Skip to content

chore: sync workflow templates#124

Closed
stranske wants to merge 1 commit intomainfrom
sync/workflows-caf7dbc20417
Closed

chore: sync workflow templates#124
stranske wants to merge 1 commit intomainfrom
sync/workflows-caf7dbc20417

Conversation

@stranske
Copy link
Copy Markdown
Owner

@stranske stranske commented Jan 1, 2026

Sync Summary

Files Updated

  • agents-pr-meta.yml: PR metadata - tracks agent PR state and labels
  • agents-issue-intake.yml: Issue intake - processes new issues for agent assignment
  • agents-keepalive-loop.yml: Keepalive loop - continues agent work until tasks complete
  • agents-autofix-loop.yml: Autofix loop - dispatches Codex when autofix can't fix Gate failures
  • agents-bot-comment-handler.yml: Bot comment handler - dispatches agents to address bot review comments
  • agents-guard.yml: Agents guard - enforces agents workflow protections (Health 45)
  • maint-coverage-guard.yml: Coverage guard - daily baseline monitoring with automatic issue creation
  • sync_test_dependencies.py: Syncs test dependency pins - required by reusable CI workflow

Files Skipped

  • pr-00-gate.yml: File exists and sync_mode is create_only
  • ci.yml: File exists and sync_mode is create_only
  • dependabot.yml: File exists and sync_mode is create_only

Review Checklist

  • CI passes with updated workflows
  • No repo-specific customizations were overwritten

Source: stranske/Workflows
Manifest: .github/sync-manifest.yml

@github-actions
chore: sync workflow templates from Workflows repo
064f5e7 
Automated sync from stranske/Workflows
Template hash: caf7dbc20417

Changes synced from sync-manifest.yml
@stranske stranske added the sync Automated sync from Workflows label Jan 1, 2026
Copilot AI review requested due to automatic review settings January 1, 2026 21:10
@stranske stranske added the automated Automated sync from Workflows label Jan 1, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Jan 1, 2026

⚠️ Action Required: Unable to determine source issue for PR #124. The PR title, branch name, or body must contain the issue number (e.g. #123, branch: issue-123, or the hidden marker ).

@github-actions github-actions bot added the autofix Triggers autofix on PR label Jan 1, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Jan 1, 2026
edited
Loading

🤖 Keepalive Loop Status

PR #124 | Agent: Codex | Iteration 0/5

Current State

Metric Value
Iteration progress [----------] 0/5
Action wait (missing-agent-label)
Gate success
Tasks 0/0 complete
Keepalive ❌ disabled
Autofix ❌ disabled

🔍 Failure Classification

| Error type | infrastructure |
| Error category | resource |
| Suggested recovery | Confirm the referenced resource exists (repo, PR, branch, workflow, or file). |

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Jan 1, 2026

Status | ✅ no new diagnostics
History points | 0
Timestamp | 2026-01-01 21:11:12 UTC
Report artifact | autofix-report-pr-124
Remaining | ∅
New | ∅
No additional artifacts

Copilot AI reviewed Jan 1, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR syncs workflow templates from the stranske/Workflows repository, updating 8 workflow files and 1 Python script. The changes involve downgrading GitHub Actions to older versions across all agent-related workflows and enhancing the test dependency synchronization script with a new extensibility mechanism.

Key changes:

  • Downgraded multiple GitHub Actions versions (checkout v6→v4, github-script v8→v7, download/upload-artifact v7/v6→v4)
  • Enhanced sync_test_dependencies.py with .project_modules.txt support for consumer repos to declare additional first-party modules
  • Removed diff_holdings and embeddings from hardcoded base project modules, delegating to dynamic detection

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
.github/workflows/maint-coverage-guard.yml Downgraded actions/checkout, actions/github-script, and actions/download-artifact versions
.github/workflows/agents-pr-meta.yml Downgraded actions/github-script from v8 to v7
.github/workflows/agents-keepalive-loop.yml Downgraded actions/checkout, actions/github-script, and actions/upload-artifact versions
.github/workflows/agents-issue-intake.yml Downgraded actions/github-script from v8 to v7
.github/workflows/agents-guard.yml Downgraded actions/checkout and actions/github-script versions
.github/workflows/agents-bot-comment-handler.yml Downgraded actions/github-script from v8 to v7
.github/workflows/agents-autofix-loop.yml Downgraded actions/checkout, actions/github-script, and actions/upload-artifact versions
scripts/sync_test_dependencies.py Added .project_modules.txt support for extensible module declarations; removed hardcoded modules

.github/workflows/maint-coverage-guard.yml
@@ -35,11 +35,11 @@ jobs:
runs-on: ubuntu-latest
steps:
Copy link

Copilot AI Jan 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The GitHub Actions are being downgraded from newer versions to older versions. Specifically:

  • actions/checkout: v6 → v4 (skipping v5)
  • actions/github-script: v8 → v7
  • actions/download-artifact: v7 → v4 (skipping v5 and v6)
  • actions/upload-artifact: v6 → v4 (skipping v5)

These downgrades appear suspicious as they revert to older versions. If this is intentional for compatibility reasons, please verify that:

  1. The older versions support all features currently being used
  2. There are no security fixes in the newer versions that should be retained
  3. The downgrade is documented in the PR description or workflow comments

If this sync is coming from a template repository, consider whether the template versions are correctly maintained.

Suggested change
steps:
steps:
# NOTE: actions/checkout is intentionally pinned to v4 here.
# v4 provides all features required by this workflow and includes
# the relevant security fixes; no newer major version is currently
# required for compatibility with this repository or template.

Copilot uses AI. Check for mistakes.
chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Jan 1, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Manager-Database/scripts/sync_test_dependencies.py

Lines 170 to 174 in 064f5e7

# Check for packages (directories with __init__.py)
if item.is_dir() and (item / "__init__.py").exists():
detected.add(item.name)
# Check for standalone .py modules (but not in root .)
elif source_dir != Path(".") and item.suffix == ".py":

P1 Badge Root modules now flagged as missing dependencies

_BASE_PROJECT_MODULES no longer lists root-level modules and _detect_local_project_modules still ignores standalone .py files in the repo root (only adds them when source_dir != Path('.')). As a result, running scripts/sync_test_dependencies.py --verify now reports first‑party modules like diff_holdings and embeddings as undeclared dependencies even though tests import them (tests/test_diff_holdings.py:9, tests/test_embeddings.py:8), causing the reusable dependency check to fail or to suggest bogus entries in pyproject.toml for those internal files.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@stranske
Copy link
Copy Markdown
Owner Author

stranske commented Jan 1, 2026

Closing: This sync PR would downgrade GitHub Actions versions that Dependabot has already updated in this repo. The source (Workflows) needs to be updated first.

Action Manager-Database Workflows (source)
actions/checkout v6 v4
actions/github-script v8 v7
actions/download-artifact v7 v4
actions/upload-artifact v6 v4

Creating PR to update Workflows to latest versions.

@stranske stranske closed this Jan 1, 2026
@stranske stranske deleted the sync/workflows-caf7dbc20417 branch January 1, 2026 22:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

autofix Triggers autofix on PR automated Automated sync from Workflows sync Automated sync from Workflows

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@stranske