chore: add gh-aw duplicate code detector workflow

[KRRT7]

Summary

• Adds the GitHub Agentic Workflows duplicate code detector, configured for Python with Serena semantic analysis
• Runs daily, flags patterns spanning 10+ lines or appearing in 3+ locations
• Creates up to 3 issues per run with [duplicate-code] prefix

Notes

• Requires Claude API secret configured in repo Actions secrets
• code-quality and automated-analysis labels will be auto-created on first run

[claude]

The cookie label appears to be a test/placeholder label. Was this intentionally included? If not, it should be removed to avoid creating a spurious label in the repository on first run.

Suggested change

	labels: [code-quality, automated-analysis, cookie]
	labels: [code-quality, automated-analysis]

[claude]

PR Review Summary

Prek Checks

✅ No issues — this PR contains no Python files. Prek reported (no files to check).

Mypy Checks

✅ No issues — no Python files changed.

Code Review

This PR adds the GitHub Agentic Workflows (gh-aw) duplicate code detector workflow. The changes consist of:

• .gitattributes — marks lock.yml files as generated
• .github/aw/ — action lock pins and imported reporting template
• .github/workflows/duplicate-code-detector.lock.yml — auto-generated workflow (1170 lines, DO NOT EDIT)
• .github/workflows/duplicate-code-detector.md — workflow configuration

Outstanding issue (from previous review):

• Line 19 in duplicate-code-detector.md: The cookie label is still present in labels: [code-quality, automated-analysis, cookie]. This appears to be a test/placeholder label that should be removed before merge.

No other critical bugs, security vulnerabilities, or breaking API changes found.

Test Coverage

✅ N/A — no Python source files were changed in this PR. Coverage is unaffected.

Codeflash Optimization PRs

No mergeable optimization PRs found. All 29 open codeflash-ai[bot] PRs have failing CI checks.

---

Last updated: 2026-02-14