Skip to content

Releases: EffortlessMetrics/ripr

ripr v0.10.0

Choose a tag to compare

@github-actions github-actions released this 15 Jun 17:26
c08d474
Merge pull request #1439 from EffortlessMetrics/release/0.10.0-swarm-…

ripr v0.9.0

Choose a tag to compare

@github-actions github-actions released this 11 Jun 01:09
9307dbe
ripr 0.9.0 — multi-language evidence-to-repair preview

ripr v0.8.0

Choose a tag to compare

@github-actions github-actions released this 02 Jun 22:03
cde9c9a

0.8.0 - Evidence-to-repair foundation

Release date: 2026-06-02.

RIPR 0.8.0 makes the Lane 1 evidence-to-repair foundation release-ready. The
main change is not that RIPR finds more things; it is that RIPR is more careful
about what it calls actionable. Public repair packets now require a bounded
proof, receipt, and edit contract, while unsupported findings remain named
limitations with analyzer routes.

This release syncs release-intended ripr-swarm work back into source ripr
with a history-preserving merge commit. Source ripr remains the release,
publishing, signing, marketplace, badge, and distribution authority.
ripr-swarm remains the development trunk after the release branch.

Release themes

  • Evidence-to-repair trust loop.
  • Explicit full/limited runtime status.
  • Strict public actionability projection.
  • Fail-closed repair packet readiness.
  • Static limitation routes as analyzer backlog.
  • Attempt, readiness, and route-quality foundations.
  • Cache and report operability.
  • Source/swarm release boundary cleanup.

Added

Runtime completeness

  • Added explicit runtime status across Lane 1 JSON and Markdown reports so
    report consumers can distinguish full runs from limited inputs.
  • Added named limited states for timeout, runner failure, large-cache skip,
    incomplete input, malformed input, stale input, and warning cases.
  • Added downstream_consumable status so partial reports cannot masquerade as
    full run output.
  • Added runtime-status sections to human-facing Markdown reports, including the
    Lane 1 audit, actionable gaps, swarm plan, readiness, scorecard, and trend
    reports.

Cache and report operability

  • Added cargo xtask cache report for inspecting target/ripr/cache growth.
  • Added cargo xtask cache gc --dry-run with bounded defaults for maximum
    cache size and TTL.
  • Added cache-GC safeguards so cleanup only targets RIPR analysis cache and
    does not remove reports, receipts, source files, workflow artifacts, build
    output, or PR/review packets.
  • Added release and CI cleanup paths for RIPR analysis cache where reports are
    generated or artifacts are uploaded.

Actionability and repair packets

  • Added stricter public projection rules for actionable gaps.
  • Added stable projection exclusion reasons for packets missing safe handoff
    fields.
  • Added allowed_edit_surface as part of the delegated repair contract.
  • Added fail-closed routing for packets missing gap_state = actionable,
    verify_command, receipt_command, must_not_change, allowed_edit_surface,
    confidence, target shape, related context, repair route, or raw_evidence_refs.
  • Added stronger separation between internal/actionable audit packets and
    public or swarm-ready packets.

Readiness and blocked-state routing

  • Added readiness blocked-state routes for missing context, static limitations,
    public projection exclusions, field-level handoff blockers, and
    operator-judgment blockers.
  • Added readiness counts and examples for the dominant blockers that prevent a
    packet from becoming swarm-ready.
  • Added top_next_action as a stable first-action projection for thin
    consumers.
  • Added top_limitation_routes so analyzer backlog remains visible even when
    no public repair packet is safe.

Static limitation routing

  • Added named analyzer routes for previously vague static limitations.
  • Added route splits for affinity-only owner-call absence.
  • Added route splits for iterator-derived boundary operands versus local or
    computed boundary operands.
  • Added limitation-backlog semantics so non-actionable evidence still gives
    maintainers a next analyzer move without becoming user repair work.

Attempt and outcome foundations

  • Added or hardened cargo xtask ripr-swarm attempt-ledger.
  • Added attempt-history visibility in readiness.
  • Added outcome categories for improved, unchanged, regressed, resolved,
    missing-receipt, attempted-without-receipt, expected-unchanged, and orphan
    receipt states.
  • Added repair-route quality surfaces where attempt evidence exists.

User-surface alignment

  • Added stronger alignment between reports, readiness, LSP actions, badge
    inputs, PR summaries, and CI/advisory surfaces.
  • Added LSP behavior that consumes bounded repair-card data rather than
    inventing repair actions from raw findings.
  • Added guardrails so public surfaces consume canonical actionability state
    rather than raw findings or sampled report fragments.

Changed

  • Public actionability now requires gap_state = actionable.
  • Non-actionable but repair-shaped packets now fail closed instead of becoming
    public repair work.
  • Static limitations now remain named limitations or analyzer backlog until
    RIPR can provide a safe bounded repair route.
  • Readiness now explains why packets are blocked instead of only reporting
    aggregate blocked counts.
  • Markdown reports now preserve the same runtime-completeness story as JSON.
  • Repair packet projection now prefers existing module or ancestor test files
    when available instead of inventing broad fallback paths.
  • Rust call-presence and related-test evidence handles more helper shapes,
    including same-file helper-owner chains, imported production helper wrappers,
    negated condition helpers, eager wrapper calls such as extend, and
    unwrap_or_default helper paths.
  • Rust match-arm and predicate routing is narrower for generic or
    value-insensitive shapes, reducing false-actionable risk without claiming
    runtime mutation outcomes.
  • Preview Python, TypeScript, and JavaScript surfaces continue to report
    advisory/static-limit information without promotion to stable gate authority.

Fixed

  • Fixed cases where incomplete or stale packet artifacts could lose field-level
    blocker information.
  • Fixed missing target-shape routing for actionable packets.
  • Fixed missing allowed-edit-surface routing.
  • Fixed missing raw-evidence reference routing.
  • Fixed public projection leakage for unresolved or non-actionable gap states.
  • Fixed Windows-sensitive xtask timeout validation needed for release gates.
  • Fixed cache command catalog and policy metadata for the new cache commands.
  • Fixed several documentation/schema mismatches around Lane 1 output contracts.

Documentation and schema

  • Updated docs/OUTPUT_SCHEMA.md for runtime status, repair packet projection,
    readiness, blocked-state routes, limitation routes, and attempt/outcome
    surfaces.
  • Updated Lane 1 specs for canonical actionability, public projection, external
    agent handoff, repair-loop readiness, and surface translation.
  • Updated capability and traceability metadata for new report contracts,
    validation fixtures, and release proof commands.
  • Added release-freeze handoff expectations for source ripr and development
    ripr-swarm.

Validation

0.8.0 release validation is expected to include:

  • cargo fmt --check
  • cargo test --workspace
  • cargo clippy --workspace --all-targets -- -D warnings
  • cargo check --workspace --all-targets
  • cargo xtask check-pr
  • cargo xtask check-output-contracts
  • cargo xtask check-static-language
  • cargo xtask check-traceability
  • cargo xtask check-capabilities
  • cargo xtask check-doc-index
  • cargo xtask markdown-links
  • cargo xtask cache report
  • cargo xtask lane1-evidence-audit
  • cargo xtask actionable-gaps
  • cargo xtask ripr-swarm plan --top 10
  • cargo xtask ripr-swarm readiness
  • cargo xtask ripr-swarm attempt-ledger
  • cargo xtask evidence-quality-scorecard
  • cargo xtask evidence-quality-trend
  • cargo xtask receipts check
  • cargo package -p ripr --locked
  • cargo publish -p ripr --dry-run --locked

The source release candidate was also checked with package and editor proof:
cargo package -p ripr --list, npm --prefix editors/vscode ci,
npm --prefix editors/vscode run compile, and
npm --prefix editors/vscode run test:e2e.

Known limitations

  • Some Lane 1 runs may still be limited or sampled; limited runs must say so
    explicitly.
  • A high static-limitation count is expected where RIPR refuses to invent
    unsafe repair packets.
  • 0 actionable can be correct when no packet satisfies the full actionability
    contract.
  • Limitation backlog routes are analyzer work, not user repair tasks.
  • Advisory infrastructure checks may still fail independently of required
    release gates.
  • Preview-language evidence remains advisory unless a later release explicitly
    promotes it.

Non-claims

RIPR 0.8.0 does not claim:

  • autonomous code editing;
  • provider integration;
  • mutation execution;
  • generated tests;
  • default blocking CI gate semantics;
  • default public badge semantic changes;
  • complete full-repo analysis in every local environment;
  • that limited or sampled reports are full runs;
  • that every static signal is actionable;
  • that static limitations are repair packets;
  • that badge, LSP, PR, or CI surfaces should count raw findings as product
    truth;
  • killed/survived mutation status, coverage adequacy, or correctness proof.

Upgrade notes

  • Consumers of Lane 1 JSON should expect new runtime-status, readiness,
    blocked-state, projection-exclusion, limitation-route, and attempt/outcome
    fields.
  • Consumers should treat raw findings as diagnostic input, not public
    actionability.
  • Public packet consumers should require gap_state = actionable plus complete
    repair packet fields, including verify_command, receipt_command,
    must_not_change, allowed_edit_surface, and raw_evidence_refs.
  • Limited reports should not be treated as full runs unless
    downstream_consumable explicitly allows downstream use.
  • Public badge, LSP, PR, and CI consumers should use canonical actionability
    and runtime-status projections rather than recomputing actionability from raw
    report rows.

ripr 0.7.0

Choose a tag to compare

@github-actions github-actions released this 20 May 23:45
ea629a9

RIPR 0.7.0: actionable static repair loop

RIPR 0.7.0 turns existing static evidence into a bounded repair workflow:

existing evidence -> actionable gap packet -> ranked swarm plan -> dry-run repair context -> focused external edit -> verify command -> receipt command -> actionable-gap outcome -> next packet or no-action

Highlights

  • Adds actionable-gap packet output for canonical repair candidates.
  • Adds cargo xtask ripr-swarm plan --top <n> to rank existing packets into swarm-ready, blocked, and missing-context buckets.
  • Adds dry-run repair attempt context for human or external coding-agent work without editing source.
  • Adds actionable-gap outcome reporting to join packets with verify/receipt evidence.
  • Hardens evidence-health and Lane 1 audit timeout handling so expensive live paths fail closed with warning artifacts instead of stale proof.
  • Ships the 0.7.0 crate, server binaries, VSIX, VS Code Marketplace package, and Open VSX package from source ripr release authority.

Boundaries

0.7.0 does not ship autonomous repair, generated tests, provider/model calls, runtime mutation execution, runtime or coverage adequacy claims, default blocking gates, or public badge semantic changes. The full current ripr-swarm live audit timeout remains an accepted limitation; the release does not claim a completed live current-repo repair selection.

Artifacts

  • crates.io: ripr 0.7.0
  • GitHub Release server manifest and per-target server archives
  • GitHub Release VSIX: ripr-0.7.0.vsix
  • VS Code Marketplace: EffortlessMetrics.ripr 0.7.0
  • Open VSX: EffortlessMetrics.ripr 0.7.0

ripr 0.6.0

Choose a tag to compare

@github-actions github-actions released this 18 May 07:50
fd4d9cb

ripr 0.6.0 makes static test-gap evidence easier to trust, easier to operate,
and easier to act on across CLI, CI, editor, and agent workflows.

Trustworthy Evidence

  • Canonical evidence items now separate the actionable repair unit from raw
    supporting findings.
  • Repair routes, verify commands, named static limitations, and actionability
    are explicit in the review path.
  • Rust remains the stable evidence path. Same-test struct literal field values
    are now recognized for one fixture-backed activation-value shape.

First-Run Repair Loop

  • ripr first-pr / ripr start-here provides a public start-here packet for a
    first useful PR review.
  • Generated CI starts with the start-here packet and recommended next test.
  • Agent packets and receipts give bounded work instructions without editing
    source or generating tests.

Editor And CI Guidance

  • VS Code surfaces first-run status, current repair actions, packet opening,
    copyable guidance, and stale/unsafe packet suppression.
  • Generated CI uploads the reviewer-facing artifacts and policy packets as
    advisory reports.

Repo-Ops Cockpit For Agentic Work

  • Repo-local cockpit, PR-ready, command mutability, PR triage, merge-watch
    policy, receipts, and generated-evidence checks make high-volume PR work
    easier to review.
  • Badge endpoint JSON remains generated evidence, not hand-authored copy.

Preview Language Visibility

  • TypeScript/JavaScript and Python preview evidence is visible and useful.
  • Preview-language evidence remains advisory/non-gating by default and is not
    calibrated confidence, RIPR Zero blocking debt, or runtime proof.

Release And Install Proof

  • The release includes the ripr crate, the VSIX, a server manifest,
    checksums, and server archives for Windows, macOS, and Linux targets.
  • Post-publish smoke should verify ripr --version and
    ripr first-pr --help.

Boundaries And Known Limits

ripr is static mutation-exposure guidance. Mutation testing remains the runtime
backstop. ripr does not run mutation tests, prove coverage adequacy or
correctness, generate tests, call providers, edit source, adopt baselines,
create suppressions, enable default CI blocking, or promote preview languages
to gate authority.

Known accepted warnings for 0.6.0:

  • The release-readiness report has an accepted advisory repo-exposure latency
    warning.
  • The VS Code dependency tree has two accepted high-severity npm audit findings
    to handle in a later dependency lane.
  • The VSIX package has the existing vsce file-count/bundling warning.

ripr v0.5.0

Choose a tag to compare

@github-actions github-actions released this 10 May 21:21
32a7ade

ripr 0.5.0

ripr 0.5.0 is the review-surface release. It moves RIPR from a collection of static evidence reports into a coordinated advisory workflow for developers, reviewers, CI, editors, and coding agents.

The release keeps the core boundary intact: RIPR does not run mutation testing, does not call LLM providers, does not generate tests, does not edit source, and does not make default CI blocking decisions. It produces static, reviewable evidence and explicit next-action packets.

Highlights

Evidence spine and identity

  • Added a shared evidence_record projection for seam-native evidence.
  • Added canonical gap identity so behavioral gaps can stay stable across line movement and report surfaces.
  • Routed baseline ledgers, RIPR Zero status, assistant proof, movement, and gate/baseline comparison through the shared evidence identity where available.
  • Improved related-test ranking, oracle semantics, local delta flow, activation/value modeling, and static/runtime confidence labels.

RIPR Zero adoption

  • Added baseline creation, baseline diff, and shrink-only baseline update.
  • Added baseline-debt-delta artifacts for generated CI.
  • Added RIPR Zero status/reporting surfaces.
  • Kept baselines as debt ledgers, not suppressions.
  • Preserved explicit waiver/suppression/gate boundaries.

Agent and reviewer workflow

  • Added agent working-set brief / packet / verify / receipt flows.
  • Added test-oracle assistant proof reports.
  • Added first useful action reports.
  • Added assistant-loop health reports.
  • Added PR review front panel reports.
  • Added report packet index.
  • Added optional PR inline comment publisher with read-only publish plans, capped/deduped same-repo changed-line posting, and default-off behavior.

Editor evidence UX

  • Hardened saved-workspace diagnostics, hovers, status output, and intent-titled code actions.
  • Added first-useful-action status and hover projection from existing workspace-matched reports.
  • Added ripr.collectEvidenceContext handoff support.
  • Added and hardened VS Code/LSP workflow fixtures and e2e coverage.

CI, policy, and release hygiene

  • Raised MSRV to Rust 1.95.
  • Promoted clean Rust 1.94/1.95 Clippy ratchets.
  • Added no-panic allowlist hardening and proposal tooling.
  • Added CI/review surfaces for report packets, first useful action, assistant-loop health, front panel, and optional inline comments.

Install

cargo install ripr --version 0.5.0 --locked
ripr doctor

VS Code and Open VSX users can install EffortlessMetrics.ripr from either marketplace; the extension downloads the matching ripr server binary from this GitHub Release on first activation.

Verification

The release-prep PR validated:

  • cargo fmt --check
  • cargo check --workspace --all-targets
  • cargo test --workspace
  • cargo clippy --workspace --all-targets -- -D warnings
  • cargo doc --workspace --no-deps
  • cargo package -p ripr --list
  • cargo publish -p ripr --dry-run
  • cargo xtask release-readiness --version 0.5.0
  • cargo xtask check-pr
  • output-contract, static-language, workflow, doc-index, traceability, spec-format, fixture-contract, and campaign checks

Boundaries

RIPR 0.5.0 remains advisory by default. It does not claim runtime adequacy, does not replace mutation testing, and does not publish inline comments unless explicitly configured.

ripr v0.4.0

Choose a tag to compare

@github-actions github-actions released this 07 May 15:48
697ddd5
docs: update marketplace 0.4 release notes

docs: update marketplace 0.4 release notes

ripr 0.3.1

Choose a tag to compare

@github-actions github-actions released this 07 May 03:15
34fd3eb

ripr 0.3.1

Defaults-first adoption release.

This is the first public release line that includes the installed ripr pilot -> focused test -> ripr outcome workflow. ripr init now records repo policy, but useful conservative defaults work without a ripr.toml.

Highlights

  • Adds public first-run proof commands: ripr pilot, ripr outcome, and advisory ripr calibrate cargo-mutants.
  • Keeps CI/SARIF and calibration advisory by default.
  • Enables bounded saved-workspace LSP seam diagnostics through the default policy surface.
  • Ships VS Code VSIX plus cross-platform ripr server archives, manifest, and checksums.

Verified

  • cargo install ripr --version 0.3.1 --locked succeeds from crates.io.
  • Installed ripr 0.3.1 runs doctor, zero-config pilot, outcome, SARIF, badge JSON, calibration import, and advisory CI init dry-run.
  • Windows server release archive checksum matches the manifest and runs ripr --version, ripr lsp --version, pilot, and outcome.

ripr v0.3.0

Choose a tag to compare

@github-actions github-actions released this 02 May 17:12
af99683

Highlights

  • Added the syntax-backed analyzer foundation: parser-backed facts, stable owner symbols, and parser-backed predicate, return, error, field, match, side-effect, and call-change probes.
  • Added Evidence Quality foundations: unknown findings now carry explicit stop reasons, and oracle kind/strength is probe-relative.
  • Migrated the LSP sidecar to tower-lsp-server with typed async handlers, stateful diagnostics, stable diagnostic metadata, related test information, diagnostic-targeted context actions, and diagnostic hover details.
  • Added review and release automation including report/receipt plumbing, golden drift summaries, critic/local-context/allow-attribute checks, supply-chain checks, coverage, Dependency Review, Dependabot, Node 24 workflow/runtime updates, and Open VSX publishing through OVSX_PAT.

Compatibility

  • Rust baseline: 1.93.
  • VS Code engine remains ^1.90.0.
  • Extension server provisioning now resolves the 0.3.0 GitHub Release manifest.

Assets

This release includes the universal VSIX, server archives for Windows/Linux/macOS targets, SHA-256 sidecars, checksums.txt, and the server manifest used by the editor extension.

ripr 0.2.0

Choose a tag to compare

@github-actions github-actions released this 01 May 14:01
70c2a0f

ripr 0.2.0

This release adds the self-provisioning editor distribution path.

Highlights:

  • ripr lsp --stdio and ripr lsp --version
  • VS Code/Open VSX extension server resolution:
    ripr.server.path -> bundled -> cached download -> verified first-run download -> PATH -> actionable error
  • GitHub Release server archives for Windows x64, Linux x64/arm64 GNU, and macOS x64/arm64
  • SHA-256 manifest used by the extension downloader
  • Universal VSIX attached as ripr-0.2.0.vsix

Published:

  • crates.io: ripr 0.2.0
  • GitHub Release server assets and manifest
  • Open VSX publish workflow completed successfully

Known release issue:

  • VS Marketplace publish is still blocked by PAT authorization: TF400813. Replace/fix VS_MARKETPLACE_TOKEN, then rerun Publish VSCode Extension for version 0.2.0.