#15925)

fix(generator-cli): publish 0.9.28 with commit attribution fix

Add generator-cli 0.9.28 version entry for the explicit author/committer
fix from PR #15893. This triggers npm publish via CI.

The fix sets author and committer to fern-api[bot] identity on
octokit.git.createCommit() calls, fixing commit attribution on GitHub
Enterprise where PAT-based auth attributed commits to the PAT owner.

Also adds Python SDK changelog entry so the next Python SDK release
picks up the new generator-cli with the fix.

Follow-up: after 0.9.28 is published to npm, the catalog pin in
pnpm-workspace.yaml needs to be bumped from 0.9.27 to 0.9.28.

* chore: bump generator-cli catalog pin to 0.9.28

Bumps the catalog pin from 0.9.27 to 0.9.28 now that 0.9.28 is
published to npm. This ensures generator Docker rebuilds pick up
the commit attribution fix (explicit fern-api[bot] author/committer
on API-created commits).

* chore: update pnpm-lock.yaml for generator-cli 0.9.28

## Description
Adds the Cursor-owned Sentry triage agent as an automation for the Fern CLI. This PR is intentionally automation-only: it documents how Cursor agents should run false-positive triage, compare against the ledger, and record review decisions without changing CLI runtime behavior.

## Changes Made
- Add `automation/sentry-triage/AGENT.md` with the Cursor automation workflow for Sentry CLI triage.
- Add the compact design-choice guide and baseline ledger used by the test automation.
- Link the triage automation from `CLAUDE.md` so future Cursor runs can find it.
- [ ] Updated README.md generator (if applicable)

## Testing
- [x] Manual testing completed
- Pre-commit filename check passed.
- `jq empty automation/sentry-triage/ledger.json`

Made with [Cursor](https://cursor.com)

## Description
Linear ticket: Refs Sentry false-positive triage for buildwithfern/cli

Ships the Sentry CLI false-positive triage fixes from this batch. The parent automation ledger contains some pre-recorded decisions, so this PR description lists the solved Sentry rows by the actual code paths changed here rather than only by ledger diff.

## Changes Made
- Classify docs YAML, dependency version, GitHub repository, global theme, translation directory, replay resolve, migration loading, Auth0 SSO, BAML setup, git, buf, sed, and library-docs external job failures at explicit boundaries.
- Update `automation/sentry-triage/ledger.json` for the follow-up batch and add reusable design-choice bullets from review feedback.
- Add an unreleased CLI changelog entry for the reporting behavior changes.
- [ ] Updated README.md generator (if applicable)

## Sentry Errors Solved By Code Changes
- `CLI-3A`: `EINTR` interrupted syscall now maps through errno environment semantics.
- `CLI-3P`: global theme fetch/config failures now pass explicit config/network codes.
- `CLI-31`, `CLI-2P`, `CLI-2B`, `CLI-1Z`, `CLI-14`: invalid dependency/generator version parsing is handled as `VersionError`/config semantics at the caller boundary.
- `CLI-2A`, `CLI-30`, `CLI-3G`, `CLI-Q`, `CLI-1T`, `CLI-1E`, `CLI-G`, `CLI-P`, `CLI-N`: docs YAML parse failures now wrap `yaml.load` as `CliError(ParseError)` at the docs configuration boundary.
- `CLI-1Y`: missing translation directories now surface as `ValidationError`.
- `CLI-3C`: replay resolve fallback failures now surface as `UserError` in both CLI implementations.
- `CLI-39`: invalid GitHub repository strings in `generators.yml` now surface as `ConfigError`.
- `CLI-34`: failed external library-docs generation jobs now surface as non-reportable `NetworkError`.
- `CLI-2J`: generator migration package install/load failures now surface as `EnvironmentError`.
- `CLI-2D`: generated-output `git` command failures now surface as `UserError`.
- `CLI-22`: Auth0 SSO HTTP 400 responses now surface as `AuthError`.
- `CLI-D`: invalid AI/BAML provider setup now surfaces as `ConfigError`.
- `CLI-21`: auto-version placeholder replacement subprocess failures now surface as `UserError`.
- `CLI-1M`: `buf` subprocess failures now use controlled exit-code handling and surface as `UserError`.

## Ledger Corrections For Already-Handled Rows
- `CLI-H`: prompt SIGINT/`ExitPromptError` is already converted to `TaskAbortSignal` by prompt wrappers.
- `CLI-1K`: remote task failures are already non-reportable container/task failures in current code.
- `CLI-C`: malformed streamed IR JSON is already wrapped as `CliError(ParseError)` in the diff command path.

## Testing
- [x] Manual testing completed
- Pre-commit filename check passed.
- `jq empty automation/sentry-triage/ledger.json`
- Read IDE lints on touched files. Existing diagnostics remain in `generateLibraryDocs.ts` (`FdrAPI` export) and `convertGeneratorsConfiguration.ts` (`github.output.branch` type), unrelated to this split.

Made with [Cursor](https://cursor.com)