release: merge develop into main for v0.2.0

Co-Authored-By: Oz <oz-agent@warp.dev>

Author: tbitcs

.github/workflows/dev-release.yml

@@ -0,0 +1,75 @@
+name: Dev Release
+
+on:
+  push:
+    branches: [develop]
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  dev-build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-python@v6
+        with:
+          python-version: "3.12"
+          cache: pip
+
+      - name: Install build tools
+        run: pip install build
+
+      - name: Set dev version
+        run: |
+          # Read base version and bump patch for dev
+          BASE_VERSION=$(grep 'version = ' pyproject.toml | head -1 | sed 's/version = "\(.*\)"/\1/')
+          MAJOR=$(echo $BASE_VERSION | cut -d. -f1)
+          MINOR=$(echo $BASE_VERSION | cut -d. -f2)
+          PATCH=$(echo $BASE_VERSION | cut -d. -f3)
+          NEXT_PATCH=$((PATCH + 1))
+          COMMIT_COUNT=$(git rev-list --count HEAD ^$(git describe --tags --abbrev=0 2>/dev/null || echo HEAD~100) 2>/dev/null || echo 0)
+          DEV_VERSION="${MAJOR}.${MINOR}.${NEXT_PATCH}.dev${COMMIT_COUNT}"
+          echo "DEV_VERSION=${DEV_VERSION}" >> $GITHUB_ENV
+
+          # Patch pyproject.toml with dev version
+          sed -i "s/version = \"${BASE_VERSION}\"/version = \"${DEV_VERSION}\"/" pyproject.toml
+          echo "Building version: ${DEV_VERSION}"
+
+      - run: python -m build
+
+      - name: Upload build artifacts
+        uses: actions/upload-artifact@v7
+        with:
+          name: dev-dist
+          path: dist/
+
+  pypi-dev-publish:
+    needs: dev-build
+    runs-on: ubuntu-latest
+    environment: pypi
+    permissions:
+      id-token: write
+    continue-on-error: true
+    steps:
+      - uses: actions/download-artifact@v8
+        with:
+          name: dev-dist
+          path: dist/
+      - name: Publish dev release to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+
+  docs-build:
+    needs: dev-build
+    runs-on: ubuntu-latest
+    continue-on-error: true
+    steps:
+      - name: Trigger ReadTheDocs build for develop
+        run: |
+          curl -s -X POST \
+            -H "Authorization: Token ${{ secrets.RTD_TOKEN }}" \
+            "https://readthedocs.org/api/v3/projects/specsmith/versions/develop/builds/"

.github/workflows/release.yml

@@ -8,7 +8,22 @@ permissions:
   contents: write
 
 jobs:
+  test:
+    runs-on: ubuntu-latest
+    if: github.ref_type == 'tag'
+    steps:
+      - uses: actions/checkout@v6
+      - uses: actions/setup-python@v6
+        with:
+          python-version: "3.12"
+          cache: pip
+      - run: pip install -e ".[dev]"
+      - run: ruff check src/
+      - run: mypy src/specsmith --ignore-missing-imports
+      - run: pytest tests/ -x -q
+
   build:
+    needs: test
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v6
@@ -47,7 +62,8 @@ jobs:
     environment: pypi
     permissions:
       id-token: write
-    # Skip gracefully if pypi environment is not configured yet
+    # Only publish from main branch tags — never from develop or feature branches
+    if: github.event.base_ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')
     continue-on-error: true
     steps:
       - uses: actions/download-artifact@v8

.warp/rules/documentation-updates.md

@@ -54,6 +54,16 @@ Before every release:
 - Verify install commands say `pip install specsmith` (no `--pre` for stable)
 - Follow the full checklist in `docs/site/releasing.md`
 
+## Branch Protection
+
+- **NEVER tag a stable release on develop.** Tags must only be created on main.
+- **NEVER push tags from develop.** The stable release workflow publishes to PyPI — only main branch releases are allowed.
+- All feature work happens on develop. Stable releases merge develop → main first, then tag on main.
+- **Dev releases are automatic.** Every push to develop triggers `.devN` pre-release to PyPI.
+- Dev releases use `X.Y.(Z+1).devN` version suffix — always the NEXT patch version, not the current.
+- Example: if stable is `0.1.3`, dev builds are `0.1.4.dev1`, `0.1.4.dev2`, etc.
+- Install dev builds: `pip install --pre specsmith`
+
 ## Rule
 
 If any documentation update is needed, make the updates in the SAME commit as the code changes — do not defer documentation to a separate commit.

.warp/rules/kr260-board-identity.md

@@ -0,0 +1,42 @@
+# KR260 Board Identity — COM Port Safety Rule
+
+## Rule
+
+**NEVER assume which COM port corresponds to kria-a or kria-b based on port number or
+position alone.**  COM port assignments can change across reboots, USB hub resets, cable
+swaps, or OS re-enumeration events.
+
+## Required Practice
+
+Before issuing any board-specific command, configuration, or measurement over a serial
+console (COM port), **always verify the hostname first**:
+
+```
+login: atomicrail
+password: ...
+atomicrail@kria-a:~$    ← confirm this matches your intent
+```
+
+Or, if already logged in:
+
+```bash
+hostname
+```
+
+## Background
+
+On 2026-04-02, after flashing and rebooting both KR260 boards, the COM port assignments
+were found to be **swapped relative to the previous session**.  What was kria-a's port
+is now kria-b's port and vice versa.  This was only caught because the board banner and
+hostname were checked in the boot log.
+
+## Scope
+
+Applies to all dual-board KR260 (kria-a / kria-b) lab work in the AtomicRail / cpsc-engine-rtl
+project whenever serial consoles, minicom/PuTTY/Warp sessions, or any tool that references
+a COM port by name or number is used.
+
+## Consequence of Violation
+
+Running a benchmark, flashing a bitstream, or modifying network configuration on the wrong
+board produces invalid results and may require board recovery.

.warp/rules/no-hardcoded-versions.md

@@ -0,0 +1,35 @@
+# No Hardcoded Versions Rule
+
+## Policy
+
+Version strings MUST NOT be hardcoded in documentation, tests, or application code outside of `pyproject.toml`.
+
+## Single Source of Truth
+
+- **`pyproject.toml`** `version` field is the sole source of truth for the package version.
+- **`__init__.py`** reads the version at runtime via `importlib.metadata.version()`.
+- **Documentation** uses `{{ version }}` placeholders resolved by a MkDocs hook at build time.
+- **Tests** compare against `importlib.metadata.version()`, never hardcoded strings.
+
+## What to Check
+
+Before every commit, verify:
+
+- No literal version strings (e.g., `0.1.3`, `0.2.0`) appear in:
+  - `docs/site/*.md` — use `{{ version }}` instead
+  - Test assertions — use `from specsmith import __version__` or `importlib.metadata`
+  - README.md badge text — use shields.io dynamic badges
+  - Troubleshooting docs — say "latest version" not "v0.1.x+"
+- `pyproject.toml` is the ONLY file that contains the actual version number
+- `__init__.py` fallback value is only for uninstalled source runs
+
+## For Managed Projects
+
+Projects scaffolded by specsmith follow the same pattern:
+- `init.py.j2` generates `importlib.metadata.version()` code
+- `pyproject.toml.j2` sets the initial version; all other code reads it dynamically
+- CI dev-release workflows calculate dev versions from git tags, not source files
+
+## Release Process
+
+When bumping versions, `specsmith release` updates `pyproject.toml` (the source of truth). The releaser also updates `config.py` spec_version default so new scaffolds use the current version. No other files need version string changes.

CHANGELOG.md

@@ -7,6 +7,48 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.2.0] - 2026-04-02
+
+### Added
+- **Community templates** (#42): `CONTRIBUTING.md`, `LICENSE` (MIT/Apache-2.0), `SECURITY.md`, `CODE_OF_CONDUCT.md`, `.github/PULL_REQUEST_TEMPLATE.md`, `.github/ISSUE_TEMPLATE/` (bug report + feature request). Config fields: `license` (default MIT), `community_files` list.
+- **AI credit tracking** (#50): `specsmith credits` subcommand group — record, summary, report, analyze, budget. Tracks tokens/cost per session, model, provider, and task. JSON storage at `.specsmith/credits.json`.
+- **Credit spend analysis** (#51): `specsmith credits analyze` detects model inefficiency, token waste, governance bloat, cost trends. Generates optimization recommendations with estimated savings.
+- **Credit budget/watermarks**: `specsmith credits budget --cap 50 --watermarks 5,10,25,50`. Monthly caps, alert thresholds, watermark notifications.
+- **Auto-init credit tracking**: `init`, `import`, and `upgrade` all create `.specsmith/credit-budget.json` with unlimited default budget. `.specsmith/` gitignored.
+- **`specsmith architect`** (#49): interactive architecture generation — scans project, interviews user about components/data flow/deployment, generates rich `docs/ARCHITECTURE.md`.
+- **`specsmith self-update`**: auto-detects channel (stable/dev), supports `--channel` override and `--version` pinning.
+- **Multi-language detection**: importer detects and reports all significant languages (primary + secondary).
+- **Dynamic versioning**: `__version__` reads from `importlib.metadata`. Docs use `{{ version }}` hook. Tests are version-agnostic.
+- **Dev-release workflow for managed projects** (#35): gitflow + GitHub + Python generates `.github/workflows/dev-release.yml`.
+- **Type-specific templates**: .gitattributes (#39) for 15 language types, .gitignore (#40) expanded for all 30 types, .editorconfig (#43) with per-language indent settings.
+- **Yocto/bitbake/devicetree/markdown**: `.bbclass`, `.inc`, `.dts`, `.dtsi` in language detection; `kas.yml` build system; enhanced CI metadata.
+- **No-hardcoded-versions rule** (H10): governance template and WARP rule.
+- **Agent credit instructions**: Warp and Claude adapters include credit recording commands.
+- **Session-end credit summary**: `session-end` shows total spend and budget alerts.
+- **VCS commands**: `specsmith commit`, `push`, `sync`, `branch`, `pr`, `session-end` for governed git workflows.
+- **Structured ledger CLI**: `specsmith ledger add/list/stats` for append-only change tracking.
+- **Requirements CLI**: `specsmith req list/add/trace/coverage` for requirements management.
+- **Test gap analysis**: `specsmith test gaps/orphans/summary` for REQ↔TEST coverage.
+- **Plugin system scaffold**: `specsmith plugin list`, entry-point-based extensibility.
+
+### Fixed
+- **Import with large AGENTS.md** (#46): broader keyword extraction, diff marker stripping, paragraph dedup, existing doc detection.
+- **UnboundLocalError on import** with existing docs: scoping fix for REQUIREMENTS/TEST_SPEC/architecture skip logic.
+- **Audit false positive**: architecture docs found in subdirectories (e.g., `docs/architecture/DESIGN.md`).
+- **`audit --fix`** now generates missing recommended files (ARCHITECTURE.md from scan, REQUIREMENTS.md, TEST_SPEC.md stubs).
+- **Topic-aware section classification** (#47): body content keywords route sections to correct governance files.
+- **Type-specific audit thresholds** (#48): FPGA/embedded get higher limits (rules=1000, verification=600).
+
+### Changed
+- **Uppercase governance filenames**: all scaffolded markdown files use uppercase stems (RULES.md, WORKFLOW.md, ROLES.md, CONTEXT-BUDGET.md, VERIFICATION.md, DRIFT-METRICS.md, ARCHITECTURE.md). Upgrader auto-migrates legacy lowercase filenames on both case-sensitive and case-insensitive filesystems.
+- Auditor now recommends `CONTRIBUTING.md` and `LICENSE`.
+- RTD default version set to `stable`, default branch set to `develop`.
+- Docs version references use dynamic `{{ version }}` instead of hardcoded strings.
+- `init.py.j2` template for managed projects uses `importlib.metadata` pattern.
+- Governance file size thresholds raised globally (rules=800, verification=400).
+- Yocto toolset: added `testimage`, `yocto-check-layer` compliance.
+- Release workflow now runs full test suite before building.
+
 ## [0.1.3] - 2026-04-01
 
 ### Fixed
@@ -129,7 +171,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - **G9**: Session start file list now marks services.md as conditional ("if it exists").
 - **G10**: Open TODOs format specified as `- [ ]` / `- [x]` checkbox syntax.
 
-[Unreleased]: https://github.com/BitConcepts/specsmith/compare/v0.1.3...HEAD
+[Unreleased]: https://github.com/BitConcepts/specsmith/compare/v0.2.0...HEAD
+[0.2.0]: https://github.com/BitConcepts/specsmith/compare/v0.1.3...v0.2.0
 [0.1.3]: https://github.com/BitConcepts/specsmith/compare/v0.1.2...v0.1.3
 [0.1.2]: https://github.com/BitConcepts/specsmith/compare/v0.1.1...v0.1.2
 [0.1.1]: https://github.com/BitConcepts/specsmith/compare/v0.1.0...v0.1.1

README.md

@@ -1,8 +1,9 @@
 # specsmith
 
 [![CI](https://github.com/BitConcepts/specsmith/actions/workflows/ci.yml/badge.svg)](https://github.com/BitConcepts/specsmith/actions/workflows/ci.yml)
-[![Docs](https://readthedocs.org/projects/specsmith/badge/?version=latest)](https://specsmith.readthedocs.io/en/latest/)
-[![PyPI](https://img.shields.io/pypi/v/specsmith?style=flat&color=blue)](https://pypi.org/project/specsmith/)
+[![Docs](https://readthedocs.org/projects/specsmith/badge/?version=stable)](https://specsmith.readthedocs.io/en/stable/)
+[![PyPI Stable](https://img.shields.io/pypi/v/specsmith?label=stable&style=flat&color=blue)](https://pypi.org/project/specsmith/)
+[![PyPI Dev](https://img.shields.io/pypi/v/specsmith?include_prereleases&label=dev&style=flat&color=orange)](https://pypi.org/project/specsmith/#history)
 [![Python 3.10+](https://img.shields.io/badge/python-3.10%2B-blue.svg)](https://www.python.org/downloads/)
 [![License: MIT](https://img.shields.io/badge/license-MIT-green.svg)](LICENSE)
 
@@ -35,14 +36,36 @@ pip install specsmith
 ## Quick Start
 
 ```bash
-specsmith init                                     # New project (interactive)
-specsmith init --config scaffold.yml               # New project (from config)
-specsmith import --project-dir ./my-project        # Adopt existing project
-specsmith audit --project-dir ./my-project         # Health check
-specsmith export --project-dir ./my-project        # Compliance report
-specsmith doctor --project-dir ./my-project        # Tool check
+# Install
+pip install specsmith
+
+# New project (interactive)
+specsmith init
+
+# Adopt an existing project
+specsmith import --project-dir ./my-project
+
+# Check governance health
+specsmith audit --project-dir ./my-project
+
+# Generate architecture docs interactively
+specsmith architect --project-dir ./my-project
+
+# Start an AI agent session (universal pattern)
+# From any governed repo root:
+/agent AGENTS.md
 ```
 
+### Starting an AI Agent Session
+
+The universal pattern for any specsmith-governed project:
+
+```
+/agent AGENTS.md
+```
+
+This works in Warp, Claude Code, Cursor, and any agent that reads markdown context files. The agent loads AGENTS.md (the governance hub), reads LEDGER.md for session state, and picks up from the last recorded action.
+
 ## 30 Project Types
 
 **Software:** Python, Rust, Go, C/C++, .NET, JS/TS, mobile, monorepo, microservices, DevOps/IaC, data/ML, browser extensions.
@@ -55,20 +78,23 @@ specsmith doctor --project-dir ./my-project        # Tool check
 
 Each type gets: tool-aware CI (correct lint/test/security/build tools), domain-specific directory structure, governance rules in AGENTS.md, and pre-populated requirements and test stubs.
 
-## 11 CLI Commands
+## 40+ CLI Commands
 
 | Command | Purpose |
 |---------|---------|
 | `init` | Scaffold a new governed project |
 | `import` | Adopt an existing project (merge mode) |
 | `audit` | Drift detection and health checks (`--fix` to auto-repair) |
+| `architect` | Interactive architecture generation |
 | `validate` | Governance file consistency checks |
 | `compress` | Archive old ledger entries |
 | `upgrade` | Update governance to new spec version |
 | `status` | CI/PR/alert status from VCS platform |
 | `diff` | Compare governance against templates |
 | `export` | Compliance report with REQ↔TEST coverage |
 | `doctor` | Check if verification tools are installed |
+| `self-update` | Update specsmith (channel-aware) |
+| `credits` | AI credit tracking, analysis, and budgets |
 
 ## 7 Agent Integrations