v0.3.6

Changelog

• 7921e28 fix(passkey): backfill legacy backup flags

v0.3.5

Changelog

• dcf0f0f fix(passkey): return updated credential on login

v0.3.4

Changelog

• afd2b51 fix(passkey): accept base64url credential ids

v0.3.3

Changelog

• b3e7438 fix: preserve admin auth effective config (#47)

v0.3.2

Changelog

• b86ce1f fix: preserve zero passkey sign count

v0.3.1

Changelog

• 7d21561 fix(auth): add admin passkey toggle
• fd28c0d Merge pull request #44 from GoCodeAlone/chore/retro-auth-41-2026-06-02
• 53645fe docs(retro): auth#41 cross-service asymmetric auth + scope-lock complete
• c34304a Merge pull request #43 from GoCodeAlone/feat/auth-41-cross-service-asymmetric-2026-06-02
• 08777fe chore(auth): stop tracking .claude run-state in this PR + gitignore it (Copilot)
• 69a1c3e docs(auth): use-case -> step/module combination matrix (close #41 by reuse)
• c40f326 chore: lock scope for cross-service-asymmetric-auth (alignment passed)
• c840e9f docs(auth): plan rev 3 — fix go-oidc RS256-default trap (cycle-2 F1) + F5 token path
• 576304c docs(auth): plan rev 2 — resolve plan-phase adversarial (2I+2m)
• 2873ce2 docs(auth): implementation plan auth#41 — 3 PRs / 9 tasks
• de69dd1 docs(auth): design PASS — fold cycle-2 scenario-config notes (N1/N2/N3)
• fa8fdde docs(auth): design rev 2 — resolve adversarial cycle-1 (3C) + ADR-0003
• 2fc51d7 docs(auth): design auth#41 — cross-service asymmetric auth via reuse (no bespoke IDP)
• a108a20 Merge pull request #42 from GoCodeAlone/chore/retro-auth-bootstrap-2026-06-02
• d6984bc docs(retro): durable admin bootstrap — post-merge retro + scope-lock complete

v0.3.0

Changelog

• 5c04f63 Merge pull request #40 from GoCodeAlone/feat/auth-bootstrap-redeem-2026-06-02
• 71f6d08 fix(auth): address Copilot review (4 findings)
• 77d0543 fix(auth): address review — reject fractional-float count + empty subject
• 7154bf3 docs(auth): manifest(31) + SPEC §V/§T + README for bootstrap+jwt-issue steps
• ed36a12 feat(auth): register bootstrap_redeem + jwt_issue in step/typed/contract registries
• 0d73774 feat(auth): step.auth_jwt_issue — HS256 session mint (V-B8 reserved-claim guard)
• 5c4cb14 feat(auth): step.auth_bootstrap_redeem — count-gated first-run redemption
• 73b074d feat(auth): proto contracts for bootstrap_redeem + jwt_issue steps
• 51fb4bc chore: lock scope for auth-bootstrap-redeem (alignment passed)
• 8a4d5be docs(auth): spell task IDs in PR Grouping (scope-check + alignment PASS)
• 78cc5a7 docs(auth): plan rev 2 — resolve plan-phase adversarial (2C+4I)
• 66b5a5f docs(auth): implementation plan — 3 PRs / 11 tasks (bootstrap+jwt-issue+scenario)
• 102f5b2 docs(auth): design PASS — fold cycle-4 minors (uuid pin, code-length note, ADR rev)
• 2e9f7f7 docs(auth): design rev 4 — resolve adversarial cycle-3 (1C+3I)
• b4f2594 docs(auth): design rev 3 — resolve adversarial cycle-2 (3C+5I)
• 45c44b9 docs(auth): design rev 2 — resolve adversarial cycle-1 (3C+9I)
• 8bea193 docs(auth): design durable first-run admin bootstrap (#23) + ADR-0001
• 13f4114 Merge pull request #39 from GoCodeAlone/issue-760-version-discipline
• fdd1d48 fix: format sentinel manifest test
• 0952137 chore: apply plugin version discipline

v0.2.12

Changelog

• 8c16ded Expose auth admin contribution and validation (#38)

v0.2.11

Changelog

• 119172e chore: release auth plugin v0.2.11
• f51f715 feat: add auth provider descriptors

v0.2.10

Changelog

• 8ca020c chore: release auth plugin v0.2.10
• 3e3ff44 feat: add auth admin config contracts