Enrich spec-changes manifest + changelog preview for dashboard

[gjtorikian]

Summary

• Enrich the spec-changes producer the SDK bot consumes so the redesigned dashboard can surface what actually changed: per-service changedEndpoints (method/path/breaking, resolved from the IR after mount-time attribution) plus the originating commitMessage/prNumber/prUrl on the manifest.
• Keep the lean buildSpecChanges rollup the bot's pending logic depends on unchanged — enrichment lives only in the CLI path, so existing tests stay green.
• Add an on-demand changelog-preview.yml workflow + render-changelog-preview.mjs that renders the changelog scoped to a staged service set using the canonical renderChangelogMarkdown logic and POSTs it (HMAC-signed) to the bot for the "Generate staged" preview.
• Export publicScopeFromService + renderChangelogMarkdown from sdk-release-metadata.mjs and guard the CLI behind a direct-invocation check so they're importable.
• spec-changes.yml: thread the commit subject + originating PR number through. generate-prs.yml: a changelog_override input writes the operator-edited changelog into the .changelog-pending fragment instead of the computed bullets.

Test plan

• node --test scripts/__tests__/build-spec-changes.spec.mjs passes (existing rollup unchanged)
• CLI invocation of build-spec-changes emits changedEndpoints + commit/PR metadata; module import does not run the CLI
• changelog-preview workflow renders staged-scope changelog and POSTs a valid HMAC signature to the bot
• generate-prs changelog_override writes the edited changelog into .changelog-pending

🤖 Generated with Claude Code

[greptile-apps]

Greptile Summary

This PR enriches spec-change metadata and adds a dashboard changelog preview path. The main changes are:

• Adds per-service changed endpoint details and commit/PR metadata to the spec-changes manifest.
• Adds an on-demand changelog preview workflow with signed callback delivery to the SDK bot.
• Exports changelog rendering helpers for reuse by the preview script.
• Supports operator-edited changelog overrides in generated release-note fragments.
• Expands staged preview scoping to include service mounts and per-operation mountOn hints.

Confidence Score: 5/5

The changes appear merge-safe based on the reviewed workflow and script updates.

No blocking correctness issues were identified in the changed manifest enrichment, changelog preview, helper exports, or override handling.

T-Rex Logs

What T-Rex did

• Compared manifest enrichment outputs before and after to confirm the post-change CLI includes commit/PR metadata and shows changedEndpoints: [] for UserManagement, with endpoint enrichment skipped due to the endpoint filtering logic.
• Validated the changelog preview workflow by running the after-state tests; the preview renderer executes, imports succeed, the import produces exports=function,function, the OpenSSL SHA-256 signature matches Node crypto over the exact JSON body, and the fallback canonical scoping includes client and organizations while excluding sso.
• Verified the changelog override behavior: the before-state writes computed bullets only, and the after-state writes decoded multiline override markdown when provided and reverts to computed bullets when no override is supplied.

_{Ran code and verified through T-Rex}

Comments Outside Diff (1)

1. General comment

   CLI endpoint enrichment ignores IR operations that use method

   • Bug
     • The head CLI manifest includes the new metadata fields, but it fails to populate changedEndpoints for a changed operation when the IR operation exposes its HTTP verb as method. The executed head scenario changed UserManagementUsers.deleteUser, remapped to UserManagement, with old/new IR operation { "method": "DELETE", "path": "/user_management/users/{id}" }; the emitted service had changedEndpoints: [] instead of the changed DELETE endpoint.
   • Cause
     • In scripts/build-spec-changes.mjs, buildChangedEndpoints only indexes operations when op.httpMethod && op.path is present and reads op.httpMethod. The requested/representative IR shape and existing fixture convention use operation.method, so opByKey never receives the operation and the CLI enrichment drops the endpoint.
   • Fix
     • Update buildChangedEndpoints to accept the actual IR verb field, e.g. const method = op.httpMethod ?? op.method; if (method && op.path) ..., and add/adjust a CLI-path test fixture that asserts the mounted service receives { method: "DELETE", path: "/user_management/users/{id}", breaking: true, kind: "operation-modified" }.

   _{Ran code and verified through T-Rex}

_{Reviews (4): Last reviewed commit: "fix: include mountOn-remounted scopes in..." | Re-trigger Greptile}