Skip to content

ci: re-pin Hypatia scan reusable to standards-main GITHUB_TOKEN fix#322

Merged
hyperpolymath merged 1 commit into
mainfrom
claude/hypatia-scan-triage-g6eaa5
Jun 26, 2026
Merged

ci: re-pin Hypatia scan reusable to standards-main GITHUB_TOKEN fix#322
hyperpolymath merged 1 commit into
mainfrom
claude/hypatia-scan-triage-g6eaa5

Conversation

@hyperpolymath

Copy link
Copy Markdown
Owner

Summary

Bumps the Hypatia scan wrapper's reusable-workflow pin from d135b05 (pre-fix)
to e2ef79eecdd623ff631fcbf3fe0268ba4f4ce166 — the squash-merge of
standards#429 on
standards/main.

Why

  • d135b05 predates the alert-token fix: the reusable's "Run Hypatia scan" step
    set no GITHUB_TOKEN, so the scanner's Dependabot / code-scanning /
    secret-scanning checks were skipped with GITHUB_TOKEN not set warnings.
  • The interim pin abd93c3 (the head commit of PR #429) is not an ancestor
    of standards/main — #429 was squash-merged as e2ef79e — so it tripped the
    governance Workflow-Staleness check (abd93c3 "not a recognised ancestor
    of standards HEAD").
  • e2ef79e is on standards/main and carries the full fix:
    GITHUB_TOKEN: ${{ secrets.HYPATIA_SCAN_PAT || secrets.GITHUB_TOKEN }} plus
    --exit-zero + if: always() artifact upload.

This is the fleet-side counterpart to the identical re-pin in hyperpolymath/hypatia.

Note: fleet actuation uses HYPATIA_DISPATCH_PAT (a different token); this
change only concerns the read-only scan reusable and does not touch dispatch.

🤖 Generated with Claude Code


Generated by Claude Code

Bump the reusable pin from d135b05 (pre-fix) to
e2ef79eecdd623ff631fcbf3fe0268ba4f4ce166, the squash-merge of
standards#429 on main that passes GITHUB_TOKEN to the scanner and
carries --exit-zero + if: always() artifact upload. d135b05 predates
the alert-token fix and abd93c3 (the #429 head) is not an ancestor of
standards/main, so both tripped the Workflow-Staleness governance check.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01CqWi7nt49wKrsfsTdXy8ed
@hyperpolymath hyperpolymath marked this pull request as ready for review June 26, 2026 19:52
@hyperpolymath hyperpolymath merged commit b4475b9 into main Jun 26, 2026
20 checks passed
@hyperpolymath hyperpolymath deleted the claude/hypatia-scan-triage-g6eaa5 branch June 26, 2026 19:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant