Hookwarden

v0.4.0 Breaking

This release includes 1 breaking change for platform teams planning a safe upgrade.

Published 12d Secrets & Credentials

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

cli developer-tools hmac php python static-analysis

+4 more

security signature-verification typescript webhook-security

ReleasePort's take

Light signal

editorial:auto 10d

The release restructures the CLI publishing flow to gate distribution fan‑out via Hookwarden's dedicated publish hook and migrates npm publishing to OIDC Trusted Publishers.

Why it matters: Gate CLI fan‑out on Hookwarden‑CLI publish improves reliability; switching npm publishing to OIDC Trusted Publishers enhances security for all deployments.

Summary

AI summary

Updates pr-renderer, ci, and 04.1-03 across a mixed release.

Changes in this release

Type	Severity	Summary	CVE
Feature	Medium	Introduce @hookwarden/pr-renderer package for PR rendering. Introduce @hookwarden/pr-renderer package for PR rendering. Source: llm_adapter@2026-05-25 Confidence: high	—
Feature	Medium	Update bump‑homebrew.sh script and changeset for version v0.3.1. Update bump‑homebrew.sh script and changeset for version v0.3.1. Source: llm_adapter@2026-05-25 Confidence: low	—
Bugfix	Medium	Gate CLI distribution fan‑out on hookwarden-CLI publish instead of any publish. Gate CLI distribution fan‑out on hookwarden-CLI publish instead of any publish. Source: llm_adapter@2026-05-25 Confidence: high	—
Bugfix	Medium	Add explicit version line and Linux‑only smoke matrix for Homebrew formula. Add explicit version line and Linux‑only smoke matrix for Homebrew formula. Source: llm_adapter@2026-05-25 Confidence: low	—
Refactor
Refactor	Medium	Switch npm publishing to OIDC Trusted Publishers. Switch npm publishing to OIDC Trusted Publishers. Source: llm_adapter@2026-05-25 Confidence: high	—
Refactor	Medium	Drop changeset and publish version 1.0.0 directly via Trusted Publishers. Drop changeset and publish version 1.0.0 directly via Trusted Publishers. Source: llm_adapter@2026-05-25 Confidence: low	—
Refactor	Medium	Update winget manifest URLs to point at the GitHub repository. Update winget manifest URLs to point at the GitHub repository. Source: llm_adapter@2026-05-25 Confidence: low	—
Other
Other	Medium	Add negative‑test coverage for v0.3.0 onion‑peel bugs 4, 5, 6, 7. Add negative‑test coverage for v0.3.0 onion‑peel bugs 4, 5, 6, 7. Source: llm_adapter@2026-05-25 Confidence: low	—
Other	Medium	Add negative‑test coverage for v0.3.0 onion‑peel bugs 1, 2, 3. Add negative‑test coverage for v0.3.0 onion‑peel bugs 1, 2, 3. Source: llm_adapter@2026-05-25 Confidence: low	—
Other	Medium	Catch release‑pipeline regressions on PRs before merge. Catch release‑pipeline regressions on PRs before merge. Source: llm_adapter@2026-05-25 Confidence: low	—

Full changelog

What's Changed

ci: catch release-pipeline regressions on PRs, not after merge by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/4
feat(04.1-03): homebrew bump script + dist-02 smoke matrix by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/5
feat(04.1-04): scoop bump + smoke + silence dist-* PR noise via PHASE_4X_BINARIES_SHIPPED gate by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/6
feat(pr-renderer): new @hookwarden/pr-renderer package — home of comm… by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/13
chore(pr-renderer): drop changeset — publish 1.0.0 directly via Trusted Publishers by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/14
fix(release): gate CLI distribution fan-out on hookwarden-CLI publish (not on any publish) by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/15
feat(brand): clean redraw of hookwarden mark by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/10
release: bump-homebrew.sh URL-version update + v0.3.1 changeset by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/16
chore(release): switch npm publishing to OIDC Trusted Publishers by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/17
test(release): negative-test coverage for v0.3.0 onion-peel bugs (4 + 5 + 6 + 7) by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/18
test(release): close v0.3.0 onion-peel — bugs 1, 2, 3 negative tests by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/19
chore(release): point winget manifest URLs at GitHub repo by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/20
fix(homebrew): explicit version line + Linux-only smoke matrix by @AdelinaLipsa in https://github.com/Hookwarden/hookwarden/pull/21

Full Changelog: https://github.com/Hookwarden/hookwarden/compare/v0.1.1...v0.4.0

Breaking Changes

chore(pr-renderer): drop changeset — publish 1.0.0 directly via Trusted Publishers

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Hookwarden

Get notified when new releases ship.

About Hookwarden

All releases →