[Alert] Smart Alerts — 2026-03-03 (Run #22602949417) #77
Description
Smart Alert Report — 2026-03-03
Generated by smart-alerts workflow · Monitoring window: last 6 hours (since ~18:30 UTC 2026-03-02)
Prior alert: #73 (run #22589807579, ~18:29 UTC 2026-03-02)
🔴 Critical — New CI Failures on Default Branch
Two additional workflows on main have started failing since the last alert:
| Repo | Workflow | Run | Started | Status |
|---|---|---|---|---|
zircote/atlatl |
Security Audit | #22602846220 | 2026-03-03T00:46 UTC | ❌ failure |
zircote/daedalus |
Security Audit | #22602323135 | 2026-03-03T00:28 UTC | ❌ failure |
Root cause pattern: Both failures occur on commits introduced by Dependabot bumps to taiki-e/install-action (2.68.15→2.68.16). The security-audit workflows are now affected in addition to the CodeQL / pipeline failures previously reported.
Suggested action: Revert taiki-e/install-action to the last known-good SHA across atlatl and daedalus, or pin to 2.68.15 explicitly until upstream compat is confirmed.
⚠️ Warning — Ongoing Failures Approaching 24h Mark
All previously-reported failures remain unresolved (~20h since first failure). No remediation observed since prior alert.
| Repo | Workflow | Down Since | Age (approx) | Prior Alert |
|---|---|---|---|---|
zircote/rlm-rs |
CI + Daily QA ❌ | 07:31 UTC 2026-03-02 | ~17h | #69 · rlm-rs#92 |
zircote/atlatl |
CodeQL Analysis ❌ | 06:21 UTC 2026-03-02 | ~18.5h | #59 |
zircote/daedalus |
pipeline.yml ❌ | 04:15 UTC 2026-03-02 | ~20.5h | #59 |
zircote/subcog |
CI ❌ | 04:03 UTC 2026-03-02 | ~21h | #53 |
zircote/vscode-git-adr |
CI ❌ | 04:02 UTC 2026-03-02 | ~21h | #53 |
⏰ Escalation note: All five repos will cross the 48h stale-critical threshold between ~04:00–07:31 UTC 2026-03-04 if unresolved. Next smart-alerts run will escalate these to critical if still open.
Root cause (systemic): Dependabot auto-merged major-version action bumps (actions/cache v4→v5, actions/download-artifact v7→v8, actions/upload-artifact v6→v7, taiki-e/install-action patch). Remediation: revert affected action versions or add post-merge CI gates blocking Dependabot major-version automerge.
✅ Checks Below Threshold
| Check | Status | Details |
|---|---|---|
| Issue spike (>5 new in 6h) | ✅ Below threshold | 2 new issues in window (standup report + release readiness) |
| Stale critical items (>48h no activity) | ✅ Not yet triggered | Ongoing failures are ~17–21h old; threshold at 48h |
| Review backlog (>10 pending/reviewer) | ✅ Clear | 0 pending reviews (no reviewer exceeds threshold) |
| Security-labeled issues (new) | ✅ None | No new security-labeled issues opened |
ℹ️ Partial Recovery Observed
zircote/subcog: CodeQL dynamic scan passed at 20:03 UTC (2026-03-02). Regular CI status still needs confirmation.zircote/.github: All scheduled workflows passing (Agent Health Monitor ✅ success at 00:00 UTC).zircote/github-project-manager: All workflows passing ✅.
Run ID: 22602949417 · Date: 2026-03-03 · Repos monitored: 22
Generated by Smart Alerts
Generated by Smart Alerts