Skip to content

Chore/cicd optimizations#5

Merged
hyperpolymath merged 7 commits intomainfrom
chore/cicd-optimizations
Mar 26, 2026
Merged

Chore/cicd optimizations#5
hyperpolymath merged 7 commits intomainfrom
chore/cicd-optimizations

Conversation

@hyperpolymath
Copy link
Owner

@hyperpolymath hyperpolymath commented Mar 26, 2026

No description provided.

hyperpolymath and others added 7 commits March 18, 2026 17:12
@hyperpolymath
chore(ci): maximize ci/cd values via dependabot and permissions
e0a6eb4
@hyperpolymath
fix(ci): Resolve workflow-linter self-matching and metadata issues
b254565
@hyperpolymath
fix(scorecard): enforce granular permissions and add fuzzing placeholder
ffe959d
@hyperpolymath @claude
chore(floor-raise): add foundational tool integrations
5ed7c7a 
Add AI manifest, Trustfile, Dustfile, and assail recipe as part of the
Floor Raise campaign to establish baseline tooling across all repos.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@hyperpolymath @claude
docs: add EXPLAINME.adoc — prove-it file backing README claims
373b000 
Standard RSR documentation: quotes README claims, lists tech choices with
links, honest caveats, dogfooding table. See rsr-template-repo for the pattern.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@hyperpolymath @claude
chore: standardise, Justfile, (rename,, fix, parse, errors,, remove, …
2b4d869 
…useless, commands)

Batch Justfile audit: standardised naming (lowercase→Justfile),
fixed parse errors, removed useless build-riscv from non-Rust repos,
added missing assail recipe, and fixed code quality issues.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@hyperpolymath
Merge branch 'main' into chore/cicd-optimizations
19b0f42
@hyperpolymath hyperpolymath merged commit 20ffd23 into main Mar 26, 2026
13 of 15 checks passed
@hyperpolymath hyperpolymath deleted the chore/cicd-optimizations branch March 26, 2026 09:05
chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Mar 26, 2026
View reviewed changes
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 19b0f42eb5

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

.github/workflows/workflow-linter.yml
# Find any uses: lines that don't have @SHA format
# Pattern: uses: owner/repo@<40-char-hex>
unpinned=$(grep -rn "uses:" .github/workflows/ | \
unpinned=$(grep -rnE "^[[:space:]]+uses:" .github/workflows/ | \
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot Mar 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Include - uses: syntax in SHA-pinning scan

The updated pattern ^[[:space:]]+uses: in the Check SHA-Pinned Actions step no longer matches shorthand step declarations like - uses: ..., which are valid and already used in this repository (for example in ts-blocker.yml and scorecard-enforcer.yml). As a result, unpinned actions introduced with shorthand syntax will bypass this linter and the workflow can report a false pass on pinning compliance.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hyperpolymath