Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions .config/hk.pkl
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ local excludeDiagnostics = new Listing<String> {
"CA2255"
"CS0103"
"CS0108"
"CS1061"
"CS0246"
"CS1591"
"CS8602"
Expand All @@ -31,6 +32,22 @@ local excludeDiagnostics = new Listing<String> {
"RS0026"
}

local excludes = new Listing<String> {
"**/obj/**/*"
"**/bin/**/*"
".git/**/*"
".vs/**/*"
".vscode/**/*"
".idea/**/*"
".claude/**/*"
".agents/**/*"
".apm/**/*"
".copilot/**/*"
".squad/**/*"
"**/*.verified.*"
"**/*.received.*"
}

local excludedDiagnosticsString = excludeDiagnostics.join(" ")

// `dotnet format` — whitespace / code-style / analyzer fixes, scoped to the changed C# files.
Expand Down Expand Up @@ -76,6 +93,7 @@ local linters = new Mapping<String, Step> {
// ["jb-cleanupcode"] = jbCleanupCode
}

exclude = excludes
hooks {
["pre-commit"] {
fix = true
Expand Down
14 changes: 10 additions & 4 deletions .config/mise.toml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
"github:yvgude/lean-ctx" = { version = "v3.8.8", bin = "lean-ctx" }
hk = "1.48.0"
pkl = "0.31.1"
bun = "1.3.14"
node = "24.16.0"
actionlint = "1.7.12"
prettier = "3.8.4"

Expand All @@ -20,13 +20,15 @@ dotnet = [{ version = "8.0.14", runtime = "dotnet" }, { version = "10.0.301" }]
"dotnet:verify.tool" = "0.7.0"
"dotnet:gitreleasemanager.tool" = "0.20.0"
"dotnet:NuGet.Mcp.Server" = "1.4.3"
"npm:vitepress" = "v2.0.0-alpha.17"
"pipx:git+https://github.com/github/spec-kit.git" = "latest"
"npm:@bradygaster/squad-cli" = "0.10.0"
# dotnet

[tasks]
build = { run = "dotnet run build/Build.cs" }
docs = { run = "vitepress dev docs" }
docs-preview = { run = "vitepress preview docs" }
docs = { run = "npm run dev --workspace docs", description = "Start Astro/Starlight dev server" }
"docs:preview" = { run = "npm run preview --workspace docs", description = "Preview built Starlight site" }
"docs:build" = { run = "npm run build --workspace docs", description = "Build the Starlight site (API reference is generated in-process by the Astro XML loader)" }
"roslyn-lsp" = { run = "bash build/scripts/install-roslyn-lsp.sh", description = "Install the Microsoft Roslyn language server for this RID" }
"pkl-vscode" = { run = "bash build/scripts/install-pkl-vscode.sh", description = "Install the Pkl VS Code extension (not in marketplace; installed from VSIX)" }

Expand All @@ -36,6 +38,10 @@ prereleases = true

[env]
HK_MISE = 1
# Keep npm's download cache inside the mise data dir so jdx/mise-action's
# cache (which caches MISE_DATA_DIR / ~/.local/share/mise) also persists npm
# tarballs across CI runs. `npm ci` still wipes node_modules, but reuses these.
npm_config_cache = "{{env.HOME}}/.local/share/mise/npm-cache"
# Microsoft Roslyn language server (Microsoft.CodeAnalysis.LanguageServer), installed by the
# `roslyn-lsp` task from the Azure DevOps vs-impl feed. The wrapper lands on PATH below.
ROSLYN_LSP_VERSION = "4.8.0-7.26274.14"
Expand Down
7 changes: 0 additions & 7 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -74,10 +74,3 @@ jobs:
with:
name: event
path: artifacts/event.json
# Docs are built into artifacts/docs by the canonical pipeline (DocsModule). Only the
# main branch publishes to GitHub Pages (FR-027/028, SC-010).
- name: 📤 Upload Pages artifact
if: github.ref == 'refs/heads/main'
uses: actions/upload-pages-artifact@v3
with:
path: artifacts/docs
2 changes: 1 addition & 1 deletion .github/workflows/close-milestone.yml
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ jobs:
with:
title: v${{ steps.gitversion.outputs.majorMinorPatch }}
- name: sync milestones
uses: RocketSurgeonsGuild/actions/sync-milestone@v0.3.15
uses: RocketSurgeonsGuild/actions/sync-milestone@v0.3.19
with:
default-label: ':sparkles: mysterious'
github-token: ${{ secrets.GITHUB_TOKEN }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/dependabot-merge.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,6 @@ on:

jobs:
comment:
uses: RocketSurgeonsGuild/actions/.github/workflows/dependabot-merge.yml@v0.3.15
uses: RocketSurgeonsGuild/actions/.github/workflows/dependabot-merge-queue.yml@v0.3.19
secrets:
RSG_BOT_TOKEN: ${{ secrets.RSG_BOT_TOKEN }}
52 changes: 36 additions & 16 deletions .github/workflows/deploy-docs.yml
Original file line number Diff line number Diff line change
@@ -1,11 +1,14 @@
name: Deploy Docs

on:
workflow_run:
workflows:
- Build
types:
- completed
push:
branches:
- main
paths:
- docs/**
- src/**
- .github/workflows/deploy-docs.yml
workflow_dispatch:

permissions:
contents: read
Expand All @@ -17,23 +20,40 @@
cancel-in-progress: false

jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v7
with:
clean: 'false'
fetch-depth: '0'
- name: 🛠️ Setup mise
uses: jdx/mise-action@v4

Check warning on line 33 in .github/workflows/deploy-docs.yml

View check run for this annotation

Codacy Production / Codacy Static Code Analysis

.github/workflows/deploy-docs.yml#L33

An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release.
with:
install: true
cache: true
github_token: ${{ secrets.GITHUB_TOKEN }}

- name: 📚 Build docs
run: mise run docs:build
env:
GH_API_TOKEN: ${{ secrets.GH_API_TOKEN }}

- name: Upload Pages artifact
uses: actions/upload-pages-artifact@v5
with:
path: docs/dist

deploy:
if: >
github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.head_branch == 'main'
name: Deploy
needs: build
runs-on: ubuntu-latest
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
steps:
- name: 📥 Download event
continue-on-error: true
uses: actions/download-artifact@v8
with:
name: event
path: artifacts/
run-id: ${{ github.event.workflow_run.id }}
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4
uses: actions/deploy-pages@v5
2 changes: 1 addition & 1 deletion .github/workflows/draft-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ jobs:
with:
title: v${{ steps.gitversion.outputs.majorMinorPatch }}
- name: sync milestones
uses: RocketSurgeonsGuild/actions/sync-milestone@v0.3.15
uses: RocketSurgeonsGuild/actions/sync-milestone@v0.3.19
with:
default-label: ':sparkles: mysterious'
github-token: ${{ secrets.GITHUB_TOKEN }}
Expand Down
58 changes: 23 additions & 35 deletions .github/workflows/lint.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
name: Lint
name: autofix.ci

on:
pull_request_target:
pull_request:
push:
branches:
- main
- next
Expand All @@ -10,20 +11,11 @@
- main
- next

# Read-only: autofix.ci pushes the fix commit server-side via its GitHub App,
# so the workflow itself never needs write access or a secret. This is what makes
# running a formatter over untrusted fork code safe.
permissions:
actions: read
checks: write
contents: write
deployments: read
id-token: none
issues: write
discussions: none
packages: none
pages: none
pull-requests: write
repository-projects: none
security-events: none
statuses: write
contents: read

concurrency:
group: lint-${{ github.event.pull_request.number || github.run_id }}
Expand All @@ -38,37 +30,33 @@
with:
clean: 'false'
fetch-depth: '0'
ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
repository: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name || github.repository }}
token: ${{ secrets.RSG_BOT_TOKEN }}
- name: Get Head Commit Message
id: commit-message
run: |
echo "message=$(git show -s --format=%s)" >> "$GITHUB_OUTPUT"
- name: 🛠️ Setup mise
uses: jdx/mise-action@v4
with:
install: true
cache: true
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: 🧹 Lint (hk fix)
if: github.event_name == 'pull_request_target'
run: |
hk fix --from-ref "$DEFAULT_BRANCH" --to-ref "$HEAD"
env:
DEFAULT_BRANCH: ${{ github.event.pull_request.base.sha }}
HEAD: ${{ github.event.pull_request.head.sha }}
- name: 🧹 Lint (hk check)
# merge_group: hard gate only — no autofix in the merge queue.
- name: 🧹 Lint (hk check) — merge_group
if: github.event_name == 'merge_group'
run: |
hk check --from-ref "$DEFAULT_BRANCH" --to-ref "$HEAD"
env:
DEFAULT_BRANCH: ${{ github.event.merge_group.base_sha }}
HEAD: ${{ github.event.merge_group.head_sha }}
- name: Add & Commit
if: github.event_name == 'pull_request_target' && !contains(steps.commit-message.outputs.message, 'Automatically linting code')
uses: stefanzweifel/git-auto-commit-action@v7
# pull_request (same-repo AND fork): apply fixes into the working tree.
# autofix.ci uploads the diff and commits it back to the PR (incl. forks).
- name: 🧹 Lint (hk fix)
if: github.event_name == 'pull_request'
run: |
hk fix --from-ref "$DEFAULT_BRANCH" --to-ref "$HEAD"
env:
GITHUB_TOKEN: ${{ secrets.RSG_BOT_TOKEN }}
DEFAULT_BRANCH: ${{ github.event.pull_request.base.sha }}
HEAD: ${{ github.event.pull_request.head.sha }}
# Must be the LAST step: pushes the working-tree changes back as a
# verified commit (and fails the check when a fix was needed).
- name: ✍️ Apply fixes (autofix.ci)
if: github.event_name == 'pull_request'
uses: autofix-ci/action@v1.3.4

Check warning on line 60 in .github/workflows/lint.yml

View check run for this annotation

Codacy Production / Codacy Static Code Analysis

.github/workflows/lint.yml#L60

An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release.
with:
commit_message: Automatically linting code
commit-message: Automatically linting code
6 changes: 3 additions & 3 deletions .github/workflows/squad-heartbeat.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ jobs:
heartbeat:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v7

- name: Check triage script
id: check-script
Expand All @@ -48,7 +48,7 @@ jobs:

- name: Ralph — Apply triage decisions
if: steps.check-script.outputs.has_script == 'true' && hashFiles('triage-results.json') != ''
uses: actions/github-script@v7
uses: actions/github-script@v9
with:
script: |
const fs = require('fs');
Expand Down Expand Up @@ -100,7 +100,7 @@ jobs:
# Copilot auto-assign step (uses PAT if available)
- name: Ralph — Assign @copilot issues
if: success()
uses: actions/github-script@v7
uses: actions/github-script@v9
with:
github-token: ${{ secrets.COPILOT_ASSIGN_TOKEN || secrets.GITHUB_TOKEN }}
script: |
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/squad-issue-assign.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,10 @@ jobs:
if: startsWith(github.event.label.name, 'squad:')
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v7

- name: Identify assigned member and trigger work
uses: actions/github-script@v7
uses: actions/github-script@v9
with:
script: |
const fs = require('fs');
Expand Down Expand Up @@ -116,7 +116,7 @@ jobs:
# Separate step: assign @copilot using PAT (required for coding agent)
- name: Assign @copilot coding agent
if: github.event.label.name == 'squad:copilot'
uses: actions/github-script@v7
uses: actions/github-script@v9
with:
github-token: ${{ secrets.COPILOT_ASSIGN_TOKEN }}
script: |
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/squad-triage.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,10 @@ jobs:
if: github.event.label.name == 'squad'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v7

- name: Triage issue via Lead agent
uses: actions/github-script@v7
uses: actions/github-script@v9
with:
script: |
const fs = require('fs');
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/sync-labels.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,4 +11,4 @@ on:

jobs:
sync_labels:
uses: RocketSurgeonsGuild/actions/.github/workflows/sync-labels.yml@v0.3.15
uses: RocketSurgeonsGuild/actions/.github/workflows/sync-labels.yml@v0.3.19
4 changes: 2 additions & 2 deletions .github/workflows/sync-squad-labels.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,10 @@ jobs:
sync-labels:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v7

- name: Parse roster and sync labels
uses: actions/github-script@v7
uses: actions/github-script@v9
with:
script: |
const fs = require('fs');
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/update-milestone.yml
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ jobs:
with:
title: v${{ steps.gitversion.outputs.majorMinorPatch }}
- name: sync milestones
uses: RocketSurgeonsGuild/actions/sync-milestone@v0.3.15
uses: RocketSurgeonsGuild/actions/sync-milestone@v0.3.19
with:
default-label: ':sparkles: mysterious'
github-token: ${{ secrets.GITHUB_TOKEN }}
19 changes: 19 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -223,3 +223,22 @@ apm_modules/
# Pkl VS Code extension VSIX cache (installed via mise `pkl-vscode` task)
.pkl-vscode/
.temp/
# Squad: ignore runtime state (logs, inbox, sessions)
.squad/orchestration-log/
.squad/log/
.squad/decisions/inbox/
.squad/sessions/
.squad/.scratch/
.squad/.cache/
# Squad: SubSquad activation file (local to this machine)
.squad-workstream
dist/
.astro/
*.local.toml

# Docs: auto-generated API reference (regenerated in CI via xmldocmd --clean).
# Keep the hand-written section landing page (api/index.md); ignore the generated tree.
docs/src/content/docs/api/**
!docs/src/content/docs/api/index.md
.playwright-mcp/
docs/api/
Loading
Loading