chore: release v0.22.0#1920
Merged
Merged
Conversation
Bump pyproject.toml + uv.lock to 0.22.0 and rewrite the [Unreleased] CHANGELOG block into a dated [0.22.0] - 2026-06-26 section with one so-what entry per user-facing PR merged since v0.21.0. MINOR bump: the cycle carries BREAKING changes (executable-trust approval gate, windsurf skill path) plus new commands/policy; pre-1.0 framing lands breakings in a minor. Lint mirror green locally (ruff check + format, pylint R0801, auth-signals). Post-merge: tag v0.22.0 to trigger the release workflow. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR cuts the v0.22.0 release by bumping the project version and promoting the current changelog entries into a dated release section.
Changes:
- Bump
apm-cliversion to0.22.0inpyproject.tomlanduv.lock. - Add a
## [0.22.0] - 2026-06-26section toCHANGELOG.mdand update several entries’ PR references/wording under that release.
Show a summary per file
| File | Description |
|---|---|
| uv.lock | Updates the editable apm-cli package version to 0.22.0. |
| pyproject.toml | Updates the project version metadata to 0.22.0. |
| CHANGELOG.md | Promotes Unreleased content into the 0.22.0 release section and adjusts release notes entries. |
Review details
- Files reviewed: 2/3 changed files
- Comments generated: 1
- Review effort level: Low
Comment on lines
121
to
+124
| - The standalone `~/.apm/approvals.yml` personal-consent file is removed; | ||
| its contents are migrated into `~/.apm/config.json` under | ||
| `executables: {allow, deny}` on first read (net-new control-surface | ||
| files = 0). (#1873) | ||
| files = 0). (#1875) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Cut release 0.22.0.
pyproject.tomlto 0.22.0 (anduv.lock).[Unreleased]to[0.22.0] - 2026-06-26inCHANGELOG.md, with one short "so what?" entry per user-facing PR merged since v0.21.0.Why MINOR (0.22.0), not PATCH (0.21.1)
The cycle carries BREAKING changes, so the semver rubric's Row 1 fires. Pre-1.0 framing lands breakings in a MINOR bump (not MAJOR -- we are at 0.21, not 0.99). Multiple new commands and a new policy block (
apm config set target,apm compile -g,apm policy explain,apm approve --recommended/--list, theexecutables:policy block) independently force MINOR as well. PATCH would be wrong on both counts.Breaking changes in this cycle
apm approve; the--trust-canvas-extensionsflag is removed. CI/non-interactive pipelines must pre-seed approvals beforeapm install. (harden(executables): expand allowExecutables gate to mcp and canvas; store approvals user-local #1865).agents/skills/. Existing.windsurf/skills/deployments are orphaned on nextapm install; opt out with--legacy-skill-paths. (feat(targets): converge windsurf skills onto .agents/skills/ #1802)Validation
Lint mirror green locally (ruff check + format, pylint R0801, auth-signals). See
.apm/instructions/linting.instructions.mdfor the contract this mirrors.Post-merge
Tag
v0.22.0to trigger the release workflow: