[codex] Add GitHub Actions Node 24 readiness check

CHANGELOG.md

@@ -1,5 +1,11 @@
 # Changelog
 
+## 0.71.0 - 2026-06-01
+
+- Add `actions-missing-node24-opt-in` to `contextforge actions-audit` so repositories using JavaScript actions can prepare for GitHub's Node 24 hosted-runner default.
+- Keep ContextForge dogfood workflows passing by recognizing their existing `FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true` opt-in.
+- Document the known GitHub runner annotation behavior where Node 20 action metadata can still produce an informational warning even when the Node 24 runtime override is active.
+
 ## 0.70.0 - 2026-06-01
 
 - Add Claude Code settings, agentic workflow, and GitHub Actions hardening checks to `contextforge doctor`.

README.md

@@ -359,7 +359,7 @@ contextforge pack --task "review auth regression" --budget 20000 --sessions --ou
 Or use the GitHub Action before npm publishing is complete:
 
 ```yaml
-- uses: grnbtqdbyx-create/contextforge@v0.70.0
+- uses: grnbtqdbyx-create/contextforge@v0.71.0
   with:
     min-context-score: 60
     min-cache-score: 60
@@ -448,7 +448,7 @@ and tuned for Codex/Claude repository work.
 | MCP findings should show up in GitHub Security. | `mcp-audit --sarif` writes `contextforge-mcp.sarif` with `mcp-exposure/*` rule ids for Code Scanning. |
 | Claude Code settings can over-trust a repo. | `claude-audit` checks shared `.claude/settings.json` permissions, hooks, bypass modes, and sensitive-file denies. |
 | Agentic GitHub workflows can ingest attacker-controlled text. | `workflow-audit` checks whether issue, PR, review, comment, title, workflow input, or branch/ref text flows into agentic jobs with write permissions or secrets. |
-| Agent-authored CI can weaken the release path. | `actions-audit` checks workflow SHA pins, token permissions, `pull_request_target`, pwn-request checkout, and direct script interpolation. |
+| Agent-authored CI can weaken the release path. | `actions-audit` checks workflow SHA pins, token permissions, Node 24 runtime opt-in, `pull_request_target`, pwn-request checkout, and direct script interpolation. |
 | Claude Code subagents and custom slash commands can hide powerful project prompts. | `security-audit`, context health, and context packs include `.claude/agents/**/*.md` and `.claude/commands/**/*.md`. |
 | Copilot hooks can run shell commands during agent workflows. | `security-audit` scans `.github/hooks/*.json` and committed `.github/copilot/settings*.json` for unsafe shell, exfiltration, hidden directives, and permission weakening. |
 | VS Code workspace settings can carry Copilot instructions. | `security-audit` scans `.vscode/settings.json` and committed `*.code-workspace` files for risky Copilot review, commit, and PR instruction text. |
@@ -498,7 +498,7 @@ contextforge cost-estimate [--demo] [--json] [--summary contextforge-cost-estima
 contextforge review-kit [--demo] [--base main] [--output contextforge-review-kit.md]
 contextforge artifact-map [--output docs/artifacts.md]
 contextforge publish-readiness [--json] [--summary contextforge-publish-readiness.md]
-contextforge init [--all] [--github-action] [--pr-comment-workflow] [--agents-md] [--claude-md] [--copilot-instructions] [--project-name "My App"] [--action-ref grnbtqdbyx-create/contextforge@v0.70.0] [--force]
+contextforge init [--all] [--github-action] [--pr-comment-workflow] [--agents-md] [--claude-md] [--copilot-instructions] [--project-name "My App"] [--action-ref grnbtqdbyx-create/contextforge@v0.71.0] [--force]
 ```
 
 Local session scans are bounded by default. Use `--max-session-files` and
@@ -583,7 +583,7 @@ See [docs/research/adjacent-tools.md](docs/research/adjacent-tools.md).
 
 ## Current Status
 
-ContextForge v0.70.0 is a public MVP CLI with:
+ContextForge v0.71.0 is a public MVP CLI with:
 
 - Claude Code and Codex JSONL fixture scanners
 - bounded local session scanning fallbacks
@@ -623,6 +623,7 @@ ContextForge v0.70.0 is a public MVP CLI with:
 - generated `contextforge publish-readiness` checks for npm Trusted Publishing preparation and GitHub tarball attestation setup
 - npm provenance metadata checks for repository, homepage, and issue tracker links
 - GitHub workflow Node 24 JavaScript action runtime opt-in for dogfood and generated workflows
+- `actions-audit` checks for missing GitHub Actions Node 24 JavaScript runtime opt-ins before hosted-runner defaults change
 - generated `contextforge launch-kit` build-in-public launch posts
 - generated `contextforge compare` adjacent-tool positioning guides
 - `Public proof surfaces` doctor check for OSS trust/readiness files
@@ -728,6 +729,7 @@ ContextForge v0.70.0 is a public MVP CLI with:
 - **v0.68.0:** workflow audits expand attacker-controlled coverage to titles and branch/ref text.
 - **v0.69.0:** GitHub Actions audits catch mutable action refs, pwn-request checkout, missing permissions, and direct script interpolation.
 - **v0.70.0:** doctor, proof-pack, and scorecard reports surface Claude settings, agentic workflow, and GitHub Actions hardening evidence in one readiness path.
+- **v0.71.0:** GitHub Actions audits catch missing Node 24 JavaScript action runtime opt-ins and document the known runner annotation behavior.
 - **Next:** first approved npm publish and external launch outreach.
 
 Release preparation lives in [docs/release-checklist.md](docs/release-checklist.md).

contextforge-actions-audit.md

@@ -8,8 +8,8 @@ Workflow files: `.github/workflows/ci.yml`, `.github/workflows/contextforge-audi
 
 | Type | Severity | File | Message | Suggestion |
 | --- | --- | --- | --- | --- |
-| none | low |  | No GitHub Actions hardening findings. | Keep workflows pinned, least-privilege, and isolated from untrusted PR code. |
+| none | low |  | No GitHub Actions hardening findings. | Keep workflows pinned, least-privilege, opted into Node 24, and isolated from untrusted PR code. |
 
 ## Next Actions
 
-- Keep GitHub Actions workflows pinned to full SHAs and least-privilege by default.
+- Keep GitHub Actions workflows pinned to full SHAs, least-privilege, and opted into the Node 24 JavaScript action runtime by default.

contextforge-publish-readiness.md

@@ -2,11 +2,11 @@
 
 Status: **warn**
 
-Package: `contextforge@0.70.0`
+Package: `contextforge@0.71.0`
 
 | Check | Status | Detail |
 | --- | --- | --- |
-| Package metadata | pass | contextforge@0.70.0 is public-package ready with bin dist/cli.js |
+| Package metadata | pass | contextforge@0.71.0 is public-package ready with bin dist/cli.js |
 | Package provenance metadata | pass | repository, homepage, and issue tracker point at grnbtqdbyx-create/contextforge for npm provenance readers |
 | Trusted publishing workflow | pass | npm Trusted Publishing uses GitHub OIDC, manual dispatch, dry-run default, and environment approval |
 | Release artifact attestation | pass | GitHub artifact attestation covers the packed npm tarball before the same tarball is published |

docs/actions-audit.md

@@ -21,6 +21,8 @@ The audit flags:
 - `pull_request_target` workflows
 - `pull_request_target` workflows that checkout attacker-controlled PR head code
 - untrusted GitHub contexts interpolated directly into `run:` shell steps
+- workflows that use JavaScript actions without `FORCE_JAVASCRIPT_ACTIONS_TO_NODE24`
+  while GitHub Actions transitions hosted runners from Node 20 to Node 24
 
 Use the Markdown summary in PRs, launch issues, README proof surfaces, and
 ContextForge Audit artifacts when reviewers need a fast answer to: "Can this
@@ -34,3 +36,20 @@ complete CI/CD threat model. It focuses on high-signal GitHub Actions footguns
 that are especially risky in agent-heavy repositories: mutable action refs,
 overbroad tokens, `pull_request_target`, direct script interpolation, and
 privileged release automation.
+
+## Node 24 Runtime Note
+
+GitHub began warning maintainers about JavaScript actions that still declare a
+Node 20 runtime before the hosted-runner default moves to Node 24. Set a
+workflow-level environment variable to opt in early:
+
+```yaml
+env:
+  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
+```
+
+Some runner versions may still show an annotation that Node 20 actions are
+being forced to run on Node 24. In that case the opt-in is working; the warning
+is about the action metadata GitHub scanned before applying the runtime
+override. ContextForge flags missing opt-ins so repositories can prepare before
+the default changes.

docs/adoption.md

@@ -36,7 +36,7 @@ contextforge artifact-map --output docs/artifacts.md
 - Open `contextforge-mcp-audit.md` when the repo has MCP config files or agent tool setup; upload `contextforge-mcp.sarif` when GitHub Code Scanning should track those findings.
 - Open `contextforge-claude-audit.md` when the repo commits Claude Code project settings, hooks, or permissions.
 - Open `contextforge-workflow-audit.md` when GitHub workflows pass issue, PR, review, comment, title, workflow input, or branch/ref text into agent commands.
-- Open `contextforge-actions-audit.md` when GitHub Actions workflows need SHA pinning, least-privilege permissions, pwn-request, or script-injection review.
+- Open `contextforge-actions-audit.md` when GitHub Actions workflows need SHA pinning, least-privilege permissions, Node 24 runtime opt-in, pwn-request, or script-injection review.
 - Open `contextforge-trace-audit.md` when you want to see whether a Codex or Claude trace wasted context on repeated tools or bulky outputs.
 - Open `contextforge-cost-estimate.md` when you want to turn observed tokens into a configurable spend estimate without trusting stale hardcoded prices.
 - Open `docs/artifacts.md` when CI uploaded many files and you need the right next proof artifact.

docs/artifacts.md

@@ -27,7 +27,7 @@ Use this to decide which ContextForge artifact a maintainer, reviewer, CI bot, C
 | `contextforge-claude.sarif` | GitHub Code Scanning | you want Claude Code settings findings to appear beside code scanning alerts | `contextforge claude-audit --sarif contextforge-claude.sarif` |
 | `contextforge-workflow-audit.md` | Security reviewers and agent workflow maintainers | you need to see whether GitHub issue, PR, review, comment, title, workflow input, or branch/ref text flows into privileged AI workflows | `contextforge workflow-audit --summary contextforge-workflow-audit.md` |
 | `contextforge-workflow.sarif` | GitHub Code Scanning | you want agentic workflow injection findings to appear beside code scanning alerts | `contextforge workflow-audit --sarif contextforge-workflow.sarif` |
-| `contextforge-actions-audit.md` | Security reviewers and release maintainers | you need to review GitHub Actions SHA pins, token permissions, pull_request_target risk, and direct script interpolation | `contextforge actions-audit --summary contextforge-actions-audit.md` |
+| `contextforge-actions-audit.md` | Security reviewers and release maintainers | you need to review GitHub Actions SHA pins, token permissions, Node 24 runtime opt-in, pull_request_target risk, and direct script interpolation | `contextforge actions-audit --summary contextforge-actions-audit.md` |
 | `contextforge-actions.sarif` | GitHub Code Scanning | you want GitHub Actions hardening findings to appear beside code scanning alerts | `contextforge actions-audit --sarif contextforge-actions.sarif` |
 | `contextforge-trace-audit.md` | Codex and Claude operators | you need to review repeated tool calls, bulky tool output, and cache reuse before another long agent session | `contextforge trace-audit --summary contextforge-trace-audit.md` |
 | `contextforge-cost-estimate.md` | Maintainers and budget reviewers | you need a shareable cost estimate from observed session tokens without hardcoded provider pricing | `contextforge cost-estimate --summary contextforge-cost-estimate.md --input-price-per-mtok 2 --cached-input-price-per-mtok 0.2 --output-price-per-mtok 10` |

docs/github-action.md

@@ -36,7 +36,7 @@ refuses to overwrite existing files by default:
 
 ```bash
 contextforge init --github-action --force
-contextforge init --github-action --action-ref grnbtqdbyx-create/contextforge@v0.70.0
+contextforge init --github-action --action-ref grnbtqdbyx-create/contextforge@v0.71.0
 ```
 
 `contextforge init --pr-comment-workflow` writes a separate
@@ -71,7 +71,7 @@ jobs:
       - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
         with:
           fetch-depth: 0
-      - uses: grnbtqdbyx-create/contextforge@v0.70.0
+      - uses: grnbtqdbyx-create/contextforge@v0.71.0
         with:
           min-context-score: 60
           min-cache-score: 60
@@ -192,7 +192,7 @@ artifacts show whether GitHub issue, PR, review, comment, title, workflow input,
 or branch/ref text flows into agentic jobs with write permissions or secrets.
 The `contextforge-actions-audit.md` and `contextforge-actions.sarif` artifacts
 show whether GitHub Actions workflows have mutable action refs, missing
-permissions, pwn-request checkout, or direct shell interpolation of untrusted
+permissions, Node 24 runtime opt-in, pwn-request checkout, or direct shell interpolation of untrusted
 GitHub context.
 The `contextforge-trace-audit.md` artifact summarizes repeated tool calls,
 bulky tool output, tool-output-heavy traces, and cache reuse from available

docs/launch-snapshot.md

@@ -30,7 +30,7 @@ A short, shareable page for people deciding whether this project is worth trying
 | Are MCP configs risky? | `contextforge-mcp-audit.md` and `contextforge-mcp.sarif` |
 | Are Claude Code settings risky? | `contextforge-claude-audit.md` and `contextforge-claude.sarif` |
 | Can GitHub event text reach a privileged agent workflow? | `contextforge-workflow-audit.md` and `contextforge-workflow.sarif` |
-| Are GitHub Actions pinned and least-privilege? | `contextforge-actions-audit.md` and `contextforge-actions.sarif` |
+| Are GitHub Actions pinned, least-privilege, and Node 24-ready? | `contextforge-actions-audit.md` and `contextforge-actions.sarif` |
 | Did the last agent session waste context? | `contextforge-trace-audit.md` |
 | What would a long session cost? | `contextforge-cost-estimate.md` |
 | Is the first npm publish ready? | `contextforge-publish-readiness.md` |

docs/release-checklist.md

@@ -21,7 +21,7 @@
 - [x] npm publish workflow packs, attests, uploads, and publishes the same release tarball.
 - [x] Launch snapshot gives README visitors a why-now, adjacent-category, and proof-first page.
 - [x] Agentic workflow audit catches untrusted GitHub event text flowing into privileged AI workflows.
-- [x] GitHub Actions audit catches mutable action refs, missing permissions, pwn-request checkout, and direct script interpolation.
+- [x] GitHub Actions audit catches mutable action refs, missing permissions, Node 24 runtime opt-in gaps, pwn-request checkout, and direct script interpolation.
 - [x] MCP exposure audit catches committed MCP config secrets, unsafe shell installers, unpinned package launches, auto-approval, broad tool permissions, and symlinked config files.
 - [x] MCP exposure findings can be exported as SARIF for GitHub Code Scanning.
 - [x] Claude Code project settings can be audited as Markdown and SARIF artifacts.

docs/research/adjacent-tools.md

@@ -576,3 +576,9 @@ scorecard readers at the matching Markdown/SARIF rerun commands. The product
 reason is simple: a first-time maintainer, Codex session, or Claude session
 should not need to remember every specialized audit command before it can tell
 whether the repository is safe enough for agent-assisted work.
+ContextForge v0.71.0 adds `actions-missing-node24-opt-in` because GitHub's
+hosted runners are moving JavaScript actions from Node 20 to Node 24, and many
+agent-edited repositories now see noisy runtime annotations. The audit keeps the
+fix deterministic: set `FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true` at workflow
+level, then treat any remaining "target Node.js 20 but forced to Node.js 24"
+message as a runner metadata annotation rather than a failed hardening state.

docs/use-cases.md

@@ -174,7 +174,7 @@ Success signal:
   title, workflow input, or branch/ref text flowing into privileged AI workflows.
 - Release reviewers can open `contextforge-actions-audit.md` or upload
   `contextforge-actions.sarif` to catch mutable action refs, missing
-  permissions, pwn-request checkout, and direct script interpolation before
+  permissions, Node 24 runtime opt-in, pwn-request checkout, and direct script interpolation before
   agent-authored workflow changes reach `main`.
 - Agent operators can open `contextforge-trace-audit.md` to see whether the demo
   trace wasted turns on repeated tools or bulky output before they try local

llms-full.txt

@@ -155,7 +155,7 @@ cases so maintainers can see what the scanner is expected to catch.
 - `docs/artifacts.md`: generated artifact catalog and fast paths from `artifact-map`
 - `contextforge-artifact-map.md`: CI-uploaded artifact catalog from reusable and generated workflows
 - `contextforge-publish-readiness.md`: npm Trusted Publishing and package provenance readiness summary from `publish-readiness`
-- Reusable GitHub Action and generated audit workflows upload `contextforge-proof-pack.md`, `contextforge-scorecard.md`, `contextforge-agent-surface-map.md`, `contextforge-agent-surface-inventory.md`, `contextforge-agent-surface-diff.md`, `contextforge-mcp-audit.md`, `contextforge-mcp.sarif`, `contextforge-claude-audit.md`, `contextforge-claude.sarif`, `contextforge-workflow-audit.md`, `contextforge-workflow.sarif`, `contextforge-actions-audit.md`, `contextforge-actions.sarif`, `contextforge-review-kit.md`, and `contextforge-artifact-map.md` alongside JSON, HTML, SARIF, summary, plan, comment, suggestions, and badge artifacts. Dogfood and generated workflows opt JavaScript actions into Node 24.
+- Reusable GitHub Action and generated audit workflows upload `contextforge-proof-pack.md`, `contextforge-scorecard.md`, `contextforge-agent-surface-map.md`, `contextforge-agent-surface-inventory.md`, `contextforge-agent-surface-diff.md`, `contextforge-mcp-audit.md`, `contextforge-mcp.sarif`, `contextforge-claude-audit.md`, `contextforge-claude.sarif`, `contextforge-workflow-audit.md`, `contextforge-workflow.sarif`, `contextforge-actions-audit.md`, `contextforge-actions.sarif`, `contextforge-review-kit.md`, and `contextforge-artifact-map.md` alongside JSON, HTML, SARIF, summary, plan, comment, suggestions, and badge artifacts. Dogfood and generated workflows opt JavaScript actions into Node 24, and `actions-audit` flags missing `FORCE_JAVASCRIPT_ACTIONS_TO_NODE24` opt-ins.
 - PR-ready comments embed a compact changed agent-surface summary and point reviewers at `contextforge-proof-pack.md`, `contextforge-review-kit.md`, and `contextforge-agent-surface-diff.md` so sticky review discussions can lead to the deeper doctor/audit proof packet, the changed-file review brief, and the changed agent-surface report.
 - `docs/launch-post.md`: generated build-in-public launch kit from `launch-kit`
 - `docs/comparison.md`: generated adjacent-tool positioning guide from `compare`