Missing pieces
- Build verification evidence (
build_verified = false)
- Automated test verification record (
tests_verified = false)
- Artifact and release verification (
artifact_verified = false, release_verified = false)
- A DRS-aligned release document and per-version release note
- Manifest release fields (
release.installer.sha256, release.verified)
- A release checklist with a per-version verification block and evidence folder
- A signed installer, or an explicit signing status recorded
- An evidence bundle (
build.log, test.log, install-check.txt, filehash.txt)
Next steps
- Perform a clean build of the QB64 project; record the build command, tool versions, and output in the manifest
- Run and record a manual UI smoke test and parser unit checks; append results to the project release checklist
- Create a DRS-compliant release note and update the manifest with
release.installer metadata if packaging is desired
- Capture an installer or executable artifact hash (SHA-256) and add a per-version verification block
- Assemble a release-evidence folder (
build.log, test.log, install-check.txt, filehash.txt), preserving legacy manifests
- Harden parsing logic against
winget output variations and add deterministic parser tests
- Document build/run/test/publish commands in
Project-README.md, ensuring docs are included in any publish output
Potential improvements
- Refactor command execution into a shared command layer (per the project's own
NEXT_EVOLUTION doc) for reuse across Aptlantis
- Add explicit parser unit tests and CI-driven verification, even if local-only
- Configurable logging levels and structured JSON output for parsed results
- A small cross-platform shim (PowerShell/Node) for headless invocation of the command layer
- Improved UI accessibility and a keyboard-driven workflow for faster operator use
Creative enhancements (ideas on file, not committed)
- Export executed command objects and parsed results as a structured, replayable/auditable JSON timeline
- Integrate with a central Aptlantis command layer and history store, so multiple small frontends share execution, logging, and parsing components
- An "offline cache" mode downloading installers into an archive for reproducible offline installs
- A "replay" feature re-running an install queue in a sandboxed VM, capturing an evidence bundle automatically
- A lightweight SBOM for the built executable, included in the release-evidence bundle