Skip to content

Add .fips-template.yaml manifest#9

Merged
rdwj merged 1 commit into
mainfrom
feat/fips-template-manifest
May 7, 2026
Merged

Add .fips-template.yaml manifest#9
rdwj merged 1 commit into
mainfrom
feat/fips-template-manifest

Conversation

@rdwj
Copy link
Copy Markdown
Collaborator

@rdwj rdwj commented May 6, 2026

Companion PR to fips-agents/fips-agents-cli#48 (the CLI loader). After both merge, drift in this template's files surfaces in `fips-agents patch check` without needing a CLI release — the manifest is the source of truth.

What

Adds `.fips-template.yaml` at the repo root with `schema_version: 1`. Five categories declared (`generators`, `core`, `docs`, `build`, `claude`) plus a 14-entry `never_patch` list separating template-managed from user-authored files.

What changes vs. the CLI's hardcoded fallback

Categories are 1-to-1 with the CLI's `MCP_FILE_CATEGORIES` constants (after fips-agents/fips-agents-cli#43 lands). The `never_patch` list extends the CLI's set with three entries the constants miss:

  • `LICENSE` — each scaffolded project owns its own license.
  • `requirements.txt` — users add their own dependencies.
  • `.github/**` — repo settings (CODEOWNERS, workflows) are per-project.

Compatibility

Older CLI installs that don't know about `.fips-template.yaml` will simply ignore the file — nothing breaks. The CLI loader (fips-agents/fips-agents-cli#48) falls back to its hardcoded categories when the manifest is absent, malformed, or uses an unknown `schema_version`. So this PR is safe to land before, after, or independently of the CLI PR stack.

Test plan

  • Manifest parses cleanly through the loader from PR #48.
  • Diff against constants confirms categories and patterns are identical; never_patch only gains the three intentional additions above.
  • No secrets detected by gitleaks.
  • After CLI #48 merges and a release ships, scaffold a fresh MCP project and confirm `patch check` continues to behave the same as today (since this manifest's categories match the constants 1-to-1).

@rdwj
Add .fips-template.yaml manifest
c7e06d8 
Declares which paths in this template are template-managed (offered as
patches by `fips-agents patch`) and which belong to the user. The CLI
reads this file from the comparison root after cloning, before
computing drift in `fips-agents patch check`.

Categories mirror the CLI's hardcoded MCP_FILE_CATEGORIES set 1-to-1
(generators, core, docs, build, claude). The never_patch list
extends the CLI's MCP_NEVER_PATCH with three entries the constants
miss:

- LICENSE — each project carries its own
- requirements.txt — users add their own dependencies
- .github/** — repo settings (CODEOWNERS, workflows) are per-project

Loader behavior is described in
fips-agents/fips-agents-cli#45 — when a
manifest is absent, malformed, or declares an unsupported
schema_version, the CLI falls back to its built-in category set,
so this change is non-breaking for older CLI installs.

Assisted-by: Claude Code (Opus 4.7)
@rdwj rdwj merged commit 42cd9dc into main May 7, 2026
@rdwj rdwj deleted the feat/fips-template-manifest branch May 7, 2026 00:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rdwj