Conversation
Docs in progress - test Astro staging workflow
Chore: fix Astro config
…n differentiation - needs more edits though
Replace npm with bun for faster installs and lockfile management. Add oxlint (Rust-based linter) and oxfmt (Prettier-compatible formatter) as dev dependencies with matching scripts, and configure .oxfmtrc.json to exclude MDX and YAML files where oxfmt's handling is immature.
Rename guides/yaml-config to guides/writing-commands and rewrite it as a practical patterns guide covering arguments, multi-line scripts, descriptions, aliases, chaining, env-specific commands, and real-world examples. Update all cross-references and the sidebar. Also sets site: "https://ahoy-cli.github.io" in astro.config.mjs to fix the sitemap warning and enable correct canonical URLs on deploy. Rewrites getting-started, next-steps, and index for clarity while updating the writing-commands links throughout.
Rewrite command-execution, environment, importing, CLI reference, and environment reference pages for clarity and consistency. Remove verbose prose and redundant headings, align import quote style to double-quotes, and tighten descriptions throughout.
Remove <Steps> and nested <Tabs> inside numbered lists, which produced single-line collapsed code fences that broke Rolldown's ESM parser at build time. Replace with plain markdown numbered lists and properly multi-line code blocks inside <TabItem> elements.
Switch from setup-node/npm to oven-sh/setup-bun. Move pages: write and id-token: write to the deploy job only (previously they were set at workflow level). Remove the staging gh-pages branch deploy complexity. Pin all action references to commit SHAs. Add persist-credentials: false to checkout. Fix template injection by removing github.ref_name from inline shell commands.
Mirrors the workflow from the ahoy CLI repository. Runs on push to main and all PRs, reports findings to GitHub Security via SARIF upload.
Weekly updates for both github-actions and npm (bun uses the npm ecosystem for dependabot version tracking), assigned to ocean.
|
Warning Review limit reached
Next review available in: 43 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Free Run ID: 📒 Files selected for processing (1)
WalkthroughBootstraps a new Astro/Starlight documentation site for the ahoy-cli project. Adds all project scaffolding (package.json, tsconfig, Astro config, content collection), CI/CD workflows (GitHub Pages deploy, zizmor security scan, Dependabot), custom CSS theme variables, and a full documentation content tree covering guides and reference pages. ChangesAhoy CLI Documentation Site
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Poem
Note 🎁 Summarized by CodeRabbit FreeThe PR author is not assigned a seat. To perform a comprehensive line-by-line review, please assign a seat to the pull request author through the subscription management page by visiting https://app.coderabbit.ai/login. Comment |
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
Warning Review the following alerts detected in dependencies. According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.
|
codeql-action/upload-sarif needs actions: read to fetch workflow run metadata for telemetry. Without it the SARIF upload step fails with "Resource not accessible by integration".
The zizmorcore/zizmor-action bundles a codeql upload-sarif step that requires GitHub Advanced Security code scanning regardless of repo settings. Replace with a plain pip install + zizmor run, which exits non-zero on findings and needs no special permissions or features.
Summary by CodeRabbit
New Features
Style