\[v" v "\\]"   { f=1; next }
+       f && /^## \[/              { f=0 }
+       f
+     ' CHANGELOG.md) \
+     --latest
+   ```
+8. **Verify** the Release is live. This is the release's
+   completion gate:
+   ```bash
+   gh release view vX.Y.Z --repo <org>/<repo>
+   ```
+   If this exits non-zero, the release is **incomplete** — return
+   to step 7. Do not report the release as done until step 8
+   succeeds.
+9. **Other channels** (crates.io, PyPI, npm, container registry,
+   homebrew tap, etc.) — run after step 8 so the GitHub Release
+   remains the canonical artifact pointer.
+
+**Recovery pattern** — if a tag was pushed in a prior session
+without the Release, run `gh release create` and `gh release view`
+for that tag directly; `/pk-publish` exists as an alias for this
+recovery scenario.
+
+**pk-doctor `release_integrity` check (detection layer)** — walks
+every local `v*` git tag, probes GitHub for a matching Release, and
+WARNs on any tag without one. Run `/pk-doctor --category=release_integrity`
+after a release to confirm; run `/pk-doctor` routinely to catch any
+historical gap. Requires `gh` CLI + auth; emits INFO when `gh` is
+unavailable.
 
 ### Example
 
@@ -84,6 +132,8 @@ Agent-specific failure modes — provider-neutral pause-and-self-check items:
 - **Publishing from a developer machine without a clean checkout.** Uncommitted local changes — WIP files, debug flags, `console.log` statements — may sneak into the artifact. Publish from CI with a clean checkout or from a fresh clone.
 - **Re-tagging a published version to fix a mistake.** Package registries (crates.io, PyPI, npm) prohibit or block re-publishing to an existing version. Cut a new patch version (e.g. `1.2.1`) to fix a mistake in `1.2.0`; never overwrite a tag.
 - **Pre-1.0 projects that promise stability they cannot keep.** If the API is still moving, stay below 1.0 and say so. Cutting `1.0.0` too early creates a compatibility obligation that slows future improvements.
+- **Treating `git push --tags` as "the release is out."** Pushing a tag creates a git ref; it does **not** create a GitHub Release, a crates.io release, a PyPI release, or any other distribution-channel artifact. Downstream consumers (package managers, `gh api`, the Releases page, auto-sync tools like aibox) read from the channel, not the tag. Until `gh release create` (or the equivalent channel publish command) has run, the release is not visible. The flow above bakes this in: the release is not complete until step 8 (`gh release view`) succeeds. See DEC-20260422_1348-SnowyWolf.
+- **Stopping after `/pk-release` prepare-like work.** In an older split where `/pk-release` prepared and `/pk-publish` published, it was easy to do only half. The current flow is single-turn: /pk-release runs every step through GitHub-Release verification. /pk-publish remains only as a recovery alias for historical tags without Releases.
 
 ## Full reference