From 72ea134706606432d88b7f923fb7274f284f55d6 Mon Sep 17 00:00:00 2001 From: Gloire Rubambiza Date: Tue, 28 Apr 2026 10:19:31 -0400 Subject: [PATCH 1/6] ci: Add PR verifier caller workflow Assisted-By: Claude Opus 4.6 Signed-off-by: Gloire Rubambiza --- .github/workflows/pr-verifier.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 .github/workflows/pr-verifier.yml diff --git a/.github/workflows/pr-verifier.yml b/.github/workflows/pr-verifier.yml new file mode 100644 index 00000000..5eb47584 --- /dev/null +++ b/.github/workflows/pr-verifier.yml @@ -0,0 +1,10 @@ +name: PR Verifier + +on: + pull_request: + types: [opened, edited, synchronize, reopened] + +jobs: + verify: + uses: kagenti/.github/.github/workflows/pr-verifier-required.yml@main + From f4be130eaf8d0c1b148b93e4d2df0197810ca811 Mon Sep 17 00:00:00 2001 From: Gloire Rubambiza Date: Tue, 28 Apr 2026 10:29:47 -0400 Subject: [PATCH 2/6] ci: Pin reusable workflow to SHA Assisted-By: Claude Opus 4.6 Signed-off-by: Gloire Rubambiza --- .github/workflows/pr-verifier.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-verifier.yml b/.github/workflows/pr-verifier.yml index 5eb47584..85526ff2 100644 --- a/.github/workflows/pr-verifier.yml +++ b/.github/workflows/pr-verifier.yml @@ -6,5 +6,5 @@ on: jobs: verify: - uses: kagenti/.github/.github/workflows/pr-verifier-required.yml@main + uses: kagenti/.github/.github/workflows/pr-verifier-required.yml@ae31c56d344b1efc6ef174338c488b1e355649bc From f08e21b05d337f19973e758dc890e53cc7632154 Mon Sep 17 00:00:00 2001 From: Gloire Rubambiza Date: Tue, 28 Apr 2026 14:24:53 -0400 Subject: [PATCH 3/6] ci: Update pinned SHA to include action fix Assisted-By: Claude Opus 4.6 Signed-off-by: Gloire Rubambiza --- .github/workflows/pr-verifier.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-verifier.yml b/.github/workflows/pr-verifier.yml index 85526ff2..16341fb3 100644 --- a/.github/workflows/pr-verifier.yml +++ b/.github/workflows/pr-verifier.yml @@ -6,5 +6,5 @@ on: jobs: verify: - uses: kagenti/.github/.github/workflows/pr-verifier-required.yml@ae31c56d344b1efc6ef174338c488b1e355649bc + uses: kagenti/.github/.github/workflows/pr-verifier-required.yml@fccbcfaaadf24f180b4a754377ceff6d9e000297 From b3d5c1ff82a4d50aaac47e5d8a0b37c926281fe9 Mon Sep 17 00:00:00 2001 From: Gloire Rubambiza Date: Wed, 29 Apr 2026 08:51:59 -0400 Subject: [PATCH 4/6] ci: Fix trailing newline in pr-verifier.yml Assisted-By: Claude Opus 4.6 Signed-off-by: Gloire Rubambiza --- .github/workflows/pr-verifier.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/pr-verifier.yml b/.github/workflows/pr-verifier.yml index 16341fb3..d04a7fea 100644 --- a/.github/workflows/pr-verifier.yml +++ b/.github/workflows/pr-verifier.yml @@ -7,4 +7,3 @@ on: jobs: verify: uses: kagenti/.github/.github/workflows/pr-verifier-required.yml@fccbcfaaadf24f180b4a754377ceff6d9e000297 - From 3bdb37031d06c00fc94a9c55be199645aa6038a3 Mon Sep 17 00:00:00 2001 From: Gloire Rubambiza Date: Wed, 29 Apr 2026 12:05:33 -0400 Subject: [PATCH 5/6] ci: Bump pinned SHA and rename job to verify-pr-title Assisted-By: Claude Opus 4.6 Signed-off-by: Gloire Rubambiza --- .github/workflows/pr-verifier.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr-verifier.yml b/.github/workflows/pr-verifier.yml index d04a7fea..7babf5f4 100644 --- a/.github/workflows/pr-verifier.yml +++ b/.github/workflows/pr-verifier.yml @@ -5,5 +5,5 @@ on: types: [opened, edited, synchronize, reopened] jobs: - verify: - uses: kagenti/.github/.github/workflows/pr-verifier-required.yml@fccbcfaaadf24f180b4a754377ceff6d9e000297 + verify-pr-title: + uses: kagenti/.github/.github/workflows/pr-verifier-required.yml@4e535f2436d167295d39d488ce5c44b5a2d49792 From 3c0b2c3baa174aecd3da73d4edb0759d47dc78bd Mon Sep 17 00:00:00 2001 From: Gloire Rubambiza Date: Wed, 29 Apr 2026 12:12:02 -0400 Subject: [PATCH 6/6] ci: Add top-level permissions restriction Assisted-By: Claude Opus 4.6 Signed-off-by: Gloire Rubambiza --- .github/workflows/pr-verifier.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/pr-verifier.yml b/.github/workflows/pr-verifier.yml index 7babf5f4..e2bfc8b8 100644 --- a/.github/workflows/pr-verifier.yml +++ b/.github/workflows/pr-verifier.yml @@ -4,6 +4,8 @@ on: pull_request: types: [opened, edited, synchronize, reopened] +permissions: {} + jobs: verify-pr-title: uses: kagenti/.github/.github/workflows/pr-verifier-required.yml@4e535f2436d167295d39d488ce5c44b5a2d49792