Merge pull request #166 from wphillipmoore/release/1.1.6

release: 1.1.6

Author: wphillipmoore

.github/workflows/add-to-project.yml

@@ -8,7 +8,7 @@ jobs:
   add-to-project:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/add-to-project@v1
+      - uses: actions/add-to-project@v1.0.2
         with:
           project-url: https://github.com/users/wphillipmoore/projects/3
           github-token: ${{ secrets.PROJECT_TOKEN }}

.github/workflows/ci.yml

@@ -2,10 +2,6 @@ name: CI - Test and Validate
 
 on:
   pull_request:
-  push:
-    branches:
-      - develop
-      - 'release/**'
 
 permissions:
   contents: read
@@ -16,7 +12,7 @@ concurrency:
 
 jobs:
   docs-only:
-    name: docs-only
+    name: "ci: docs-only"
     runs-on: ubuntu-latest
     outputs:
       docs-only: ${{ steps.detect.outputs.docs-only }}
@@ -29,7 +25,7 @@ jobs:
         uses: wphillipmoore/standard-actions/actions/docs-only-detect@develop
 
   standards-compliance:
-    name: standards-compliance
+    name: "ci: standards-compliance"
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
@@ -43,7 +39,7 @@ jobs:
           commit-cutoff-sha: "d103713"
 
   dependency-audit:
-    name: dependency-audit
+    name: "ci: dependency-audit"
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
@@ -68,7 +64,7 @@ jobs:
           -B
 
   release-gates:
-    name: release-gates
+    name: "release: gates"
     runs-on: ubuntu-latest
     steps:
       - name: Skip on non-PR events
@@ -106,7 +102,7 @@ jobs:
           main-version-command: git show origin/main:pom.xml | grep -m1 '<version>' | sed 's/.*<version>\(.*\)<\/version>.*/\1/'
 
   test-and-validate:
-    name: test-and-validate (${{ matrix.java-version }})
+    name: "test: unit"
     runs-on: ubuntu-latest
     needs: docs-only
     strategy:
@@ -135,88 +131,99 @@ jobs:
         run: ./mvnw verify -B
 
   codeql:
-    name: codeql
+    name: "security: codeql"
     runs-on: ubuntu-latest
     needs: docs-only
-    if: needs.docs-only.outputs.docs-only != 'true'
     permissions:
       security-events: write
     steps:
+      - name: Docs-only short-circuit
+        if: needs.docs-only.outputs.docs-only == 'true'
+        run: echo "Docs-only changes detected; skipping CodeQL."
+
       - name: Checkout code
+        if: needs.docs-only.outputs.docs-only != 'true'
         uses: actions/checkout@v6
 
       - name: Run CodeQL analysis
+        if: needs.docs-only.outputs.docs-only != 'true'
         uses: wphillipmoore/standard-actions/actions/security/codeql@develop
         with:
           language: java
 
   trivy:
-    name: trivy
+    name: "security: trivy"
     runs-on: ubuntu-latest
     needs: docs-only
-    if: needs.docs-only.outputs.docs-only != 'true'
     permissions:
       security-events: write
     steps:
+      - name: Docs-only short-circuit
+        if: needs.docs-only.outputs.docs-only == 'true'
+        run: echo "Docs-only changes detected; skipping Trivy."
+
       - name: Checkout code
+        if: needs.docs-only.outputs.docs-only != 'true'
         uses: actions/checkout@v6
 
       - name: Run Trivy vulnerability scan
+        if: needs.docs-only.outputs.docs-only != 'true'
         uses: wphillipmoore/standard-actions/actions/security/trivy@develop
         with:
           scan-type: fs
 
   semgrep:
-    name: semgrep
+    name: "security: semgrep"
     runs-on: ubuntu-latest
     needs: docs-only
-    if: needs.docs-only.outputs.docs-only != 'true'
     permissions:
       security-events: write
     steps:
+      - name: Docs-only short-circuit
+        if: needs.docs-only.outputs.docs-only == 'true'
+        run: echo "Docs-only changes detected; skipping Semgrep."
+
       - name: Checkout code
+        if: needs.docs-only.outputs.docs-only != 'true'
         uses: actions/checkout@v6
 
       - name: Run Semgrep SAST scan
+        if: needs.docs-only.outputs.docs-only != 'true'
         uses: wphillipmoore/standard-actions/actions/security/semgrep@develop
         with:
           language: java
 
   integration-tests:
-    name: integration-tests
+    name: "test: integration"
     runs-on: ubuntu-latest
     needs: docs-only
-    if: needs.docs-only.outputs.docs-only != 'true'
     steps:
       - name: Docs-only short-circuit
         if: needs.docs-only.outputs.docs-only == 'true'
         run: echo "Docs-only changes detected; skipping integration tests."
 
       - name: Checkout code
+        if: needs.docs-only.outputs.docs-only != 'true'
         uses: actions/checkout@v6
 
       - name: Set up Java 17
+        if: needs.docs-only.outputs.docs-only != 'true'
         uses: actions/setup-java@v5
         with:
           distribution: temurin
           java-version: "17"
           cache: maven
 
-      - name: Checkout mq-rest-admin-dev-environment
-        uses: actions/checkout@v6
-        with:
-          repository: wphillipmoore/mq-rest-admin-dev-environment
-          ref: develop
-          path: .mq-rest-admin-dev-environment
-
       - name: Setup MQ environment
-        uses: ./.mq-rest-admin-dev-environment/.github/actions/setup-mq
+        if: needs.docs-only.outputs.docs-only != 'true'
+        uses: wphillipmoore/mq-rest-admin-dev-environment/.github/actions/setup-mq@main
         with:
           project-name: mq-rest-admin
           qm1-rest-port: "9453"
           qm2-rest-port: "9454"
 
       - name: Run integration tests
+        if: needs.docs-only.outputs.docs-only != 'true'
         env:
           MQ_REST_ADMIN_RUN_INTEGRATION: "1"
         run: ./mvnw verify -B

.github/workflows/docs.yml

@@ -16,7 +16,7 @@ concurrency:
 
 jobs:
   deploy:
-    name: deploy
+    name: "deploy: docs"
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code

.github/workflows/publish.yml

@@ -17,7 +17,7 @@ concurrency:
 
 jobs:
   publish:
-    name: publish
+    name: "publish: release"
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code

CHANGELOG.md

@@ -5,14 +5,16 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](https://semver.org/).
 
-## [1.1.5] - 2026-02-19
+## [1.1.6] - 2026-02-21
 
 ### Bug fixes
 
 - sync prepare_release.py ruff lint fixes from canonical (#122)
 - sync prepare_release.py empty changelog abort from canonical (#124)
 - sync shared tooling to v1.0.2
 - sync hook and lint scripts from standards-and-conventions (#135)
+- switch Maven Central publish wait to validated (#152)
+- update add-to-project action to v1.0.2 (#164)
 
 ### CI
 
@@ -21,11 +23,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/).
 ### Documentation
 
 - rename mq-dev-environment references to mq-rest-admin-dev-environment (#136)
+- ban MEMORY.md usage in CLAUDE.md (#154)
+- ban heredocs in shell commands (#155)
 
 ### Features
 
 - add canonical local validation script (#128)
 - add shared tooling sync from standard-tooling v1.0.0
+- add category prefixes to job names (#150)
+- adopt validate_local.sh dispatch architecture (#156)
 
 ### Refactoring
 

CLAUDE.md

@@ -5,6 +5,34 @@ This file provides guidance to Claude Code (claude.ai/code) when working with co
 <!-- include: docs/standards-and-conventions.md -->
 <!-- include: docs/repository-standards.md -->
 
+## Auto-memory policy
+
+**Do NOT use MEMORY.md.** Claude Code's auto-memory feature stores behavioral
+rules outside of version control, making them invisible to code review,
+inconsistent across repos, and unreliable across sessions. All behavioral rules,
+conventions, and workflow instructions belong in managed, version-controlled
+documentation (CLAUDE.md, AGENTS.md, skills, or docs/).
+
+If you identify a pattern, convention, or rule worth preserving:
+
+1. **Stop.** Do not write to MEMORY.md.
+2. **Discuss with the user** what you want to capture and why.
+3. **Together, decide** the correct managed location (CLAUDE.md, a skill file,
+   standards docs, or a new issue to track the gap).
+
+This policy exists because MEMORY.md is per-directory and per-machine — it
+creates divergent agent behavior across the multi-repo environment this project
+operates in. Consistency requires all guidance to live in shared, reviewable
+documentation.
+
+## Shell command policy
+
+**Do NOT use heredocs** (`<<EOF` / `<<'EOF'`) for multi-line arguments to CLI
+tools such as `gh`, `git commit`, or `curl`. Heredocs routinely fail due to
+shell escaping issues with apostrophes, backticks, and special characters.
+Always write multi-line content to a temporary file and pass it via `--body-file`
+or `--file` instead.
+
 ## Project Overview
 
 Java wrapper for the IBM MQ administrative REST API, ported from `pymqrest` (Python). Provides method-per-command API (`displayQueue()`, `defineQlocal()`, etc.) with attribute mapping between snake_case and MQSC parameter names.

docs/plans/open-decisions.md

@@ -91,8 +91,8 @@ implemented. One minor tooling item remains (docs-only validation).
 ## CI and publishing
 
 - **CI platform**: GitHub Actions (consistent with pymqrest).
-- **CI workflows**: 6-job pipeline (docs-only, standards-compliance,
-  dependency-audit, release-gates, test-and-validate, integration-tests) with
+- **CI workflows**: 6-job pipeline (ci: docs-only, ci: standards-compliance,
+  ci: dependency-audit, release: gates, test: unit, test: integration) with
   Java 17/21/25 matrix (decided 2026-02-13).
 - **Dependency audit**: `actions/dependency-review-action@v4` (GitHub-native,
   zero-config) over OWASP Dependency-Check Maven Plugin (decided 2026-02-13).

docs/repository-standards.md

@@ -30,6 +30,7 @@
 - branching_model: library-release
 - release_model: artifact-publishing
 - supported_release_lines: current and previous
+- primary_language: java
 - canonical_local_validation_command: scripts/dev/validate_local.sh
 
 ## Local validation

pom.xml

@@ -7,7 +7,7 @@
 
     <groupId>io.github.wphillipmoore</groupId>
     <artifactId>mq-rest-admin</artifactId>
-    <version>1.1.5</version>
+    <version>1.1.6</version>
     <packaging>jar</packaging>
 
     <name>mq-rest-admin</name>
@@ -401,7 +401,7 @@
                         <configuration>
                             <publishingServerId>central</publishingServerId>
                             <autoPublish>true</autoPublish>
-                            <waitUntil>published</waitUntil>
+                            <waitUntil>validated</waitUntil>
                         </configuration>
                     </plugin>
                 </plugins>

scripts/dev/commit.sh

@@ -1,4 +1,6 @@
 #!/usr/bin/env bash
+# Managed by standard-tooling — DO NOT EDIT in downstream repos.
+# Canonical source: https://github.com/wphillipmoore/standard-tooling
 # Commit wrapper that constructs standards-compliant commit messages.
 # Resolves Co-Authored-By identities from docs/repository-standards.md.