fix(ci): declare reconcile_enforce via plugin_audit_keys to satisfy custodian-doctor --strict#20
Merged
Merged
Conversation
…ustodian-doctor --strict custodian-doctor --strict flagged audit.reconcile_enforce as an "unknown audit key" and exited 1, turning the CI "Custodian doctor" job red on main. reconcile_enforce is a genuine, core Custodian key consumed by the R1/R2 reconcile detectors (audit_kit/detectors/reconcile.py), but it is missing from doctor's _KNOWN_AUDIT_KEYS allowlist (even on Custodian@main). Rather than disabling the check, declare the key as intentional through the supported plugin_audit_keys escape hatch until the upstream allowlist catches up. No detector behavior changes. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
custodian-doctor --strict flagged audit.reconcile_enforce as an "unknown
audit key" and exited 1, turning the CI "Custodian doctor" job red on main.
reconcile_enforce is a genuine, core Custodian key consumed by the R1/R2
reconcile detectors (audit_kit/detectors/reconcile.py), but it is missing
from doctor's _KNOWN_AUDIT_KEYS allowlist (even on Custodian@main). Rather
than disabling the check, declare the key as intentional through the
supported plugin_audit_keys escape hatch until the upstream allowlist
catches up. No detector behavior changes.
Co-Authored-By: Claude Opus 4.8 noreply@anthropic.com