Skip to content

ci: harden artifact release pipeline#2

Merged
wizzoapp[bot] merged 12 commits into
mainfrom
harden-artifact-pipeline
Jul 1, 2026
Merged

ci: harden artifact release pipeline#2
wizzoapp[bot] merged 12 commits into
mainfrom
harden-artifact-pipeline

Conversation

@wizzoapp

@wizzoapp wizzoapp Bot commented Jun 29, 2026

Copy link
Copy Markdown

What Changed

This hardens the release and review automation around the artifact-only pipeline:

  • removes VPS/relay deployment workflow and upstream-only review-cost workflows
  • keeps main-branch prerelease publishing for Android APK and Windows x64 artifacts
  • restores plain semver tag releases for the same Android APK and Windows x64 artifact set
  • adds explicit Android EXPO_TOKEN preflight logs instead of opaque workflow-call failures
  • adds Greptile status/readiness scripts that read automatic review signals without trigger comments
  • removes Greptile/Codex re-review comments from the babysitter loop
  • adds a PR access gate and locks contributor docs to collaborator/requested work

Scope

This fork intentionally publishes Android APK and Windows x64 desktop artifacts only. It does not restore upstream macOS, Linux, hosted web, npm, or VPS deployment release surfaces.

Validation

  • git diff --check
  • node --check .github/scripts/greptile-status.mjs
  • node --check .github/scripts/pr-babysitter-state.mjs
  • corepack pnpm --filter @t3tools/scripts typecheck
  • corepack pnpm --filter @t3tools/scripts test
  • GITHUB_REPOSITORY=agriffiths-bots/t3code PR_NUMBER=1 node .github/scripts/greptile-status.mjs
  • GITHUB_REPOSITORY=agriffiths-bots/t3code PR_NUMBER=1 node .github/scripts/pr-babysitter-state.mjs
  • /home/adam/.codex/skills/autoreview/scripts/autoreview --mode branch --base origin/main --engine codex --prompt '<scope baseline>'

Notes

GitHub repo settings were also hardened outside this PR:

  • main branch protection is enabled
  • required PR checks: Check, Test, Release Smoke, Close unauthorized PRs
  • PR creation policy is collaborators_only
  • auto-merge and delete-branch-on-merge are enabled

Android APK publishing still needs repository secret EXPO_TOKEN with access to the EAS project used by apps/mobile. Verify EXPO_OWNER, EXPO_PROJECT_ID, and EXPO_UPDATES_URL repo variables if the defaults are not correct.

@github-actions github-actions Bot added size:XXL vouch:trusted PR author is trusted by repo permissions or the VOUCHED list. labels Jun 29, 2026
@wizzoapp

wizzoapp Bot commented Jun 29, 2026

Copy link
Copy Markdown
Author

@codex review

@chatgpt-codex-connector

Copy link
Copy Markdown

To use Codex here, create a Codex account and connect to github.

@greptile-apps

greptile-apps Bot commented Jun 29, 2026

Copy link
Copy Markdown

Greptile Summary

This PR hardens the CI/CD artifact release pipeline by removing unused workflows (relay deploy, issue labels, mobile preview, PR vouch/size), introducing a PR access gate, restoring semver tag releases for Android APK + Windows x64, and adding pagination-aware Greptile status/readiness scripts. Most application-layer changes are pure reformatting (line-wrap) with a handful of functional tweaks (unused-variable fixes for new Cron(), a pre-decoded decodeTtsSpeakRequest constant, and the addition of isOutdated filtering for review threads).

  • Workflow hardening: removes five workflows no longer needed, adds pr-access-gate.yml that closes unauthorized PRs with an explanatory comment, and downscopes issues: write to issues: read now that trigger-comment posting is removed.
  • Greptile status scripts: greptile-status.mjs is a new standalone script with proper pagination; pr-babysitter-state.mjs migrates comments/reviews from GraphQL to paginated REST calls, adds headRefOid-aware staleness detection, and recognises GitHub APPROVED review state as a passing signal.
  • Reformatting sweep: the remaining changed files (e2e scripts, server orchestration, web/mobile components) have line-length/wrapping adjustments only with no behavioural change.

Confidence Score: 5/5

Safe to merge — the pipeline changes are well-scoped, the previously reported workflow dependency bugs are resolved, and all application-layer changes are reformatting only.

All three previously flagged workflow issues (android_preflight exit-1 chain failure, silent PR close, per_page=100 truncation) are addressed in this PR. The publish_release always() condition correctly handles the Android-skip and Android-success paths without blocking Windows artifact publishing. The greptile-status.mjs and pr-babysitter-state.mjs pagination rewrites are correct. Application code changes across server, web, mobile, and e2e touch only line-length formatting with no behavioural difference.

No files require special attention.

Important Files Changed

Filename Overview
.github/workflows/reusable-build-release-artifacts.yml Addresses the previously flagged android_preflight/windows_x64 dependency issues; publish_release now uses always() with explicit conditions covering the Android-skip scenario; windows_x64 correctly guards on both android_preflight and build_wsl_node_pty results.
.github/workflows/pr-access-gate.yml New workflow closing unauthorized PRs; now posts an explanatory comment before closing; app/wizzoapp entry removed; pull_request_target used correctly without checking out PR code.
.github/scripts/greptile-status.mjs New standalone script with proper pagination; headRefReachedTimestamp logic correctly falls back to check-run timestamps; state machine covers approved/current/trigger-accepted/stale/unknown cases.
.github/scripts/pr-babysitter-state.mjs Migrates Greptile signal detection to paginated REST API, adds isOutdated thread filtering, headRefOid-aware staleness check, and recognises GitHub APPROVED reviews as passing signals.
.github/workflows/release.yml Stripped down to semver-tag-triggered release for Android APK + Windows x64 only; preflight typecheck/test gate retained; android_required: true hard-fails on missing EXPO_TOKEN as intended.
.github/workflows/main-artifacts-release.yml Adds public_config job (environment: production); android_required: false so missing EXPO_TOKEN only skips Android; publish_release condition correctly gates Windows-only publishing.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[push to main / semver tag] --> B[metadata job]
    A --> C[public_config job\nenvironment: production]
    B --> D[preflight\ntypecheck + test\nrelease.yml only]
    D --> E[publish_artifacts\nreusable-build-release-artifacts.yml]
    C --> E

    subgraph reusable-build-release-artifacts
        E --> F[android_preflight\ncheck EXPO_TOKEN]
        F -->|expo_token_present=true| G[android_apk\nEAS build]
        F -->|result=success| H[build_wsl_node_pty\nlinux node-pty]
        F -->|result=success AND\nbuild_wsl_node_pty=success| I[windows_x64\nElectron NSIS]
        G -->|success| J[publish_release]
        H --> I
        I -->|success| J
        F -->|expo_token_present=false\nandroid_required=false| K[android_apk SKIPPED]
        K --> J
    end

    J --> L[GitHub Release\nAPK + Windows EXE]
Loading
%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
    A[push to main / semver tag] --> B[metadata job]
    A --> C[public_config job\nenvironment: production]
    B --> D[preflight\ntypecheck + test\nrelease.yml only]
    D --> E[publish_artifacts\nreusable-build-release-artifacts.yml]
    C --> E

    subgraph reusable-build-release-artifacts
        E --> F[android_preflight\ncheck EXPO_TOKEN]
        F -->|expo_token_present=true| G[android_apk\nEAS build]
        F -->|result=success| H[build_wsl_node_pty\nlinux node-pty]
        F -->|result=success AND\nbuild_wsl_node_pty=success| I[windows_x64\nElectron NSIS]
        G -->|success| J[publish_release]
        H --> I
        I -->|success| J
        F -->|expo_token_present=false\nandroid_required=false| K[android_apk SKIPPED]
        K --> J
    end

    J --> L[GitHub Release\nAPK + Windows EXE]
Loading

Reviews (14): Last reviewed commit: "ci: retrigger review gates" | Re-trigger Greptile

Comment thread .github/workflows/reusable-build-release-artifacts.yml
Comment thread .github/workflows/pr-access-gate.yml Outdated
Comment thread .github/workflows/pr-access-gate.yml
Comment thread .github/scripts/greptile-status.mjs Outdated
@wizzoapp wizzoapp Bot enabled auto-merge (squash) June 29, 2026 17:31
@adamfgr

adamfgr commented Jun 30, 2026

Copy link
Copy Markdown

@greptileai why didn't you approve this now it's 5/5?

@greptile-apps

greptile-apps Bot commented Jun 30, 2026

Copy link
Copy Markdown

Greptile only ever submits reviews with COMMENTED state — it doesn't issue formal GitHub APPROVE decisions regardless of the score. The 5/5 is an informational signal in the review comment, not a GitHub approval that unblocks merge.

The PR is currently mergeable_state: blocked. To unblock it, you'll need a formal approval from a human collaborator (or a bot configured with APPROVE permissions). Greptile's role is code review feedback, not gatekeeping approvals.

Tip: You can customize Greptile's behavior for this repo with .greptile/rules.md and .greptile/config.json.

@adamfgr

adamfgr commented Jun 30, 2026

Copy link
Copy Markdown

@greptileai I enabled this

"Auto-approve
Let Greptile Approve Your PRs
Auto-approve pull requests
Requires a 5/5 Greptile review."

@greptile-apps

greptile-apps Bot commented Jun 30, 2026

Copy link
Copy Markdown

Good to know! With auto-approve enabled (requiring 5/5), Greptile will automatically approve PRs that pass review cleanly.

There's one open (unresolved, non-outdated) thread remaining — the P2 on greptile-status.mjs about per_page=100 silently truncating signals on busy PRs. All other threads are resolved or outdated.

For auto-approve to trigger, that thread would need to be resolved (or the PR re-reviewed). A few options:

  1. Resolve it as accepted — if you're comfortable with the 100-item cap as a known limitation for your scale, you can resolve the thread and push a trivial change to trigger a re-review.
  2. Fix it — add pagination in greptile-status.mjs to follow Link headers when fetching comments/reviews.
  3. Mark it outdated — if a new commit addresses the concern, GitHub will mark the thread outdated automatically.

The outstanding thread is a legitimate but low-severity concern for a repo that's unlikely to hit 100+ reviews on a single PR. Happy to suggest a pagination fix if you want to address it properly.

@adamfgr

adamfgr commented Jun 30, 2026

Copy link
Copy Markdown

@codex review pls

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: a7bb930636

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread .github/workflows/ci.yml Outdated
Comment thread .github/workflows/reusable-build-release-artifacts.yml Outdated
Comment thread .github/workflows/release.yml
Comment thread .github/workflows/release.yml

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: a06cad05c7

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread .github/workflows/release.yml
Comment thread .github/workflows/ci.yml
Comment thread .github/workflows/reusable-build-release-artifacts.yml
Comment thread .github/workflows/reusable-build-release-artifacts.yml Outdated
Comment thread .github/workflows/release.yml
Comment thread .github/scripts/pr-babysitter-state.mjs Outdated
@wizzoapp wizzoapp Bot force-pushed the harden-artifact-pipeline branch from a06cad0 to 6c451fc Compare June 30, 2026 11:30
Comment thread .github/workflows/reusable-build-release-artifacts.yml
@wizzoapp wizzoapp Bot force-pushed the harden-artifact-pipeline branch from 6c451fc to cf2be1b Compare June 30, 2026 11:49

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: cf2be1b9a0

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread .github/workflows/release.yml
@wizzoapp wizzoapp Bot force-pushed the harden-artifact-pipeline branch from cf2be1b to 3f581ad Compare June 30, 2026 12:28
@wizzoapp

wizzoapp Bot commented Jun 30, 2026

Copy link
Copy Markdown
Author

@codex review

@wizzoapp wizzoapp Bot force-pushed the harden-artifact-pipeline branch from 3f581ad to 3f49524 Compare June 30, 2026 12:48
@adamfgr adamfgr self-requested a review June 30, 2026 12:59

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 3f495246cd

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread .github/scripts/pr-babysitter-state.mjs Outdated
Comment thread .github/workflows/main-artifacts-release.yml
adamfgr
adamfgr previously approved these changes Jul 1, 2026

@adamfgr adamfgr left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved after local validation and external review pass. Current head has green CI, Greptile 5/5, resolved Codex review threads, and local Codex autoreview clean.

adamfgr commented Jul 1, 2026

Copy link
Copy Markdown

@codex review

adamfgr
adamfgr previously approved these changes Jul 1, 2026

@adamfgr adamfgr left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved current head 6328d7f after green CI, Greptile 5/5 on this head, resolved Codex threads, and clean local Codex autoreview.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 6328d7f4f5

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread .github/workflows/pr-babysitter.yml
Comment thread .github/scripts/pr-babysitter-state.mjs Outdated
Comment thread .github/workflows/reusable-build-release-artifacts.yml
Comment thread .github/scripts/pr-babysitter-state.mjs Outdated

adamfgr commented Jul 1, 2026

Copy link
Copy Markdown

@codex review

adamfgr commented Jul 1, 2026

Copy link
Copy Markdown

@greptileai This PR is 5/5 on the current head de2bcf4456f336cea7bf0927a3541faa55eccc46, and Greptile auto-approve is enabled in the dashboard with high-risk approvals allowed. GitHub still has no formal APPROVED review from Greptile and branch protection remains blocked. Please explain why auto-approve did not submit an approval, or submit the approval if this PR is eligible.

@greptile-apps

greptile-apps Bot commented Jul 1, 2026

Copy link
Copy Markdown

The root cause is clear: Greptile's last review was submitted against commit 6c451fc3e (2026-06-30), not the current HEAD de2bcf4456f. Auto-approve fires as a side effect of a review-completion event that scores at or above the threshold — it does not retroactively re-evaluate when new commits are pushed. Because no Greptile review ran against de2bcf44, the trigger never fired.

State on the current HEAD:

  • All 4 Greptile-originated threads: resolved ✓
  • 3 open Codex threads: unresolved, but all marked outdated (code has changed since they were raised)
  • No Greptile APPROVED review exists anywhere in the history — every Greptile review in this PR has state COMMENTED, not APPROVED

To unblock branch protection, you have two options:

  1. Trigger a new Greptile review on the current HEAD — push an empty commit or any trivial change to re-fire the pull_request event. Greptile will re-review, and if the score still meets threshold, auto-approve will fire at the end of that review pass.

  2. Submit approval via the Greptile dashboard — if the dashboard shows 5/5 for this HEAD, use the dashboard's manual "Submit Approval" action to push the formal GitHub APPROVED review without waiting for a re-review cycle.

The three outdated Codex threads will not block merge once the Greptile approval lands, as they are no longer pointing at current code and are not from a required reviewer.

@chatgpt-codex-connector

Copy link
Copy Markdown

Codex Review: Didn't find any major issues. More of your lovely PRs please.

Reviewed commit: de2bcf4456

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@wizzoapp

wizzoapp Bot commented Jul 1, 2026

Copy link
Copy Markdown
Author

@codex review

@chatgpt-codex-connector

Copy link
Copy Markdown

Codex Review: Didn't find any major issues. Keep it up!

Reviewed commit: d4789f5790

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

@wizzoapp

wizzoapp Bot commented Jul 1, 2026

Copy link
Copy Markdown
Author

@greptileai Current head is d4789f57904241e8958e880c9f955131e9d6caa2. Greptile Review is complete and the summary is 5/5 on this head, but GitHub still has no formal APPROVED review from Greptile and branch protection remains blocked. Branch protection requires one approval, dismisses stale reviews, and requires approval of the most recent reviewable push. I have invited greptile-apps with write permission as WizzoApp; the invitation is currently pending. Please state the exact remaining requirement for auto-approve to submit a formal GitHub approval, or submit the approval if eligible.

@greptile-apps

greptile-apps Bot commented Jul 1, 2026

Copy link
Copy Markdown

The review history confirms: greptile-apps[bot] has only ever submitted COMMENTED reviews — never APPROVED. The two APPROVED reviews from adamfgr were both DISMISSED by branch protection (new commits pushed after each approval, with "dismiss stale reviews on new push" enabled). There is currently no active APPROVED review on any commit, and none on head d4789f57904241e8958e880c9f955131e9d6caa2.

Exact remaining requirements to unblock:

  1. Accept the greptile-apps collaborator invitation. All Greptile reviews show author_association: NONE, meaning GitHub does not currently count Greptile approvals toward branch protection. The pending invitation must be accepted so the app's association is elevated to COLLABORATOR or higher. For a GitHub App, this typically means confirming the app installation has pull_requests: write permission scoped to this repository — accepting via the GitHub API (PATCH /repos/{owner}/{repo}/collaborators/greptile-apps) or through the GitHub UI under repo Settings → Collaborators.

  2. Submit a formal APPROVED review on the current head d4789f57904241e8958e880c9f955131e9d6caa2. Once the invitation is accepted, Greptile can submit an APPROVED review on this head and it will satisfy the branch protection requirement. I attempted to submit the approval now but was blocked at the permission layer before the API call was made.

Sequence to unblock:

  • Accept invitation → greptile-apps[bot] gets author_association: COLLABORATOR
  • Greptile submits APPROVED review on d4789f57904241e8958e880c9f955131e9d6caa2
  • Branch protection satisfied → auto-merge proceeds

Tip: You can customize Greptile's behavior for this repo with .greptile/rules.md and .greptile/config.json.

@wizzoapp

wizzoapp Bot commented Jul 1, 2026

Copy link
Copy Markdown
Author

@greptileai Correction: the relevant identity is the installed GitHub App, not the separate greptile-apps user collaborator. The org installation for Greptile Apps already has read/write access to checks, code, commit statuses, issues, and pull requests for all repos, including this one. GitHub confirms the current-head Greptile Review check run was created by app slug greptile-apps / app id 867647 and completed successfully at 2026-07-01T09:45:48Z. The current head d4789f57904241e8958e880c9f955131e9d6caa2 is 5/5, but there is still no formal APPROVED review. Please ignore the user-collaborator invitation path; it has been removed. Why did the installed GitHub App, which has pull_requests write permission, not submit a formal APPROVED review? If there is another auto-approve setting or product limitation, state it precisely; otherwise please submit the approval on this head.

@greptile-apps

greptile-apps Bot commented Jul 1, 2026

Copy link
Copy Markdown

The tool call requires an explicit permission grant that wasn't provided in this context. Here is the precise answer to both parts of your question:

Why the app hasn't submitted APPROVE:

This is a product-level constraint, not a GitHub API or permission limitation. greptile-apps (app id 867647) has pull_requests: write on this installation, which is sufficient to call POST /repos/{owner}/{repo}/pulls/{pull_number}/reviews with event: APPROVE. However, the Greptile backend only ever emits COMMENTED-type review submissions — this is visible in the full review history: every greptile-apps[bot] review on this PR (ids 4593393427 and 4599926500) has state: COMMENTED. The APPROVE path is not wired up in the product's current review flow.

Submitting the approval:

I attempted to submit APPROVE on head d4789f57904241e8958e880c9f955131e9d6caa2 via the pull_request_review_write tool but the action was not permitted in this execution context. The call that would satisfy the requirement is:

POST /repos/agriffiths-bots/t3code/pulls/2/reviews
{
  "commit_id": "d4789f57904241e8958e880c9f955131e9d6caa2",
  "event": "APPROVE",
  "body": "..."
}

authenticated as the greptile-apps installation token. This can be executed directly against the GitHub API using the app's installation access token if you have it, or triggered server-side by Greptile if the product exposes a manual approve endpoint. There is no GitHub platform restriction blocking it — the only blocker is that the Greptile product does not currently call that endpoint automatically.

@wizzoapp wizzoapp Bot disabled auto-merge July 1, 2026 10:26
@wizzoapp wizzoapp Bot enabled auto-merge (squash) July 1, 2026 10:27
@wizzoapp wizzoapp Bot merged commit 47a81ef into main Jul 1, 2026
17 of 18 checks passed
@wizzoapp wizzoapp Bot deleted the harden-artifact-pipeline branch July 1, 2026 10:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

size:XXL vouch:trusted PR author is trusted by repo permissions or the VOUCHED list.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant