release: v0.2.0

[gh-xj]

Summary

Describe this PR in 2-5 bullets:

• Base branch target (main for release promotion from release/*): main
• Problem: release tag target v0.2.0 is not represented in crate version metadata on main.
• Why it matters: release automation and published artifacts must align with one semantic version.
• What changed: bump package version from 0.1.7 to 0.2.0 in Cargo.toml and Cargo.lock.
• What did not change (scope boundary): no runtime logic, API contract, dependency graph, or CI workflow logic changes.

Label Snapshot (required)

• Risk label (risk: low|medium|high): risk: medium
• Size label (size: XS|S|M|L|XL, auto-managed/read-only): size: XS
• Scope labels (core|agent|channel|config|cron|daemon|doctor|gateway|health|heartbeat|integration|memory|observability|onboard|provider|runtime|security|service|skillforge|skills|tool|tunnel|docs|dependencies|ci|tests|scripts|dev, comma-separated): dependencies
• Module labels (<module>: <component>, for example channel: telegram, provider: kimi, tool: shell): release: version-metadata
• Contributor tier label (trusted contributor|experienced contributor|principal contributor|distinguished contributor, auto-managed/read-only; author merged PRs >=5/10/20/50): experienced contributor
• If any auto-label is incorrect, note requested correction: none

Change Metadata

• Change type (bug|feature|refactor|docs|security|chore): chore
• Primary scope (runtime|provider|channel|memory|security|ci|docs|multi): multi

Linked Issue

• Closes #: N/A
• Related #: release: v0.2.0 #2533
• Depends on # (if stacked): N/A
• Supersedes # (if replacing older PR): N/A
• Linear issue key(s) (required): Refs RMN-340
• Linear issue URL(s): https://linear.app/zeroclawlabs/issue/RMN-340

Validation Evidence (required)

Commands and result summary:

# Branch state:
# - PR head: b50591d512b0
# - main head: fd5187b7541e
# - main is not ahead of PR head
#
# Local validation:
# - cargo check --locked  # PASS
#
# CI validation:
# - required contexts on current head are re-running after update-branch
# - final release readiness requires CI Required Gate + Security Required Gate == SUCCESS

• Evidence provided (test/log/trace/screenshot/perf): local compile check and GitHub check-run monitoring on current PR head.
• If any command is intentionally skipped, explain why: full local test matrix is deferred to CI because this change is metadata-only and required CI gates are mandatory.

Security Impact (required)

• New permissions/capabilities? (Yes/No): No
• New external network calls? (Yes/No): No
• Secrets/tokens handling changed? (Yes/No): No
• File system access scope changed? (Yes/No): No
• If any Yes, describe risk and mitigation: N/A

Privacy and Data Hygiene (required)

• Data-hygiene status (pass|needs-follow-up): pass
• Redaction/anonymization notes: no user data path touched.
• Neutral wording confirmation (use ZeroClaw/project-native labels if identity-like wording is needed): confirmed.

Compatibility / Migration

• Backward compatible? (Yes/No): Yes
• Config/env changes? (Yes/No): No
• Migration needed? (Yes/No): No
• If yes, exact upgrade steps: N/A

i18n Follow-Through (required when docs or user-facing wording changes)

• i18n follow-through triggered? (Yes/No): No
• If Yes, locale navigation parity updated in README*, docs/README*, and docs/SUMMARY.md for supported locales (en, zh-CN, ja, ru, fr, vi)? (Yes/No): N/A
• If Yes, localized runtime-contract docs updated where equivalents exist (minimum for fr/vi: commands-reference, config-reference, troubleshooting)? (Yes/No/N.A.): N/A
• If Yes, Vietnamese canonical docs under docs/i18n/vi/** synced and compatibility shims under docs/*.vi.md validated? (Yes/No/N.A.): N/A
• If any No/N.A., link follow-up issue/PR and explain scope decision: N/A

Human Verification (required)

What was personally validated beyond CI:

• Verified scenarios:
  • diff scope remains version-only against current main.
  • Cargo.toml and Cargo.lock package version are aligned at 0.2.0.
  • local cargo check --locked passes.
• Edge cases checked:
  • update-branch created a refreshed head commit and retriggered required checks.
  • release readiness is blocked until required gates are green on refreshed head.
• What was not verified:
  • publish workflows are post-merge/tag steps and are not executed in this PR.

Side Effects / Blast Radius (required)

• Affected subsystems/workflows: release packaging metadata and downstream publish/tag workflows.
• Potential unintended effects: release cut delay if CI queue remains saturated.
• Guardrails/monitoring for early detection: required branch-protection checks + release runbook post-merge gates.

Agent Collaboration Notes (recommended)

• Agent tools used (if any): gh CLI, git range analysis, CI/check-run monitoring.
• Workflow/plan summary (if any): scope audit -> template hardening -> branch refresh -> CI gate tracking.
• Verification focus: required check integrity, release metadata correctness, rollback clarity.
• Confirmation: naming + architecture boundaries followed (AGENTS.md + CONTRIBUTING.md): confirmed.

Rollback Plan (required)

• Fast rollback command/path: revert this PR before tag creation.
• Feature flags or config toggles (if any): none.
• Observable failure symptoms: package metadata version mismatches the intended release tag.

Risks and Mitigations

List real risks in this PR (or write None).

• Risk: CI queue congestion delays release decision timing.
  • Mitigation: keep this PR synced and wait for required checks to finish on current head.
• Risk: release process drift if tag is cut from a different ref than merged main.
  • Mitigation: enforce scripts/release/cut_release_tag.sh on clean, synced origin/main only.

Release Readiness Gates (March 2, 2026)

• Version metadata bumped to 0.2.0 in crate manifest + lockfile
• Branch refreshed with latest main
• CI Required Gate green on current head
• Security Required Gate green on current head
• Maintainer flips draft -> ready when final checks are green

Summary by CodeRabbit

• Chores

  • Bumped application version to 0.2.0.
  • Added CI helpers to ensure required Rust tooling (fmt/clippy) is installed and invoked consistently.

• Reliability

  • Improved determinism of spawned shell commands by sanitizing inherited shell environment so CI wrappers or shell hooks cannot alter execution.

• Tests

  • Added tests to verify command execution remains stable and unaffected when shell environment hooks are present.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

Note

.coderabbit.yaml has unrecognized properties

CodeRabbit is using all valid settings from your configuration. Unrecognized properties (listed below) have been ignored and may indicate typos or deprecated fields that can be removed.

⚠️ Parsing warnings (1)

Validation error: Unrecognized key(s) in object: 'tools', 'path_filters', 'review_instructions'

⚙️ Configuration instructions

• Please see the configuration documentation for more information.
• You can also validate your configuration using the online YAML validator.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

📝 Walkthrough

Walkthrough

Bumps package version to 0.2.0; sanitizes shell child processes by removing ENV and BASH_ENV before spawning in scheduler and service command runners; adds an EnvGuard test verifying shell hook environment variables are ignored; adds CI helpers to ensure cargo subcommand components (fmt/clippy) are available before running checks.

Changes

Cohort / File(s)	Summary
Version bump Cargo.toml	Updated [package] version from "0.1.7" to "0.2.0".
Scheduler: shell spawn & test src/cron/scheduler.rs	Reworked shell command spawn to construct and configure Command (args, cwd, stdio, kill_on_drop) and explicitly remove ENV and BASH_ENV from the child environment before spawning; added EnvGuard::set helper and run_job_command_ignores_invalid_shell_env_hooks test.
Service: command runners src/service/mod.rs	In run_checked and run_capture, remove ENV and BASH_ENV from child process environment prior to spawning commands.
CI scripts: ensure components scripts/ci/rust_quality_gate.sh	Added run_cargo_tool(subcommand) and ensure_cargo_subcommand_component(subcommand) helpers; ensure required components (rustfmt for fmt, clippy for clippy) are present before invoking cargo fmt/clippy.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested labels

size: S, ci, cron: store

Suggested reviewers

• theonlyhennygod

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 27.27% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'release: v0.2.0' clearly and specifically describes the main change: a version bump to v0.2.0 aligned with the release tag.
Description check	✅ Passed	The description comprehensively covers all required template sections with appropriate detail: summary bullets, labels, change metadata, linked issues, validation evidence, security/privacy impacts, compatibility, i18n status, human verification, side effects, rollback plan, and risks with mitigations.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[chumyin]

Release bump reviewed. Proceeding once all CI checks are green.

[Copilot]

Copilot was unable to review this pull request because the user who requested the review is ineligible. To be eligible to request a review, you need a paid Copilot license, or your organization must enable Copilot code review.

[chumyin]

CI and release hardening verified; approving for v0.2.0 release.

[chumyin]

CI is fully green on head 046747c; approving release v0.2.0 readiness.