feat: distribution hardening#11
Merged
Merged
Conversation
…, example templates - clone_template() now returns CloneResult with resolved commit SHA - CacheMetadata stores commit_sha, get_or_clone returns it on cache hit - Answers file records source URL, git ref, and commit SHA for provenance - generate() wires up pre/post-generate hooks with --no-hooks support - Warns on stderr when remote templates contain hooks - New `diecut ready` command validates templates for distribution readiness - HooksConfig.has_hooks() helper method - First-party example templates: rust-cli and python-pkg
raiderrobert
force-pushed
the
feat/distribution-hardening
branch
from
ab6a9fa to
91c72f6
Compare
raiderrobert
added a commit
that referenced
this pull request
Feb 12, 2026
feat: distribution hardening
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
clone_template()now resolves and returns the HEAD commit SHA.CacheMetadatastores it,get_or_clone()returns it on cache hit, and the answers file recordssource,ref, andcommit_shafor full provenance tracking.generate()now wires up pre/post-generate Rhai hooks with--no-hookssupport. Warns on stderr when remote templates contain hooks so users know code will execute.diecut readycommand: Validates a template for distribution readiness — checks for version, description, README, plus all standardcheckvalidations.rust-cli(Rust CLI with clap) andpython-pkg(Python package with pyproject.toml). Both passdiecut ready.Test plan
cache_metadata_deserializes_without_commit_sha(backwards compat),get_or_clone_returns_commit_sha_from_cache,clone_result_has_expected_fieldsdiecut check examples/rust-clipassesdiecut ready examples/rust-clipassesdiecut ready tests/fixtures/basic-templatecorrectly fails (missing README)diecut new examples/rust-cli -o /tmp/test --defaults -d author=testgenerates valid project