Skip to content

chore: security and local rules compliance #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
metyatech wants to merge 1 commit into from
Closed

chore: security and local rules compliance #9

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions .github/workflows/security.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
name: Security

on:
push:
branches:
- main
pull_request:
schedule:
- cron: "0 0 * * 1" # Weekly on Monday

jobs:
scan:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Run OSV-Scanner
uses: google/osv-scanner-action/osv-scanner-action@v1
Copy link

Copilot AI Feb 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The GitHub Action reference appears to be incorrect. The path google/osv-scanner-action/osv-scanner-action@v1 contains a duplicated path component. GitHub Actions should be referenced as owner/repo@version, not owner/repo/path@version. The correct reference should be google/osv-scanner-action@v1 or possibly google/osv-scanner@v1 depending on the actual repository name. This will cause the workflow to fail when executed.

Suggested change
uses: google/osv-scanner-action/osv-scanner-action@v1
uses: google/osv-scanner-action@v1

Copilot uses AI. Check for mistakes.
with:
scan-args: |-
--recursive
./
6 changes: 6 additions & 0 deletions AGENTS.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -514,3 +514,9 @@ Source: agent-rules-local/compose-agentsmd-local.md
# Compose-Agentsmd Local Overrides

- For this repository only, generate AGENTS.md using `npm run compose` (do not run `compose-agentsmd` directly).

Source: agent-rules-local/release.md

# Distribution and release

- After publishing this repository, update the globally installed CLI to the latest version.
5 changes: 5 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,11 @@

All notable changes to this project will be documented in this file.

## [Unreleased]
- Added `agent-rules-local/release.md` to the local ruleset to ensure distribution and release rules are included in `AGENTS.md`.
- Added a security workflow using `osv-scanner` for automated dependency vulnerability scanning.
- Added `metyatech` to `package.json` keywords.

## 3.3.1 - 2026-02-18
- Updated `ajv` in `package-lock.json` to `8.18.0` via `npm audit fix` to remediate a moderate advisory.

Expand Down
23 changes: 12 additions & 11 deletions agent-ruleset.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,13 @@
{
"source": "github:metyatech/agent-rules",
"domains": [
"cli",
"node",
"release"
],
"extra": [
"agent-rules-local/compose-agentsmd-local.md"
],
"output": "AGENTS.md"
}
"source": "github:metyatech/agent-rules",
"domains": [
"cli",
"node",
"release"
],
"extra": [
"agent-rules-local/compose-agentsmd-local.md",
"agent-rules-local/release.md"
],
"output": "AGENTS.md"
}
3 changes: 2 additions & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,8 @@
"agentsmd",
"rules",
"cli",
"markdown"
"markdown",
"metyatech"
],
"type": "module",
"bin": {
Expand Down
Loading