You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
1 (agent → Auto Release, still red since 2026-03-22)
0
Open code-scanning alerts
8 (.github=3, agent=5)
0
Open Dependabot alerts
0
0
Unassigned bugs
0 (no bug label exists in org)
0
Critical items
Repo
Item
Link
Recommended action
fro-bot/.github
Duplicate unsolicited-collaborator-grant alerts from bfra-me — 4 repos: bfra-me/.github, bfra-me/ha-addon-repository, bfra-me/renovate-action, +1. Two identical issues opened within 0s of each other (reconciler emitted twice).
Close one as duplicate, decide accept/decline on the grants. Also: the rollup emitter has a deduplication bug — investigate why it fired twice at 08:54:50Z.
fro-bot/agent
Auto Release workflow still failing on main since 2026-03-22 (now ~58d red). Same call as yesterday — Prepare Release PR is doing the actual work.
All other 8 open PRs were updated within the last 24h (Renovate batch on agent and .github, plus the active docs PR on .github). The backlog is not growing.
Static site — likely close as not-applicable. Carryover.
Op-log entropy increasing: 20+ "Fro Bot operational log" issues are now >14d old in fro-bot/.github, oldest being #3166 at 26d. Yesterday's recommended auto-close (14d retention) is unimplemented; the noise floor is climbing daily.
Unassigned bugs or high-signal issues
No bug-labeled issues exist org-wide. Carryover: the label taxonomy needs a baseline. The two reconcile:pending-review issues (#3307, #3308) are the closest thing to a high-signal unassigned item today — they're security-adjacent (collaborator access) and have no assignee.
Repo hotspots
fro-bot/.github — 49 open issues (40 operational logs + 2 duplicate collaborator-grant alerts + noise), 3 open PRs. Issue volume jumped +5 in 24h; ~80% is bot-authored process artifact.
fro-bot/agent — 5 open PRs (all Renovate or release), 2 open issues. Active churn, healthy.
New (P0): Triage the bfra-me collaborator grants in #3307 / #3308. Close one as duplicate. Accept or decline the four repos. This is org-perimeter security work.
New: Fix the reconciler's double-emission bug (two identical rollups at 08:54:50Z). The dedup gate failed.
Carryover: Implement 14d auto-close for "Fro Bot operational log" + "Daily Autohealing Report" patterns. Op-log queue is now 40 issues deep and growing ~2/day.
Carryover: Decide fro-bot/agent → Auto Release (delete or fix). 58 days red.
Carryover: Resolve fro-bot/systematic#2 (Renovate config) — merge or close at 23d.
Carryover: Resolve fro-bot/systematic#1 and fro-bot/fro-bot.github.io#1 — both 71d cold on the same CodeQL question.
Carryover: Triage the 8 Scorecard alerts as policy debt or enforce Branch-Protection baseline.
Carryover: Establish a bug label baseline on .github and agent.
Scope: all repositories in the
fro-botGitHub organization. Data pulled viaghat run start. Links only; no content duplication.Previous report: #3304 (no action taken since — backlog items below are largely carryover).
Summary metrics
.github,agent,fro-bot.github.io,systematic,tokentoiletarchived)agent→Auto Release, still red since 2026-03-22).github=3,agent=5)buglabel exists in org)Critical items
fro-bot/.githubbfra-me— 4 repos:bfra-me/.github,bfra-me/ha-addon-repository,bfra-me/renovate-action, +1. Two identical issues opened within 0s of each other (reconciler emitted twice).08:54:50Z.fro-bot/agentAuto Releaseworkflow still failing onmainsince 2026-03-22 (now ~58d red). Same call as yesterday —Prepare Release PRis doing the actual work.fro-bot/.githubBranch-Protection,CII-Best-Practices,Fuzzingfro-bot/agentSAST,Fuzzing,CII-Best-Practices,Code-Review,Branch-ProtectionNo new Dependabot alerts. No broken release pipelines blocking shipping.
Aging PRs (>7d no activity)
fro-bot/systematicAll other 8 open PRs were updated within the last 24h (Renovate batch on
agentand.github, plus the active docs PR on.github). The backlog is not growing.Stale issues (>30d no activity)
fro-bot/systematicfro-bot/fro-bot.github.ioOp-log entropy increasing: 20+ "Fro Bot operational log" issues are now >14d old in
fro-bot/.github, oldest being #3166 at 26d. Yesterday's recommended auto-close (14d retention) is unimplemented; the noise floor is climbing daily.Unassigned bugs or high-signal issues
No
bug-labeled issues exist org-wide. Carryover: the label taxonomy needs a baseline. The tworeconcile:pending-reviewissues (#3307, #3308) are the closest thing to a high-signal unassigned item today — they're security-adjacent (collaborator access) and have no assignee.Repo hotspots
fro-bot/.github— 49 open issues (40 operational logs + 2 duplicate collaborator-grant alerts + noise), 3 open PRs. Issue volume jumped +5 in 24h; ~80% is bot-authored process artifact.fro-bot/agent— 5 open PRs (all Renovate or release), 2 open issues. Active churn, healthy.fro-bot/systematic— Stalest PR in org (fix: add @fro-bot as a collaborator to prevent it from being "removed" #2, 23d), 70d-cold issue (feat: set default settings #1). Same call as yesterday: decide if this repo is alive.Recommended actions (checklist)
bfra-mecollaborator grants in #3307 / #3308. Close one as duplicate. Accept or decline the four repos. This is org-perimeter security work.08:54:50Z). The dedup gate failed.fro-bot/agent→Auto Release(delete or fix). 58 days red.fro-bot/systematic#2(Renovate config) — merge or close at 23d.fro-bot/systematic#1andfro-bot/fro-bot.github.io#1— both 71d cold on the same CodeQL question.Branch-Protectionbaseline.buglabel baseline on.githubandagent.Run Summary
gh issue list,gh pr list,gh api actions/workflows,gh api code-scanning/alerts,gh api dependabot/alerts