Skip to content

Harden security lane with channels and recovery smoke checks#162

Closed
jsugg wants to merge 0 commit intomainfrom
hardening/review-recovery-gates
Closed

Harden security lane with channels and recovery smoke checks#162
jsugg wants to merge 0 commit intomainfrom
hardening/review-recovery-gates

Conversation

@jsugg
Copy link
Copy Markdown
Owner

@jsugg jsugg commented Apr 2, 2026
edited
Loading

Summary

  • add two semantic security-workflow checks: verify-channels-contract and run-recovery-smoke
  • extend CI helper and CLI surfaces to execute and report those checks without inline shell blobs
  • add unit and repo-contract coverage for the new workflow/script behavior
  • document the new executable evidence in CI/security docs

Notes

  • this change keeps the security workflow thin by routing logic through tests/scripts/security_workflow.py
  • no product runtime feature behavior was changed; this is CI enforcement and evidence hardening

@jsugg jsugg closed this Apr 2, 2026
@jsugg jsugg force-pushed the hardening/review-recovery-gates branch from ffcfe24 to 465f42e Compare April 2, 2026 14:19
@jsugg
Copy link
Copy Markdown
Owner Author

jsugg commented Apr 2, 2026

Closing this PR as superseded by #163. The hardening changes from this branch are already on main (merge commit ef02e14), and this branch was rebased to main to clear stale conflicts and failed historical checks.

@jsugg jsugg deleted the hardening/review-recovery-gates branch April 2, 2026 14:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jsugg