From a5dbedd49a1887f7c0771c3cca80a9d813b1fc70 Mon Sep 17 00:00:00 2001
From: "David E. Wheeler" <david@justatheory.com>
Date: Thu, 19 Sep 2024 15:10:06 -0400
Subject: [PATCH] Increment to v0.3.0, update changelog

Also add a note to `pgxn-jws.schema.json` that its format is subject to
change. Also mentioned in the cangelog.
---
 CHANGELOG.md                   | 46 ++++++++++++++++++++++++++++++++--
 Cargo.lock                     |  2 +-
 Cargo.toml                     |  2 +-
 README.md                      |  6 +++--
 schema/v2/pgxn-jws.schema.json |  2 +-
 src/dist/mod.rs                |  2 +-
 6 files changed, 52 insertions(+), 8 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index af675b1..91c37e9 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,48 @@ All notable changes to this project will be documented in this file. It uses the
   [Semantic Versioning]: https://semver.org/spec/v2.0.0.html
     "Semantic Versioning 2.0.0"
 
+## [v0.3.0] — 2024-09-23
+
+### ⚡ Improvements
+
+*   Designed experimental distribution [metadata schema] to be appended to v2
+    `META.json` by PGXN upon release. The object is in [JWS-JS] format, and
+    intended to sign the release user, date, URI, and one or more SHA digests
+    for the distribution zip file. The format is subject to change pending
+    expert review and approval of the [JWS-signing RFC].
+*   Created release JSON Schemas for [v1] and [v2] release validation. PGXN
+    Manager adds the v1 metadata to the distribution-supplied `META.json` so
+    that clients can validate downloads. In the future it will generate the v2
+    JWS-signed schema.
+*   Added the [release module], which extends the [dist module] to load loads
+    v1 and v2 spec files into read-only data structures, converts v1 metadata
+    to v2, and merges multiple files.
+
+### 📔 Notes
+
+*   Renamed the meta module to the [dist module], since it handles
+    *distribution* metadata, and therefore better compliments the new [release
+    module], which handles *release* metadata.
+*   Removed the SHA-256 hash from the [v2 artifacts schema], leaving only
+    SHA-512.
+*   Replaced the `TryFrom<PathBuf>` trait in the [dist module] with a `load`
+    function. This is because one does not convert a file path into a struct,
+    but loads it into a struct. It also allows the argument to be of type
+    `AsRef<Path>`, which supports `Path`, `PathBuf`, or `String` arguments.
+*   The v1-v2 conversion in the [release module] does not sign the release
+    payload, as we are not doing any key signing, yet. For now it generates
+    random strings to satisfy JSON Schema validation.
+
+  [v0.3.0]: https://github.com/pgxn/meta/compare/v0.3.0...v0.3.0
+  [metadata schema]: https://github.com/pgxn/meta/blob/v0.3.0/schema/v2/pgxn-jws.schema.json
+  [dist module]: https://docs.rs/pgxn_meta/0.3.0/pgxn_meta/dist/
+  [release module]: https://docs.rs/pgxn_meta/0.3.0/pgxn_meta/release/
+  [JWS-JS]: https://datatracker.ietf.org/doc/html/draft-jones-json-web-signature-json-serialization-01
+  [JWS-signing RFC]: https://github.com/pgxn/rfcs/pull/5
+  [v1]: https://github.com/pgxn/meta/blob/v0.3.0/schema/v1/release.schema.json
+  [v2]: https://github.com/pgxn/meta/blob/v0.3.0/schema/v2/release.schema.json
+  [v2 artifacts schema]: https://github.com/pgxn/meta/blob/v0.3.0/schema/v2/artifacts.schema.json
+
 ## [v0.2.0] — 2024-09-12
 
 ### ⚡ Improvements
@@ -31,8 +73,8 @@ All notable changes to this project will be documented in this file. It uses the
 *   Updated the README example to use the [meta module] to load an object.
 
   [v0.2.0]: https://github.com/pgxn/meta/compare/v0.1.0...v0.2.0
-  [meta module]: https://docs.rs/pgxn_meta/meta/
-  [valid module]: https://docs.rs/pgxn_meta/meta/
+  [meta module]: https://docs.rs/pgxn_meta/0.2.0/pgxn_meta/meta/
+  [valid module]: https://docs.rs/pgxn_meta/0.2.0/pgxn_meta/valid/
   [pull request]: https://github.com/pgxn/rfcs/pull/3 "pgxn/rfcs#3 Meta Spec v2"
 
 ## [v0.1.0] — 2024-08-08
diff --git a/Cargo.lock b/Cargo.lock
index d4ebfa8..5ddbd5e 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -491,7 +491,7 @@ checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e"
 
 [[package]]
 name = "pgxn_meta"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "assert-json-diff",
  "boon",
diff --git a/Cargo.toml b/Cargo.toml
index aa049ad..43de742 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "pgxn_meta"
-version = "0.2.0"
+version = "0.3.0"
 description = "The PGXN distribution metadata specification"
 repository = "https://github.com/pgxn/pgxn-meta-spec"
 documentation = "https://docs.rs/pgxn_meta/"
diff --git a/README.md b/README.md
index 65ad582..d1c0dba 100644
--- a/README.md
+++ b/README.md
@@ -9,7 +9,8 @@
 
 The PGXN Meta [v1] and [v2] specs define the requirements for the metadata
 file (`META.json`) file for [PGXN] source distribution packages. This project
-provides Rust a crates for working with spec `META.json` files.
+provides Rust a crates for working with spec `META.json` files, as well as
+PGXN-generated release `META.json` files.
 
 Crate Usage
 -----------
@@ -58,7 +59,8 @@ See the [`pgxn_meta` docs on docs.rs] for complete details.
 Installation
 ------------
 
-There are several ways to install `pgxn_meta`.
+There are several ways to install the `pgxn_meta` distribution `META.json`
+validation CLI.
 
 ### `ubi`
 
diff --git a/schema/v2/pgxn-jws.schema.json b/schema/v2/pgxn-jws.schema.json
index 38e91aa..3214006 100644
--- a/schema/v2/pgxn-jws.schema.json
+++ b/schema/v2/pgxn-jws.schema.json
@@ -2,7 +2,7 @@
   "$schema": "https://json-schema.org/draft/2020-12/schema",
   "$id": "https://pgxn.org/meta/v2/pgxn-jws.schema.json",
   "title": "PGXN Release Metadata",
-  "description": "JSON Web Signature release metadata populated by PGXN. Structure defined by [JWS-JS](https://datatracker.ietf.org/doc/html/draft-jones-json-web-signature-json-serialization-01)",
+  "description": "JSON Web Signature release metadata populated by PGXN. Structure defined by [JWS-JS](https://datatracker.ietf.org/doc/html/draft-jones-json-web-signature-json-serialization-01). Subject to change pending expert review and approval of the [JWS-signing RFC](https://github.com/pgxn/rfcs/pull/5).",
   "type": "object",
   "properties": {
     "headers": {
diff --git a/src/dist/mod.rs b/src/dist/mod.rs
index 5cce581..06f06ff 100644
--- a/src/dist/mod.rs
+++ b/src/dist/mod.rs
@@ -1,5 +1,5 @@
 /*!
-PGXN `META.json` validation and management.
+PGXN distribution `META.json` validation and management.
 
 This module provides interfaces to load, validate, and manipulate PGXN
 distribution `META.json` files. It supports both the [v1] and [v2] specs.