Skip to content

feat: initial public scaffold for agent-gitlab 0.1.0#1

Merged
fuse merged 3 commits into
developfrom
feat/initial-public-scaffold-0.1.0
May 27, 2026
Merged

feat: initial public scaffold for agent-gitlab 0.1.0#1
fuse merged 3 commits into
developfrom
feat/initial-public-scaffold-0.1.0

Conversation

@fuse

@fuse fuse commented May 26, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Full GitLab execution agent (WSS, enrollment, skills API + gitlab.repo.checkout_mr).
  • Public scaffold: submodule agent-core @ 0.1.1, CI/CodeQL/Dependabot, release workflow → GHCR + binary asset.
  • Docker image includes git (Debian slim) for checkout skills.

Test plan

  • CI green
  • CodeQL green
  • After merge: tag 0.1.0 on develop for GHCR release

Squash and merge into develop.

fuse added 2 commits May 26, 2026 15:32
@fuse
feat: initial public scaffold for agent-gitlab 0.1.0
c8269c5 
Execution agent with GitLab API skills, repo checkout via git, agent-core
submodule, CI/release via fluid-pub/actions, and GHCR image with git for
checkout_mr.
@fuse
merge: integrate prior agent-gitlab README stub
a7247d8
@github-advanced-security

github-advanced-security AI commented May 26, 2026

Copy link
Copy Markdown

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

github-advanced-security[bot]
github-advanced-security AI found potential problems May 26, 2026
View reviewed changes
Comment thread internal/gitlab/repository.go Fixed
Comment thread internal/gitlab/repository.go Fixed
@fuse
fix: bound-check run_as uid and gid conversions
d26efeb 
- Parse uid/gid with strconv.ParseUint(..., 32) before syscall.Credential cast.

- Add tests for uint32 bounds behavior in parseUint32ID.
@fuse

fuse commented May 27, 2026

Copy link
Copy Markdown
Contributor Author

Addressed the CodeQL integer-conversion finding on run_as credentials:\n\n- switched uid/gid parsing to before assigning \n- added bounds tests (, )\n\nCommit: d26efeb

@fuse

fuse commented May 27, 2026

Copy link
Copy Markdown
Contributor Author

Correction note (previous comment formatting issue).

Addressed the CodeQL integer-conversion finding on run_as credentials:

  • switched uid/gid parsing to strconv.ParseUint(..., 10, 32) before assigning syscall.Credential
  • added bounds tests: TestParseUint32ID_outOfRange and TestParseUint32ID_validMax

Commit: d26efeb

@fuse fuse merged commit a99804a into develop May 27, 2026
4 checks passed
@fuse fuse deleted the feat/initial-public-scaffold-0.1.0 branch May 27, 2026 14:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer
@github-advanced-security github-advanced-security[bot] github-advanced-security[bot] left review comments
Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@fuse @github-advanced-security