security: remove dist/ from git tracking (Phase 2) (#13)

* security: remove dist/ from git tracking (Phase 2)

Completes the security hardening started in Phase 1.

Changes:
- Add dist/ to .gitignore
- Remove dist/ from git tracking (48 files)
- Remove husky pre-commit hook (no longer needed)

CI will immediately rebuild and commit dist/ after this merges.
Installation flow remains unbroken.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* docs: clarify dist/ gitignore comment

* chore: bump version to 0.0.2 and update docs

- Update version to 0.0.2 in package.json, plugin.json, marketplace.json
- Update CHANGELOG.md with all changes since 0.0.1
- Document release process and plugin update mechanism in CONTRIBUTING.md

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Jarrod Watts
2026-01-04 23:03:39 +11:00
committed by GitHub
parent de083ae9c6
commit 59f1fb81c1
55 changed files with 57 additions and 704 deletions

View File

@@ -44,3 +44,32 @@ Your PR: src/ changes only → Merge → CI builds dist/ → Committed automatic
- Include tests or explain why they are not needed.
- Link issues when relevant.
- Only modify `src/` files — CI handles `dist/` automatically.
## Releasing New Versions
When shipping a new version:
1. **Update version numbers** in all three files:
- `package.json``"version": "X.Y.Z"`
- `.claude-plugin/plugin.json``"version": "X.Y.Z"`
- `.claude-plugin/marketplace.json``"version": "X.Y.Z"`
2. **Update CHANGELOG.md** with changes since last release
3. **Commit and merge** — CI builds dist/ automatically
### How Users Get Updates
Claude Code plugins support updates through the `/plugin` interface:
- **Update now** — Fetches latest from main branch, installs immediately
- **Mark for update** — Stages update for later
Claude Code compares the `version` field in `plugin.json` against the installed version. Bumping the version number (e.g., 0.0.1 → 0.0.2) allows users to see an update is available.
### Version Strategy
We use semantic versioning (`MAJOR.MINOR.PATCH`):
- **PATCH** (0.0.x): Bug fixes, minor improvements
- **MINOR** (0.x.0): New features, non-breaking changes
- **MAJOR** (x.0.0): Breaking changes