Skip to content

chore: bootstrap FUNDING.yml and trufflehog.yml #35

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
KooshaPari wants to merge 2 commits into from
+23 −1
Closed

chore: bootstrap FUNDING.yml and trufflehog.yml #35

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
52c6e0f
Add CODEOWNERS
May 2, 2026
be00de9
fix(configra): resolve clippy type_complexity error
May 2, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CODEOWNERS
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
# Default owners
* @KooshaPari

@cursor cursor Bot May 2, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Root CODEOWNERS is ignored due to .github precedence

Low Severity

A root-level CODEOWNERS is added, but .github/CODEOWNERS already exists with more detailed ownership rules. GitHub checks .github/ first and ignores any other CODEOWNERS file. This root-level file is completely inert and could confuse contributors about which file is authoritative.

Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit be00de9. Configure here.

3 changes: 3 additions & 0 deletions FUNDING.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
github: [KooshaPari]
custom: ["https://kooshapari.com/sponsor"]

@cursor cursor Bot May 2, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FUNDING.yml placed at root instead of .github directory

Medium Severity

FUNDING.yml is placed at the repository root, but GitHub only recognizes it inside the .github/ directory. A valid .github/FUNDING.yml already exists with different content (different sponsor links). This root-level file will have no effect — the PR test plan item "Verify FUNDING.yml appears on repo's Funding tab" will pass only because of the pre-existing .github/FUNDING.yml, not this new file.

Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit be00de9. Configure here.

5 changes: 4 additions & 1 deletion crates/pheno-ffi-python/src/adapters/inbound/python/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@ use pyo3::prelude::*;
use std::path::PathBuf;
use std::sync::Mutex;

/// Audit record: (id, old_value, new_value, changed_by, changed_at)
type AuditRecord = (i64, Option<String>, String, String, String);

fn to_pyerr(e: pheno_core::Error) -> PyErr {
PyRuntimeError::new_err(e.to_string())
}
Expand Down Expand Up @@ -89,7 +92,7 @@ impl PhenoConfig {
use_case.execute(&key).map_err(to_pyerr)
}

fn audit(&self, key: String) -> PyResult<Vec<(i64, Option<String>, String, String, String)>> {
fn audit(&self, key: String) -> PyResult<Vec<AuditRecord>> {
let db = self.db.lock();
let use_case = AuditConfig::new(&db, &self.namespace);
let records = use_case.execute(&key).map_err(to_pyerr)?;
Expand Down
14 changes: 14 additions & 0 deletions trufflehog.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
version: 1
roots:
- path: .
scan_depth: 4
exclude_paths:
- "*.lock"
- "**/node_modules/**"
- "**/__pycache__/**"
- "**/.venv/**"
- "**/target/**"
- "**/.git/**"
detectors:
- allowlist: false

@cursor cursor Bot May 2, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

trufflehog.yml config not referenced by existing workflow

Medium Severity

This root-level trufflehog.yml is a scanner configuration file, but TruffleHog does not auto-discover config files — they must be explicitly passed via --config. The existing workflow at .github/workflows/trufflehog.yml runs trufflehog github --only-verified --no-update without a --config flag, so these settings (scan_depth, exclude_paths, detectors) are never applied.

Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit be00de9. Configure here.