Relocate root configs/assets and add trajectories#1008
Merged
Conversation
Clean up the repository root by moving and removing several root-level configs and assets: move .gitleaks.toml -> .github/gitleaks.toml and update the security workflow; move readme-banner.png -> web/public/readme-banners/relay.png and update README and package READMEs to reference the hosted image; relocate .eslintrc.cjs into packages/cli; remove .dockerignore, .env.example, .gitattributes, and .mcp.json; and update AGENTS.md to use the agent-trajectories npx command. Also add multiple .agentworkforce trajectory artifacts (summaries, traces, and trajectory JSON) that document audits and the moves performed.
|
Warning You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again! |
Contributor
📝 WalkthroughWalkthroughThis PR records five completed AI-guided workflow trajectories documenting root directory cleanup audit, ESLint config relocation, README banner asset move, Gitleaks config migration, and Agent Relay MCP inspection. It updates the Gitleaks workflow path, removes a beads merge driver rule, and migrates README banner references to hosted assets while updating trajectory command documentation. ChangesRepository Cleanup and Migration
Estimated code review effort🎯 2 (Simple) | ⏱️ ~12 minutes Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Contributor
|
Preview deployed!
This preview will be cleaned up when the PR is merged or closed. |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 5
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In
@.agentworkforce/trajectories/completed/2026-05/traj_a4cddmmx8gre/trajectory.json:
- Line 56: The tracked artifact contains a machine-local absolute path in the
JSON key "projectId"; replace that value with a repo-relative identifier or an
opaque project ID (or remove the key entirely) so no developer-local filesystem
paths are committed — update the "projectId" value in trajectory.json (the
"projectId" field) to a safe, non-absolute string or delete the field and commit
the change.
In
@.agentworkforce/trajectories/completed/2026-05/traj_fvgpb6tvjygd/trajectory.json:
- Line 19: The committed trajectory.json contains a developer-local absolute
path in the "projectId" field; replace that value with a non-identifying
placeholder or a relative/portable value (e.g., "projectId": "relay" or remove
the "projectId" field) to avoid exposing local filesystem paths; update the
"projectId" entry in trajectory.json (the "projectId" key) to the sanitized
value and re-run any serialization/generation step that writes
.agentworkforce/trajectories so the change persists.
In
@.agentworkforce/trajectories/completed/2026-05/traj_rctcvl6hu15c/trajectory.json:
- Line 19: The committed trajectory metadata contains a local absolute path in
the JSON key "projectId" inside trajectory.json which leaks a workstation path;
update this by either removing the "projectId" field entirely or replacing its
value with an anonymized repo-scoped identifier (e.g., "repo:relay" or a short
UUID) so no local user/machine information is stored, then amend the commit or
create a new commit that replaces the literal "/Users/..." value with the chosen
anonymized value and verify the file still parses as valid JSON.
In
@.agentworkforce/trajectories/completed/2026-05/traj_termzdfoavap/trajectory.json:
- Line 19: The committed trajectory metadata contains a host-local absolute path
in the "projectId" field which leaks a username and environment-specific data;
update the "projectId" value in trajectory.json (the "projectId" key) to a
repo-relative identifier or an opaque ID (e.g., "relay" or a UUID) instead of
"/Users/will/…", ensuring no user-specific absolute paths remain in committed
metadata.
In
@.agentworkforce/trajectories/completed/2026-05/traj_xkp9t9riveqk/trajectory.json:
- Line 22: The committed JSON contains a local absolute path in the "projectId"
field which leaks user/workstation details; update the "projectId" value in
trajectory.json (the "projectId" key) to a stable repo identifier (e.g., a
repository name or UUID), a relative/portable path, or remove the field entirely
before committing, and ensure any generation step or script that writes
"projectId" uses a CI-safe value (env var or repo metadata) rather than the
local absolute path.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro Plus
Run ID: 92b7287d-7fff-41e5-b393-5bda8b70c4c9
⛔ Files ignored due to path filters (1)
web/public/readme-banners/relay.pngis excluded by!**/*.png
📒 Files selected for processing (24)
.agentworkforce/trajectories/completed/2026-05/traj_a4cddmmx8gre.trace.json.agentworkforce/trajectories/completed/2026-05/traj_a4cddmmx8gre/summary.md.agentworkforce/trajectories/completed/2026-05/traj_a4cddmmx8gre/trajectory.json.agentworkforce/trajectories/completed/2026-05/traj_fvgpb6tvjygd/summary.md.agentworkforce/trajectories/completed/2026-05/traj_fvgpb6tvjygd/trajectory.json.agentworkforce/trajectories/completed/2026-05/traj_rctcvl6hu15c/summary.md.agentworkforce/trajectories/completed/2026-05/traj_rctcvl6hu15c/trajectory.json.agentworkforce/trajectories/completed/2026-05/traj_termzdfoavap/summary.md.agentworkforce/trajectories/completed/2026-05/traj_termzdfoavap/trajectory.json.agentworkforce/trajectories/completed/2026-05/traj_xkp9t9riveqk.trace.json.agentworkforce/trajectories/completed/2026-05/traj_xkp9t9riveqk/summary.md.agentworkforce/trajectories/completed/2026-05/traj_xkp9t9riveqk/trajectory.json.dockerignore.env.example.gitattributes.github/gitleaks.toml.github/workflows/security.yml.mcp.jsonAGENTS.mdREADME.mdpackages/agent/README.mdpackages/cli/.eslintrc.cjspackages/cli/README.mdpackages/events/README.md
💤 Files with no reviewable changes (4)
- .dockerignore
- .gitattributes
- .mcp.json
- .env.example
| "packages/sdk/src/index.ts", | ||
| "packages/sdk/src/relaycast-errors.ts" | ||
| ], | ||
| "projectId": "/Users/will/Projects/AgentWorkforce/relay", |
Contributor
There was a problem hiding this comment.
Remove machine-local absolute path from tracked artifact.
Line 56 commits a local filesystem path with a user identifier. Please replace projectId with a repo-relative/opaque identifier (or omit it) to avoid leaking developer-local metadata in version control.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In
@.agentworkforce/trajectories/completed/2026-05/traj_a4cddmmx8gre/trajectory.json
at line 56, The tracked artifact contains a machine-local absolute path in the
JSON key "projectId"; replace that value with a repo-relative identifier or an
opaque project ID (or remove the key entirely) so no developer-local filesystem
paths are committed — update the "projectId" value in trajectory.json (the
"projectId" field) to a safe, non-absolute string or delete the field and commit
the change.
| }, | ||
| "commits": [], | ||
| "filesChanged": [], | ||
| "projectId": "/Users/will/Projects/AgentWorkforce/relay", |
Contributor
There was a problem hiding this comment.
Avoid committing local absolute projectId paths.
Line 19 exposes a developer-local path (/Users/will/...). Please sanitize to a non-identifying value (or remove the field) before merge.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In
@.agentworkforce/trajectories/completed/2026-05/traj_fvgpb6tvjygd/trajectory.json
at line 19, The committed trajectory.json contains a developer-local absolute
path in the "projectId" field; replace that value with a non-identifying
placeholder or a relative/portable value (e.g., "projectId": "relay" or remove
the "projectId" field) to avoid exposing local filesystem paths; update the
"projectId" entry in trajectory.json (the "projectId" key) to the sanitized
value and re-run any serialization/generation step that writes
.agentworkforce/trajectories so the change persists.
| }, | ||
| "commits": [], | ||
| "filesChanged": [], | ||
| "projectId": "/Users/will/Projects/AgentWorkforce/relay", |
Contributor
There was a problem hiding this comment.
Strip local workstation path from committed trajectory metadata.
Line 19 contains /Users/will/..., which leaks local user/machine info in git history. Replace with an anonymized/repo-scoped identifier or remove projectId.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In
@.agentworkforce/trajectories/completed/2026-05/traj_rctcvl6hu15c/trajectory.json
at line 19, The committed trajectory metadata contains a local absolute path in
the JSON key "projectId" inside trajectory.json which leaks a workstation path;
update this by either removing the "projectId" field entirely or replacing its
value with an anonymized repo-scoped identifier (e.g., "repo:relay" or a short
UUID) so no local user/machine information is stored, then amend the commit or
create a new commit that replaces the literal "/Users/..." value with the chosen
anonymized value and verify the file still parses as valid JSON.
| }, | ||
| "commits": [], | ||
| "filesChanged": [], | ||
| "projectId": "/Users/will/Projects/AgentWorkforce/relay", |
Contributor
There was a problem hiding this comment.
Remove host-local absolute path from committed trajectory metadata.
projectId currently includes a local filesystem path with a username (/Users/will/...). This leaks environment-specific identity data into version control and reduces artifact portability. Prefer a repo-relative or opaque identifier.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In
@.agentworkforce/trajectories/completed/2026-05/traj_termzdfoavap/trajectory.json
at line 19, The committed trajectory metadata contains a host-local absolute
path in the "projectId" field which leaks a username and environment-specific
data; update the "projectId" value in trajectory.json (the "projectId" key) to a
repo-relative identifier or an opaque ID (e.g., "relay" or a UUID) instead of
"/Users/will/…", ensuring no user-specific absolute paths remain in committed
metadata.
| ".agentworkforce/trajectories/completed/2026-05/traj_ei1zajpyq584/summary.md", | ||
| ".agentworkforce/trajectories/completed/2026-05/traj_ei1zajpyq584/trajectory.json" | ||
| ], | ||
| "projectId": "/Users/will/Projects/AgentWorkforce/relay", |
Contributor
There was a problem hiding this comment.
Avoid committing local absolute projectId values.
/Users/will/Projects/... exposes local user/workstation details and is not portable across contributors/CI. Use a stable repo identifier (or omit this field in committed artifacts).
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In
@.agentworkforce/trajectories/completed/2026-05/traj_xkp9t9riveqk/trajectory.json
at line 22, The committed JSON contains a local absolute path in the "projectId"
field which leaks user/workstation details; update the "projectId" value in
trajectory.json (the "projectId" key) to a stable repo identifier (e.g., a
repository name or UUID), a relative/portable path, or remove the field entirely
before committing, and ensure any generation step or script that writes
"projectId" uses a CI-safe value (env var or repo metadata) rather than the
local absolute path.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Clean up the repository root by moving and removing several root-level configs and assets: move .gitleaks.toml -> .github/gitleaks.toml and update the security workflow; move readme-banner.png -> web/public/readme-banners/relay.png and update README and package READMEs to reference the hosted image; relocate .eslintrc.cjs into packages/cli; remove .dockerignore, .env.example, .gitattributes, and .mcp.json; and update AGENTS.md to use the agent-trajectories npx command. Also add multiple .agentworkforce trajectory artifacts (summaries, traces, and trajectory JSON) that document audits and the moves performed.