chore(standards): synced file(s) with hallelx2/dev-standards#1
Open
hallelx2 wants to merge 10 commits into
Open
chore(standards): synced file(s) with hallelx2/dev-standards#1hallelx2 wants to merge 10 commits into
hallelx2 wants to merge 10 commits into
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Reviewer's GuideSyncs dev-standards AI agent guidelines and security workflows into this repo, adding AGENTS/agent instruction docs, Copilot review guidance, path-scoped review instructions, and reusable GitHub Actions for security scanning and optional Jules security reviews on PRs. File-Level Changes
Tips and commandsInteracting with Sourcery
Customizing Your ExperienceAccess your dashboard to:
Getting Help
|
|
Warning Review limit reached
More reviews will be available in 59 minutes and 43 seconds. Learn how PR review limits work. Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file). ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits. 🚦 How do rate limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan refill rate. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, the refill rate gradually slows as usage increases. The highest same-day bursts are limited more strictly. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (13)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
hallelx2
force-pushed
the
repo-sync/dev-standards/default
branch
from
8ac11a7 to
8312ba0
Compare
There was a problem hiding this comment.
Pull request overview
This PR syncs shared engineering/AI-review standards and standardized security automation workflows from hallelx2/dev-standards into this repository, establishing consistent reviewer guidance and baseline security scanning across repos.
Changes:
- Adds
AGENTS.mdplus Copilot/agent reviewer definitions to standardize automated review behavior. - Introduces path-scoped backend/frontend/security instruction files under
.github/instructions/. - Adds security scanning workflows (gitleaks, Trivy, gosec) and an optional Jules-based PR security review workflow.
Reviewed changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
AGENTS.md |
Adds repo-wide engineering and review standards for human + AI agents. |
.github/copilot-instructions.md |
Defines baseline Copilot PR review rubric and priorities. |
.github/agents/backend-reviewer.agent.md |
Adds Go-focused reviewer role definition. |
.github/agents/frontend-reviewer.agent.md |
Adds TS/Next-focused reviewer role definition. |
.github/agents/security-reviewer.agent.md |
Adds adversarial security reviewer role definition. |
.github/agents/test-reliability-reviewer.agent.md |
Adds test quality/determinism reviewer role definition. |
.github/instructions/backend.instructions.md |
Applies Go review rubric to **/*.go. |
.github/instructions/frontend.instructions.md |
Applies frontend review rubric to TS/TSX/CSS files. |
.github/instructions/security.instructions.md |
Applies security review rubric to all changed files. |
.github/workflows/security.yml |
Adds caller workflow to run standardized security scanning on PRs and main. |
.github/workflows/security.reusable.yml |
Adds reusable workflow implementing gitleaks/Trivy/gosec scanners. |
.github/workflows/jules-review.yml |
Adds optional automated Jules PR security review workflow. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+12
to
+22
| permissions: | ||
| contents: read | ||
| pull-requests: read | ||
| security-events: write | ||
|
|
||
| jobs: | ||
| security: | ||
| # Local reference — the reusable file is synced into THIS repo too, so each repo | ||
| # is self-contained and this works whether dev-standards is public or private. | ||
| uses: ./.github/workflows/security.reusable.yml | ||
| secrets: inherit |
Comment on lines
+10
to
+13
| permissions: | ||
| contents: read | ||
| pull-requests: read | ||
| security-events: write |
Comment on lines
+52
to
+56
| - name: gosec | ||
| if: steps.detect.outputs.is_go == 'true' | ||
| uses: securego/gosec@master | ||
| with: | ||
| args: -no-fail -fmt text ./... |
Comment on lines
+21
to
+29
| - name: Guard — only run when a Jules key is configured | ||
| id: guard | ||
| run: | | ||
| if [ -n "${{ secrets.JULES_API_KEY }}" ]; then | ||
| echo "enabled=true" >> "$GITHUB_OUTPUT" | ||
| else | ||
| echo "enabled=false" >> "$GITHUB_OUTPUT" | ||
| echo "No JULES_API_KEY set — skipping automated Jules review. Use @jules on the PR instead." | ||
| fi |
Comment on lines
+30
to
+35
| - name: Jules security review | ||
| if: steps.guard.outputs.enabled == 'true' | ||
| uses: sanjay3290/jules-pr-reviewer@main | ||
| with: | ||
| jules-api-key: ${{ secrets.JULES_API_KEY }} | ||
| github-token: ${{ github.token }} |
hallelx2
force-pushed
the
repo-sync/dev-standards/default
branch
from
8312ba0 to
0da8c86
Compare
|
You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool. What Enabling Code Scanning Means:
For more information about GitHub Code Scanning, check out the documentation. |
hallelx2
force-pushed
the
repo-sync/dev-standards/default
branch
from
0da8c86 to
6c99d8b
Compare
hallelx2
force-pushed
the
repo-sync/dev-standards/default
branch
from
6c99d8b to
8254034
Compare
hallelx2
force-pushed
the
repo-sync/dev-standards/default
branch
from
8254034 to
2cdacaa
Compare
hallelx2
force-pushed
the
repo-sync/dev-standards/default
branch
from
2cdacaa to
abb9ef0
Compare
hallelx2
force-pushed
the
repo-sync/dev-standards/default
branch
from
abb9ef0 to
fbcb471
Compare
hallelx2
added a commit
that referenced
this pull request
Jun 20, 2026
* HAL-87: scaffold Vectorless docs site (Fumadocs) Brand-matched Fumadocs (Next.js App Router) documentation site for docs.vectorless.store. - Dark theme primary; Geist Sans + Geist Mono + Instrument Serif display - Blue->pink brand gradient and subtle grid background texture - Branded landing page (hero, feature grid, quickstart strip) - Sections: Getting Started, Core Concepts (tree retrieval, no-chunking, treewalk, citations), API Reference (placeholder), SDKs (TS/Python/Go), Self-hosting (Neon + R2 + QStash + Docker, placeholder) - Orama search, OG images, llms.txt - Uses canonical 'treewalk' strategy name (retired 'pageindex') * Redesign docs site to the LIGHT Vectorless brand (HAL-190) The Fumadocs site was wrongly built dark-first with a full-page grid wash and aura/glow pseudo-elements. Restyle it to match the brand visual identity in vectorless-why/DESIGN.md, which is LIGHT. - Default theme -> light (RootProvider defaultTheme: 'light'). - Light is now the primary, clean canvas: #FCFCFD, ink #0A0A0A, secondary #3F3F46, muted #71717A, hairlines #E5E7EB. - Remove the heavy body::before grid wash and body::after aura glow. Content/docs pages are clean near-white with whitespace. - Reintroduce only a very faint brand grid rgba(20,86,240,0.06) on the landing hero, masked to fade out (.vl-hero-grid). - Keep the blue->pink signal gradient on exactly one hero line; drop the second serif/gradient register on the pull quote (now plain light sans with a mono eyebrow caption). - Mono eyebrows at 0.16em tracking; body weight ~300 per DESIGN.md. - Quickstart block is now a real dark inset terminal (#0A0A0A) — the one place dark is allowed. - Dark theme retained as an optional toggle, not the default. Restyle only: nav, sidebar, search, section structure and content unchanged. pnpm build passes. * Redesign docs site to the LIGHT Vectorless brand (HAL-190) (#1) The Fumadocs site was wrongly built dark-first with a full-page grid wash and aura/glow pseudo-elements. Restyle it to match the brand visual identity in vectorless-why/DESIGN.md, which is LIGHT. - Default theme -> light (RootProvider defaultTheme: 'light'). - Light is now the primary, clean canvas: #FCFCFD, ink #0A0A0A, secondary #3F3F46, muted #71717A, hairlines #E5E7EB. - Remove the heavy body::before grid wash and body::after aura glow. Content/docs pages are clean near-white with whitespace. - Reintroduce only a very faint brand grid rgba(20,86,240,0.06) on the landing hero, masked to fade out (.vl-hero-grid). - Keep the blue->pink signal gradient on exactly one hero line; drop the second serif/gradient register on the pull quote (now plain light sans with a mono eyebrow caption). - Mono eyebrows at 0.16em tracking; body weight ~300 per DESIGN.md. - Quickstart block is now a real dark inset terminal (#0A0A0A) — the one place dark is allowed. - Dark theme retained as an optional toggle, not the default. Restyle only: nav, sidebar, search, section structure and content unchanged. pnpm build passes. * docs: use the real Vectorless V logo in nav + favicon (HAL-191) Replace the invented node-graph mark with the canonical logo — blue tile + white V (M4 4 L12 20 L20 4) + pink focal dot — matching vectorless-dashboard's icon.tsx; add the matching app favicon. Wordmark in Geist medium. Closes HAL-191. * docs: use the real Vectorless V logo in nav + favicon (HAL-191) (#2) Replace the invented node-graph mark with the canonical logo — blue tile + white V (M4 4 L12 20 L20 4) + pink focal dot — matching vectorless-dashboard's icon.tsx; add the matching app favicon. Wordmark in Geist medium. Closes HAL-191. * Polish docs home page design Elevate the marketing/home surface within the Vectorless light brand: - Hero: real V mark, staggered precision reveal, refined terminal inset - New document -> tree -> cited answer SVG motif (hairline, blue path, single pink citation dot; edges draw + nodes snap) - Feature grid with mono index numbers and hover accent - Parse/Walk/Cite three-step band - Refined Instrument-Serif thesis closer with CTA No new gradients, no dark page bg, no new mark - honors DESIGN.md. * feat(docs): premium landing page redesign with GSAP and HeroShader * style(docs): mintlify-inspired redesign and hero button fix * chore(docs): redirect primary GitHub links to vectorless-engine * fix(docs): resolve hero stacking and button visibility issues * style(docs): fix code block contrast and remove card blue border * chore: remove deprecated packages ts-sdk, openapi, and mcp-tools * feat: migrate docs and blogs to monorepo and update branding * style: premium editorial layout redesign for vectorless blog * style: expand layout to full-width page * ci: update workflows to match monorepo package configuration * fix: resolve workspace react type conflicts by overriding react and react types * chore: add typecheck scripts for all monorepo apps to run under turborepo * fix: resolve lint errors and warnings across workspace packages
added 2 commits
June 22, 2026 11:39
Synced AI-review standards from hallelx2/dev-standards.
…m remote '.github/copilot-instructions.md' Synced AI-review standards from hallelx2/dev-standards.
added 8 commits
June 22, 2026 11:39
…b/agents/' Synced AI-review standards from hallelx2/dev-standards.
…tions.md' from remote '.github/instructions/backend.instructions.md' Synced AI-review standards from hallelx2/dev-standards.
…ctions.md' from remote '.github/instructions/frontend.instructions.md' Synced AI-review standards from hallelx2/dev-standards.
…ctions.md' from remote '.github/instructions/security.instructions.md' Synced AI-review standards from hallelx2/dev-standards.
… remote '.github/workflows/security.yml' Synced AI-review standards from hallelx2/dev-standards.
…yml' from remote '.github/workflows/security.reusable.yml' Synced AI-review standards from hallelx2/dev-standards.
…from remote '.github/workflows/jules-review.yml' Synced AI-review standards from hallelx2/dev-standards.
…'.github/dependabot.yml' Synced AI-review standards from hallelx2/dev-standards.
hallelx2
force-pushed
the
repo-sync/dev-standards/default
branch
from
fbcb471 to
3b24fc2
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
synced local file(s) with hallelx2/dev-standards.
Changed files
AGENTS.mdfrom remoteAGENTS.md.github/copilot-instructions.mdfrom remote.github/copilot-instructions.md.github/agents/and copied all sub files/folders from remote directory.github/agents/.github/instructions/backend.instructions.mdfrom remote.github/instructions/backend.instructions.md.github/instructions/frontend.instructions.mdfrom remote.github/instructions/frontend.instructions.md.github/instructions/security.instructions.mdfrom remote.github/instructions/security.instructions.md.github/workflows/security.ymlfrom remote.github/workflows/security.yml.github/workflows/security.reusable.ymlfrom remote.github/workflows/security.reusable.yml.github/workflows/jules-review.ymlfrom remote.github/workflows/jules-review.yml.github/dependabot.ymlfrom remote.github/dependabot.ymlThis PR was created automatically by the repo-file-sync-action workflow run #27949902439