Force GitHub Pages workflows onto Node 24 while the pages actions
still emit Node 20 deprecation warnings. Relax the workflow guard test
so it validates fetch-depth on checkout without pinning a specific
checkout major version.
Add a short maintainer guide for merge:batch and link it from the
existing merge policy docs.
Lock in the source-validation CI fixes discovered during the
merge-batch end-to-end exercise so shallow checkout and missing
base-branch fetch regressions fail the workflow contract test.
Replace the derived .claude-plugin directory entry with the concrete\nplugin manifest files so release:prepare can git-add them without\ntripping over the ignore rule for the directory itself.\n\nAdd matching test updates for the workflow contract.
Treat generated plugin mirrors and marketplace outputs as managed
canonical artifacts so the main-branch sync bot can stage and commit
them instead of failing on unmanaged drift.
Ignore web-app coverage output during maintainer runs and update the
mirrored Office unpack scripts so plugin copies stay aligned with the
hardened source implementations.
Tighten the repo-state automation so canonical bot commits remain
predictable while leaving main clean after each sync.
Make the public catalog UI more honest by hiding dev-only sync,
turning stars into explicit browser-local saves, aligning risk types,
and removing hardcoded catalog counts.
Add shared public asset URL helpers, risk suggestion plumbing,
safer unpack/sync guards, and CI coverage gates so release and
maintainer workflows catch drift earlier.
Install apps/web-app dependencies in the publish workflow before the\nfrontend build so CI matches the working Pages pipeline.\n\nHarden the maintainer release suite by adding the same install step\nbefore app:build, and switch the shared app:install helper to npm ci\nfor deterministic installs.\n\nDocument the follow-up patch release in the changelog so 8.7.1 can\npublish the 8.7.x line to npm after the 8.7.0 release failed before\nreaching the registry.
Freeze the accepted validation warning count at 135 so repo-state and release-state checks fail if the warning baseline grows silently while legacy warnings remain intentionally preserved.
Add a read-only maintainer audit command plus regression tests so maintainers can inspect repo health quickly without mutating files.
Unify main-branch maintenance around repo-state and release-state commands so generated docs, contributor acknowledgements, tracked web assets, and canonical artifacts stay aligned across CI and scheduled hygiene runs.
Harden release publication by reusing deterministic sync commands, adding package dry-run verification, and covering the new workflow contract with regression tests.
