1e76bfd7ce
* fix: Commit embedded formulas for go install @latest The internal/formula/formulas/ directory was gitignored, causing `go install github.com/steveyegge/gastown/cmd/gt@latest` to fail with: pattern formulas/*.formula.json: no matching files found The go:embed directive requires these files at build time, but go install @latest doesn't run go:generate. By committing the generated formulas, users can install directly without cloning. Maintainers should run `go generate ./...` after modifying .beads/formulas/ to keep the embedded copy in sync. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * ci: Add check for committed embedded formulas Adds a new CI job that: 1. Builds without running go:generate (catches missing formulas) 2. Verifies committed formulas match .beads/formulas/ source Also removes redundant go:generate steps from other jobs since formulas are now committed. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore: exclude towers-of-hanoi test formulas from embed These are durability stress test fixtures (pre-computed move sequences), not production formulas users need. Excluding them reduces embedded content by ~10K lines. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com> Co-authored-by: gus <steve.yegge@gmail.com>
39 lines
1.2 KiB
TOML
39 lines
1.2 KiB
TOML
description = "Cross-cutting security concern. Applies security scanning before and after implementation steps."
|
|
formula = "security-audit"
|
|
type = "aspect"
|
|
version = 1
|
|
|
|
[[advice]]
|
|
target = "implement"
|
|
[advice.around]
|
|
|
|
[[advice.around.after]]
|
|
description = "Post-implementation security scan. Scan new code for vulnerabilities (SAST). Check for hardcoded secrets. Review for OWASP Top 10 issues."
|
|
id = "{step.id}-security-postscan"
|
|
title = "Security postscan for {step.id}"
|
|
|
|
[[advice.around.before]]
|
|
description = "Pre-implementation security check. Review for secrets/credentials in scope. Check dependencies for known vulnerabilities."
|
|
id = "{step.id}-security-prescan"
|
|
title = "Security prescan for {step.id}"
|
|
|
|
[[advice]]
|
|
target = "submit"
|
|
[advice.around]
|
|
|
|
[[advice.around.after]]
|
|
description = "Post-submission security verification. Confirm no new vulnerabilities introduced."
|
|
id = "{step.id}-security-postscan"
|
|
title = "Security postscan for {step.id}"
|
|
|
|
[[advice.around.before]]
|
|
description = "Pre-submission security check. Final vulnerability scan before merge."
|
|
id = "{step.id}-security-prescan"
|
|
title = "Security prescan for {step.id}"
|
|
|
|
[[pointcuts]]
|
|
glob = "implement"
|
|
|
|
[[pointcuts]]
|
|
glob = "submit"
|