chore: release

[QaidVoid]

🤖 New release

• soar-config: 0.8.0 -> 0.9.0 (⚠ API breaking changes)
• soar-operations: 0.2.1 -> 0.2.2 (✓ API compatible changes)
• soar-cli: 0.12.2 -> 0.12.3
• soar-registry: 0.4.2 -> 0.4.3
• soar-db: 0.5.2 -> 0.5.3
• soar-package: 0.3.2 -> 0.3.3
• soar-core: 0.16.0 -> 0.16.1

⚠ soar-config breaking changes

--- failure constructible_struct_adds_field: externally-constructible struct adds field ---

Description:
A pub struct constructible with a struct literal has a new pub field. Existing struct literals must be updated to include the new field.
        ref: https://doc.rust-lang.org/reference/expressions/struct-expr.html
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.47.0/src/lints/constructible_struct_adds_field.ron

Failed in:
  field PackageOptions.bsum in /tmp/.tmpIXYXf3/soar/crates/soar-config/src/packages.rs:207
  field ResolvedPackage.bsum in /tmp/.tmpIXYXf3/soar/crates/soar-config/src/packages.rs:311

Changelog

soar-config

0.9.0 - 2026-06-06

⛰️ Features

• (install) Implicit-trust model for user-declared sources + checksum pinning (#171) - (d395448)

soar-operations

0.2.2 - 2026-06-06

⛰️ Features

• (install) Implicit-trust model for user-declared sources + checksum pinning (#171) - (d395448)

soar-cli

0.12.3 - 2026-06-06

⛰️ Features

• (install) Implicit-trust model for user-declared sources + checksum pinning (#171) - (d395448)

soar-registry

0.4.3 - 2026-06-06

⚙️ Miscellaneous Tasks

• Updated the following local packages: soar-config - (0000000)

soar-db

0.5.3 - 2026-06-06

⚙️ Miscellaneous Tasks

• Updated the following local packages: soar-registry - (0000000)

soar-package

0.3.3 - 2026-06-06

⚙️ Miscellaneous Tasks

• Updated the following local packages: soar-config - (0000000)

soar-core

0.16.1 - 2026-06-06

⚙️ Miscellaneous Tasks

• Updated the following local packages: soar-config, soar-db, soar-package - (0000000)

---

This PR was generated with release-plz.

Summary by CodeRabbit

v0.12.3 Release Notes

• New Features

  • Added implicit-trust model for user-declared sources with checksum pinning, enhancing security for package installations.

• Chores

  • Updated internal dependencies across workspace packages.

[coderabbitai]

Too many files changed? Review this PR in Change Stack to see how the pieces fit before you dive in.

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 65626639-ebf3-4c85-9e89-c8a894558a19

📥 Commits

Reviewing files that changed from the base of the PR and between d395448 and c689b7e.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (15)

• CHANGELOG.md
• Cargo.toml
• crates/soar-cli/Cargo.toml
• crates/soar-config/CHANGELOG.md
• crates/soar-config/Cargo.toml
• crates/soar-core/CHANGELOG.md
• crates/soar-core/Cargo.toml
• crates/soar-db/CHANGELOG.md
• crates/soar-db/Cargo.toml
• crates/soar-operations/CHANGELOG.md
• crates/soar-operations/Cargo.toml
• crates/soar-package/CHANGELOG.md
• crates/soar-package/Cargo.toml
• crates/soar-registry/CHANGELOG.md
• crates/soar-registry/Cargo.toml

---

📝 Walkthrough

Walkthrough

This PR coordinates a release bump across the workspace and internal crate ecosystem. Root workspace dependencies are updated to new versions, soar-cli advances to 0.12.3, and six internal crates receive coordinated version bumps with corresponding changelog entries documenting the implicit-trust model and checksum pinning feature alongside dependency updates.

Changes

Release v0.12.3 coordinated version bumps

Layer / File(s)	Summary
Root workspace release v0.12.3 CHANGELOG.md, Cargo.toml, crates/soar-cli/Cargo.toml	Root workspace dependencies updated for six internal crates (soar-config, soar-core, soar-db, soar-operations, soar-package, soar-registry) with soar-cli version bumped to 0.12.3. Root CHANGELOG documents implicit-trust model for user-declared sources with checksum pinning feature.
Feature-bearing crate releases crates/soar-config/CHANGELOG.md, crates/soar-config/Cargo.toml, crates/soar-operations/CHANGELOG.md, crates/soar-operations/Cargo.toml	soar-config version 0.8.0 → 0.9.0 and soar-operations version 0.2.1 → 0.2.2, with changelogs documenting the new implicit-trust model for user-declared sources with checksum pinning feature.
Dependent crate releases crates/soar-registry/CHANGELOG.md, crates/soar-registry/Cargo.toml, crates/soar-db/CHANGELOG.md, crates/soar-db/Cargo.toml, crates/soar-package/CHANGELOG.md, crates/soar-package/Cargo.toml, crates/soar-core/CHANGELOG.md, crates/soar-core/Cargo.toml	soar-registry 0.4.2 → 0.4.3, soar-db 0.5.2 → 0.5.3, soar-package 0.3.2 → 0.3.3, and soar-core 0.16.0 → 0.16.1 with changelogs recording dependency updates on soar-config and peer crates.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• pkgforge/soar#146: Coordinated release update bumping the same workspace crates with CHANGELOG entries, though documenting different feature sets.
• pkgforge/soar#166: Release bump PR that updates the same workspace dependency and crate version entries across soar-config, soar-core, soar-db, soar-operations, soar-package, and soar-registry.

Poem

🐰 Version numbers march in line,
Checksums pinned, implicit trust divine,
Six crates synchronized in release grace,
Changelogs updated—a rabbit's favorite place!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'chore: release' is generic and does not specifically convey the main changes in the changeset (version bumps across multiple crates and new feature for checksum pinning).	Consider using a more specific title that captures the release version or primary feature, such as 'chore: release v0.12.3 with checksum pinning' or similar, to better reflect the changeset.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch release-plz-2026-06-06T07-18-24Z

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}