fix(governance): align docs and CI with NA-03 v1.6 and org-wide consistency#30
Closed
bryanfawcett wants to merge 1 commit into
Closed
fix(governance): align docs and CI with NA-03 v1.6 and org-wide consistency#30bryanfawcett wants to merge 1 commit into
bryanfawcett wants to merge 1 commit into
Conversation
…stency Remove stale "7 Enterprise products" locked count from PR template (removed in NA-03 v1.6). Complete CLAUDE.md locked counts to list all six (was missing covenants, manifesto sections, sources of truth). Add TypeScript/Biome and TypeScript/Bun entries to CLAUDE.md stack commands to match AGENTS.md; add pnpm audit to Next.js entry. Align reusable-ci-typescript-lib and reusable-ci-docker to use the same actions/checkout (9c091bb), pnpm/action-setup (0ebf47b), and codeql-action/upload-sarif (8aad20d) SHAs as every other reusable workflow in the org. Add pnpm audit (--audit-level=moderate) to reusable-ci-typescript and reusable-ci-typescript-lib, matching the security gate already present in reusable-ci-nextjs-monorepo. Signed-off-by: Bryan Fawcett <bryan@nyuchi.com>
Contributor
Author
|
Closing as superseded. This PR was one of a run of duplicate daily "keep the repo up to date" PRs (#30–#39) that piled up unmerged because the underlying automation never checked for existing open PRs or merged its own work. The one genuine bug it (and the others) were chasing — Generated by Claude Code |
This was referenced Jul 3, 2026
bryanfawcett
added a commit
that referenced
this pull request
Jul 3, 2026
The scheduled "keep the repo up to date" routine was opening a new draft PR every day (#30-#39) without checking for existing open ones or merging its own work, and repeatedly hand-resolved actions/checkout SHA drift in inconsistent directions instead of deferring to Dependabot. Document the actual rules: dedupe against open PRs from the same routine, leave third-party Action version pins to Dependabot, run formatters before committing, and merge routine/mechanical fixes once required checks are green instead of leaving them as drafts forever. Signed-off-by: Claude <noreply@anthropic.com> Co-authored-by: Claude <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
pnpm audit --audit-level=moderateto the TypeScript/Next.js entry to match the reusable workflow.reusable-ci-typescript-lib.ymlandreusable-ci-docker.ymlwere using differentactions/checkout,pnpm/action-setup, andcodeql-action/upload-sarifSHAs compared to every other workflow in the org. All aligned to the consensus SHAs.pnpm audit --audit-level=moderatejobs toreusable-ci-typescript.ymlandreusable-ci-typescript-lib.yml, matching the security gate already present inreusable-ci-nextjs-monorepo.yml. TypeScript codebases were the only stacks without this gate.Test plan
lint / actionlintpasses (no new workflow syntax issues)lint / yamllintpasseslint / prettierpasseslint / markdownlintpassesactions/checkoutreferences in workflows now use9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0NA-03 merge blockers
🤖 Generated with Claude Code
Generated by Claude Code