From d1d901349b50933e4ddc182bb4412bf0fa432c73 Mon Sep 17 00:00:00 2001 From: "Jonathan D.A. Jewell" <6759885+hyperpolymath@users.noreply.github.com> Date: Tue, 17 Mar 2026 21:34:47 +0000 Subject: [PATCH 1/4] =?UTF-8?q?chore:=20Big=20Unification=20=E2=80=94=20at?= =?UTF-8?q?tach=20to=20BoJ=20Server=20/=20Casket=20architecture?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/boj-build.yml | 19 +++++++++++++++++++ .machine_readable/anchors/ANCHOR.a2ml | 18 ++++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 .github/workflows/boj-build.yml create mode 100644 .machine_readable/anchors/ANCHOR.a2ml diff --git a/.github/workflows/boj-build.yml b/.github/workflows/boj-build.yml new file mode 100644 index 0000000..d474939 --- /dev/null +++ b/.github/workflows/boj-build.yml @@ -0,0 +1,19 @@ +name: BoJ Server Build Trigger + +on: + push: + branches: [ main, master ] + workflow_dispatch: + +jobs: + trigger-boj: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Trigger BoJ Server (Casket/ssg-mcp) + run: | + # Send a secure trigger to boj-server to build this repository + curl -X POST "http://boj-server.local:7700/cartridges/ssg-mcp/build" -H "Content-Type: application/json" -d "{\"repo\": \"${{ github.repository }}\", \"branch\": \"${{ github.ref_name }}\", \"engine\": \"casket\"}" + continue-on-error: true diff --git a/.machine_readable/anchors/ANCHOR.a2ml b/.machine_readable/anchors/ANCHOR.a2ml new file mode 100644 index 0000000..4eec1c5 --- /dev/null +++ b/.machine_readable/anchors/ANCHOR.a2ml @@ -0,0 +1,18 @@ +# ⚓ ANCHOR: conative-gating +# This is the canonical authority for the conative-gating repository. + +id: "org.hyperpolymath.conative-gating" +version: "1.0.0" +clade: "unknown" +status: "active" + +# SSG Configuration (Unified boj-server build) +ssg: + engine: "casket" + output_dir: "public" + boj_trigger: true + cartridge: "ssg-mcp" + +# Relationships +parents: + - "org.hyperpolymath.boj-server" From 9a97c89f98d92e1445f55c3dcd62e5b66a8aa95d Mon Sep 17 00:00:00 2001 From: "Jonathan D.A. Jewell" <6759885+hyperpolymath@users.noreply.github.com> Date: Tue, 17 Mar 2026 21:45:08 +0000 Subject: [PATCH 2/4] =?UTF-8?q?chore:=20Big=20Unification=20=E2=80=94=20at?= =?UTF-8?q?tach=20to=20BoJ=20Server=20/=20Casket=20architecture?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/boj-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/boj-build.yml b/.github/workflows/boj-build.yml index d474939..b59be5f 100644 --- a/.github/workflows/boj-build.yml +++ b/.github/workflows/boj-build.yml @@ -15,5 +15,5 @@ jobs: - name: Trigger BoJ Server (Casket/ssg-mcp) run: | # Send a secure trigger to boj-server to build this repository - curl -X POST "http://boj-server.local:7700/cartridges/ssg-mcp/build" -H "Content-Type: application/json" -d "{\"repo\": \"${{ github.repository }}\", \"branch\": \"${{ github.ref_name }}\", \"engine\": \"casket\"}" + curl -X POST "http://boj-server.local:7700/cartridges/ssg-mcp/invoke" -H "Content-Type: application/json" -d "{\"repo\": \"${{ github.repository }}\", \"branch\": \"${{ github.ref_name }}\", \"engine\": \"casket\\"}"} continue-on-error: true From 01ab6de9dd29d9f2145425b4eda57b5449cdb648 Mon Sep 17 00:00:00 2001 From: "Jonathan D.A. Jewell" <6759885+hyperpolymath@users.noreply.github.com> Date: Wed, 18 Mar 2026 17:06:29 +0000 Subject: [PATCH 3/4] chore(ci): maximize ci/cd values via dependabot and permissions --- .github/workflows/boj-build.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/boj-build.yml b/.github/workflows/boj-build.yml index b59be5f..610a8d6 100644 --- a/.github/workflows/boj-build.yml +++ b/.github/workflows/boj-build.yml @@ -1,19 +1,17 @@ name: BoJ Server Build Trigger - on: push: - branches: [ main, master ] + branches: [main, master] workflow_dispatch: - jobs: trigger-boj: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - - name: Trigger BoJ Server (Casket/ssg-mcp) run: | # Send a secure trigger to boj-server to build this repository curl -X POST "http://boj-server.local:7700/cartridges/ssg-mcp/invoke" -H "Content-Type: application/json" -d "{\"repo\": \"${{ github.repository }}\", \"branch\": \"${{ github.ref_name }}\", \"engine\": \"casket\\"}"} continue-on-error: true +permissions: read-all From 4d6dc3a5babb6192454bb42652bae6e0e5352796 Mon Sep 17 00:00:00 2001 From: "Jonathan D.A. Jewell" <6759885+hyperpolymath@users.noreply.github.com> Date: Wed, 18 Mar 2026 20:42:12 +0000 Subject: [PATCH 4/4] fix(ci): Resolve workflow-linter self-matching and metadata issues --- .github/workflows/boj-build.yml | 3 ++- .github/workflows/workflow-linter.yml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/boj-build.yml b/.github/workflows/boj-build.yml index 610a8d6..c99d1db 100644 --- a/.github/workflows/boj-build.yml +++ b/.github/workflows/boj-build.yml @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: PMPL-1.0-or-later name: BoJ Server Build Trigger on: push: @@ -8,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Trigger BoJ Server (Casket/ssg-mcp) run: | # Send a secure trigger to boj-server to build this repository diff --git a/.github/workflows/workflow-linter.yml b/.github/workflows/workflow-linter.yml index 35f24b2..63c14a1 100644 --- a/.github/workflows/workflow-linter.yml +++ b/.github/workflows/workflow-linter.yml @@ -63,7 +63,7 @@ jobs: echo "=== Checking Action Pinning ===" # Find any uses: lines that don't have @SHA format # Pattern: uses: owner/repo@<40-char-hex> - unpinned=$(grep -rn "uses:" .github/workflows/ | \ + unpinned=$(grep -rnE "^[[:space:]]+uses:" .github/workflows/ | \ grep -v "@[a-f0-9]\{40\}" | \ grep -v "uses: \./\|uses: docker://\|uses: actions/github-script" || true)