release: promote v0.35.0 from dev to main (#288)

* perf: optimize startup performance with metadata tracking and update command (#142)

* feat: implement backlog field mapping and refinement improvements

- Add FieldMapper abstract base class with canonical field names
- Implement GitHubFieldMapper and AdoFieldMapper
- Add custom field mapping support with YAML templates
- Add field validation in refinement (story_points, business_value, priority)
- Add comprehensive unit and integration tests (42 tests)
- Add custom field mapping documentation
- Fix custom_field_mapping parameter connection
- Add early validation for custom mapping files

Implements OpenSpec change: improve-backlog-field-mapping-and-refinement

* perf: optimize startup performance with metadata tracking and update command

- Add metadata management module for tracking version and check timestamps
- Optimize startup checks to only run when needed:
  - Template checks: Only after version changes detected
  - Version checks: Limited to once per day (24h threshold)
- Add --skip-checks flag for CI/CD environments
- Add new 'specfact update' command for manual update checking and installation
- Add comprehensive unit and integration tests (35 tests, all passing)
- Update startup_checks to use metadata for conditional execution
- Ensure backward compatibility (first-time users still get all checks)

Performance Impact:
- Startup time: Reduced from several seconds to < 1-2 seconds
- Network requests: Reduced from every startup to once per day
- File system operations: Reduced from every startup to only after version changes

Fixes #140
Implements OpenSpec change: optimize-startup-performance

* feat: request offline_access scope for Azure DevOps refresh tokens

- Add offline_access scope to Azure DevOps OAuth requests
- Refresh tokens now last 90 days (vs 1 hour for access tokens)
- Automatic token refresh via persistent cache (no re-authentication needed)
- Update documentation to reflect 90-day refresh token lifetime

This addresses the issue where tokens were expiring too quickly.
Refresh tokens obtained via offline_access scope enable automatic
token renewal for 90 days without user interaction.

Fixes token lifetime limitation issue

* feat: improve CLI UX with banner control and upgrade command

- Change banner to hidden by default, shown on first run or with --banner flag
- Add simple version line (SpecFact CLI - vXYZ) for regular use
- Rename 'update' command to 'upgrade' to avoid confusion
- Update documentation for new banner behavior and upgrade command
- Update startup checks message to reference 'specfact upgrade'

* fix: suppress version line in test mode and fix field mapping issues

- Suppress version line output in test mode and for help/version commands to prevent test failures
- Fix ADO custom field mapping to honor --custom-field-mapping on writeback
- Fix GitHub issue body updates to prevent duplicate sections
- Ensure proper type handling for story points and business value calculations

* Fix failed tests

* chore: bump version to 0.26.7 and update changelog

- Fixed adapter token validation tests (ADO and GitHub)
- Resolved test timeout issues (commit history, AST parsing, Semgrep)
- Improved test file discovery to exclude virtual environments
- Added file size limits for AST parsing to prevent timeouts

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* fix: add missing ADO field mappings and assignee display (#145)

* fix: add missing ADO field mappings and assignee display

- Add Microsoft.VSTS.Common.AcceptanceCriteria to default field mappings
- Update AdoFieldMapper to support multiple field name alternatives
- Fix assignee extraction to include displayName, uniqueName, and mail
- Add assignee display in preview output
- Add interactive template mapping command (specfact backlog map-fields)
- Update specfact init to copy backlog field mapping templates
- Extend documentation with step-by-step guides

Fixes #144

* test: add unit tests for ADO field mapping and assignee fixes

- Add tests for Microsoft.VSTS.Common.AcceptanceCriteria field extraction
- Add tests for multiple field name alternatives
- Add tests for assignee extraction with displayName, uniqueName, mail
- Add tests for assignee filtering with multiple identifiers
- Add tests for assignee display in preview output
- Add tests for interactive mapping command
- Add tests for template copying in init command
- Update existing tests to match new assignee extraction behavior

* docs: update init command docstring to mention template copying

* docs: update documentation for ADO field mapping and interactive mapping features

- Update authentication guide with ADO token resolution priority
- Update custom field mapping guide with interactive mapping details
- Update backlog refinement guide with progress indicators and required field display
- Update Azure DevOps adapter guide with field mapping improvements
- Update command reference with map-fields command documentation
- Update troubleshooting guide with ADO-specific issues
- Update README files with new features
- Update getting started guide with template initialization

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: address review findings for ADO field mapping

- Prefer System.* fields over Microsoft.VSTS.Common.* when writing updates
  (fixes issue where PATCH requests could fail for Scrum templates)
- Preserve existing work_item_type_mappings when saving field mappings
  (prevents silent erasure of custom work item type mappings)

Fixes review comments:
- P1: Prefer System.AcceptanceCriteria when writing updates
- P2: Preserve existing work_item_type_mappings on save

Co-authored-by: Cursor <cursoragent@cursor.com>

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: mitigate code scanning vulnerabilities (#148)

* fix: mitigate code scanning vulnerabilities

- Fix ReDoS vulnerability in github_mapper.py by replacing regex with line-by-line processing
- Fix incomplete URL sanitization in github.py, bridge_sync.py, and ado.py using proper URL parsing
- Add explicit permissions blocks to 7 GitHub Actions jobs following least-privilege model

Resolves all 13 code scanning findings:
- 1 ReDoS error
- 5 URL sanitization warnings
- 7 missing workflow permissions warnings

Fixes #147

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: accept GitHub SSH host aliases in repo detection

Accept ssh.github.com (port 443) in addition to github.com when
detecting GitHub repositories via SSH remotes. This ensures
repositories using git@ssh.github.com:owner/repo.git are properly
detected as GitHub repos.

Addresses review feedback on PR #148

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: prevent async cleanup issues in test mode

Remove manual Live display cleanup that could cause EOFError.
The _safe_progress_display function already handles test mode
by skipping progress display, so direct save path is sufficient.

Fixes test_unlock_section failure with EOFError/ValueError.

Co-authored-by: Cursor <cursoragent@cursor.com>

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: detect GitHub remotes using ssh:// and git:// URLs

Extend URL pattern matching to support ssh://git@github.com/owner/repo.git
and git://github.com/owner/repo.git formats in addition to existing
https?:// and scp-style git@host:path URLs.

This fixes a regression where these valid GitHub URL formats were not
detected, causing detect() to return false for repos using these schemes.

Addresses review feedback on PR #149

Co-authored-by: Cursor <cursoragent@cursor.com>

* chore: bump version to 0.26.9 and update changelog

- Update version from 0.26.8 to 0.26.9
- Add changelog entry for GitHub remote detection fix and code scanning fixes

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: compare GitHub SSH hostnames case-insensitively

Lowercase host_part before comparison to handle mixed-case hostnames
like git@GitHub.com:org/repo.git. This restores the case-insensitive
behavior from the previous config_content.lower() check and prevents
regression where valid GitHub repos with mixed-case hostnames would
not be detected.

Addresses review feedback on PR #150

Co-authored-by: Cursor <cursoragent@cursor.com>

* Add openspec and workflow commands for transparency

* Add specs from openspec

* Remove aisp change which wasn't implemented

* Fix openspec gitignore pattern

* Update gitignore

* Update contribution standards to use openspec for SDD

* Migrate to new opsx openspec commands

* Migrate workflow and openspec config

* fix: bump version to 0.26.10 for PyPI publish

- Sync version across pyproject.toml, setup.py, src/__init__.py, src/specfact_cli/__init__.py
- Add CHANGELOG entry for 0.26.10 (fixes incorrect version publish issue)

Co-authored-by: Cursor <cursoragent@cursor.com>

* Update version and changelog

* Add canonical user-friendly workitem url for ado workitems

* Update to support OSPX

* feat(backlog): implement refine --import-from-tmp and fix type-check (#156)

* feat(backlog): implement --import-from-tmp for refine export/import round-trip

- Add _parse_refined_export_markdown() to parse export-format markdown (ID, Body, Acceptance Criteria, optional title/metrics)
- Import branch: read file, match by ID, update items; --write calls adapter.update_backlog_item()
- Remove 'Import functionality pending implementation' message
- Unit tests for parser (single item, AC/metrics, header-only, blocks without ID)
- Bump version to 0.26.11 and sync across pyproject.toml, setup.py, src/__init__.py, src/specfact_cli/__init__.py
- OpenSpec change: implement-backlog-refine-import-from-tmp (proposal, tasks, spec delta)

Fixes #155

Co-authored-by: Cursor <cursoragent@cursor.com>

* Fix type check issues

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* feat: debug logs under ~/.specfact/logs and release 0.26.13 (#159)

* feat: add debug logs under ~/.specfact/logs with operation metadata

- User-level log dir: get_specfact_home_logs_dir() (~/.specfact/logs, 0o755)
- debug_print() routes to console and rotating specfact-debug.log when --debug
- debug_log_operation() for structured metadata (ADO, GitHub, backlog, init)
- CLI init_debug_log_file() when --debug; help text updated

Closes #158
OpenSpec change: add-debug-logs-specfact-home

Co-authored-by: Cursor <cursoragent@cursor.com>

* Add debug logging for selected commands at first

* release: 0.26.13 - debug log parity for upgrade, versions and changelog

- Log upgrade success (up to date) to ~/.specfact/logs/specfact-debug.log
- Bump version to 0.26.13; sync pyproject.toml, setup.py, src/__init__.py, specfact_cli/__init__.py
- CHANGELOG: 0.26.13 Fixed entry for upgrade debug parity

Co-authored-by: Cursor <cursoragent@cursor.com>

* Remove pr markdown

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* Potential fix for pull request finding 'Empty except'

Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Signed-off-by: Dom <39115308+djm81@users.noreply.github.com>

* Fix unused variable review

* Fix unused variable review

* Fix type and test errors

* Finalize change

* Change for debug logs archived

* fix: improve ADO backlog refine error logging and user-facing error UX (#164)

* Improving error logging capabilities

* small fix on changelog

* Archived change

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* feat: backlog refine --ignore-refined and --id, startup docs (fixes #166) (#167)

* feat: backlog refine --ignore-refined and --id, startup docs (fixes #166)

OpenSpec change: improve-backlog-refine-and-cli-startup. Adds --ignore-refined/--no-ignore-refined, --id <issue-id>; helper _item_needs_refinement; interactive refinement prompt section; version 0.26.15.

* Add change for this branch and improve change create workflow

* Improve refinement prompt and add specification feedback, update docs and add backlog refinement tutorial

* Fix spec update and tasks

* Improve pr orchestrator pipeline triggers

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* Add change proposals for full scrum support

* Add support for systematic, structured issue creation with copilot help

* feat(backlog): daily standup defaults, iteration/sprint, unassigned items view (#174)

* Issue 179 resolution (#180)

* fix(backlog): address CodeQL/Codex PR 181 findings

- Replace empty except with debug_log_operation in _load_standup_config and _load_backlog_config (correct signature: operation, target, status, error)
- Add dim console message in sprint end date parse except block
- Gate summarize prompt description/comments on --comments; add include_comments to _build_summarize_prompt_content and call site
- Add test for metadata-only summarize when include_comments=False; update existing test to pass include_comments=True

Co-authored-by: Cursor <cursoragent@cursor.com>

* Update openspec enforcement rules

* Structure openspec changes

* Fix ruff finding

* Fix linter issues with StrEnum and parameters

* Fix tests and depcreation warnings

* Improve sync script

* Add change for modular command registry

* Fix review finding on dev sync script

* Update modular change proposal

* feat: CLI modular command registry and lazy load (arch-01) (#196)

* feat: CLI modular command registry and lazy load (arch-01)

Co-authored-by: Cursor <cursoragent@cursor.com>

* Add missing exports

* Fix lazy loading review findigns

* Removed example package and fixed tests

* Fix test failures and lazy load logic for modules

* Fix tests

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* docs: document CLI modules design; sync version and cleanup

- Add Modules design section to architecture (registry, module packages, state)
- Update module structure tree with registry/ and modules/
- Cross-reference directory-structure to architecture#modules-design
- Changelog, version, and project file updates; remove obsolete commands/prompts

Co-authored-by: Cursor <cursoragent@cursor.com>

* Archive modular change and specs

* Fix banner display on help screen

* Improve action runner on main

* Setup claude skills and instructions

* feat: module package separation for command implementations (#200)

* feat: separate module package command implementations

* docs: finalize openspec apply checklist for arch-02

* Archived arch-02 change and updated specs

* fix: restore plan sync shared compatibility import

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* fix: address CodeQL and Codex review findings from PR #201

- Fix unreachable code in contract init (Prompt.ask after raise typer.Exit)
- Replace empty except with print_warning for contract file load failures
- Fix repo-root fallback path depth in backlog commands after module migration

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: module lifecycle management, init split, and interactive module UX (#204)

* Release v0.28.0: Module package separation for command implementations (#201)

* perf: optimize startup performance with metadata tracking and update command (#142)

* feat: implement backlog field mapping and refinement improvements

- Add FieldMapper abstract base class with canonical field names
- Implement GitHubFieldMapper and AdoFieldMapper
- Add custom field mapping support with YAML templates
- Add field validation in refinement (story_points, business_value, priority)
- Add comprehensive unit and integration tests (42 tests)
- Add custom field mapping documentation
- Fix custom_field_mapping parameter connection
- Add early validation for custom mapping files

Implements OpenSpec change: improve-backlog-field-mapping-and-refinement

* perf: optimize startup performance with metadata tracking and update command

- Add metadata management module for tracking version and check timestamps
- Optimize startup checks to only run when needed:
  - Template checks: Only after version changes detected
  - Version checks: Limited to once per day (24h threshold)
- Add --skip-checks flag for CI/CD environments
- Add new 'specfact update' command for manual update checking and installation
- Add comprehensive unit and integration tests (35 tests, all passing)
- Update startup_checks to use metadata for conditional execution
- Ensure backward compatibility (first-time users still get all checks)

Performance Impact:
- Startup time: Reduced from several seconds to < 1-2 seconds
- Network requests: Reduced from every startup to once per day
- File system operations: Reduced from every startup to only after version changes

Fixes #140
Implements OpenSpec change: optimize-startup-performance

* feat: request offline_access scope for Azure DevOps refresh tokens

- Add offline_access scope to Azure DevOps OAuth requests
- Refresh tokens now last 90 days (vs 1 hour for access tokens)
- Automatic token refresh via persistent cache (no re-authentication needed)
- Update documentation to reflect 90-day refresh token lifetime

This addresses the issue where tokens were expiring too quickly.
Refresh tokens obtained via offline_access scope enable automatic
token renewal for 90 days without user interaction.

Fixes token lifetime limitation issue

* feat: improve CLI UX with banner control and upgrade command

- Change banner to hidden by default, shown on first run or with --banner flag
- Add simple version line (SpecFact CLI - vXYZ) for regular use
- Rename 'update' command to 'upgrade' to avoid confusion
- Update documentation for new banner behavior and upgrade command
- Update startup checks message to reference 'specfact upgrade'

* fix: suppress version line in test mode and fix field mapping issues

- Suppress version line output in test mode and for help/version commands to prevent test failures
- Fix ADO custom field mapping to honor --custom-field-mapping on writeback
- Fix GitHub issue body updates to prevent duplicate sections
- Ensure proper type handling for story points and business value calculations

* Fix failed tests

* chore: bump version to 0.26.7 and update changelog

- Fixed adapter token validation tests (ADO and GitHub)
- Resolved test timeout issues (commit history, AST parsing, Semgrep)
- Improved test file discovery to exclude virtual environments
- Added file size limits for AST parsing to prevent timeouts

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* fix: add missing ADO field mappings and assignee display (#145)

* fix: add missing ADO field mappings and assignee display

- Add Microsoft.VSTS.Common.AcceptanceCriteria to default field mappings
- Update AdoFieldMapper to support multiple field name alternatives
- Fix assignee extraction to include displayName, uniqueName, and mail
- Add assignee display in preview output
- Add interactive template mapping command (specfact backlog map-fields)
- Update specfact init to copy backlog field mapping templates
- Extend documentation with step-by-step guides

Fixes #144

* test: add unit tests for ADO field mapping and assignee fixes

- Add tests for Microsoft.VSTS.Common.AcceptanceCriteria field extraction
- Add tests for multiple field name alternatives
- Add tests for assignee extraction with displayName, uniqueName, mail
- Add tests for assignee filtering with multiple identifiers
- Add tests for assignee display in preview output
- Add tests for interactive mapping command
- Add tests for template copying in init command
- Update existing tests to match new assignee extraction behavior

* docs: update init command docstring to mention template copying

* docs: update documentation for ADO field mapping and interactive mapping features

- Update authentication guide with ADO token resolution priority
- Update custom field mapping guide with interactive mapping details
- Update backlog refinement guide with progress indicators and required field display
- Update Azure DevOps adapter guide with field mapping improvements
- Update command reference with map-fields command documentation
- Update troubleshooting guide with ADO-specific issues
- Update README files with new features
- Update getting started guide with template initialization

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: address review findings for ADO field mapping

- Prefer System.* fields over Microsoft.VSTS.Common.* when writing updates
  (fixes issue where PATCH requests could fail for Scrum templates)
- Preserve existing work_item_type_mappings when saving field mappings
  (prevents silent erasure of custom work item type mappings)

Fixes review comments:
- P1: Prefer System.AcceptanceCriteria when writing updates
- P2: Preserve existing work_item_type_mappings on save

Co-authored-by: Cursor <cursoragent@cursor.com>

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: mitigate code scanning vulnerabilities (#148)

* fix: mitigate code scanning vulnerabilities

- Fix ReDoS vulnerability in github_mapper.py by replacing regex with line-by-line processing
- Fix incomplete URL sanitization in github.py, bridge_sync.py, and ado.py using proper URL parsing
- Add explicit permissions blocks to 7 GitHub Actions jobs following least-privilege model

Resolves all 13 code scanning findings:
- 1 ReDoS error
- 5 URL sanitization warnings
- 7 missing workflow permissions warnings

Fixes #147

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: accept GitHub SSH host aliases in repo detection

Accept ssh.github.com (port 443) in addition to github.com when
detecting GitHub repositories via SSH remotes. This ensures
repositories using git@ssh.github.com:owner/repo.git are properly
detected as GitHub repos.

Addresses review feedback on PR #148

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: prevent async cleanup issues in test mode

Remove manual Live display cleanup that could cause EOFError.
The _safe_progress_display function already handles test mode
by skipping progress display, so direct save path is sufficient.

Fixes test_unlock_section failure with EOFError/ValueError.

Co-authored-by: Cursor <cursoragent@cursor.com>

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: detect GitHub remotes using ssh:// and git:// URLs

Extend URL pattern matching to support ssh://git@github.com/owner/repo.git
and git://github.com/owner/repo.git formats in addition to existing
https?:// and scp-style git@host:path URLs.

This fixes a regression where these valid GitHub URL formats were not
detected, causing detect() to return false for repos using these schemes.

Addresses review feedback on PR #149

Co-authored-by: Cursor <cursoragent@cursor.com>

* chore: bump version to 0.26.9 and update changelog

- Update version from 0.26.8 to 0.26.9
- Add changelog entry for GitHub remote detection fix and code scanning fixes

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: compare GitHub SSH hostnames case-insensitively

Lowercase host_part before comparison to handle mixed-case hostnames
like git@GitHub.com:org/repo.git. This restores the case-insensitive
behavior from the previous config_content.lower() check and prevents
regression where valid GitHub repos with mixed-case hostnames would
not be detected.

Addresses review feedback on PR #150

Co-authored-by: Cursor <cursoragent@cursor.com>

* Add openspec and workflow commands for transparency

* Add specs from openspec

* Remove aisp change which wasn't implemented

* Fix openspec gitignore pattern

* Update gitignore

* Update contribution standards to use openspec for SDD

* Migrate to new opsx openspec commands

* Migrate workflow and openspec config

* fix: bump version to 0.26.10 for PyPI publish

- Sync version across pyproject.toml, setup.py, src/__init__.py, src/specfact_cli/__init__.py
- Add CHANGELOG entry for 0.26.10 (fixes incorrect version publish issue)

Co-authored-by: Cursor <cursoragent@cursor.com>

* Update version and changelog

* Add canonical user-friendly workitem url for ado workitems

* Update to support OSPX

* feat(backlog): implement refine --import-from-tmp and fix type-check (#156)

* feat(backlog): implement --import-from-tmp for refine export/import round-trip

- Add _parse_refined_export_markdown() to parse export-format markdown (ID, Body, Acceptance Criteria, optional title/metrics)
- Import branch: read file, match by ID, update items; --write calls adapter.update_backlog_item()
- Remove 'Import functionality pending implementation' message
- Unit tests for parser (single item, AC/metrics, header-only, blocks without ID)
- Bump version to 0.26.11 and sync across pyproject.toml, setup.py, src/__init__.py, src/specfact_cli/__init__.py
- OpenSpec change: implement-backlog-refine-import-from-tmp (proposal, tasks, spec delta)

Fixes #155

Co-authored-by: Cursor <cursoragent@cursor.com>

* Fix type check issues

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* feat: debug logs under ~/.specfact/logs and release 0.26.13 (#159)

* feat: add debug logs under ~/.specfact/logs with operation metadata

- User-level log dir: get_specfact_home_logs_dir() (~/.specfact/logs, 0o755)
- debug_print() routes to console and rotating specfact-debug.log when --debug
- debug_log_operation() for structured metadata (ADO, GitHub, backlog, init)
- CLI init_debug_log_file() when --debug; help text updated

Closes #158
OpenSpec change: add-debug-logs-specfact-home

Co-authored-by: Cursor <cursoragent@cursor.com>

* Add debug logging for selected commands at first

* release: 0.26.13 - debug log parity for upgrade, versions and changelog

- Log upgrade success (up to date) to ~/.specfact/logs/specfact-debug.log
- Bump version to 0.26.13; sync pyproject.toml, setup.py, src/__init__.py, specfact_cli/__init__.py
- CHANGELOG: 0.26.13 Fixed entry for upgrade debug parity

Co-authored-by: Cursor <cursoragent@cursor.com>

* Remove pr markdown

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* Potential fix for pull request finding 'Empty except'

Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Signed-off-by: Dom <39115308+djm81@users.noreply.github.com>

* Fix unused variable review

* Fix unused variable review

* Fix type and test errors

* Finalize change

* Change for debug logs archived

* fix: improve ADO backlog refine error logging and user-facing error UX (#164)

* Improving error logging capabilities

* small fix on changelog

* Archived change

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* feat: backlog refine --ignore-refined and --id, startup docs (fixes #166) (#167)

* feat: backlog refine --ignore-refined and --id, startup docs (fixes #166)

OpenSpec change: improve-backlog-refine-and-cli-startup. Adds --ignore-refined/--no-ignore-refined, --id <issue-id>; helper _item_needs_refinement; interactive refinement prompt section; version 0.26.15.

* Add change for this branch and improve change create workflow

* Improve refinement prompt and add specification feedback, update docs and add backlog refinement tutorial

* Fix spec update and tasks

* Improve pr orchestrator pipeline triggers

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* Add change proposals for full scrum support

* Add support for systematic, structured issue creation with copilot help

* feat(backlog): daily standup defaults, iteration/sprint, unassigned items view (#174)

* Issue 179 resolution (#180)

* fix(backlog): address CodeQL/Codex PR 181 findings

- Replace empty except with debug_log_operation in _load_standup_config and _load_backlog_config (correct signature: operation, target, status, error)
- Add dim console message in sprint end date parse except block
- Gate summarize prompt description/comments on --comments; add include_comments to _build_summarize_prompt_content and call site
- Add test for metadata-only summarize when include_comments=False; update existing test to pass include_comments=True

Co-authored-by: Cursor <cursoragent@cursor.com>

* Update openspec enforcement rules

* Structure openspec changes

* Fix ruff finding

* Fix linter issues with StrEnum and parameters

* Fix tests and depcreation warnings

* Improve sync script

* Add change for modular command registry

* Fix review finding on dev sync script

* Update modular change proposal

* feat: CLI modular command registry and lazy load (arch-01) (#196)

* feat: CLI modular command registry and lazy load (arch-01)

Co-authored-by: Cursor <cursoragent@cursor.com>

* Add missing exports

* Fix lazy loading review findigns

* Removed example package and fixed tests

* Fix test failures and lazy load logic for modules

* Fix tests

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* docs: document CLI modules design; sync version and cleanup

- Add Modules design section to architecture (registry, module packages, state)
- Update module structure tree with registry/ and modules/
- Cross-reference directory-structure to architecture#modules-design
- Changelog, version, and project file updates; remove obsolete commands/prompts

Co-authored-by: Cursor <cursoragent@cursor.com>

* Archive modular change and specs

* Fix banner display on help screen

* Improve action runner on main

* Setup claude skills and instructions

* feat: module package separation for command implementations (#200)

* feat: separate module package command implementations

* docs: finalize openspec apply checklist for arch-02

* Archived arch-02 change and updated specs

* fix: restore plan sync shared compatibility import

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* fix: address CodeQL and Codex review findings from PR #201

- Fix unreachable code in contract init (Prompt.ask after raise typer.Exit)
- Replace empty except with print_warning for contract file load failures
- Fix repo-root fallback path depth in backlog commands after module migration

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Signed-off-by: Dom <39115308+djm81@users.noreply.github.com>
Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

* feat: add module lifecycle management and split init ide setup

* docs: update arch-03 tasks after pr creation

* docs: update init help text for module lifecycle and ide split

* Format missing

* fix: tighten ado assignee typing for basedpyright warning

* fix: honor init install-deps and tighten ado typing

* test: satisfy bundle converter constructor typing

* test: isolate module registry state in migration compatibility test

* Update change

* disable claude review due to high costs

---------

Signed-off-by: Dom <39115308+djm81@users.noreply.github.com>
Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

* archived change for module improvements

* fix: address review feedback in init and boundary tests

* Fix test setup for tmpfiles

* docs: add openspec change arch-05 bridge registry (#210)

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* docs: add openspec change arch-06 manifest security (#211)

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* feat: Core Contracts and Module Interface Formalization (#209)

* feat: add ModuleIOContract protocol and core-module isolation

- Create ModuleIOContract protocol with four core operations

- Add static analysis enforcement preventing core->module imports

- Add ProjectBundle schema versioning (schema_version field)

- Update 5 modules to implement ModuleIOContract

- Add protocol compliance tracking in module discovery

- Create docs for ProjectBundle schema and module contracts

- Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* chore: update arch-04 task tracking after implementation and PR

* test: fix flaky help assertions and typing warnings

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* Update specs and archive arch-04 change

* Fix changelog format

* docs: align arch-05 scope with protocol migration cleanup (#212)

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* docs: add OpenSpec changes for module marketplace phases

Add three OpenSpec changes from Module Marketplace Decoupling Plan:
- arch-07-schema-extension-system: Schema extension mechanism for ProjectBundle
- marketplace-01-central-module-registry: Central registry MVP with module discovery
- marketplace-02-advanced-marketplace-features: Dependency resolution and custom registries

All changes include:
- Proposal, design, specs, tasks, and validation artifacts
- Source tracking linked to GitHub issues #213, #214, #215
- TDD/SDD ordering with contract-first development
- Backward compatibility guarantees

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* feat: apply arch-05 bridge registry implementation (#216)

* docs: add openspec change arch-05 bridge registry

* feat: apply arch-05 bridge registry workflow

* docs: update arch-05 apply task execution state

* fix: resolve arch-05 protocol reporting and duplicate lifecycle logs

* fix: close arch-05 review gaps for protocol reporting

* docs: mark arch-05 PR task complete

* fix: complete arch-05 module io contract migration

* fix: make module protocol startup reporting user-friendly

* fix: make debug logging work for eager cli flags

* fix: print active debug log path on debug startup

* fix: harden repro output and telemetry fallback behavior

* test: fix service bridge metadata typing in unit tests

* fix: add strict crosshair mode and clearer repro diagnostics

* fix: remove contracts import side-effects for crosshair

* fix: make crosshair exploration output specific and deduplicated

* fix: make crosshair exploration skip noisy signature-limited files

* ci: reduce specfact workflow env setup overhead

* ci: avoid hatch env sync in specfact validation workflow

* fix: stabilize crosshair exploration for side-effectful modules

* fix: improve crosshair compatibility for backlog converters

* ci: require crosshair in specfact repro workflows

* Apply fixes on crosshair tests

* ci: speed up workflow setup with cache and lean hatch installs

* ci: pin contract scenario test env to py3.12

* ci: improve contract test progress logging

* ci: increase and expose smart test timeout for scenario runs

* Fix test failure logic

* Fix test failure logic

* Reformat files

* Fix contract test findings

* Update docs integrity

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* Archive arch-05 change after implementation

* fix: address post-merge review findings and restore lazy registration

* fix: refresh project console per invocation in tests

* fix: detect runtime interface protocol ops in source scan

* fix: harden project console refresh and protocol source scan

* fix: refresh import command console for each invocation

* fix: resolve type-check errors and harden protocol scanning

* fix: stabilize module protocol scan and project console lifecycle

* Refine pending changes for new modular ecosystem and marketplace integration

* fix: update stale spec-delta paths in tasks.md after change renames

Corrects three broken spec-delta references flagged in PR #221 review:
- backlog-core-02: add-backlog-add-interactive-issue-creation → backlog-core-02-interactive-issue-creation
- backlog-scrum-02: sprint-planning-capacity-commitment-support → backlog-scrum-02-sprint-planning
- backlog-scrum-03: story-complexity-splitting-hints-support → backlog-scrum-03-story-complexity

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* docs: rewrite CHANGE_ORDER.md for module-scoped changes and full dependency graph

- Replace old flat backlog-01..09 naming with module-scoped groups:
  backlog-core, backlog-scrum, backlog-kanban, backlog-safe,
  policy-engine, patch-mode, bundle-mapper, ceremony-cockpit
- Add arch-06/07 and marketplace-01/02 as pending changes
- Mark arch-01 through arch-05 as implemented (archived 2026-02-04..10)
- Update all GitHub issue numbers to current (incl. new #208, #213, #214,
  #215, #220 from recent changes)
- Clarify hard vs optional dependencies; optional deps are graceful no-ops
  and not set as GitHub blockers
- Update implementation waves to reflect current unblocked state (Wave 0 done)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* feat(backlog): daily/refine comment context, interactive standup posting, and filter parity (#222)

* feat(backlog): finalize daily/refine comment context, interactive posting, and docs parity

* docs(openspec): mark backlog-scrum-01 standup change checklist complete

* fix(openspec): mark backlog-refinement delta as ADDED for archive apply

* Archived completed change backlog-scrum-01

* fix(backlog): make map-fields exit cleanly under CliRunner

* Fix format

* fix(backlog): stabilize map-fields tests in non-interactive env

* docs(agents): enforce signed-commit handoff flow

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* fix(backlog): satisfy interactive daily adapter typing

* fix(backlog): bypass default daily limit for issue-window flags

* fix: parse backlog refine writeback fields and refactor refine command (#224)

* fix: parse backlog refine writeback fields and refactor refine command

* fix: preserve heading-style narrative sections in refine parser

* chore: sync OpenSpec change to GitHub issue tracking

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* fix: avoid raw label fallback when description block is missing

* fix: harden backlog refine prompt scaffold and mixed-format parsing (#228)

* fix: harden backlog refine prompt scaffold and parsing

* fix: normalize mixed notes parsing and boundary flushing

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* Finish change

* chore: bump version to 0.30.4 and update changelog

* Add MEMORY.md for claude code

* Archive backlog writeback field split change

* Archived flask support sidecar change

* feat: add backlog-core module — dependency analysis and command suites (#231)

* fix(backlog-core): remove unused module io contract global

* fix: rename LICENSE.md to LICENSE for GitHub license detection (#233)

GitHub's licensee gem only recognizes standard filenames (LICENSE,
LICENSE.txt) — LICENSE.md caused the repo to show "Other" instead
of "Apache License 2.0". Updated all references across pyproject.toml,
README, docs, workflows, and FAQ.

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

* fix: restore standard Apache 2.0 license text for GitHub detection (#235)

The LICENSE body had two non-standard edits that pushed it below
GitHub licensee's ~95% similarity threshold, causing "Other" instead
of "Apache License 2.0". Restored the canonical text; only the
copyright line in the appendix is customized (as intended by the
Apache template).

Signed-off-by: Dom <39115308+djm81@users.noreply.github.com>
Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

* Add openspec changes for architecture level enhancement

* feat(ci): attach test and repro log artifacts to PR orchestrator runs (#262)

* feat(ci): attach test and repro log artifacts to PR orchestrator runs

- Tests job: run smart-test-full, upload logs/tests/ as test-logs artifact
- Contract-first-ci: capture repro to logs/repro/, upload repro-logs and repro-reports
- Docs: CI and GitHub Actions section in troubleshooting (artifact names, usage)
- Version 0.31.1, CHANGELOG entry

Implements OpenSpec change ci-01-pr-orchestrator-log-artifacts. Fixes #260.

Co-authored-by: Cursor <cursoragent@cursor.com>

* Fix workflow and test

* ci(pr-orchestrator): add log artifacts for all pipeline jobs

- type-check: capture output to logs/type-check/, upload type-check-logs
- lint: capture to logs/lint/, upload lint-logs
- compat-py311: capture to logs/compat-py311/, upload compat-py311-logs
- quality-gates: capture to logs/quality-gates/, upload quality-gates-logs
- compat-py311: use hatch -e ENV run run (not hatch test) for pytest
- docs: list all CI artifact names and jobs in troubleshooting

Co-authored-by: Cursor <cursoragent@cursor.com>

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* feat: enhanced module manifest security and integrity (arch-06) (#263)

* feat: enhanced module manifest security and integrity (arch-06)

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: remove duplicate ModulePackageMetadata import (ruff F811)

* Fix failed tests

* Fix type-check errors

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* feat: Schema Extension System for Modular ProjectBundle Extensions (arch-07) (#265)

* feat: add schema extension system for modular ProjectBundle extensions
  Enables modules to extend Feature and ProjectBundle with namespaced custom
  fields without modifying core models, supporting marketplace-ready
  interoperability.
  - Add extensions dict field to Feature and ProjectBundle models
  - Implement type-safe get/set extension accessors with namespace enforcement
  - Extend module manifest schema with schema_extensions declaration
  - Add ExtensionRegistry for collision detection and introspection
  - Extend module lifecycle registration to load and validate extensions
  OpenSpec Change: arch-07-schema-extension-system
  Resolves #213

* feat: schema extension system (arch-07) and quality gate fixes

- Add extensions field and get_extension/set_extension to Feature and ProjectBundle
- Add SchemaExtension model and schema_extensions to ModulePackageMetadata
- Add ExtensionRegistry with collision detection; integrate in module registration
- Parse schema_extensions in discover_package_metadata
- Docs: extending-projectbundle guide, architecture section, sidebar
- Version 0.32.0, CHANGELOG entry, TDD_EVIDENCE
- Format: E402 (imports at top in project.py), UP042 (StrEnum in backlog-core),
  RUF043/B017 in schema extension tests
- Type-check: pass schema_metadata/project_metadata in BundleManifest test calls

OpenSpec Change: arch-07-schema-extension-system
Resolves #213

Co-authored-by: Cursor <cursoragent@cursor.com>

* Update change progress

* Add docs guides and update changes

* Use v0.32.0 as version and combine arch-06/arch-07

* Update change order plan

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* Fix codeql findings

* feat(workflow): standardize worktree-first development flow (#268)

* feat(workflow): standardize worktree-first development flow

* docs(openspec): mark workflow-01 delivery tasks complete

* Apply review finding

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* Fix review finding

* feat: implement policy-engine-01 unified policy framework (#270)

* feat(policy-engine): implement unified policy framework

* docs(openspec): mark policy-engine-01 implemented in change order

* fix(policy-engine): make module io contract compliant

* feat(policy-engine): add policy init templates and docs coverage

* fix: refine grouped policy limit semantics and outputs

* docs: clarify policy engine value for new users

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* fix: harden policy module imports and snapshot path resolution

* Update backlog core change to cover workspace level modules

* feat(init): align init module discovery with registry (backlog-core-01) (#275)

- Use discover_all_package_metadata() in init so list-modules/enable/disable
  use same roots as registry (built-in + workspace modules + SPECFACT_MODULES_ROOTS)
- Extend backlog-core-01 OpenSpec: init-module-discovery-alignment spec,
  tasks 0.5.x, TDD evidence
- Bump version to 0.34.0; CHANGELOG

Fixes #116

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* feat: add thorough codebase validation (validation-01, #163) (#272)

* feat: add thorough codebase validation (validation-01)
  - Add --crosshair-per-path-timeout to specfact repro and ReproChecker
  - Add docs/reference/thorough-codebase-validation.md (quick check, contract-full, sidecar, dogfooding)
  - Unit test and TDD evidence for CrossHair per-path timeout
  - OpenSpec validation-01-deep-validation tasks and TDD_EVIDENCE updated

* fix: reject non-positive CrossHair per-path timeout (review)

* docs: CHANGELOG v0.34.0 and doc updates for thorough codebase validation

---------

Signed-off-by: Dom <39115308+djm81@users.noreply.github.com>
Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* feat: add patch apply (local + --write with confirmation) [#177] (#273)

* feat(patch-mode): add patch apply (local + --write with confirmation) [#177]

- Add patch_mode module: pipeline (generator, applier, idempotency), patch apply command
- specfact patch apply <file> (local + preflight), patch apply --write --yes (upstream, idempotent)
- OpenSpec patch-mode-01-preview-apply: proposal Source Tracking, tasks, TDD_EVIDENCE
- CHANGELOG [Unreleased] entry for v0.34.0 merge

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(patch-mode): sanitize idempotency keys, derive key from patch content [PR review]

* Fix errors and ensure module compatibility

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* feat: add bundle-mapper module (bundle-mapper-01, #121) (#274)

* feat: add bundle-mapper module with confidence-based spec-to-bundle mapping

- BundleMapping model and BundleMapper engine (explicit label, historical, content similarity)
- Mapping history persistence and MappingRule (save_user_confirmed_mapping, load_bundle_mapping_config)
- Interactive UI (ask_bundle_mapping) with Rich confidence visualization
- Unit tests and TDD_EVIDENCE for bundle-mapper-01 (OpenSpec #121)

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(bundle-mapper): address PR review findings (P1/P2)

- P1 interactive: no default accept for low-confidence; use default only when conf >= 0.5
- P1 history: ignore empty key fields in item_keys_similar (only count non-empty matches)
- P2 engine: add historical weight only when hist_bundle == primary_bundle_id
- Add test_item_keys_similar_empty_fields_not_counted to lock empty-key behavior

Co-authored-by: Cursor <cursoragent@cursor.com>

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

* Archive finished changes

* fix: implement verification-01 wave1 delta closure (#277)

* fix: implement verification-01 delta for bundle mapping, patch apply, and docs parity

* test: fix patch write yes scenario for real diff apply

* fix: keep bundle mapping history out of bundle manifest

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>

* Archive delta validation change and update specs

* Update patch version

* Potential fix for pull request finding 'Empty except'

Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Signed-off-by: Dom <39115308+djm81@users.noreply.github.com>

* apply review fixes

* Add cli validation changes

* feat: launch central module marketplace lifecycle (#287)

* feat: launch module marketplace lifecycle and trust-first UX

Deliver the central module marketplace workflow with source-aware discovery, lifecycle management, and trust/publisher visibility so users can safely manage official vs local modules. This also aligns docs and OpenSpec artifacts with the shipped behavior, including command introspection and clearer install/uninstall guidance.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: respect explicit discovery roots in module tests

Disable implicit legacy/workspace roots when explicit roots are passed to module discovery so isolated test roots are honored and deterministic.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: enforce safe module extraction and upgrade reinstall

---------

Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>

---------

Signed-off-by: Dom <39115308+djm81@users.noreply.github.com>
Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

Author: 4 people

CHANGELOG.md

@@ -8,6 +8,22 @@ All notable changes to this project will be documented in this file.
 **Important:** Changes need to be documented below this block as this is the header section. Each section should be separated by a horizontal rule. Newer changelog entries need to be added on top of prior ones to keep the history chronological with most recent changes first.
 
 ---
+## [0.35.0] - 2026-02-20
+
+### Added
+
+- Central module marketplace foundations (OpenSpec change `marketplace-01-central-module-registry`) with multi-location discovery, source tracking (`builtin`/`marketplace`/`custom`), and source-priority shadow handling.
+- New module registry client and installer workflows for fetching registry index, secure module download with checksum verification, install/uninstall operations, and core compatibility validation.
+- New `specfact module` command group with `install`, `uninstall`, `search`, `list`, and `upgrade` subcommands.
+- New docs: [Installing Modules](docs/guides/installing-modules.md) and [Module Marketplace](docs/guides/module-marketplace.md), plus architecture and sidebar updates for marketplace workflows.
+
+### Changed
+
+- Module package metadata now includes `source` to persist module origin across discovery and lifecycle registration.
+- README module lifecycle baseline now includes marketplace command entry points.
+
+---
+
 ## [0.34.1] - 2026-02-18
 
 ### Fixed

README.md

@@ -158,13 +158,15 @@ Start with:
 
 SpecFact now has a lifecycle-managed module system:
 
-- `specfact init` is bootstrap-first: initializes local CLI state, discovers installed modules, and reports prompt status.
+- `specfact init` is bootstrap-first: initializes local CLI state and reports prompt status.
 - `specfact init ide` handles IDE prompt/template sync and IDE settings updates.
-- `specfact init --list-modules` shows effective enabled/disabled state.
-- `specfact init --enable-module` / `--disable-module` support:
-  - interactive selection in interactive terminals when no module id is provided
-  - explicit ids in non-interactive mode (for automation)
-  - dependency-aware safety checks with `--force` cascading enable/disable behavior
+- `specfact module` is the canonical lifecycle surface:
+  - `specfact module install <namespace/name>` installs marketplace modules into `~/.specfact/marketplace-modules/`.
+  - `specfact module list [--source builtin|marketplace|custom]` shows multi-source discovery state.
+  - `specfact module enable <id>` / `specfact module disable <id> [--force]` manage enabled state.
+  - `specfact module uninstall <name>` and `specfact module upgrade <name>` manage marketplace lifecycle.
+- `specfact init --list-modules`, `--enable-module`, and `--disable-module` remain supported as compatibility aliases during migration.
+- Module lifecycle operations keep dependency-aware safety checks with `--force` cascading behavior.
 - Module manifests support dependency and core-version compatibility enforcement at registration time.
 
 This lifecycle model is the baseline for future granular module updates and enhancements. Module installation from third-party or open-source community providers is planned, but not implemented yet.

docs/README.md

@@ -78,13 +78,13 @@ Start with:
 
 SpecFact CLI uses a lifecycle-managed module system:
 
-- `specfact init` bootstraps local state and manages module enable/disable lifecycle.
+- `specfact init` bootstraps local state.
 - `specfact init ide` handles IDE prompt/template installation and updates.
-- `specfact init --list-modules` shows current enabled/disabled state.
-- `--enable-module` and `--disable-module` support interactive selection in interactive terminals and explicit ids in non-interactive mode.
+- `specfact module` is the canonical lifecycle surface for install/list/show/search/enable/disable/uninstall/upgrade.
+- `specfact init --list-modules`, `--enable-module`, and `--disable-module` remain compatibility aliases.
 - Dependency and compatibility guards prevent invalid module states; `--force` enables dependency-aware cascades.
 
-This is the baseline for future granular module updates and enhancements. Third-party/community module installation is planned, but not available yet.
+This is the baseline for marketplace-driven module lifecycle and future community module distribution.
 
 ### Why the Module System Is the Foundation
 
@@ -104,6 +104,8 @@ For implementation details, see:
 
 - [Architecture](reference/architecture.md)
 - [Module Contracts](reference/module-contracts.md)
+- [Installing Modules](guides/installing-modules.md)
+- [Module Marketplace](guides/module-marketplace.md)
 
 ---
 

docs/_layouts/default.html

@@ -144,6 +144,8 @@ <h2 class="docs-sidebar-title">
                 <li><a href="{{ '/guides/policy-engine-commands/' | relative_url }}">Policy Engine Commands</a></li>
                 <li><a href="{{ '/guides/creating-custom-bridges/' | relative_url }}">Creating Custom Bridges</a></li>
                 <li><a href="{{ '/guides/extending-projectbundle/' | relative_url }}">Extending ProjectBundle</a></li>
+                <li><a href="{{ '/guides/installing-modules/' | relative_url }}">Installing Modules</a></li>
+                <li><a href="{{ '/guides/module-marketplace/' | relative_url }}">Module Marketplace</a></li>
                 <li><a href="{{ '/guides/using-module-security-and-extensions/' | relative_url }}">Using Module Security and Extensions</a></li>
                 <li><a href="{{ '/brownfield-engineer/' | relative_url }}">Working With Existing Code</a></li>
                 <li><a href="{{ '/brownfield-journey/' | relative_url }}">Existing Code Journey</a></li>

docs/guides/README.md

@@ -27,6 +27,8 @@ Practical guides for using SpecFact CLI effectively.
 - **[Backlog Refinement](backlog-refinement.md)** 🆕 **NEW FEATURE** - AI-assisted template-driven refinement for standardizing work items with persona/framework filtering, sprint/iteration support, and DoR validation
 - **[Specmatic Integration](specmatic-integration.md)** - API contract testing with Specmatic (validate specs, generate tests, mock servers)
 - **[Troubleshooting](troubleshooting.md)** - Common issues and solutions
+- **[Installing Modules](installing-modules.md)** - Install, list, show, search, enable/disable, uninstall, and upgrade modules
+- **[Module Marketplace](module-marketplace.md)** - Discovery priority, trust vs origin semantics, and security model
 - **[Competitive Analysis](competitive-analysis.md)** - How SpecFact compares to other tools
 - **[Operational Modes](../reference/modes.md)** - CI/CD vs CoPilot modes (reference)
 

docs/guides/installing-modules.md

@@ -0,0 +1,110 @@
+---
+layout: default
+title: Installing Modules
+permalink: /guides/installing-modules/
+description: Install, list, show, enable, disable, uninstall, and upgrade SpecFact modules.
+---
+
+# Installing Modules
+
+Use the `specfact module` command group to manage marketplace and locally discovered modules.
+
+## Install Behavior
+
+```bash
+# Marketplace id format
+specfact module install specfact/backlog
+
+# Bare names are accepted and normalized to specfact/<name>
+specfact module install backlog
+
+# Install a specific version
+specfact module install specfact/backlog --version 0.35.0
+```
+
+Notes:
+
+- If a module is already available locally (`built-in` or `custom`), install is skipped with a clear message.
+- Invalid ids show an explicit error (`name` or `namespace/name` only).
+
+## List Modules
+
+```bash
+specfact module list
+specfact module list --show-origin
+specfact module list --source marketplace
+```
+
+Default columns:
+
+- `Module`
+- `Version`
+- `State`
+- `Trust` (`official`, `community`, `local-dev`)
+- `Publisher`
+
+With `--show-origin`, an additional `Origin` column is shown (`built-in`, `marketplace`, `custom`).
+
+## Show Detailed Module Info
+
+```bash
+specfact module show module-registry
+```
+
+This prints detailed metadata:
+
+- Name, description, version, state
+- Trust, publisher, publisher URL, license
+- Origin, tier, core compatibility
+- Full command tree (including subcommands) with short command descriptions
+
+## Search Modules
+
+```bash
+specfact module search bundle-mapper
+```
+
+Search includes both:
+
+- Marketplace registry entries (`scope=marketplace`)
+- Locally discovered modules (`scope=installed`)
+
+Results are sorted alphabetically by module id.
+
+## Enable and Disable Modules
+
+```bash
+specfact module enable backlog
+specfact module disable backlog
+specfact module disable plan --force
+```
+
+Use `--force` to allow dependency-aware cascades when required.
+
+## Uninstall Behavior
+
+```bash
+specfact module uninstall backlog
+specfact module uninstall specfact/backlog
+```
+
+Uninstall only removes marketplace-installed modules.
+
+Clear guidance is provided for:
+
+- `built-in` modules (disable instead of uninstall)
+- `custom` modules (remove from local module roots)
+- unknown/untracked modules (`module list --show-origin`)
+
+## Upgrade Behavior
+
+```bash
+# Upgrade a single marketplace module
+specfact module upgrade backlog
+
+# Upgrade all marketplace modules
+specfact module upgrade
+specfact module upgrade --all
+```
+
+Upgrade applies only to modules with origin `marketplace`.

docs/guides/module-marketplace.md

@@ -0,0 +1,66 @@
+---
+layout: default
+title: Module Marketplace
+permalink: /guides/module-marketplace/
+description: Registry model, discovery priority, trust semantics, and security checks for SpecFact modules.
+---
+
+# Module Marketplace
+
+SpecFact supports centralized marketplace distribution with local multi-source discovery.
+
+## Registry Overview
+
+- Registry repository: <https://github.com/nold-ai/specfact-cli-modules>
+- Index document: `registry/index.json`
+- Marketplace module id format: `namespace/name` (for example `specfact/backlog`)
+
+## Discovery and Priority
+
+Local module discovery scans these roots in priority order:
+
+1. `built-in` modules (`src/specfact_cli/modules`)
+2. `marketplace` modules (`~/.specfact/marketplace-modules`)
+3. `custom` modules (`~/.specfact/custom-modules`)
+4. extra custom roots (workspace `modules/` and `SPECFACT_MODULES_ROOTS`)
+
+If module names collide, higher-priority sources win and lower-priority entries are shadowed.
+
+## Trust vs Origin
+
+SpecFact shows both trust semantics and origin details:
+
+- `Trust` column (default): `official`, `community`, `local-dev`
+- `Origin` column (`--show-origin`): `built-in`, `marketplace`, `custom`
+
+Use:
+
+```bash
+specfact module list --show-origin
+```
+
+## Security Model
+
+Install workflow enforces integrity and compatibility checks:
+
+1. Fetch registry index
+2. Download module archive
+3. Validate SHA-256 checksum
+4. Validate module `core_compatibility` against current CLI version
+5. Install into `~/.specfact/marketplace-modules/`
+
+Checksum mismatch blocks installation.
+
+## Marketplace vs Local Modules
+
+- `specfact module install` targets marketplace modules.
+- If a requested module already exists locally (`built-in`/`custom`), install reports that no marketplace install is needed.
+- `specfact module uninstall` removes only marketplace-installed modules and provides actionable guidance for built-in/custom modules.
+
+## Module Introspection
+
+`specfact module show <name>` includes:
+
+- Module metadata (publisher, license, trust, origin, compatibility)
+- Full command tree, including subcommands
+- Short command descriptions derived from Typer command registration

docs/index.md

@@ -84,6 +84,16 @@ Why this matters:
 - **[Extending ProjectBundle](guides/extending-projectbundle.md)** - Declare and use namespaced extension fields on Feature/ProjectBundle
 - **[Module Security](reference/module-security.md)** - Publisher, integrity (checksum/signature), and versioned dependencies
 
+
+## Module Marketplace
+
+SpecFact now supports a central marketplace workflow for module installation and lifecycle management.
+
+- **[Installing Modules](guides/installing-modules.md)** - Install, list, uninstall, and upgrade modules
+- **[Module Marketplace](guides/module-marketplace.md)** - Registry model, security checks, and discovery priority
+
+Compatibility note: `specfact init --list-modules`, `--enable-module`, and `--disable-module` remain available as migration aliases while `specfact module` (`install`, `list`, `show`, `search`, `enable`, `disable`, `uninstall`, `upgrade`) is the canonical lifecycle command group.
+
 ## 📚 Documentation
 
 ### Guides

docs/reference/README.md

@@ -22,6 +22,7 @@ Complete technical reference for SpecFact CLI.
 - **[Feature Keys](feature-keys.md)** - Key normalization and formats
 - **[Directory Structure](directory-structure.md)** - Project structure and organization
 - **[Schema Versioning](schema-versioning.md)** - Bundle schema versions and backward compatibility (v1.0, v1.1)
+- **[Module Security](module-security.md)** - Marketplace/module integrity and publisher metadata
 
 ## Quick Reference
 
@@ -38,6 +39,11 @@ Complete technical reference for SpecFact CLI.
 - `specfact spec generate-tests [--bundle <name>]` - Generate contract tests from specifications
 - `specfact spec mock [--bundle <name>]` - Launch mock server for development
 - `specfact init ide --ide <cursor|vscode|copilot|...>` - Initialize IDE integration explicitly
+- `specfact module install <name|namespace/name>` - Install marketplace module (bare names normalize to `specfact/<name>`)
+- `specfact module list [--source ...] [--show-origin]` - List modules with trust/publisher and optional origin details
+- `specfact module show <name>` - Show detailed module metadata and full command tree with short descriptions
+- `specfact module search <query>` - Search marketplace and installed modules
+- `specfact module uninstall <name|namespace/name>` / `specfact module upgrade [<name>|--all]` - Manage module lifecycle with source-aware behavior
 
 ### Modes
 

docs/reference/architecture.md

@@ -77,6 +77,49 @@ SpecFact is transitioning from hard-wired command wiring to a module-first archi
 - Easier interface-based testing and safer incremental migrations.
 - Better path for pending OpenSpec-driven module evolution.
 
+## Module Marketplace
+
+SpecFact supports marketplace-driven module distribution with deterministic multi-location discovery.
+
+### Discovery Pattern
+
+Module discovery scans in strict priority order:
+
+1. Built-in modules (`site-packages/specfact_cli/modules/`)
+2. Marketplace modules (`~/.specfact/marketplace-modules/`)
+3. Custom modules (`~/.specfact/custom-modules/`)
+
+When duplicate module names exist, the higher-priority source wins and shadowed modules are ignored.
+
+### Registry Client Architecture
+
+The registry client fetches `index.json` from the central module repository and resolves:
+
+- module metadata (`id`, `namespace`, `latest_version`, compatibility)
+- download URL
+- checksum for integrity validation
+
+Install and search commands degrade gracefully in offline mode.
+
+### Install Sequence
+
+```mermaid
+sequenceDiagram
+    participant User
+    participant CLI as specfact module install
+    participant Registry as Marketplace Registry
+    participant Local as ~/.specfact/marketplace-modules
+
+    User->>CLI: install specfact/backlog
+    CLI->>Registry: fetch index.json
+    Registry-->>CLI: module metadata + checksum
+    CLI->>Registry: download tarball
+    Registry-->>CLI: module archive
+    CLI->>CLI: verify checksum + compatibility
+    CLI->>Local: extract and register module
+    CLI-->>User: install success
+```
+
 ## Operational Modes
 
 SpecFact CLI supports two operational modes for different use cases:
@@ -626,16 +669,16 @@ class ChangeArchive(BaseModel):
 - **File**: `~/.specfact/registry/modules.json` (created when you run `specfact init`).
 - **Content**: List of `{ "id", "version", "enabled" }` per module. Only modules with `enabled: true` have their commands registered.
 - **CLI**:
-  - `specfact init --list-modules` shows effective state.
-  - `specfact init --enable-module <id>` and `--disable-module <id>` update persisted state.
-  - In interactive terminals, `specfact init --enable-module` and `specfact init --disable-module` (without ids) open an interactive selector.
+  - Canonical lifecycle surface: `specfact module` (`install`, `list`, `uninstall`, `upgrade`).
+  - Compatibility aliases: `specfact init --list-modules`, `--enable-module`, `--disable-module` remain supported during migration.
+  - In interactive terminals, bare init compatibility flags still open an interactive selector.
   - In non-interactive mode, explicit module ids are required.
   - Safe dependency guards block invalid enable/disable actions unless `--force` is used.
   - With `--force`, enable cascades to required dependencies and disable cascades to enabled dependents.
 
 ### Lifecycle notes and roadmap
 
-- `specfact init` is bootstrap/module-lifecycle focused.
+- `specfact init` is bootstrap-focused; lifecycle UX is canonical in `specfact module` with init aliases preserved for compatibility.
 - `specfact init ide` is responsible for IDE prompt/template setup.
 - This lifecycle architecture is the baseline for future granular module updates and enhancements.
 - Third-party/community module installation is planned as a next step, but not implemented yet.