chore: prepare 0.3.0 release

[chioarub]

Summary

• Promotes the changelog to 0.3.0 and includes all post-v0.2.1 merges: Session Change Review, provider profile management, transcript-metadata project discovery, and synthetic light/dark screenshots.
• Bumps the workspace, server, web, shared package metadata, and package-lock.json to 0.3.0.
• Aligns the packaged server README safety wording with the documented no-write boundary for file-history data.

Release Readiness Review

Audited everything merged after v0.2.1 (#38 through #41) against the README, architecture, local server, privacy/redaction, security, deployment, release workflow, package metadata, tests, and public hygiene expectations.

The docs already covered the new read surfaces for provider profiles, Session Change Review, and transcript-metadata project discovery. The main gaps found were incomplete release notes and the server package README omitting file-history data from its no-write list.

Latest published/released version checks:

• GitHub Release: v0.2.1
• npm: openclaude-studio@0.2.1
• openclaude-studio@0.3.0 is not published yet

Validation

Local validation:

• npm test
• npm run lint
• npm run build
• npm pack --dry-run -w openclaude-studio
• npm run smoke:package
• npm run test:e2e

Remote PR CI:

• Typecheck and lint: passed
• Unit tests: passed
• Build and package: passed
• End-to-end tests: passed
• Validate: passed

Security And Privacy Notes

This PR does not add new runtime local-data access. The release-readiness audit reviewed the post-v0.2.1 changes for read-only behavior, bounded reads, redaction, unsafe path handling, symlink handling, older-server compatibility, and generated/public artifact hygiene. The release-prep patch only changes version metadata and documentation.

Post-Merge Release Step

After this PR merges to main, tag the merged commit to run the release workflow:

git checkout main
git pull --ff-only origin main
git tag v0.3.0
git push origin v0.3.0

The release workflow will verify the tag/package version match, run validation, publish npm if the version is still unpublished, deploy the web app to Cloudflare Pages, and create the GitHub Release from CHANGELOG.md.

Purpose

This PR prepares the codebase for the 0.3.0 release by updating version metadata across all packages and documenting new features in the changelog. The release consolidates four recently merged PRs covering session change review, provider profile management, transcript-based project discovery, and synthetic screenshot enhancements.

Changes

Package versions: Bumped workspace, server, web, and shared package versions from 0.2.1 to 0.3.0.

Changelog: Updated the "Unreleased" section to "## 0.3.0" and documented new features including:

• Project discovery from bounded transcript metadata with diagnostics
• Light/dark mode documentation screenshots using synthetic fixture data
• Existing provider profile management and Session Change Review entries retained

Documentation: Updated the server README "Safety" section to explicitly enumerate file-history data as a category that the local API will not write, clarifying the no-write boundary.

Security & Privacy

No new runtime data-access patterns introduced. The PR contains only version metadata and documentation updates. Prior audit of merged PRs (#38–#41) confirmed read-only behavior, bounded access, redaction mechanisms, and older-server compatibility.

Validation

Local validation completed: npm test, lint, build, package, smoke tests, and end-to-end tests all passed. Remote CI confirmed typecheck/lint, unit tests, build/package, and e2e test suite success.

Post-merge release steps

After merge to main, execute:

git checkout main && git pull --ff-only origin main
git tag v0.3.0 && git push origin v0.3.0

This will trigger the release workflow to publish the npm package and GitHub release.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 798c7c58-8308-4061-8596-15e29a10194c

📥 Commits

Reviewing files that changed from the base of the PR and between 499e075 and c228d90.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json, !package-lock.json

📒 Files selected for processing (6)

• CHANGELOG.md
• apps/server/README.md
• apps/server/package.json
• apps/web/package.json
• package.json
• packages/shared/package.json

---

📝 Walkthrough

Walkthrough

This PR prepares the v0.3.0 release by updating documentation with new features, clarifying safety guarantees, and bumping package versions across all manifests.

Changes

v0.3.0 Release Preparation

Layer / File(s)	Summary
Release notes and safety documentation CHANGELOG.md, apps/server/README.md	CHANGELOG.md creates the 0.3.0 release section with new feature entries for bounded transcript project discovery and light/dark documentation screenshots. README.md Safety section is clarified to explicitly include file-history among data categories the read-only API does not write.
Package version bumps to 0.3.0 package.json, apps/server/package.json, apps/web/package.json, packages/shared/package.json	Version fields are updated from 0.2.1 to 0.3.0 across root and all workspace package manifests.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• chioarub/openclaude-studio#30: Prior release bookkeeping PR that bumped versions and updated CHANGELOG.md for a previous release.
• chioarub/openclaude-studio#35: Release workflow that validates and extracts the 0.3.0 section from CHANGELOG.md for GitHub release notes.
• chioarub/openclaude-studio#37: Another release bookkeeping PR that bumped package versions and updated CHANGELOG.md for a different release version.

🚥 Pre-merge checks | ✅ 9

✅ Passed checks (9 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'chore: prepare 0.3.0 release' clearly and directly describes the main change: preparing a release for version 0.3.0 by updating version metadata and changelog.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Api Compatibility	✅ Passed	Release prep PR with version bumps only. No API response changes. Frontend guards fields with Array.isArray and optional chaining. Tests validate legacy compatibility.
Local Data Safety	✅ Passed	PR changes only version metadata and documentation; no server-side data access code modifications. README Safety section documents all features as read-only with bounded access and redaction.
Release Readiness	✅ Passed	All package versions, package-lock, CHANGELOG, release workflow, npm publishing setup, and deployment docs are consistent. PR correctly prepares 0.3.0 release without stale instructions.
Test Coverage	✅ Passed	PR does not change runtime behavior; it only updates package.json versions, CHANGELOG.md, and README.md documentation. No source code modifications.
Public Hygiene	✅ Passed	All committed files are suitable for public repository: no private workflows, local paths, personal data, secrets, unpublished notes, or restricted implementation wording detected.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}