diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 72e368a..38fc524 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -44,9 +44,9 @@ jobs: java-version: "17" - uses: gradle/actions/setup-gradle@v4 with: - gradle-version: "8.8" + gradle-version: wrapper - name: Run Android lint - run: gradle --no-daemon lintDebug + run: ./gradlew --no-daemon lintDebug typecheck: name: ci/typecheck @@ -59,9 +59,9 @@ jobs: java-version: "17" - uses: gradle/actions/setup-gradle@v4 with: - gradle-version: "8.8" + gradle-version: wrapper - name: Compile Kotlin - run: gradle --no-daemon :app:compileDebugKotlin + run: ./gradlew --no-daemon :app:compileDebugKotlin unit: name: ci/unit @@ -74,19 +74,21 @@ jobs: java-version: "17" - uses: gradle/actions/setup-gradle@v4 with: - gradle-version: "8.8" + gradle-version: wrapper - name: Run unit tests - run: gradle --no-daemon testDebugUnitTest + run: ./gradlew --no-daemon testDebugUnitTest secrets: name: security/secrets runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + with: + fetch-depth: 0 - name: Secret scan - uses: gitleaks/gitleaks-action@v2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + uses: trufflesecurity/trufflehog@main + with: + extra_args: --only-verified build: name: ci/build @@ -106,6 +108,6 @@ jobs: java-version: "17" - uses: gradle/actions/setup-gradle@v4 with: - gradle-version: "8.8" + gradle-version: wrapper - name: Build debug APK - run: gradle --no-daemon assembleDebug + run: ./gradlew --no-daemon assembleDebug diff --git a/.github/workflows/release-evidence.yml b/.github/workflows/release-evidence.yml index 36f8e72..e77ab14 100644 --- a/.github/workflows/release-evidence.yml +++ b/.github/workflows/release-evidence.yml @@ -27,18 +27,18 @@ jobs: - name: Gateway-only boundary check run: python ci/check_gateway_boundary.py - name: Secret scan - uses: gitleaks/gitleaks-action@v2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + uses: trufflesecurity/trufflehog@main + with: + extra_args: --only-verified - uses: actions/setup-java@v4 with: distribution: temurin java-version: "17" - uses: gradle/actions/setup-gradle@v4 with: - gradle-version: "8.8" + gradle-version: wrapper - name: Build release artifact - run: gradle --no-daemon assembleRelease + run: ./gradlew --no-daemon assembleRelease - name: Generate SBOM uses: anchore/sbom-action@v0 with: diff --git a/AGENTS.md b/AGENTS.md index 32bd9a8..3576758 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -50,3 +50,13 @@ gradle assembleDebug ## Test gradle test + + +## Dispatch Inbox + +At the start of every session, check `intake/pending-dispatches/` for repo-local work packets. +Primary transport is still the coordinator message bus. +Use this folder only as the pre-bus or degraded-mode fallback when a repo is not yet fully bus-onboarded, or when bus/GitHub relay delivery is unavailable. +Update the dispatch file status in place when you acknowledge, progress, complete, reject, supersede, or expire the work. +Cross-repo queue visibility is aggregated in `coordinator/reports/dispatch/fallback-dispatch-summary.md`. + diff --git a/app/build.gradle.kts b/app/build.gradle.kts index 29c8d68..b5ce816 100644 --- a/app/build.gradle.kts +++ b/app/build.gradle.kts @@ -18,7 +18,7 @@ android { versionName = "1.0" testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner" - buildConfigField("String", "TOREVA_API_URL", "\"${project.findProperty("TOREVA_API_URL") ?: "http://10.0.2.2:8080/"}\"") + buildConfigField("String", "TOREVA_API_URL", "\"${project.findProperty("TOREVA_API_URL") ?: "https://gateway.toreva.com/"}\"") buildConfigField("String", "SOLANA_CLUSTER", "\"${project.findProperty("TOREVA_SOLANA_CLUSTER") ?: "devnet"}\"") buildConfigField("String", "EXPLORER_URL", "\"${project.findProperty("TOREVA_EXPLORER_URL") ?: "https://solscan.io"}\"") buildConfigField("String", "RPC_URL", "\"${project.findProperty("TOREVA_RPC_URL") ?: "https://api.devnet.solana.com"}\"") diff --git a/data/dispatches/README.md b/data/dispatches/README.md new file mode 100644 index 0000000..535b426 --- /dev/null +++ b/data/dispatches/README.md @@ -0,0 +1,7 @@ +# android fallback dispatch outbox + +This folder (data/dispatches) stores repo-originated dispatch copies for audit and replay when the primary coordinator-bus transport is unavailable, or when the target repo is not yet fully bus-onboarded. + +Mirror each fallback dispatch to the target repo's `intake/pending-dispatches/` folder. +Do not treat this as a parallel or replacement transport while the bus is healthy. +Keep headers aligned with the inbox protocol so coordinator can build a single queue view. diff --git a/intake/pending-dispatches/README.md b/intake/pending-dispatches/README.md new file mode 100644 index 0000000..6759d53 --- /dev/null +++ b/intake/pending-dispatches/README.md @@ -0,0 +1,14 @@ +# android fallback dispatch inbox + +Primary transport is the coordinator message bus. +This folder is the repo-local intake queue only for pre-bus onboarding gaps or degraded-mode fallback when coordinator bus delivery or GitHub relay is unavailable. + +Required headers for new files: +- `Status:` staged | acknowledged | in_progress | completed | rejected | superseded | expired +- `Fallback reason:` pre_bus_gap | degraded_mode +- `From:` source repo or actor +- `To:` target repo or accountable +- `Priority:` P0 | P1 | P2 | P3 +- `Raised:` ISO date or timestamp + +Update status in place as work progresses. Coordinator aggregates this queue in `reports/dispatch/fallback-dispatch-summary.md`.