Releases: EffortlessMetrics/ripr
Release list
ripr v0.10.0
Merge pull request #1439 from EffortlessMetrics/release/0.10.0-swarm-…
ripr v0.9.0
ripr 0.9.0 — multi-language evidence-to-repair preview
ripr v0.8.0
0.8.0 - Evidence-to-repair foundation
Release date: 2026-06-02.
RIPR 0.8.0 makes the Lane 1 evidence-to-repair foundation release-ready. The
main change is not that RIPR finds more things; it is that RIPR is more careful
about what it calls actionable. Public repair packets now require a bounded
proof, receipt, and edit contract, while unsupported findings remain named
limitations with analyzer routes.
This release syncs release-intended ripr-swarm work back into source ripr
with a history-preserving merge commit. Source ripr remains the release,
publishing, signing, marketplace, badge, and distribution authority.
ripr-swarm remains the development trunk after the release branch.
Release themes
- Evidence-to-repair trust loop.
- Explicit full/limited runtime status.
- Strict public actionability projection.
- Fail-closed repair packet readiness.
- Static limitation routes as analyzer backlog.
- Attempt, readiness, and route-quality foundations.
- Cache and report operability.
- Source/swarm release boundary cleanup.
Added
Runtime completeness
- Added explicit runtime status across Lane 1 JSON and Markdown reports so
report consumers can distinguish full runs from limited inputs. - Added named limited states for timeout, runner failure, large-cache skip,
incomplete input, malformed input, stale input, and warning cases. - Added
downstream_consumablestatus so partial reports cannot masquerade as
full run output. - Added runtime-status sections to human-facing Markdown reports, including the
Lane 1 audit, actionable gaps, swarm plan, readiness, scorecard, and trend
reports.
Cache and report operability
- Added
cargo xtask cache reportfor inspectingtarget/ripr/cachegrowth. - Added
cargo xtask cache gc --dry-runwith bounded defaults for maximum
cache size and TTL. - Added cache-GC safeguards so cleanup only targets RIPR analysis cache and
does not remove reports, receipts, source files, workflow artifacts, build
output, or PR/review packets. - Added release and CI cleanup paths for RIPR analysis cache where reports are
generated or artifacts are uploaded.
Actionability and repair packets
- Added stricter public projection rules for actionable gaps.
- Added stable projection exclusion reasons for packets missing safe handoff
fields. - Added
allowed_edit_surfaceas part of the delegated repair contract. - Added fail-closed routing for packets missing
gap_state = actionable,
verify_command,receipt_command,must_not_change,allowed_edit_surface,
confidence, target shape, related context, repair route, orraw_evidence_refs. - Added stronger separation between internal/actionable audit packets and
public or swarm-ready packets.
Readiness and blocked-state routing
- Added readiness blocked-state routes for missing context, static limitations,
public projection exclusions, field-level handoff blockers, and
operator-judgment blockers. - Added readiness counts and examples for the dominant blockers that prevent a
packet from becoming swarm-ready. - Added
top_next_actionas a stable first-action projection for thin
consumers. - Added
top_limitation_routesso analyzer backlog remains visible even when
no public repair packet is safe.
Static limitation routing
- Added named analyzer routes for previously vague static limitations.
- Added route splits for affinity-only owner-call absence.
- Added route splits for iterator-derived boundary operands versus local or
computed boundary operands. - Added limitation-backlog semantics so non-actionable evidence still gives
maintainers a next analyzer move without becoming user repair work.
Attempt and outcome foundations
- Added or hardened
cargo xtask ripr-swarm attempt-ledger. - Added attempt-history visibility in readiness.
- Added outcome categories for improved, unchanged, regressed, resolved,
missing-receipt, attempted-without-receipt, expected-unchanged, and orphan
receipt states. - Added repair-route quality surfaces where attempt evidence exists.
User-surface alignment
- Added stronger alignment between reports, readiness, LSP actions, badge
inputs, PR summaries, and CI/advisory surfaces. - Added LSP behavior that consumes bounded repair-card data rather than
inventing repair actions from raw findings. - Added guardrails so public surfaces consume canonical actionability state
rather than raw findings or sampled report fragments.
Changed
- Public actionability now requires
gap_state = actionable. - Non-actionable but repair-shaped packets now fail closed instead of becoming
public repair work. - Static limitations now remain named limitations or analyzer backlog until
RIPR can provide a safe bounded repair route. - Readiness now explains why packets are blocked instead of only reporting
aggregate blocked counts. - Markdown reports now preserve the same runtime-completeness story as JSON.
- Repair packet projection now prefers existing module or ancestor test files
when available instead of inventing broad fallback paths. - Rust call-presence and related-test evidence handles more helper shapes,
including same-file helper-owner chains, imported production helper wrappers,
negated condition helpers, eager wrapper calls such asextend, and
unwrap_or_defaulthelper paths. - Rust match-arm and predicate routing is narrower for generic or
value-insensitive shapes, reducing false-actionable risk without claiming
runtime mutation outcomes. - Preview Python, TypeScript, and JavaScript surfaces continue to report
advisory/static-limit information without promotion to stable gate authority.
Fixed
- Fixed cases where incomplete or stale packet artifacts could lose field-level
blocker information. - Fixed missing target-shape routing for actionable packets.
- Fixed missing allowed-edit-surface routing.
- Fixed missing raw-evidence reference routing.
- Fixed public projection leakage for unresolved or non-actionable gap states.
- Fixed Windows-sensitive xtask timeout validation needed for release gates.
- Fixed cache command catalog and policy metadata for the new cache commands.
- Fixed several documentation/schema mismatches around Lane 1 output contracts.
Documentation and schema
- Updated
docs/OUTPUT_SCHEMA.mdfor runtime status, repair packet projection,
readiness, blocked-state routes, limitation routes, and attempt/outcome
surfaces. - Updated Lane 1 specs for canonical actionability, public projection, external
agent handoff, repair-loop readiness, and surface translation. - Updated capability and traceability metadata for new report contracts,
validation fixtures, and release proof commands. - Added release-freeze handoff expectations for source
riprand development
ripr-swarm.
Validation
0.8.0 release validation is expected to include:
cargo fmt --checkcargo test --workspacecargo clippy --workspace --all-targets -- -D warningscargo check --workspace --all-targetscargo xtask check-prcargo xtask check-output-contractscargo xtask check-static-languagecargo xtask check-traceabilitycargo xtask check-capabilitiescargo xtask check-doc-indexcargo xtask markdown-linkscargo xtask cache reportcargo xtask lane1-evidence-auditcargo xtask actionable-gapscargo xtask ripr-swarm plan --top 10cargo xtask ripr-swarm readinesscargo xtask ripr-swarm attempt-ledgercargo xtask evidence-quality-scorecardcargo xtask evidence-quality-trendcargo xtask receipts checkcargo package -p ripr --lockedcargo publish -p ripr --dry-run --locked
The source release candidate was also checked with package and editor proof:
cargo package -p ripr --list, npm --prefix editors/vscode ci,
npm --prefix editors/vscode run compile, and
npm --prefix editors/vscode run test:e2e.
Known limitations
- Some Lane 1 runs may still be limited or sampled; limited runs must say so
explicitly. - A high static-limitation count is expected where RIPR refuses to invent
unsafe repair packets. 0 actionablecan be correct when no packet satisfies the full actionability
contract.- Limitation backlog routes are analyzer work, not user repair tasks.
- Advisory infrastructure checks may still fail independently of required
release gates. - Preview-language evidence remains advisory unless a later release explicitly
promotes it.
Non-claims
RIPR 0.8.0 does not claim:
- autonomous code editing;
- provider integration;
- mutation execution;
- generated tests;
- default blocking CI gate semantics;
- default public badge semantic changes;
- complete full-repo analysis in every local environment;
- that limited or sampled reports are full runs;
- that every static signal is actionable;
- that static limitations are repair packets;
- that badge, LSP, PR, or CI surfaces should count raw findings as product
truth; - killed/survived mutation status, coverage adequacy, or correctness proof.
Upgrade notes
- Consumers of Lane 1 JSON should expect new runtime-status, readiness,
blocked-state, projection-exclusion, limitation-route, and attempt/outcome
fields. - Consumers should treat raw findings as diagnostic input, not public
actionability. - Public packet consumers should require
gap_state = actionableplus complete
repair packet fields, includingverify_command,receipt_command,
must_not_change,allowed_edit_surface, andraw_evidence_refs. - Limited reports should not be treated as full runs unless
downstream_consumableexplicitly allows downstream use. - Public badge, LSP, PR, and CI consumers should use canonical actionability
and runtime-status projections rather than recomputing actionability from raw
report rows.
ripr 0.7.0
RIPR 0.7.0: actionable static repair loop
RIPR 0.7.0 turns existing static evidence into a bounded repair workflow:
existing evidence -> actionable gap packet -> ranked swarm plan -> dry-run repair context -> focused external edit -> verify command -> receipt command -> actionable-gap outcome -> next packet or no-action
Highlights
- Adds actionable-gap packet output for canonical repair candidates.
- Adds
cargo xtask ripr-swarm plan --top <n>to rank existing packets into swarm-ready, blocked, and missing-context buckets. - Adds dry-run repair attempt context for human or external coding-agent work without editing source.
- Adds actionable-gap outcome reporting to join packets with verify/receipt evidence.
- Hardens evidence-health and Lane 1 audit timeout handling so expensive live paths fail closed with warning artifacts instead of stale proof.
- Ships the 0.7.0 crate, server binaries, VSIX, VS Code Marketplace package, and Open VSX package from source
riprrelease authority.
Boundaries
0.7.0 does not ship autonomous repair, generated tests, provider/model calls, runtime mutation execution, runtime or coverage adequacy claims, default blocking gates, or public badge semantic changes. The full current ripr-swarm live audit timeout remains an accepted limitation; the release does not claim a completed live current-repo repair selection.
Artifacts
- crates.io:
ripr 0.7.0 - GitHub Release server manifest and per-target server archives
- GitHub Release VSIX:
ripr-0.7.0.vsix - VS Code Marketplace:
EffortlessMetrics.ripr 0.7.0 - Open VSX:
EffortlessMetrics.ripr 0.7.0
ripr 0.6.0
ripr 0.6.0 makes static test-gap evidence easier to trust, easier to operate,
and easier to act on across CLI, CI, editor, and agent workflows.
Trustworthy Evidence
- Canonical evidence items now separate the actionable repair unit from raw
supporting findings. - Repair routes, verify commands, named static limitations, and actionability
are explicit in the review path. - Rust remains the stable evidence path. Same-test struct literal field values
are now recognized for one fixture-backed activation-value shape.
First-Run Repair Loop
ripr first-pr/ripr start-hereprovides a public start-here packet for a
first useful PR review.- Generated CI starts with the start-here packet and recommended next test.
- Agent packets and receipts give bounded work instructions without editing
source or generating tests.
Editor And CI Guidance
- VS Code surfaces first-run status, current repair actions, packet opening,
copyable guidance, and stale/unsafe packet suppression. - Generated CI uploads the reviewer-facing artifacts and policy packets as
advisory reports.
Repo-Ops Cockpit For Agentic Work
- Repo-local cockpit, PR-ready, command mutability, PR triage, merge-watch
policy, receipts, and generated-evidence checks make high-volume PR work
easier to review. - Badge endpoint JSON remains generated evidence, not hand-authored copy.
Preview Language Visibility
- TypeScript/JavaScript and Python preview evidence is visible and useful.
- Preview-language evidence remains advisory/non-gating by default and is not
calibrated confidence, RIPR Zero blocking debt, or runtime proof.
Release And Install Proof
- The release includes the
riprcrate, the VSIX, a server manifest,
checksums, and server archives for Windows, macOS, and Linux targets. - Post-publish smoke should verify
ripr --versionand
ripr first-pr --help.
Boundaries And Known Limits
ripr is static mutation-exposure guidance. Mutation testing remains the runtime
backstop. ripr does not run mutation tests, prove coverage adequacy or
correctness, generate tests, call providers, edit source, adopt baselines,
create suppressions, enable default CI blocking, or promote preview languages
to gate authority.
Known accepted warnings for 0.6.0:
- The release-readiness report has an accepted advisory repo-exposure latency
warning. - The VS Code dependency tree has two accepted high-severity npm audit findings
to handle in a later dependency lane. - The VSIX package has the existing
vscefile-count/bundling warning.
ripr v0.5.0
ripr 0.5.0
ripr 0.5.0 is the review-surface release. It moves RIPR from a collection of static evidence reports into a coordinated advisory workflow for developers, reviewers, CI, editors, and coding agents.
The release keeps the core boundary intact: RIPR does not run mutation testing, does not call LLM providers, does not generate tests, does not edit source, and does not make default CI blocking decisions. It produces static, reviewable evidence and explicit next-action packets.
Highlights
Evidence spine and identity
- Added a shared
evidence_recordprojection for seam-native evidence. - Added canonical gap identity so behavioral gaps can stay stable across line movement and report surfaces.
- Routed baseline ledgers, RIPR Zero status, assistant proof, movement, and gate/baseline comparison through the shared evidence identity where available.
- Improved related-test ranking, oracle semantics, local delta flow, activation/value modeling, and static/runtime confidence labels.
RIPR Zero adoption
- Added baseline creation, baseline diff, and shrink-only baseline update.
- Added baseline-debt-delta artifacts for generated CI.
- Added RIPR Zero status/reporting surfaces.
- Kept baselines as debt ledgers, not suppressions.
- Preserved explicit waiver/suppression/gate boundaries.
Agent and reviewer workflow
- Added agent working-set brief / packet / verify / receipt flows.
- Added test-oracle assistant proof reports.
- Added first useful action reports.
- Added assistant-loop health reports.
- Added PR review front panel reports.
- Added report packet index.
- Added optional PR inline comment publisher with read-only publish plans, capped/deduped same-repo changed-line posting, and default-off behavior.
Editor evidence UX
- Hardened saved-workspace diagnostics, hovers, status output, and intent-titled code actions.
- Added first-useful-action status and hover projection from existing workspace-matched reports.
- Added
ripr.collectEvidenceContexthandoff support. - Added and hardened VS Code/LSP workflow fixtures and e2e coverage.
CI, policy, and release hygiene
- Raised MSRV to Rust 1.95.
- Promoted clean Rust 1.94/1.95 Clippy ratchets.
- Added no-panic allowlist hardening and proposal tooling.
- Added CI/review surfaces for report packets, first useful action, assistant-loop health, front panel, and optional inline comments.
Install
cargo install ripr --version 0.5.0 --locked
ripr doctorVS Code and Open VSX users can install EffortlessMetrics.ripr from either marketplace; the extension downloads the matching ripr server binary from this GitHub Release on first activation.
Verification
The release-prep PR validated:
cargo fmt --checkcargo check --workspace --all-targetscargo test --workspacecargo clippy --workspace --all-targets -- -D warningscargo doc --workspace --no-depscargo package -p ripr --listcargo publish -p ripr --dry-runcargo xtask release-readiness --version 0.5.0cargo xtask check-pr- output-contract, static-language, workflow, doc-index, traceability, spec-format, fixture-contract, and campaign checks
Boundaries
RIPR 0.5.0 remains advisory by default. It does not claim runtime adequacy, does not replace mutation testing, and does not publish inline comments unless explicitly configured.
ripr v0.4.0
docs: update marketplace 0.4 release notes docs: update marketplace 0.4 release notes
ripr 0.3.1
ripr 0.3.1
Defaults-first adoption release.
This is the first public release line that includes the installed ripr pilot -> focused test -> ripr outcome workflow. ripr init now records repo policy, but useful conservative defaults work without a ripr.toml.
Highlights
- Adds public first-run proof commands:
ripr pilot,ripr outcome, and advisoryripr calibrate cargo-mutants. - Keeps CI/SARIF and calibration advisory by default.
- Enables bounded saved-workspace LSP seam diagnostics through the default policy surface.
- Ships VS Code VSIX plus cross-platform
riprserver archives, manifest, and checksums.
Verified
cargo install ripr --version 0.3.1 --lockedsucceeds from crates.io.- Installed
ripr 0.3.1runsdoctor, zero-configpilot,outcome, SARIF, badge JSON, calibration import, and advisory CI init dry-run. - Windows server release archive checksum matches the manifest and runs
ripr --version,ripr lsp --version,pilot, andoutcome.
ripr v0.3.0
Highlights
- Added the syntax-backed analyzer foundation: parser-backed facts, stable owner symbols, and parser-backed predicate, return, error, field, match, side-effect, and call-change probes.
- Added Evidence Quality foundations: unknown findings now carry explicit stop reasons, and oracle kind/strength is probe-relative.
- Migrated the LSP sidecar to
tower-lsp-serverwith typed async handlers, stateful diagnostics, stable diagnostic metadata, related test information, diagnostic-targeted context actions, and diagnostic hover details. - Added review and release automation including report/receipt plumbing, golden drift summaries, critic/local-context/allow-attribute checks, supply-chain checks, coverage, Dependency Review, Dependabot, Node 24 workflow/runtime updates, and Open VSX publishing through
OVSX_PAT.
Compatibility
- Rust baseline: 1.93.
- VS Code engine remains
^1.90.0. - Extension server provisioning now resolves the
0.3.0GitHub Release manifest.
Assets
This release includes the universal VSIX, server archives for Windows/Linux/macOS targets, SHA-256 sidecars, checksums.txt, and the server manifest used by the editor extension.
ripr 0.2.0
ripr 0.2.0
This release adds the self-provisioning editor distribution path.
Highlights:
ripr lsp --stdioandripr lsp --version- VS Code/Open VSX extension server resolution:
ripr.server.path-> bundled -> cached download -> verified first-run download -> PATH -> actionable error - GitHub Release server archives for Windows x64, Linux x64/arm64 GNU, and macOS x64/arm64
- SHA-256 manifest used by the extension downloader
- Universal VSIX attached as
ripr-0.2.0.vsix
Published:
- crates.io:
ripr 0.2.0 - GitHub Release server assets and manifest
- Open VSX publish workflow completed successfully
Known release issue:
- VS Marketplace publish is still blocked by PAT authorization:
TF400813. Replace/fixVS_MARKETPLACE_TOKEN, then rerunPublish VSCode Extensionfor version0.2.0.