fix(ci): set write permissions for Claude GitHub Action#21
Closed
spideystreet wants to merge 298 commits into
Closed
fix(ci): set write permissions for Claude GitHub Action#21spideystreet wants to merge 298 commits into
spideystreet wants to merge 298 commits into
Conversation
…d embedding assets
…ck start Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Remove obsolete ignore rules (Django, Flask, Celery, etc.), untrack models/lid.176.ftz (should be downloaded at build time, not stored in git), and update models/README.md with current resource paths. Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
- go-check: vet + build for scraper and fetcher - docker-build: build image without push to catch Dockerfile errors early - prisma-validate: validate schema without a database - security: pip-audit for dependency vulnerabilities + gitleaks for secret leaks - quality: add --cov-fail-under=80 coverage threshold Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Installs torch from the CPU-only index before the main pip install, then strips torch/nvidia/triton/cuda lines from requirements.txt so pip doesn't re-download the CUDA variant. Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Add known-third-party for dagster packages to prevent ruff from misdetecting the local dagster/ runtime directory as a first-party package, causing import order differences between local and CI. Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
- Add dummy DATABASE_URL for Prisma validate step - Remove SQLFluff lint from CI (dbt templater needs DB; dbt parse suffices) - Make gitleaks continue-on-error when license is missing - Skip docs-sync PR creation when no new commits vs main Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Use gitleaks CLI directly instead of gitleaks-action which requires a paid license. Scans the working tree (--no-git) to avoid false positives from old commits. Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
- New user_recommendation_job: embed users + dbt match models + public sync - New user_recommendation_schedule: every 2h (Europe/Paris) - Reduce run_all_schedule from 5x/day to 1x/day at 3 AM (scraping new projects doesn't need to be frequent; user recommendations do) Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
…d match models - Rename @@Map("verification_token") to @@Map("verification") to align with backend - Remove unused ProjectEmbedding model and its relation on Project - Add MatchGlobalRecommendation and MatchUserRecommendation (dbt-managed, read-only) - Add migration for all three changes Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Move prisma schema, migrations and seeds to opensource-together/prisma repo and reference it as a git submodule (same pattern as docs/). Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
- Add OST_PRISMA_TOKEN secret to quality-checks and caller workflows - Update prisma-validate to checkout with submodule token - Add prisma-submodule SHA check (mirrors docs-submodule pattern) - Add sync-prisma-submodule.yml to auto-PR schema changes to prisma repo Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Prisma stays as a regular directory in ost-linker (source of truth). Schema changes will be synced to ost-backend via CI workflow instead. Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
- Remove prisma-submodule check job and OST_PRISMA_TOKEN - Revert prisma-validate to simple checkout (no submodule) - Replace sync-prisma-submodule.yml with sync-prisma-backend.yml that copies prisma/ to ost-backend and creates a PR on changes Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Add claude.yml (PR/issue assistant via @claude mention) and claude-code-review.yml (auto code review on PR events). Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
…flows - pipeline-doctor: Dagster pipeline debugging (opus, memory) - dbt-analyst: dbt model review and debugging (sonnet, memory) - security-auditor: security audit before PRs (opus, stateless) - go-service-reviewer: Go scraper/fetcher review (sonnet, memory) Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
…cture refactor: restructure project for production readiness
Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
- CODE_OF_CONDUCT: Contributor Covenant v2.1 - SECURITY: vulnerability reporting via GitHub issues - CLAUDE.md: add git flow, Claude CI workflows, custom agents Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
The Claude Code Action needs write permissions on contents, pull-requests, and issues to post comments. Read-only permissions only allowed the eyes emoji reaction without responding. Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Add explicit base_ref guards so publish-develop, sync-docs, and sync-prisma only run on PRs targeting staging/main. On develop, only claude-code-review should run. Co-Authored-By: spidecode-bot <263227865+spicode-bot@users.noreply.github.com>
Collaborator
Author
|
Doublon — cette branche cible develop via PR #20 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
readtowriteoncontents,pull-requests, andissuesTest plan
@claudein an issue or PR comment and verify it responds with a full comment instead of just the eyes emoji🤖 Generated with Claude Code