Skip to content

Latest commit

 

History

History
22 lines (16 loc) · 1.83 KB

File metadata and controls

22 lines (16 loc) · 1.83 KB

GitHub workflows

YAML workflows for CI, documentation audit, workflow lint, dependency review, CodeQL, and scheduled supply-chain checks. Parent hub (Dependabot + full index): ../README.md. Agent guide: AGENTS.md.

Workflow files

File Triggers Jobs / behavior
ci.yml push / pull_requestmain; ignores **/*.md, doc/**; workflow_dispatch test: matrix 3.11–3.13; Python 3.12 also runs Ruff format/check over src scripts, terminology audits, docs audit, GNN doc patterns, mypy, collect-only, focused PyMDP/POMDP tests, and MCP ≥ 130 (see src/tests/mcp_audit_report.json). All matrix entries run JUnit + artifact + summary. security: Bandit SARIF → code scanning + artifact.
docs-audit.yml push / pull_request when *.md, doc/**, root AGENTS.md/CLAUDE.md/README.md/SKILL.md, or doc/development/docs_audit.py change; workflow_dispatch Strict docs audit with anchors plus repository/doc terminology and GNN doc-pattern audits.
actionlint.yml Changes under .github/workflows/**; workflow_dispatch rhysd/actionlint@v1.7.11
dependency-review.yml pull_requestmain; workflow_dispatch High severity + AGPL deny; PR comment summary on failure. Fork PRs may get limited review.
codeql.yml push / pull_request (skips doc-only paths), weekly cron, workflow_dispatch Init → uv sync --frozen --extra dev → analyze (Python).
supply-chain-audit.yml Weekly cron Monday 06:00 UTC, workflow_dispatch Two pip-audit jobs (OSV); strict shell; job summary.

Local validation

actionlint .github/workflows/*.yml

Run from repo root (paths relative to root).