Release mb3r-stack v0.3.1 candidate integration bundle · MB3R-Lab/mb3r-stack

mb3r-stack v0.3.1

Patch bundle release that refreshes the integration layer onto the hardened upstream Bering and Sheaft patch lines.

upgrades the bundle pins to Bering v0.3.2 and Sheaft v0.2.2
keeps the stack-level adapter envelopes stable at v1alpha1
keeps the formal stack maturity at candidate
hardens the live Kubernetes smoke helper so authenticated GHCR pull secrets are applied through stdin instead of process argv
validates GitHub, GitLab, and Jenkins adapter gate decisions against the supported decision set
includes release-manifest.json in release checksum coverage
hardens the Sheaft container security context in stack chart defaults

Bering v0.3.2 pinned to ghcr.io/mb3r-lab/bering@sha256:98e443461bf59d92cc19b20f425602de91b22a272ecd9a79df5cc20f96c735a8
Sheaft v0.2.2 pinned to ghcr.io/mb3r-lab/sheaft@sha256:df6a7bbf21e4f307d1d33425f4245eeb34f5d051f46b8ad36ad536b33bf2c331

verified by repository validation, adapter e2e, release dry-run, and Helm template rendering on 2026-05-01
the locally staged package set is mb3r-stack-0.3.1.tgz, mb3r-assets-0.3.1.tgz, release-manifest.json, SHA256SUMS.txt, and sbom.cdx.json
Bering v0.3.2 keeps the 1.0.0 and 1.1.0 schema contract lines and adds runtime/toolchain hardening
Sheaft v0.2.2 keeps the same accepted Bering contract lines and hardens serve/watch/toolchain/chart behavior
Sheaft serve / watch remains preview-grade upstream behavior and is not promoted to a long-term stable contract by this bundle release

verified-bundle acceptance criteria, first-user path documentation, adapter maturity notes, and release evidence attachment remain tracked in GitHub issues
Node.js 20 action deprecation annotations still appear in upstream release workflows and should remain visible in the technical backlog