release: v0.3

[Kyonax]

Checklist (check if it applies)

• Contains testing instructions
• Requires environment / credential changes
• Requires special deployment steps
• Has unit / integration tests
• Touches licensing, security, or CI
• License headers on new files (LICENSING.org)
• Attribution preserved on modified files
• Lint passes (npm run lint)
• Security rules followed (SECURITY.org)
• No credentials committed
• All GitHub Checks have passed (no Pre-Check Failed label applied by CI)
• CHANGELOG.org updated (release PRs only)
• Version bumped (release PRs only)

What does this PR do?

Ships RECKIT v0.3 to master. Fast-forwards the default branch to the cut already reviewed and merged into dev via #1. Contents are identical — three feature commits plus one merge commit, no further code changes on dev since that merge.

As the repo maintainer, I want an explicit release PR that gates the dev to master cut on the CHANGELOG + version workflow and gives a canonical point to tag, so that every release on master has a matching git tag and a GitHub Release entry.

Design / Reference: Reviewer notes + demo assets in #1. v0.3 entry in CHANGELOG.org.

Implementation

[NEW] new file · [MOD] modified file · [DEL] removed · [MOV] renamed or relocated

Scope identical to #1. Nothing added on dev after that merge. Grouped summary for the release reviewer:

• Vue 3 + Vite app (src/) — bootstrap, router, global SCSS, config + version modules
• SCSS 7-1 architecture (src/app/scss/**, 10 files) + SpaceMono Nerd Font (4 TTFs)
• Composables (src/shared/composables/, 4) — use-obs-websocket, use-recording-status, use-audio-analyzer, use-scene-name
• HUD components (src/shared/components/, 6 new, 1 deleted) — corner-bracket, hud-frame, status-indicator, recording-timer, overlay-card, preview-modal
• Shared widgets (src/shared/widgets/, 2) — audio-meter, live-readout
• CAM-LOG overlay at /@kyonax_on_tech/cam-person + ITEM-EXPLAIN declared in the registry (status: planned)
• Landing page (src/views/home.vue) — sticky frosted meta bar, brand tabs, responsive 3-col card grid, search + status chips, preview modal
• Vitest suite (src/**/*.test.js, 2 files / 17 tests) — version pipeline + overlays registry schema

File-by-file breakdown and decision log lives in #1.

Release

Version: v0.3 (was v0.1 on master)

• [MOD] package.json — "version" bumped from 0.1.0 to 0.3.0
• [MOD] README.org — #+VERSION:, ASCII logo footer, and shields.io badge all bumped to v0.3
• [MOD] CHANGELOG.org — new [v0.3] entry + TODO refreshed (added INFRASTRUCTURE > TESTING and landing-widgets-section follow-ups)

Technical Details

• Merge strategy for feat(v0.3): Vue app, CAM-LOG overlay, landing index, shared widgets #1 (feature branch into dev)

  • Chose: rebase and merge (linear history, 3 distinct commits preserved on dev)
  • Over: squash (collapses the commit story) or a merge commit (adds a merge node to dev)
  • Why: The three commits tell a coherent story — v0.3 release, CI unblock, test infra — and rebase keeps each as its own annotatable point in dev's history.
  • Trade-off: Reviewers of the merged history read the commits individually rather than seeing a single squashed summary.

• Merge strategy for this PR (dev into master)

  • Chose: merge commit
  • Over: rebase or squash
  • Why: Leaves an unambiguous "v0.3 release merged from dev" marker on master's first-parent history. git log --first-parent master then reads as a list of releases.
  • Trade-off: One extra merge commit per release — intended cost.

• Tag format

  • Chose: vX.Y (e.g. v0.3)
  • Over: vX.Y.Z (e.g. v0.3.0)
  • Why: Matches the runtime display (VERSION_TAG derived by src/shared/version.js), the README.org badge, and keeps the 0.x pre-release era tidy. Patch releases (v0.3.1) can extend the pattern when they happen.
  • Trade-off: A true patch release breaks the two-segment pattern; acceptable until a 1.x cut.

Testing Coverage

Test runner: Vitest @ 4.1.x with happy-dom and @vue/test-utils
Command: npm run test

Automated tests

Test file	Covers	Tests	Status
src/shared/version.test.js	semver shape, VERSION_TAG derivation (v<major>.<minor>)	3	✅
src/shared/data/overlays.test.js	registry non-emptiness, unique ids, required-field schema, status vocab, use_cases[] type, path format, canvas dims, no em dashes	14	✅

Total: 17 tests across 2 files, all passing.

Quality gates (run on every PR)

Gate	Source	Status
Lint	eslint.config.mjs via npm run lint	✅ 0 errors
Unit tests	vite.config.js via npm run test	✅ 17 passing
Security scan	ci.yml	✅ dangerous-pattern / hardcoded-secret / insecure-URL scans pass
License headers	ci.yml	✅ *.js, *.mjs, *.html, *.css, *.vue, *.scss all have MPL header
Protected files	ci.yml	✅ warning only (CHANGELOG.org + README.org intentionally modified for release)
Pre-Check Failed label	pre-check-label job in ci.yml	✅ label absent — all gates green
Release checks	release.yml	✅ README #+VERSION: bumped, CHANGELOG updated

How to test this PR

v0.3 release (dev into master)
├─ Pre-merge sanity
│   └─ 7 checks · no Pre-Check Failed label
│
└─ Post-merge verification
    ├─ tag v0.3
    ├─ GitHub Release page
    └─ README badges

Pre-merge sanity

Prereqs: #1 already merged into dev.

1. Open the Checks tab on this PR.
   Expected: 7 green checks: ESLint, Security Scan, License Headers, Protected Files, Unit Tests, Pre-Check Label, Release Checks.
2. Inspect the PR's labels.
   Expected: Release is present; Pre-Check Failed is absent.
3. Confirm the diff only contains files already reviewed in feat(v0.3): Vue app, CAM-LOG overlay, landing index, shared widgets #1 — gh pr diff 2 --repo Kyonax/reckit --name-only | wc -l
   Expected: Same file list as feat(v0.3): Vue app, CAM-LOG overlay, landing index, shared widgets #1 (47 paths, including the binary SpaceMono TTFs).

Post-merge verification

Prereqs: this PR merged via merge commit.

1. Sync local master — git checkout master && git pull origin master
   Expected: HEAD is the merge commit; git log --first-parent master shows the release merge.
2. Tag the release — git tag -a v0.3 -m "RECKIT v0.3" && git push origin v0.3
   Expected: Tag appears at https://github.com/Kyonax/reckit/releases/tag/v0.3.
3. Visit https://github.com/Kyonax/reckit.
   Expected: README version badge reads v0.3; ASCII logo footer reads ░v0.3.
4. Build and run from master — npm ci && npm run build && npm run dev
   Expected: Vite boots on localhost:5173; header tag reads RECKIT v0.3; CAM-LOG overlay at /@kyonax_on_tech/cam-person renders the same as on the feature branch.

Special Deployment Requirements

1. Release tag (CRITICAL) — after merge, run git tag -a v0.3 -m "RECKIT v0.3" && git push origin v0.3. Without the tag, the GitHub Releases page will not show v0.3.
2. GitHub Release notes (REQUIRED) — publish with gh release create v0.3 --title "RECKIT v0.3" --notes-file <v0.3-changelog-section> so the release is discoverable from the repo's releases page.
3. Branch protection on master and dev (RECOMMENDED) — add required status checks (CI / * + Release Checks / *) before the next release so future merges cannot skip the gates.
4. OBS environment (OPTIONAL for maintainers) — to validate the overlay on master, OBS Studio ≥ 32.1.1 with CEF + WebSocket on port 4455 and a Mic/Aux audio input.

Documentation

Demo assets (desktop + mobile landing page captures, CAM-LOG overlay recording in OBS, preview modal screenshot) live on #1. This PR ships the same code under a release label — no additional media to attach.

DIAGRAM — Release flow

Cut path for v0.3: feature branch lands on dev, dev lands on master via this PR, master gets tagged and published.

websocket-cam-person
│  (rebase, Kyonax/reckit#1)
│
├─ dev
│  │  (merge commit, this PR, Kyonax/reckit#2)
│  │
│  └─ master
│      ├─ git tag -a v0.3
│      └─ gh release create v0.3

[github-actions]

Protected Files Modified

The following protected files were changed in this PR:

• CHANGELOG.org was modified

Please ensure these changes are intentional and have been reviewed carefully.

[github-actions]

Protected Files Modified

One or more files in the protected set were changed in this PR. Each category below explains why the file matters.

Governance

• .github/PULL_REQUEST_TEMPLATE.md was modified

CODEOWNERS / SECURITY / PR template changes affect how every future PR is reviewed. Review carefully.

Supply Chain

• package.json was modified
• package-lock.json was modified

Dependency or lockfile changes. Verify the diff (no unexpected packages, no version downgrades).

CI / Security Config

• .github/workflows/ci.yml was modified
• eslint.config.mjs was modified

Workflow / lint config. A quiet edit here can disable gates — diff against origin carefully.

Build / Config

• vite.config.js was modified
• .gitignore was modified
• .env.example was modified

Build or gitignore config. Verify the build still passes and no ignored paths were accidentally un-ignored.

Release Artifact

• CHANGELOG.org was modified
• README.org was modified

Release-tracking files. Expected on release PRs; flag on non-release PRs.