Skip to content

Address filed configuration and doc defects#231

Merged
ptr727 merged 2 commits into
developfrom
fix/filed-config-defects
Jun 30, 2026
Merged

Address filed configuration and doc defects#231
ptr727 merged 2 commits into
developfrom
fix/filed-config-defects

Conversation

@ptr727

@ptr727 ptr727 commented Jun 30, 2026

Copy link
Copy Markdown
Owner
  • configure.sh: drop 2>/dev/null in check_security so gh's error surfaces (matches check_secrets).
  • WORKFLOW.md D7.2/section 2: reword so it no longer claims reusable tasks declare permissions (they run under the caller's least-privilege grant).

Closes #226

Validation: shellcheck + actionlint + markdownlint clean; line endings preserved.

🤖 Generated with Claude Code

- configure.sh: drop 2>/dev/null in check_security so gh's error surfaces (matches check_secrets).
- WORKFLOW.md D7.2/section 2: reword so it no longer claims reusable tasks *declare* permissions (they run under the caller's least-privilege grant).

Closes #226

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates repository governance tooling and documentation around GitHub Actions permission semantics, and additionally introduces a set of migration planning documents under plans/.

Changes:

  • Update repo-config/configure.sh so check_security() no longer suppresses gh api stderr for the automated-security-fixes check.
  • Reword WORKFLOW.md guidance to clarify that reusable workflows run under the caller-granted least-privilege permissions (and skipped jobs must still have valid declared permissions).
  • Add several new migration planning documents under plans/ (scope not currently reflected in the PR description).

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 7 comments.

Show a summary per file
File Description
WORKFLOW.md Clarifies permissions guidance for reusable workflows and skipped jobs.
repo-config/configure.sh Removes stderr suppression so audit failures surface actionable gh diagnostics.
plans/INDEX.md Adds an index for new migration plan documents.
plans/00-GOTCHA-BRIEFING.md Adds shared briefing for branch-scoped CI/CD migration planning.
plans/nxwitness-migration-plan.md Adds NxWitness migration/convergence plan document.
plans/homeassistant-purpleair-migration-plan.md Adds HomeAssistant-PurpleAir migration/convergence plan document.
plans/esphome-nonroot-migration-plan.md Adds ESPHome-NonRoot migration/convergence plan document.

Comment thread plans/INDEX.md Outdated
Comment thread plans/00-GOTCHA-BRIEFING.md Outdated
Comment thread plans/00-GOTCHA-BRIEFING.md Outdated
Comment thread plans/nxwitness-migration-plan.md Outdated
Comment thread plans/homeassistant-purpleair-migration-plan.md Outdated
Comment thread plans/esphome-nonroot-migration-plan.md Outdated
Comment thread plans/INDEX.md Outdated
plans/ is local migration-planning scratch (created for review during the
CI/CD work); it was swept in by git add -A and should not be tracked - it
also contains non-ASCII punctuation that violates the repo doc rules.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@ptr727 ptr727 merged commit 952c94b into develop Jun 30, 2026
10 checks passed
@ptr727 ptr727 deleted the fix/filed-config-defects branch June 30, 2026 03:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants