3.0.0beta2

.github/dependabot.yml

@@ -0,0 +1,13 @@
+version: 2
+target-branch: develop
+updates:
+  - package-ecosystem: "bundler"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10

.github/workflows/build.yml

@@ -16,6 +16,8 @@ on:
       - "lib/radvent/version.rb"
       - "CLAUDE.md"
       - "README.md"
+permissions:
+  contents: read
 env:
   SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }}
 jobs:

.github/workflows/container.yml

@@ -5,6 +5,8 @@ on:
       - '**'
     tags:
       - '**'
+permissions:
+  contents: read
 env:
   SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }}
 jobs:

AGENTS.md

@@ -1,5 +1,47 @@
 # AGENTS.md - Guidelines for Agentic Coding in Radvent
 
+## ABSOLUTE RULES (CRITICAL)
+
+**NEVER commit or push changes without explicit user permission**
+- Do NOT run `git commit` under any circumstances
+- Do NOT run `git push` under any circumstances
+- Do NOT create pull requests under any circumstances
+- Only show changes with `git diff` after user approves
+- Wait for explicit user confirmation before ANY git operations
+
+**NEVER decide commit message without user approval**
+- Let user write the commit message
+- Do not automatically generate or suggest commit messages
+- Ask user for commit message before running `git commit`
+
+## Git Flow (Branching Model)
+
+This project uses **Git Flow** branching model (also known as A successful git branching model).
+
+### Branch Structure
+- `main`: Production-ready code. Never commit directly to main.
+- `develop`: Integration branch. Never commit directly to develop.
+- `bugfix/*`: Feature branches for bug fixes.
+- `feature/*`: Feature branches for new features.
+
+### Development Workflow
+1. Create a `bugfix/` or `feature/` branch from `develop`
+2. Make changes, test, and commit to your branch
+3. Push branch to remote: `git push -u origin branch-name`
+4. Create pull request from your branch to `develop`
+5. Merge PR into `develop` after review
+6. Never commit or push directly to `main` or `develop`
+
+### Example Commands
+```bash
+git checkout develop
+git pull origin develop
+git checkout -b bugfix/your-fix
+# Make changes, test, commit
+git push -u origin bugfix/your-fix
+# Create PR from bugfix/your-fix to develop
+```
+
 ## Build, Lint, and Test Commands
 
 ### Setup

app/controllers/attachments_controller.rb

@@ -1,5 +1,4 @@
 class AttachmentsController < ApplicationController
-  protect_from_forgery with: :null_session
   before_action :authenticate_user!, only: [:create]
 
   def create

lib/radvent/version.rb

@@ -1,6 +1,6 @@
 module Radvent
   module Version
-    VERSION = '3.0.0beta'.freeze
+    VERSION = '3.0.0beta2'.freeze
     def self.version
       VERSION
     end

opencode.jsonc

@@ -39,5 +39,27 @@
             "enabled": true,
             "environment": {}
         }
+    },
+    "permission": {
+        "bash": {
+            "*": "ask",
+            "ls *": "allow",
+            "cat *": "allow",
+            "git status": "allow",
+            "git diff *": "allow",
+            "git log *": "allow",
+            "git commit *": "ask",
+            "git push *": "deny",
+            "npm run *": "allow",
+            "npm test": "allow",
+            "cargo check": "allow"
+        },
+        "edit": {
+            "*": "ask"
+        },
+        "read": "allow",
+        "glob": "allow",
+        "grep": "allow",
+        "list": "allow"
     }
 }