Skip to content

chore(ci): bump standards reusable workflow pins#276

Merged
hyperpolymath merged 1 commit into
mainfrom
chore/bump-standards-pins-2026-06-24
Jun 24, 2026
Merged

chore(ci): bump standards reusable workflow pins#276
hyperpolymath merged 1 commit into
mainfrom
chore/bump-standards-pins-2026-06-24

Conversation

@hyperpolymath

Copy link
Copy Markdown
Owner

Bumps stale hyperpolymath/standards/.github/workflows/*-reusable.yml pins to current standards HEAD (d135b05bfc647d0c0fbfedc7e80f37ea50f49236) to clear governance 'Check Workflow Staleness' (ADR-003) failures. CI-pin changes only.

OWNER-AUTHORIZED estate pin-bump campaign 2026-06-24.

🤖 Generated with Claude Code

Bump stale hyperpolymath/standards reusable workflow pins to current
standards HEAD (d135b05bfc647d0c0fbfedc7e80f37ea50f49236) to clear governance 'Check Workflow
Staleness' (ADR-003) failures.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@hyperpolymath hyperpolymath merged commit dd36b88 into main Jun 24, 2026
@hyperpolymath hyperpolymath deleted the chore/bump-standards-pins-2026-06-24 branch June 24, 2026 14:38
@github-actions

Copy link
Copy Markdown

🔍 Hypatia Security Scan

Findings: 5 issues detected

Severity Count
🔴 Critical 0
🟠 High 3
🟡 Medium 2
View findings
[
  {
    "reason": "No test directory or test files found",
    "type": "no_tests",
    "file": "/home/runner/work/echo-types/echo-types",
    "action": "flag",
    "rule_module": "honest_completion",
    "severity": "high",
    "deduction": 20
  },
  {
    "reason": "Repository has 7 non-main remote branch(es). Policy: single main branch only.",
    "type": "GS007",
    "file": ".",
    "action": "delete_remote_branches",
    "rule_module": "git_state",
    "severity": "medium"
  },
  {
    "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 21 day(s) old [STALE]",
    "type": "CSA001",
    "file": ".github/workflows/scorecard.yml",
    "action": "escalate",
    "rule_module": "code_scanning_alerts",
    "severity": "high"
  },
  {
    "reason": "Code-scanning alert TokenPermissionsID (high) at .github/workflows/scorecard.yml is 21 days old (threshold: 7 days) -- overdue for remediation",
    "type": "CSA003",
    "file": ".github/workflows/scorecard.yml",
    "action": "escalate",
    "rule_module": "code_scanning_alerts",
    "severity": "high"
  },
  {
    "reason": "Code-scanning alert hypatia/code_safety/agda_postulate dismissed as 'false positive' -- ensure dismissal is documented and justified",
    "type": "CSA004",
    "file": "proofs/agda/EchoImageFactorizationPropPostulated.agda",
    "action": "review",
    "rule_module": "code_scanning_alerts",
    "severity": "medium"
  }
]

Powered by Hypatia Neurosymbolic CI/CD Intelligence

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant