Highlights
This release hardens the skill's assessment coverage around two failure modes seen in real Concourse fleets. Mirror-push jobs (git push --mirror) now get a dedicated gotcha plus checkpoints: when the target repository's default branch does not exist upstream, the pre-receive hook rejects the entire push with "pre-receive hook declined" — the skill now warns about this before the first mirror push instead of letting it fail in CI. In addition, a new LLM review flags environment-specific credentials placed in shared YAML anchors (e.g. a generic vault-vars anchor carrying prod-only tokens), which silently leaks wrong or missing credentials into environments that should never see them.
Added
- Gotcha 4 in SKILL.md:
git push --mirrorrequires the target repo's default branch to exist upstream before the first push (PR #25) - CC-18 mechanical checkpoint: warns when pipelines or scripts use
git push --mirror(PR #25) - CC-23 LLM review: verifies mirror-push targets document default-branch bootstrap before first push (PR #25)
- CC-22 LLM review: flags environment-specific credentials in shared YAML anchors that should live in per-environment anchors (PR #24)
New Contributors
Full Changelog: v1.8.0...v1.9.0