docs(changelog): draft [Unreleased] section for post-rc.1 release cut#145
Conversation
…nce v0.3.0-rc.1 Aggregates the nine-competency roadmap work that landed since the last tag: Reconcile (#99), Prove (#97), Remediate (#98), Harden (#96), Narrate (#91), Survive (#94), Recover (#90), plus consistency enforcement (#93), preflight slimming (#92), and the three-crate packaging split (#95). Version number decision (rc.2 vs 0.3.0 stable) is intentionally left open — this is editorial prep for the release cut, not a tag. Install story updated: cargo install shipper --locked is the new recommended path; cargo install shipper-cli --locked remains backward-compatible.
Summary by CodeRabbit
WalkthroughCHANGELOG.md receives a new Unreleased section documenting completion of a nine-competency roadmap (Reconcile, Prove, Remediate, Harden, Narrate, Survive, Recover, Ergonomics) with functional updates including ambiguity reconciliation, rehearsal workflows, package yank operations, remediation commands, trusted publishing support, and a three-crate packaging split. Changes
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~3 minutes Poem
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 7
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@CHANGELOG.md`:
- Around line 77-88: The changelog contains a non-standard "Install" section;
move or mirror this content under the standard "Changed" category as a
"Packaging" subsection (or add a short entry in "Changed" referencing a detailed
INSTALL/README note) so it follows Keep a Changelog conventions—update the
"Changed" section to include a "Packaging" note that mentions the new
recommended install command (`cargo install shipper --locked`), the
backward-compatible command (`cargo install shipper-cli --locked`), and the
guidance about `shipper-core` for clap-free embedders.
- Line 73: The phrase "Roadmap aligned" is passive and unclear; update the
CHANGELOG entry containing the text "Roadmap aligned" to use an active, specific
wording such as "Roadmap documentation aligned with mission/steering docs" or
"Aligned roadmap with mission/steering docs; Diátaxis reorganization (tutorials,
how-to, reference, explanation)" so the agent and action are explicit and the
meaning is unambiguous.
- Line 55: Update the CHANGELOG entry for `shipper` to avoid overly specific
wording about implementation size: replace "3-line binary forwarding to
`shipper_cli::run()`" with a more maintainable phrase such as "minimal binary
forwarding to `shipper_cli::run()`" or "lightweight binary forwarding to
`shipper_cli::run()`"; keep references to `shipper` and `shipper_cli::run()` so
readers still know the binary forwards to that function and retain the
recommended install sentence unchanged.
- Line 68: The "Resume:" bullet in the Fixed section uses a colon and
inconsistent formatting; update that line so "Resume" is bolded and uses the
same pattern as other entries (bold term + em dash). Replace the current "-
**Resume:** `PackageSkipped` event now emits correctly when resume finds a
package already in terminal state." with a line like "- **Resume —**
`PackageSkipped` event now emits correctly when resume finds a package already
in terminal state." to match the existing style.
- Line 74: Replace the terse changelog line "Docs demote cargo stdout to hint"
with an expanded, clearer phrasing such as "Documentation now treats cargo
stdout as a hint; registry truth is authoritative for safety-critical decisions"
in CHANGELOG.md so the intent is immediately readable; locate the existing line
containing the exact string "Docs demote cargo stdout to hint" and update it to
the expanded sentence.
- Line 10: The intro competency list in CHANGELOG.md is out of order compared to
the subsections; update the sentence listing "Prove, Survive, Reconcile,
Narrate, Remediate, Harden, Ergonomics" so the sequence matches the
document/subsection order (e.g., start with "Reconcile" then "Prove" then
"Remediate" ... or reorder the subsections to match the intro), ensuring the
competency names (Reconcile, Prove, Remediate, Survive, Narrate, Harden (Trusted
Publishing), Ergonomics) appear in the same order in both places for consistency
and easier scanning.
- Line 16: The long changelog sentence under "Ambiguous-publish reconciliation
against registry truth." should be split into 2–3 shorter sentences to improve
readability: first state that when `cargo publish` exits ambiguously Shipper now
polls the registry (sparse index + API per config) instead of blind-retrying;
next list the three possible outcomes (`Published` — skip retry, `NotPublished`
— safe retry, `StillUnknown` — halt for operator); finally add a short sentence
noting that cargo stdout is now a fast-path hint and the registry is
authoritative and that the resume-path reconciles `Ambiguous` state before
re-entering the retry loop. Use the exact labels `Published`, `NotPublished`,
`StillUnknown`, `Ambiguous`, and the phrase `cargo publish` so readers can
quickly scan for those concepts.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
|
|
||
| ## [Unreleased] | ||
|
|
||
| Nine-competency roadmap ([#109](https://github.com/EffortlessMetrics/shipper/issues/109)) landed end-to-end on `main` since `v0.3.0-rc.1`: **Prove**, **Survive**, **Reconcile**, **Narrate**, **Remediate**, **Harden** (Trusted Publishing), **Ergonomics** (three-crate split), plus consistency enforcement and operator-trust docs. |
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Consider reordering competencies to match document structure.
The competency order in the intro ("Prove, Survive, Reconcile...") differs from the subsection order below (Reconcile #99, Prove #97, Remediate #98...). For consistency and easier scanning, consider matching the intro order to the document structure.
📝 Suggested reordering
-Nine-competency roadmap ([`#109`](https://github.com/EffortlessMetrics/shipper/issues/109)) landed end-to-end on `main` since `v0.3.0-rc.1`: **Prove**, **Survive**, **Reconcile**, **Narrate**, **Remediate**, **Harden** (Trusted Publishing), **Ergonomics** (three-crate split), plus consistency enforcement and operator-trust docs.
+Nine-competency roadmap ([`#109`](https://github.com/EffortlessMetrics/shipper/issues/109)) landed end-to-end on `main` since `v0.3.0-rc.1`: **Reconcile**, **Prove**, **Remediate**, **Harden** (Trusted Publishing), **Narrate**, **Survive**, **Recover**, **Ergonomics** (three-crate split), plus consistency enforcement and operator-trust docs.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@CHANGELOG.md` at line 10, The intro competency list in CHANGELOG.md is out of
order compared to the subsections; update the sentence listing "Prove, Survive,
Reconcile, Narrate, Remediate, Harden, Ergonomics" so the sequence matches the
document/subsection order (e.g., start with "Reconcile" then "Prove" then
"Remediate" ... or reorder the subsections to match the intro), ensuring the
competency names (Reconcile, Prove, Remediate, Survive, Narrate, Harden (Trusted
Publishing), Ergonomics) appear in the same order in both places for consistency
and easier scanning.
|
|
||
| #### Reconcile ([#99](https://github.com/EffortlessMetrics/shipper/issues/99)) | ||
|
|
||
| - **Ambiguous-publish reconciliation against registry truth.** When `cargo publish` exits ambiguously, Shipper now polls the registry (sparse index + API per config) instead of blind-retrying. Outcomes: `Published` (skip retry), `NotPublished` (safe retry), `StillUnknown` (halt for operator). Cargo stdout is demoted to a fast-path hint; registry is authoritative. Resume-path reconciles `Ambiguous` state before re-entering the retry loop. |
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Consider breaking the long sentence for better readability.
The first bullet under Reconcile is a 97-word sentence that packs multiple concepts (polling, outcomes, cargo stdout demotion, registry authority, resume path). Breaking it into 2-3 shorter sentences would improve scannability.
✂️ Suggested restructuring
-- **Ambiguous-publish reconciliation against registry truth.** When `cargo publish` exits ambiguously, Shipper now polls the registry (sparse index + API per config) instead of blind-retrying. Outcomes: `Published` (skip retry), `NotPublished` (safe retry), `StillUnknown` (halt for operator). Cargo stdout is demoted to a fast-path hint; registry is authoritative. Resume-path reconciles `Ambiguous` state before re-entering the retry loop.
+- **Ambiguous-publish reconciliation against registry truth.** When `cargo publish` exits ambiguously, Shipper now polls the registry (sparse index + API per config) instead of blind-retrying. Three outcomes: `Published` (skip retry), `NotPublished` (safe retry), `StillUnknown` (halt for operator). Cargo stdout is treated as a fast-path hint; registry is authoritative. Resume reconciles any `Ambiguous` state before re-entering the retry loop.📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| - **Ambiguous-publish reconciliation against registry truth.** When `cargo publish` exits ambiguously, Shipper now polls the registry (sparse index + API per config) instead of blind-retrying. Outcomes: `Published` (skip retry), `NotPublished` (safe retry), `StillUnknown` (halt for operator). Cargo stdout is demoted to a fast-path hint; registry is authoritative. Resume-path reconciles `Ambiguous` state before re-entering the retry loop. | |
| - **Ambiguous-publish reconciliation against registry truth.** When `cargo publish` exits ambiguously, Shipper now polls the registry (sparse index + API per config) instead of blind-retrying. Three outcomes: `Published` (skip retry), `NotPublished` (safe retry), `StillUnknown` (halt for operator). Cargo stdout is treated as a fast-path hint; registry is authoritative. Resume reconciles any `Ambiguous` state before re-entering the retry loop. |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@CHANGELOG.md` at line 16, The long changelog sentence under
"Ambiguous-publish reconciliation against registry truth." should be split into
2–3 shorter sentences to improve readability: first state that when `cargo
publish` exits ambiguously Shipper now polls the registry (sparse index + API
per config) instead of blind-retrying; next list the three possible outcomes
(`Published` — skip retry, `NotPublished` — safe retry, `StillUnknown` — halt
for operator); finally add a short sentence noting that cargo stdout is now a
fast-path hint and the registry is authoritative and that the resume-path
reconciles `Ambiguous` state before re-entering the retry loop. Use the exact
labels `Published`, `NotPublished`, `StillUnknown`, `Ambiguous`, and the phrase
`cargo publish` so readers can quickly scan for those concepts.
|
|
||
| - **`shipper-core`** (new) — engine library with no CLI dependencies. Stable embedding surface: `plan`, `preflight`, `publish`, `resume`, `reconcile`, `rehearsal`, `remediate`, state/events/receipts, policy/readiness. | ||
| - **`shipper-cli`** — promoted from placeholder to real CLI adapter. Owns `clap` parsing, subcommand dispatch, help text, progress rendering. Exposes `pub fn run() -> anyhow::Result<()>` as the embedding entry point. | ||
| - **`shipper`** — shrunk to install façade. 3-line binary forwarding to `shipper_cli::run()`, plus a library re-exporting a curated subset of `shipper-core`. **This is the recommended install path:** `cargo install shipper --locked`. |
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Consider less specific wording for binary size.
The phrase "3-line binary forwarding" is very specific and might become inaccurate with minor implementation changes. Consider "minimal binary forwarding" or "lightweight binary forwarding" for more maintainable documentation.
📝 Suggested rewording
-- **`shipper`** — shrunk to install façade. 3-line binary forwarding to `shipper_cli::run()`, plus a library re-exporting a curated subset of `shipper-core`. **This is the recommended install path:** `cargo install shipper --locked`.
+- **`shipper`** — shrunk to install façade. Minimal binary forwarding to `shipper_cli::run()`, plus a library re-exporting a curated subset of `shipper-core`. **This is the recommended install path:** `cargo install shipper --locked`.📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| - **`shipper`** — shrunk to install façade. 3-line binary forwarding to `shipper_cli::run()`, plus a library re-exporting a curated subset of `shipper-core`. **This is the recommended install path:** `cargo install shipper --locked`. | |
| - **`shipper`** — shrunk to install façade. Minimal binary forwarding to `shipper_cli::run()`, plus a library re-exporting a curated subset of `shipper-core`. **This is the recommended install path:** `cargo install shipper --locked`. |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@CHANGELOG.md` at line 55, Update the CHANGELOG entry for `shipper` to avoid
overly specific wording about implementation size: replace "3-line binary
forwarding to `shipper_cli::run()`" with a more maintainable phrase such as
"minimal binary forwarding to `shipper_cli::run()`" or "lightweight binary
forwarding to `shipper_cli::run()`"; keep references to `shipper` and
`shipper_cli::run()` so readers still know the binary forwards to that function
and retain the recommended install sentence unchanged.
|
|
||
| ### Fixed | ||
|
|
||
| - **Resume:** `PackageSkipped` event now emits correctly when resume finds a package already in terminal state. |
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Inconsistent formatting in Fixed section.
The bullet uses "Resume:" as a prefix label, which differs from the pattern in other sections where the term is bolded (e.g., **Term** — description). Consider bolding "Resume" or restructuring for consistency.
🎨 Suggested formatting
-- **Resume:** `PackageSkipped` event now emits correctly when resume finds a package already in terminal state.
+- **Resume behavior:** `PackageSkipped` event now emits correctly when resume finds a package already in terminal state.📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| - **Resume:** `PackageSkipped` event now emits correctly when resume finds a package already in terminal state. | |
| - **Resume behavior:** `PackageSkipped` event now emits correctly when resume finds a package already in terminal state. |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@CHANGELOG.md` at line 68, The "Resume:" bullet in the Fixed section uses a
colon and inconsistent formatting; update that line so "Resume" is bolded and
uses the same pattern as other entries (bold term + em dash). Replace the
current "- **Resume:** `PackageSkipped` event now emits correctly when resume
finds a package already in terminal state." with a line like "- **Resume —**
`PackageSkipped` event now emits correctly when resume finds a package already
in terminal state." to match the existing style.
| ### Documentation | ||
|
|
||
| - **Operator-trust pack:** `not_proven` explainer, stalled-run triage, state-files cheat sheet. | ||
| - **Roadmap aligned** with mission/steering docs; Diátaxis reorganization (tutorials, how-to, reference, explanation). |
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Clarify passive construction.
The phrase "Roadmap aligned" uses passive voice without a clear agent. Consider "Roadmap documentation aligned with..." or "Aligned roadmap with..." for clarity.
📝 Suggested rewording
-- **Roadmap aligned** with mission/steering docs; Diátaxis reorganization (tutorials, how-to, reference, explanation).
+- **Roadmap documentation aligned** with mission/steering docs; Diátaxis reorganization (tutorials, how-to, reference, explanation).📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| - **Roadmap aligned** with mission/steering docs; Diátaxis reorganization (tutorials, how-to, reference, explanation). | |
| - **Roadmap documentation aligned** with mission/steering docs; Diátaxis reorganization (tutorials, how-to, reference, explanation). |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@CHANGELOG.md` at line 73, The phrase "Roadmap aligned" is passive and
unclear; update the CHANGELOG entry containing the text "Roadmap aligned" to use
an active, specific wording such as "Roadmap documentation aligned with
mission/steering docs" or "Aligned roadmap with mission/steering docs; Diátaxis
reorganization (tutorials, how-to, reference, explanation)" so the agent and
action are explicit and the meaning is unambiguous.
|
|
||
| - **Operator-trust pack:** `not_proven` explainer, stalled-run triage, state-files cheat sheet. | ||
| - **Roadmap aligned** with mission/steering docs; Diátaxis reorganization (tutorials, how-to, reference, explanation). | ||
| - **Docs demote cargo stdout to hint**; registry truth is authoritative for safety-critical decisions. |
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Expand telegraphic phrasing for clarity.
"Docs demote cargo stdout to hint" is very terse. Consider expanding to "Documentation now treats cargo stdout as a hint" or similar for better readability.
📝 Suggested expansion
-- **Docs demote cargo stdout to hint**; registry truth is authoritative for safety-critical decisions.
+- **Documentation clarifies cargo stdout as hint**; registry truth is authoritative for safety-critical decisions.or
-- **Docs demote cargo stdout to hint**; registry truth is authoritative for safety-critical decisions.
+- **Cargo stdout demoted to hint in documentation**; registry truth is authoritative for safety-critical decisions.📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| - **Docs demote cargo stdout to hint**; registry truth is authoritative for safety-critical decisions. | |
| - **Documentation clarifies cargo stdout as hint**; registry truth is authoritative for safety-critical decisions. |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@CHANGELOG.md` at line 74, Replace the terse changelog line "Docs demote cargo
stdout to hint" with an expanded, clearer phrasing such as "Documentation now
treats cargo stdout as a hint; registry truth is authoritative for
safety-critical decisions" in CHANGELOG.md so the intent is immediately
readable; locate the existing line containing the exact string "Docs demote
cargo stdout to hint" and update it to the expanded sentence.
| ### Install | ||
|
|
||
| ```bash | ||
| # New recommended path | ||
| cargo install shipper --locked | ||
|
|
||
| # Backward-compatible (same code path) | ||
| cargo install shipper-cli --locked | ||
| ``` | ||
|
|
||
| Embedders who want a clap-free library surface should depend on `shipper-core` directly. | ||
|
|
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Non-standard changelog section (acceptable for major packaging change).
The "Install" section is not a standard Keep a Changelog category (typical: Added, Changed, Deprecated, Removed, Fixed, Security). However, given the significant packaging restructuring, this placement is reasonable and user-friendly. Alternatively, this content could live under the "Packaging" subsection in "Changed" or be referenced with a note pointing to README.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@CHANGELOG.md` around lines 77 - 88, The changelog contains a non-standard
"Install" section; move or mirror this content under the standard "Changed"
category as a "Packaging" subsection (or add a short entry in "Changed"
referencing a detailed INSTALL/README note) so it follows Keep a Changelog
conventions—update the "Changed" section to include a "Packaging" note that
mentions the new recommended install command (`cargo install shipper --locked`),
the backward-compatible command (`cargo install shipper-cli --locked`), and the
guidance about `shipper-core` for clap-free embedders.
There was a problem hiding this comment.
Code Review
This pull request updates the CHANGELOG.md to document the completion of the nine-competency roadmap, including features like registry reconciliation, rehearsal publishing, and the three-crate architectural split. Feedback focuses on correcting competency names (Profile, Survive, and Ergonomics) in headers and summaries to ensure alignment with the project's official roadmap.
|
|
||
| ## [Unreleased] | ||
|
|
||
| Nine-competency roadmap ([#109](https://github.com/EffortlessMetrics/shipper/issues/109)) landed end-to-end on `main` since `v0.3.0-rc.1`: **Prove**, **Survive**, **Reconcile**, **Narrate**, **Remediate**, **Harden** (Trusted Publishing), **Ergonomics** (three-crate split), plus consistency enforcement and operator-trust docs. |
There was a problem hiding this comment.
The summary list of competencies should be updated to include Profile (registry-aware backoff, #94) and ensure the names align with the headers in the body and the project roadmap in ROADMAP.md. Currently, line 41 uses Survive for #94, which the roadmap defines as Profile (Competency 7).
| Nine-competency roadmap ([#109](https://github.com/EffortlessMetrics/shipper/issues/109)) landed end-to-end on `main` since `v0.3.0-rc.1`: **Prove**, **Survive**, **Reconcile**, **Narrate**, **Remediate**, **Harden** (Trusted Publishing), **Ergonomics** (three-crate split), plus consistency enforcement and operator-trust docs. | |
| Nine-competency roadmap ([#109](https://github.com/EffortlessMetrics/shipper/issues/109)) landed end-to-end on `main` since `v0.3.0-rc.1`: **Prove**, **Survive**, **Reconcile**, **Narrate**, **Remediate**, **Harden** (Trusted Publishing), **Profile** (registry-aware backoff), **Ergonomics** (three-crate split), plus consistency enforcement and operator-trust docs. |
|
|
||
| - **Retry visibility** — structured `RetryBackoff` events and live CLI narration so operators can see what the engine is waiting on and why. | ||
|
|
||
| #### Survive ([#94](https://github.com/EffortlessMetrics/shipper/issues/94)) |
There was a problem hiding this comment.
This header should be renamed to Profile to align with the nine-competency roadmap defined in ROADMAP.md (Competency 7). #94 describes registry-aware backoff, which is the core of the Profile competency. Survive (Competency 2) is associated with interruption-resume behavior (#90).
| #### Survive ([#94](https://github.com/EffortlessMetrics/shipper/issues/94)) | |
| #### Profile ([#94](https://github.com/EffortlessMetrics/shipper/issues/94)) |
|
|
||
| - **crates.io-aware backoff** — registry-aware rate-limit detection uses `crate_exists` to distinguish new-crate throttling from transient failures. | ||
|
|
||
| #### Recover ([#90](https://github.com/EffortlessMetrics/shipper/issues/90)) |
There was a problem hiding this comment.
This header should be renamed to Survive to align with the nine-competency roadmap in ROADMAP.md (Competency 2). #90 describes interruption-resume behavior, which is the core of the Survive competency. Recover is the name of the corresponding pillar (Pillar 4), but the changelog uses competency names for other sections.
| #### Recover ([#90](https://github.com/EffortlessMetrics/shipper/issues/90)) | |
| #### Survive ([#90](https://github.com/EffortlessMetrics/shipper/issues/90)) |
|
|
||
| ### Changed | ||
|
|
||
| #### Packaging — three-crate product shape ([#95](https://github.com/EffortlessMetrics/shipper/issues/95)) |
There was a problem hiding this comment.
This header should be renamed to Ergonomics to align with the summary in line 10 and the roadmap in ROADMAP.md (Competency 9, #108), which specifically references the three-crate split (#95).
| #### Packaging — three-crate product shape ([#95](https://github.com/EffortlessMetrics/shipper/issues/95)) | |
| #### Ergonomics — three-crate product shape ([#95](https://github.com/EffortlessMetrics/shipper/issues/95)) |
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
Summary
Drafts an
[Unreleased]section inCHANGELOG.mdaggregating the 29 commits sincev0.3.0-rc.1. This is editorial prep for the release cut — no version bump, no tag. Version decision (rc.2 vs 0.3.0 stable) and tagging remain your call.What the draft captures
Grouped by the nine-competency roadmap so the release reads as narrative, not a commit log:
shipper rehearse, smoke-install, hard-gate before live dispatchshipper yank,plan-yank,fix-forward,--mark-compromised, receipt-driven containmentcargo install shipper --lockedas the recommended install pathNot in this PR
0.3.0-rc.1until you pickrc.2vs0.3.0)Test plan
git diffshowsCHANGELOG.mdonlymain)