Add Apache 2.0 license#1
Closed
so0k wants to merge 1 commit into
Closed
Conversation
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
so0k
added a commit
that referenced
this pull request
May 26, 2026
…igin String, scope todo rule Resolve the three real bugs from the Qodo PR review (#2/#3/#4); #1 dismissed as a false positive with an AGENTS.md clarification. - #2 FindProjectConfig now returns (string, bool, error): a non-fs.ErrNotExist stat failure (e.g. permission denied on an ancestor .skillrig dir) is surfaced as fatal instead of masked as "not found"; ResolveOrigin fails fast. Closes the discovery-stage gap symmetric to Load's I/O-fatal path. - #3 Origin.String() returns "" for the zero Origin (the SourceNone sentinel) instead of a misleading "/"; precedence test compares directly. - #4 gitRoot returns (string, error); ProjectWriteTarget falls back to cwd ONLY for expected cases (git absent / not a repo) and propagates unexpected errors (context cancellation/timeout, exec failures), so init never writes config to the wrong directory. - #1 (markdown checkbox rule violation): false positive — the cited checkboxes are /specledger in-document spec/plan checklists, not work tracking. AGENTS.md reworded to scope the rule to work-item tracking and explicitly allow them. Tests (TDD, real fixtures): zero-origin String, permission-denied walk-up fatal, cancelled-ctx write-target fatal, non-repo cwd fallback preserved. Gate green: go test ./... · gofmt · go vet · golangci-lint (0 issues). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
so0k
added a commit
that referenced
this pull request
May 30, 2026
Resolve the bugs and one rule violation from the automated Qodo review on PR #5 (see specledger/002-skillcore-verify/reviews/002-review.md): - Path traversal (#5): validate the skill name as a single safe path segment before any FS op, so `add ../x` can't escape .agents/skills/ or os.RemoveAll an arbitrary dir. New *InvalidSkillNameError + tests. - Symlinks (#6): reject any symlink in the origin skill subtree (would let copy/compare follow outside it and break byte-identical/git-canonical vendoring). New *SymlinkUnsupportedError + test; policy noted in cli.md (preserve-as-symlink is a future relaxation). - Verify error class (#8): pathInHead now propagates a *GitError only when git cannot run or "not a git repository"; every other rev-parse failure (absent path, unborn HEAD) stays "not in tree" — honoring the Verify SDK contract without breaking the dirty/missing verdicts. Tests for both. - rev-parse option injection (#7): refuse a revision beginning with '-' (git rev-parse echoes --/--end-of-options, so a guard is the right fix). Test. - %q rule (#1): quote path strings in mapAddError's user-facing messages. Declined: verify-report-on-stdout (the report is data; exit code is the signal; contract requires `verify --json 2>/dev/null | jq`) and the //go:build integration tag (project separates integration by ./test/ dir) — PR replies posted. Skipped: unchecked strings.Builder writes (never error). Gate: golangci-lint 0 issues; go test -cover -count=1 ./... green (skillcore 80.7%, internal/cli 51.6%). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This was referenced May 30, 2026
Merged
Contributor
Author
|
Superseded by #14, which adds an MIT license instead of Apache-2.0 (MIT matches the GitHub CLI Go sources used as a design reference). |
so0k
added a commit
that referenced
this pull request
Jun 1, 2026
Adds an **MIT** `LICENSE` (MIT chosen to match the GitHub CLI Go sources used as a design reference). Supersedes #1 (which proposed Apache-2.0). ### Why `fix:` (and not `docs:`) v1.0.0 already shipped **without** a license, so its release archives don't bundle one. GoReleaser auto-includes `LICENSE*` in archives, so landing this lets release-please cut **v1.0.1** and the patch release will carry the license. A `docs:`/`chore:` title would add the file but not bump a release. Copyright holder is set to `skillrig` (org) / 2026 — adjust if you'd prefer a different holder.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds an
Apache-2.0LICENSEfile (canonical text from apache.org).🤖 Generated with Claude Code