Merge branch 'main' into dependabot/cargo/bcrypt-0.19.0

Author: hyperpolymath

.github/dependabot.yml

@@ -7,9 +7,12 @@ updates:
     directory: "/"
     schedule:
       interval: "weekly"
-    ignore:
-      - dependency-name: "*"
-        update-types: ["version-update:semver-patch"]
+    # `open-pull-requests-limit: 0` suppresses routine version-update PRs
+    # while leaving Dependabot SECURITY PRs flowing. The previous
+    # `ignore: "*" patch` rule also silenced security PRs under GitHub\'s
+    # current Dependabot behaviour. See rsr-template-repo commit 78b050e
+    # and 007-lang/audits/audit-dependabot-automation-gap-2026-04-17.md.
+    open-pull-requests-limit: 0
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:

.github/workflows/dependabot-automerge.yml

@@ -0,0 +1,143 @@
+# SPDX-License-Identifier: PMPL-1.0-or-later
+#
+# dependabot-automerge.yml — enable GitHub's native auto-merge on
+# Dependabot pull requests that match a declared severity / ecosystem
+# policy. Pairs with `.github/dependabot.yml`'s
+# `open-pull-requests-limit: 0` + security-only pattern (see the
+# cargo block there).
+#
+# What this does:
+#   - Triggers on every Dependabot PR.
+#   - Reads the PR's update-type metadata via the dependabot/fetch-metadata
+#     action (no free-text parsing).
+#   - Requires CI to be green before merge (GitHub's auto-merge enforces
+#     required status checks).
+#   - Gates merge behind a severity+ecosystem policy table. Default is
+#     low+medium security updates only.
+#
+# Why auto-merge on GitHub (not via a bot like rhodibot) is the right
+# layer: GitHub enforces branch protection + required checks natively,
+# and the PR author is already `dependabot[bot]`. Rhodibot doesn't need
+# to know anything about ecosystems — GitHub handles the merge mechanics
+# once we approve.
+#
+# Threat model:
+#   - A compromised upstream package with a bogus security advisory
+#     could propose a malicious version bump. Mitigation: require at
+#     least one non-automated reviewer for HIGH+CRITICAL severity
+#     (done below — we explicitly refuse to auto-approve those).
+#   - A compromised Dependabot itself is an Akerlof claim-grounder
+#     problem. Not in scope here; track under
+#     `project_claim_grounders_dual_use_akerlof.md`.
+#
+# Dogfooding: this workflow template is itself subject to the same
+# Dependabot config via the github-actions ecosystem block, so SHA
+# bumps for dependabot/fetch-metadata flow through the same path.
+
+name: Dependabot Auto-Merge
+
+on:
+  pull_request:
+    types: [opened, reopened, synchronize]
+
+permissions:
+  contents: write        # needed to enable auto-merge
+  pull-requests: write   # needed to approve
+  # NB: keep narrow — do NOT add secrets: read or id-token: write here.
+
+jobs:
+  automerge:
+    # Only run for PRs actually authored by Dependabot.
+    if: github.actor == 'dependabot[bot]' && github.event.pull_request.user.login == 'dependabot[bot]'
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Fetch Dependabot metadata
+        id: meta
+        uses: dependabot/fetch-metadata@dbb049abf0d677abbd7f7eee0375145b417fdd34 # v2.2.0
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+
+      # --- Policy gate -------------------------------------------------------
+      # Outputs from fetch-metadata we care about:
+      #   update-type      → version-update:semver-{patch,minor,major}
+      #   dependency-type  → direct:{development,production} | indirect
+      #   alert-state      → AUTO_DISMISSED | DISMISSED | FIXED | OPEN
+      #   ghsa-id          → GHSA-... if this is a security PR
+      # --- Policy -------------------------------------------------------------
+      # AUTO-APPROVE + AUTO-MERGE when:
+      #   1. This is a SECURITY update (ghsa-id present), AND
+      #   2. Update is patch or minor, AND
+      #   3. Severity ≤ moderate (Dependabot doesn't expose severity
+      #      directly in fetch-metadata; infer from the absence of
+      #      HIGH/CRITICAL labels added by Dependabot).
+      # Otherwise: do nothing. Human reviews HIGH+CRITICAL security
+      # updates and all non-security bumps.
+      - name: Decide policy outcome
+        id: policy
+        env:
+          GHSA_ID: ${{ steps.meta.outputs.ghsa-id }}
+          UPDATE_TYPE: ${{ steps.meta.outputs.update-type }}
+          PR_LABELS: ${{ toJson(github.event.pull_request.labels.*.name) }}
+        run: |
+          set -euo pipefail
+
+          is_security=false
+          is_patch_or_minor=false
+          is_high_or_critical=false
+
+          [ -n "$GHSA_ID" ] && is_security=true
+          case "$UPDATE_TYPE" in
+            version-update:semver-patch|version-update:semver-minor)
+              is_patch_or_minor=true ;;
+          esac
+
+          # Dependabot adds severity labels like "severity: high",
+          # "severity: critical". Look for those in the PR labels JSON.
+          if echo "$PR_LABELS" | grep -qiE '"(severity: (high|critical))"'; then
+            is_high_or_critical=true
+          fi
+
+          if $is_security && $is_patch_or_minor && ! $is_high_or_critical; then
+            echo "action=automerge" >> "$GITHUB_OUTPUT"
+          else
+            echo "action=skip" >> "$GITHUB_OUTPUT"
+          fi
+          echo "security=$is_security" >> "$GITHUB_OUTPUT"
+          echo "update_type=$UPDATE_TYPE" >> "$GITHUB_OUTPUT"
+          echo "ghsa=$GHSA_ID" >> "$GITHUB_OUTPUT"
+
+      - name: Approve PR (if policy allows)
+        if: steps.policy.outputs.action == 'automerge'
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          PR_URL: ${{ github.event.pull_request.html_url }}
+        run: |
+          gh pr review --approve "$PR_URL" \
+            --body "Auto-approving Dependabot security update (${{ steps.policy.outputs.ghsa }}, ${{ steps.policy.outputs.update_type }}). Policy: low/moderate security patches/minors only."
+
+      - name: Enable auto-merge (if policy allows)
+        if: steps.policy.outputs.action == 'automerge'
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          PR_URL: ${{ github.event.pull_request.html_url }}
+        run: |
+          gh pr merge --auto --squash "$PR_URL"
+
+      - name: Write decision to step summary
+        env:
+          ACTION: ${{ steps.policy.outputs.action }}
+          IS_SECURITY: ${{ steps.policy.outputs.security }}
+          UPDATE_TYPE: ${{ steps.policy.outputs.update_type }}
+          GHSA: ${{ steps.policy.outputs.ghsa }}
+        run: |
+          {
+            echo "## Dependabot Auto-Merge Decision"
+            echo ""
+            echo "| Field | Value |"
+            echo "|-------|-------|"
+            echo "| Policy action | \`$ACTION\` |"
+            echo "| Security update | \`$IS_SECURITY\` |"
+            echo "| Update type | \`$UPDATE_TYPE\` |"
+            echo "| GHSA ID | \`${GHSA:-n/a}\` |"
+          } >> "$GITHUB_STEP_SUMMARY"

.github/workflows/npm-bun-blocker.yml

@@ -1,11 +1,17 @@
 # SPDX-License-Identifier: PMPL-1.0-or-later
 name: NPM/Bun Blocker
 on: [push, pull_request]
+
+permissions:
+  contents: read
+
 jobs:
   check:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Block npm/bun
         run: |
           if [ -f "package-lock.json" ] || [ -f "bun.lockb" ] || [ -f ".npmrc" ]; then

.github/workflows/ts-blocker.yml

@@ -1,11 +1,17 @@
 # SPDX-License-Identifier: PMPL-1.0-or-later
 name: TypeScript/JavaScript Blocker
 on: [push, pull_request]
+
+permissions:
+  contents: read
+
 jobs:
   check:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Block new TypeScript/JavaScript
         run: |
           NEW_TS=$(git diff --name-only --diff-filter=A HEAD~1 2>/dev/null | grep -E '\.(ts|tsx)$' | grep -v '\.gen\.' || true)

.gitignore

@@ -79,3 +79,11 @@ htmlcov/
 
 # Crash recovery artifacts
 ai-cli-crash-capture/
+target/
+node_modules/
+_build/
+deps/
+.elixir_ls/
+.cache/
+build/
+dist/

0-AI-MANIFEST.a2ml

@@ -0,0 +1,16 @@
+# SPDX-License-Identifier: PMPL-1.0-or-later
+# 0-AI-MANIFEST.a2ml — AI Agent Entry Point
+# Repository: dicti0nary-attack
+# Owner: hyperpolymath
+
+(ai-manifest
+  (version "1.0")
+  (repository "dicti0nary-attack")
+  (owner "hyperpolymath")
+  (entry-points
+    (primary "README.adoc")
+    (machine-readable ".machine_readable/"))
+  (invariants
+    (scm-files-location ".machine_readable/ ONLY — never root")
+    (license "PMPL-1.0-or-later")
+    (github-is-source-of-truth #t)))

Cargo.lock

@@ -1,3 +1,5 @@
+import? "contractile.just"
+
 # justfile - Command runner for dicti0nary-attack (Chapel/WASM edition)
 # SPDX-License-Identifier: GPL-3.0-or-later
 # SPDX-FileCopyrightText: 2025 Security Research Team