prowler-changelog

仓库: prowler-cloud/prowler
安装量: 51
排名: #14395

安装

npx skills add https://github.com/prowler-cloud/prowler --skill prowler-changelog

Changelog Locations Component File Version Prefix Current Version UI ui/CHANGELOG.md None 1.x.x API api/CHANGELOG.md None 1.x.x MCP Server mcp_server/CHANGELOG.md None 0.x.x SDK prowler/CHANGELOG.md None 5.x.x Format Rules (keepachangelog.com) Section Order (ALWAYS this order)

[X.Y.Z] (Prowler vA.B.C) OR (Prowler UNRELEASED)

Added

Changed

Deprecated

Removed

Fixed

Security

Emoji Prefixes (REQUIRED for ALL components) Section Emoji Usage Added ### 🚀 Added New features, checks, endpoints Changed ### 🔄 Changed Modifications to existing functionality Deprecated ### ⚠️ Deprecated Features marked for removal Removed ### ❌ Removed Deleted features Fixed ### 🐞 Fixed Bug fixes Security ### 🔐 Security Security patches, CVE fixes Entry Format

Added

Changed

Rules:

ADD NEW ENTRIES AT THE BOTTOM of each section (before next section header or ---) Blank line after section header before first entry Blank line between sections Be specific: what changed, not why (that's in the PR) One entry per PR (can link multiple PRs for related changes) No period at the end Do NOT start with redundant verbs (section header already provides the action) Semantic Versioning Rules

Prowler follows semver.org:

Change Type Version Bump Example Bug fixes, patches PATCH (x.y.Z) 1.16.1 → 1.16.2 New features (backwards compatible) MINOR (x.Y.0) 1.16.2 → 1.17.0 Breaking changes, removals MAJOR (X.0.0) 1.17.0 → 2.0.0

CRITICAL: ### ❌ Removed entries MUST only appear in MAJOR version releases. Removing features is a breaking change.

Released Versions Are Immutable

NEVER modify already released versions. Once a version is released (has a Prowler version tag like v5.16.0), its changelog section is frozen.

Common issue: A PR is created during release cycle X, includes a changelog entry, but merges after release. The entry is now in the wrong section.

[1.16.0] (Prowler v5.16.0) ← RELEASED, DO NOT MODIFY

Added

  • Feature from merged PR [(#9999)] ← WRONG! PR merged after release

[1.17.0] (Prowler UNRELEASED) ← Move entry HERE

Fix: Move the entry from the released version to the UNRELEASED section.

Version Header Format

[1.17.0] (Prowler UNRELEASED) # For unreleased changes

[1.16.0] (Prowler v5.16.0) # For released versions

--- # Horizontal rule between versions

Adding a Changelog Entry Step 1: Determine Affected Component(s)

Check which files changed

git diff main...HEAD --name-only

Path Pattern Component ui/ UI api/ API mcp_server/ MCP Server prowler/ SDK Multiple Update ALL affected changelogs Step 2: Determine Change Type Change Section New feature, check, endpoint 🚀 Added Behavior change, refactor 🔄 Changed Bug fix 🐞 Fixed CVE patch, security improvement 🔐 Security Feature removal ❌ Removed Deprecation notice ⚠️ Deprecated Step 3: Add Entry at BOTTOM of Appropriate Section

CRITICAL: Add new entries at the BOTTOM of each section, NOT at the top.

[1.17.0] (Prowler UNRELEASED)

🐞 Fixed

  • Existing fix one (#9997)
  • Existing fix two (#9998)
  • Button alignment in dashboard header (#9999) ← NEW ENTRY AT BOTTOM

🔐 Security

This maintains chronological order within each section (oldest at top, newest at bottom).

Examples Good Entries

🚀 Added

  • Search bar when adding a provider (#9634)

🐞 Fixed

  • OCI update credentials form failing silently due to missing provider UID (#9746)

🔐 Security

  • Node.js from 20.x to 24.13.0 LTS, patching 8 CVEs (#9797)

Bad Entries - Fixed bug. # Too vague, has period - Added new feature for users # Missing PR link, redundant verb - Add search bar [(#123)] # Redundant verb (section already says "Added") - This PR adds a cool new thing (#123) # Wrong link format, conversational

PR Changelog Gate

The pr-check-changelog.yml workflow enforces changelog entries:

REQUIRED: PRs touching ui/, api/, mcp_server/, or prowler/ MUST update the corresponding changelog SKIP: Add no-changelog label to bypass (use sparingly for docs-only, CI-only changes) Commands

Check which changelogs need updates based on changed files

git diff main...HEAD --name-only | grep -E '^(ui|api|mcp_server|prowler)/' | cut -d/ -f1 | sort -u

View current UNRELEASED section

head -50 ui/CHANGELOG.md head -50 api/CHANGELOG.md head -50 mcp_server/CHANGELOG.md head -50 prowler/CHANGELOG.md

Migration Note

API, MCP Server, and SDK changelogs currently lack emojis. When editing these files, add emoji prefixes to section headers as you update them:

Before (legacy)

Added

After (standardized)

🚀 Added

Resources Templates: See assets/ for entry templates keepachangelog.com: https://keepachangelog.com/en/1.1.0/

返回排行榜