docs(state): 6a2 checkpoint — refresh STATE/META, reconcile version/maturity#26
Open
hyperpolymath wants to merge 2 commits into
Open
docs(state): 6a2 checkpoint — refresh STATE/META, reconcile version/maturity#26hyperpolymath wants to merge 2 commits into
hyperpolymath wants to merge 2 commits into
Conversation
…d header in Intentfile purpose Refresh .machine_readable/6a2/STATE.a2ml and META.a2ml (last-updated 2026-06-05). Reconcile maturity from "scaffold"/experimental to implementation/alpha with a note that the implementation is real but incomplete (Rust CLI/codegen ~1330 LOC, Idris2 ABI ~863 LOC, Zig FFI ~417 LOC, working example manifest). Align version to authoritative Cargo.toml (0.1.0) and note the CHANGELOG.adoc 0.2.0 discrepancy. Record the PMPL-1.0-or-later -> MPL-2.0 licence migration (commit ce87d4b). Fix the leaked SPDX fragment inside the Purpose value of contractiles/intend/Intentfile.a2ml; SPDX header line at top preserved. https://claude.ai/code/session_01BwV2DWsjkBiNP3oscimMLV
🔍 Hypatia Security ScanFindings: 73 issues detected
View findings[
{
"reason": "Action perpolymath/standards/.github/workflows/governance-reusable.yml@main\n needs attention",
"type": "unpinned_action",
"file": "governance.yml",
"action": "pin_sha",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "codeql.yml lists `language: javascript-typescript` but the repo has no source files in any CodeQL-scannable language. The analyze job will exit 'no source files' on every run. Switch the matrix to `actions` (which scans workflow files — every repo has those).",
"type": "codeql_language_matrix_mismatch",
"file": "codeql.yml",
"action": "switch_codeql_matrix_to_actions",
"rule_module": "workflow_audit",
"severity": "high"
},
{
"reason": "Issue in boj-build.yml",
"type": "missing_timeout_minutes",
"file": "boj-build.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in casket-pages.yml",
"type": "missing_timeout_minutes",
"file": "casket-pages.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in casket-pages.yml",
"type": "missing_timeout_minutes",
"file": "casket-pages.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in codeql.yml",
"type": "missing_timeout_minutes",
"file": "codeql.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in dogfood-gate.yml",
"type": "missing_timeout_minutes",
"file": "dogfood-gate.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in dogfood-gate.yml",
"type": "missing_timeout_minutes",
"file": "dogfood-gate.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in dogfood-gate.yml",
"type": "missing_timeout_minutes",
"file": "dogfood-gate.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in dogfood-gate.yml",
"type": "missing_timeout_minutes",
"file": "dogfood-gate.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
}
]Powered by Hypatia Neurosymbolic CI/CD Intelligence |
…cript/Deno web residue Both failures on PR #26 were pre-existing repo issues (this PR's other commits are docs-only), surfaced by the gates running on the whole tree: - `.github/workflows/codeql.yml`: the `javascript-typescript` matrix exits "no source files" on every run (mylangiser is Rust/Idris2/Zig). Switch to `actions` (scans workflow files — every repo has them), matching the estate-wide CodeQL convention. Also corrected the file's stale `SPDX-License-Identifier: PMPL-1.0` header to MPL-2.0. - Removed `examples/SafeDOMExample.res` (ReScript) + `examples/web-project-deno.json`: stray web-frontend template residue unrelated to mylangiser's API-wrapper purpose (unreferenced; the same SafeDOMExample.res fixture was already purged from other estate repos). The ReScript file was failing the governance "Language / package anti-pattern policy" gate (ReScript banned → AffineScript). https://claude.ai/code/session_01BwV2DWsjkBiNP3oscimMLV
|
You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool. What Enabling Code Scanning Means:
For more information about GitHub Code Scanning, check out the documentation. |
🔍 Hypatia Security ScanFindings: 70 issues detected
View findings[
{
"reason": "Action perpolymath/standards/.github/workflows/governance-reusable.yml@main\n needs attention",
"type": "unpinned_action",
"file": "governance.yml",
"action": "pin_sha",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in boj-build.yml",
"type": "missing_timeout_minutes",
"file": "boj-build.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in casket-pages.yml",
"type": "missing_timeout_minutes",
"file": "casket-pages.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in casket-pages.yml",
"type": "missing_timeout_minutes",
"file": "casket-pages.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in codeql.yml",
"type": "missing_timeout_minutes",
"file": "codeql.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in dogfood-gate.yml",
"type": "missing_timeout_minutes",
"file": "dogfood-gate.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in dogfood-gate.yml",
"type": "missing_timeout_minutes",
"file": "dogfood-gate.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in dogfood-gate.yml",
"type": "missing_timeout_minutes",
"file": "dogfood-gate.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in dogfood-gate.yml",
"type": "missing_timeout_minutes",
"file": "dogfood-gate.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in dogfood-gate.yml",
"type": "missing_timeout_minutes",
"file": "dogfood-gate.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
}
]Powered by Hypatia Neurosymbolic CI/CD Intelligence |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Part of the cross-repo documentation checkpoint (2026-06-05).
Changes
.machine_readable/6a2/STATE.a2ml+META.a2ml:last-updated→ 2026-06-05; maturity reframedscaffold/experimental→implementation/alphawith a factualmaturity-note(the implementation is real but incomplete: Rust CLI/codegen ~1330 LOC, Idris2 ABI ~863 LOC, Zig FFI ~417 LOC, working example manifest); version aligned to authoritativeCargo.toml(0.1.0) with a note thatCHANGELOG.adoctop says 0.2.0; PMPL→MPL-2.0 migration recorded as an ADR.contractiles/intend/Intentfile.a2ml: fixed a leaked SPDX fragment inside thePurposevalue.Deferred to follow-up issues (not in this PR)
eclexiaiser.toml(should bemylangiser.toml).{{PLACEHOLDER}}tokens across ~44 files.bust/adjust, straylust, split trees) — parked pending the rsr-template spec.examples/SafeDOMExample.res/web-project-deno.json.🤖 Draft — opened after an automated, reviewed checkpoint edit.
https://claude.ai/code/session_01BwV2DWsjkBiNP3oscimMLV
Generated by Claude Code