Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
e1246ce
🐛 fix: align setup contract and completion
Labault Jun 17, 2026
21f8dac
🐛 fix: make setup file writes safer
Labault Jun 17, 2026
dffd9e6
🔧 chore: consolidate brewfiles and add cli smoke tests
Labault Jun 17, 2026
284c4c2
📝 docs: clarify repository architecture and release status
Labault Jun 17, 2026
e538b2d
👷 ci: simplify macos validation workflows
Labault Jun 17, 2026
bab4795
🐛 fix: resolve script paths from repository root
Labault Jun 17, 2026
d6debd2
🐛 fix(cli): handle --help in mac setup command
Labault Jun 17, 2026
6e7c235
🐛 fix(cli): handle --help in mac doctor command
Labault Jun 17, 2026
d1dbf10
🐛 fix(cli): make mac doctor exit non-zero on failed checks
Labault Jun 17, 2026
fbcb932
🐛 fix(setup): write setup log to an absolute path
Labault Jun 17, 2026
1fbf8b1
♻️ refactor(git): rely on managed include for init.defaultBranch
Labault Jun 17, 2026
b39e8b0
🐛 fix(zsh): stop regenerating completion during mac setup
Labault Jun 17, 2026
9c80d11
✨ feat(uninstall): cover all managed files in --remove-config
Labault Jun 17, 2026
b5066d9
♻️ refactor(profiles): validate profiles dynamically
Labault Jun 17, 2026
40273c1
👷 ci: lint commits with commitlint instead of check-commit.sh
Labault Jun 17, 2026
84e7949
👷 ci: consolidate macOS workflows into a single gate
Labault Jun 17, 2026
5be3de9
♻️ refactor(hardening): scope the forbidden-tool denylist to profiles
Labault Jun 17, 2026
23b3b9f
🐛 fix(zsh): do not fail setup when completion is not active yet
Labault Jun 17, 2026
80862bc
📝 docs: point Brewfile edit instructions at profiles/full/Brewfile
Labault Jun 17, 2026
62e1f92
👷 ci: reject committed local artifacts in the repository
Labault Jun 17, 2026
87d582b
🔧 chore(deps): declare @gitmoji/gitmoji-regex as a direct dependency
Labault Jun 17, 2026
ea16d7e
📝 docs(release): reconcile version metadata to a pre-1.0 state
Labault Jun 17, 2026
fbe2c11
📝 docs: deduplicate Homebrew install/update boilerplate in tool docs
Labault Jun 17, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
59 changes: 0 additions & 59 deletions .github/workflows/brewfile.yml

This file was deleted.

55 changes: 19 additions & 36 deletions .github/workflows/ci-macos.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: macOS CI - Bootstrap Test
name: macOS CI

on:
pull_request:
Expand All @@ -7,56 +7,39 @@ on:
- main

jobs:
macos-bootstrap:
macos:
runs-on: macos-latest

steps:
# ----------------------------
# Checkout
# ----------------------------
- name: Checkout repository
uses: actions/checkout@v4

# ----------------------------
# Ensure Homebrew exists
# ----------------------------
- name: Check Homebrew
- name: Cache Homebrew
uses: actions/cache@v4
with:
path: ~/Library/Caches/Homebrew
key: brew-${{ runner.os }}-${{ hashFiles('profiles/**/Brewfile') }}

- name: Ensure Homebrew
run: |
if ! command -v brew >/dev/null 2>&1; then
echo "Homebrew not found (unexpected on macOS runner)"
exit 1
fi
brew update
brew analytics off

# ----------------------------
# Make scripts executable
# ----------------------------
- name: Prepare scripts
run: chmod +x scripts/*.sh

# ----------------------------
# Run bootstrap (MAIN TEST)
# ----------------------------
- name: Run setup script
run: |
./scripts/setup.sh
- name: Verify setup CLI contract
run: bash scripts/cli.sh setup --profile minimal --dry-run

# ----------------------------
# Validate Brewfile
# ----------------------------
- name: Validate Brewfile
run: |
brew bundle check --file=profiles/full/Brewfile
- name: Install full profile
run: brew bundle --file=profiles/full/Brewfile

- name: Run bootstrap (real test)
run: |
chmod +x scripts/*.sh
./scripts/setup.sh
- name: Apply setup once
run: CI=true bash scripts/setup.sh --profile full

- name: Re-run bootstrap (idempotence check)
run: |
./scripts/setup.sh

- name: Validate Brew state
run: |
brew list
brew bundle check --file=profiles/full/Brewfile
- name: Verify setup and hardening
run: bash scripts/verify.sh
47 changes: 44 additions & 3 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,17 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Reject committed local artifacts
run: |
if git ls-files \
| grep -E '(^|/)\.DS_Store$|(^|/)logs/|\.log$'; then
echo "Local artifacts (.DS_Store, logs/, *.log) must not be committed."
exit 1
fi
echo "No committed local artifacts."

- name: Set up Python
uses: actions/setup-python@v5
Expand Down Expand Up @@ -62,10 +73,35 @@ jobs:
"$(find /tmp/lychee -type f -name lychee -print -quit)" \
/usr/local/bin/lychee

echo "$(go env GOPATH)/bin" >> "$GITHUB_PATH"
echo "$(go env GOPATH)/bin" >> "$GITHUB_PATH"

- name: Check commit format
run: bash scripts/check-commit.sh
- name: Install Node dependencies
env:
HUSKY: "0"
run: npm ci

- name: Lint commit messages
env:
PR_BASE_SHA: ${{ github.event.pull_request.base.sha }}
PR_HEAD_SHA: ${{ github.event.pull_request.head.sha }}
PUSH_BEFORE_SHA: ${{ github.event.before }}
PUSH_AFTER_SHA: ${{ github.sha }}
run: |
if [ "${{ github.event_name }}" = "pull_request" ]; then
from="$PR_BASE_SHA"
to="$PR_HEAD_SHA"
else
from="$PUSH_BEFORE_SHA"
to="$PUSH_AFTER_SHA"
fi

# First push of a branch reports an all-zero "before" SHA; fall back
# to the repository root so the range stays valid.
if printf '%s' "$from" | grep -Eq '^0+$'; then
from="$(git rev-list --max-parents=0 "$to" | tail -1)"
fi

npx --no -- commitlint --from "$from" --to "$to" --verbose

- name: Cache pre-commit environments
uses: actions/cache@v4
Expand All @@ -77,3 +113,8 @@ jobs:

- name: Run repository quality checks
run: pre-commit run --all-files --show-diff-on-failure

- name: Verify generated Zsh completion
run: |
bash scripts/generate-zsh-completion.sh
git diff --exit-code -- configs/zsh/completions/_mac
20 changes: 0 additions & 20 deletions .github/workflows/hardening.yml

This file was deleted.

3 changes: 3 additions & 0 deletions .husky/pre-commit
100644 → 100755
Original file line number Diff line number Diff line change
@@ -1 +1,4 @@
#!/usr/bin/env sh

npm test
pre-commit run --all-files
120 changes: 0 additions & 120 deletions Brewfile

This file was deleted.

1 change: 1 addition & 0 deletions Brewfile
Loading
Loading