keisei/KeiSeiKit-1.0
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
KeiSeiKit-1.0/.github/workflows/ci.yml
Parfii-bot 24c584ee50 fix: remove genesis-scan from public kit (internal tool, Bundle-only) 
Per user decision: publishing the sensitive IP pattern blocklist via public
scanner is leak of the blocklist itself (attack surface). genesis-scan
remains in PROJECT-E (private); user-global
~/.claude/hooks/genesis-leak-guard.sh (runtime hook) separate.

Deleted:
- _primitives/_rust/genesis-scan/ (whole crate, 5 files)
- hooks/git-pre-commit-genesis.sh (scanner companion)

Modified:
- workspace Cargo.toml -1 member (24→23)
- MANIFEST.toml — removed [primitive.genesis-scan] + core/full profile refs
- .github/workflows/ci.yml — removed genesis-scan job
- README.md — 7 count/description edits (24→23 rust, 10→9 hooks, 37→36 full)
- install.sh — 5 edits (--help + menus)
- mcp-server tool-registry.ts + test — scanner removed from MCP surface
- kei-sleep-queue.sh — removed scan_prompt() pre-submit hook
- 2 sleep-on-it skill phases — removed genesis-scan references

Tests: 160 Rust (was 167, -7 genesis-scan tests as expected), 24 assembler unchanged.
2026-04-22 14:11:22 +08:00

76 lines
2.2 KiB
YAML
Raw Blame History

name: CI
on:
push:
branches: [main]
pull_request:
jobs:
rust-assembler:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
with:
workspaces: _assembler
- run: cd _assembler && cargo test --release
rust-primitives:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
with:
workspaces: _primitives/_rust
- run: cd _primitives/_rust && cargo test --workspace --release
ts-packages:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
node: ['18', '20', '22']
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
- run: cd _ts_packages && npm ci
- run: cd _ts_packages && npm run build --workspaces
- run: cd _ts_packages && npm test --workspaces --if-present
install-dry-run:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- name: Install hard deps (Ubuntu)
if: matrix.os == 'ubuntu-latest'
run: sudo apt-get update && sudo apt-get install -y jq pandoc
- name: Install hard deps (macOS)
if: matrix.os == 'macos-latest'
run: brew install jq pandoc
- run: bash -n install.sh
- run: ./install.sh --no-execute --profile=minimal
- run: ./install.sh --no-execute --profile=dev
- run: ./install.sh --no-execute --profile=full
shell-lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: sudo apt-get update && sudo apt-get install -y shellcheck
- name: shellcheck (advisory)
run: find hooks _primitives -name '*.sh' -exec shellcheck -S warning {} +
continue-on-error: true # warnings are advisory initially
Reference in a new issue View git blame Copy permalink