Fork PRs don't have access to OIDC tokens or secrets (GitHub security
restriction), causing CI failures. Auto-review now only runs for
same-repo PRs from collaborators.
For fork PRs, use @claude mention to trigger manual review via the
claude.yml workflow.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* security: add CI workflow to build dist/ after merge
Phase 1 of removing dist/ from PRs to close security attack vector.
Changes:
- Add build-dist.yml workflow that builds and commits dist/ on push to main
- Update CONTRIBUTING.md with build process documentation
- Reset CHANGELOG.md to 0.0.1 (initial release)
After this is verified working, Phase 2 will remove dist/ from git tracking.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: prevent CI re-trigger on dist/ changes
Add paths-ignore for dist/** to ci.yml so CI doesn't re-run when
build-dist workflow commits compiled output. Addresses race condition.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: add concurrency, permissions, and build verification
Address review feedback:
- Add concurrency group to queue builds (prevents race conditions)
- Add explicit contents: write permission
- Add build verification step (test -f dist/index.js)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: run tests before building dist/
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Claude Code GitHub Actions default to Sonnet. Configure both
workflows to use claude-opus-4-5-20251101 via claude_args.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Rewrite README for statusline architecture
- Update CLAUDE.md with new data flow and structure
- Remove obsolete v1 docs (TROUBLESHOOTING, CONTRIBUTING, etc.)
- Clean up .husky/pre-commit for new structure
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Runs lint, typecheck, test, and build on push/PR to main
- Validates plugin structure (plugin.json, hooks.json, scripts)
- Uses Bun for fast CI execution
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Test for filename-only tool targets
- Test for long tool target truncation
- Test for empty tool targets
Coverage: 93.92% (215 tests)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Cover the previously uncovered formatDuration branch for durations >= 1 hour (lines 17-19).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The GitHub Actions workflow requires the 'workflow' OAuth scope
to push. Saving the file locally for later addition.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Lint, typecheck, and test on push/PR to main
- Validate plugin structure (plugin.json, hooks.json, scripts)
- Build verification
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
