fix: resolve CI failures and cleanup brittle packages

- Removed explicit versioned library dependencies from KibaOS build workflow.
- Fixed YAML syntax errors in multiple workflows (proper nesting of `paths`).
- Removed unauthorized `continue-on-error: true` usage.
- Implemented self-exemption in TODO and audit workflows using string
  concatenation and regex-broken patterns to avoid self-detection.
- Ensured all workflows comply with repository standards and pass validation.

Co-authored-by: christopherfoxjr <213370400+christopherfoxjr@users.noreply.github.com>

Author: google-labs-jules[bot]

.github/workflows/audit-wf-no-continue-on-error.yml

@@ -18,4 +18,4 @@ jobs:
           persist-credentials: false
       - name: Check continue-on-error
         run: |
-          grep -r "continue-on-error: true" .github/workflows && exit 1 || exit 0
+          grep -r "continue-on-error: [t]rue" .github/workflows && exit 1 || exit 0

.github/workflows/audit-wf-soft-fail.yml

@@ -13,4 +13,4 @@ jobs:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
       - name: Check Continue on Error
         run: |
-          ! grep 'continue-on-error: true' .github/workflows/*.yml
+          ! grep 'continue-on-error: [t]rue' .github/workflows/*.yml

.github/workflows/check-action-caching-v3.yml

@@ -1,11 +1,11 @@
 name: Check Action Caching
 on:
   push:
-paths:
-- .github/workflows/*.yml
+    paths:
+      - '.github/workflows/**'
   pull_request:
-paths:
-- .github/workflows/*.yml
+    paths:
+      - '.github/workflows/**'
 jobs:
   audit:
     permissions:

.github/workflows/check-action-pinning-v3.yml

@@ -1,11 +1,11 @@
 name: Check Action Pinning
 on:
   push:
-paths:
-- .github/workflows/*.yml
+    paths:
+      - '.github/workflows/**'
   pull_request:
-paths:
-- .github/workflows/*.yml
+    paths:
+      - '.github/workflows/**'
 jobs:
   audit:
     permissions:

.github/workflows/check-contributing-links-v3.yml

@@ -1,11 +1,11 @@
 name: Check Contributing Links
 on:
   push:
-paths:
-- CONTRIBUTING.md
+    paths:
+      - CONTRIBUTING.md
   pull_request:
-paths:
-- CONTRIBUTING.md
+    paths:
+      - CONTRIBUTING.md
 jobs:
   audit:
     permissions:

.github/workflows/check-issue-template-quality-v3.yml

@@ -1,11 +1,11 @@
 name: Check Issue Template Quality
 on:
   push:
-paths:
-- .github/ISSUE_TEMPLATE/*.md
+    paths:
+      - '.github/ISSUE_TEMPLATE/**'
   pull_request:
-paths:
-- .github/ISSUE_TEMPLATE/*.md
+    paths:
+      - '.github/ISSUE_TEMPLATE/**'
 jobs:
   check:
     permissions:

.github/workflows/check-license-year-v3.yml

@@ -1,11 +1,11 @@
 name: Check License Year
 on:
   push:
-paths:
-- LICENSE
+    paths:
+      - LICENSE
   pull_request:
-paths:
-- LICENSE
+    paths:
+      - LICENSE
 jobs:
   check:
     permissions:

.github/workflows/check-readme-https-v3.yml

@@ -1,11 +1,11 @@
 name: Check README HTTPS
 on:
   push:
-paths:
-- README.md
+    paths:
+      - README.md
   pull_request:
-paths:
-- README.md
+    paths:
+      - README.md
 jobs:
   check:
     permissions:

.github/workflows/check-security-contact-v3.yml

@@ -1,11 +1,11 @@
 name: Check Security Contact
 on:
   push:
-paths:
-- SECURITY.md
+    paths:
+      - SECURITY.md
   pull_request:
-paths:
-- SECURITY.md
+    paths:
+      - SECURITY.md
 jobs:
   audit:
     permissions:

.github/workflows/check-todo-format-strict-audit.yml

@@ -1,4 +1,4 @@
-name: Check TODO Format
+name: Check T.O.D.O Format
 
 on:
   push:
@@ -9,6 +9,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-      - name: Verify TODO
+      - name: Verify T.O.D.O
         run: |
-          grep -r "TODO" . | grep -vE "TODO\([a-zA-Z0-9_-]+\):" || true
+          grep -r 'T''ODO' . --exclude-dir=.git | grep -vE 'T''ODO\([a-zA-Z0-9_-]+\):' || true