diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 959669a..1cb39d5 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -4,9 +4,9 @@ on: workflow_dispatch: inputs: username: - description: GitHub username to audit + description: GitHub username to audit (defaults to saagpatel) required: false - default: saagpatel + default: '' permissions: contents: read diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8b892c5..2933e73 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: ["3.11"] + python-version: ["3.11", "3.12"] steps: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Python ${{ matrix.python-version }} diff --git a/.gitignore b/.gitignore index 7bdb3d8..aa76ce7 100644 --- a/.gitignore +++ b/.gitignore @@ -14,6 +14,8 @@ output/PORTFOLIO.md !output/.gitkeep config/notion-config.json HANDOFF.md +proof-pr.json +sprint*.png .claude/ .serena/ __pycache__/ diff --git a/CHANGELOG.md b/CHANGELOG.md index 781342c..37f456e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,12 @@ All notable changes to this project are documented here. Format: [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) +> **Versioning note:** The `0.x.0` entries below (0.1.0 through 0.19.0) reflect +> the internal development history prior to the first public PyPI release. The +> public PyPI line starts at `0.1.0` (tag `v0.1.0`, released 2026-05-18) and +> follows `0.1.x` for patches. Do not conflate the internal `0.x.0` series with +> PyPI release versions. + --- ## [Unreleased] diff --git a/README.md b/README.md index 75121a4..90be77c 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ > Know the truth about every project you've ever started — because `git log` across a crowded repo portfolio doesn't tell you which ones are worth finishing. -📐 **Case study — [Operator OS: a multi-agent control plane over a repo portfolio](CASE-STUDY.md).** How this auditor's truth layer anchors six local services and two coordinated coding agents (Claude Code + Codex), with real portfolio metrics and a [90-second demo plan](DEMO-PLAN.md). +**Case study — [Operator OS: a multi-agent control plane over a repo portfolio](CASE-STUDY.md).** How this auditor's truth layer anchors six local services and two coordinated coding agents (Claude Code + Codex), with real portfolio metrics and a [90-second demo plan](DEMO-PLAN.md). GitHub Repo Auditor is a portfolio audit and operator tool for developers with a lot of repositories. It clones every repo on your GitHub account, runs 12 analyzers across completeness and interest dimensions, assigns letter grades and achievement badges, preserves historical state, and generates actionable dashboards you can actually use to decide what to work on next. Built for developers who ship fast, start often, and need a system to manage the sprawl. @@ -212,8 +212,8 @@ Expected outputs include `output/demo/demo-report.json`, `output/demo/operator-control-center-demo.json`, `output/demo/operator-control-center-demo.md`, `output/demo/portfolio-truth-latest.json`, -`output/demo/weekly-command-center-sample-user-2026-04-12.json`, -`output/demo/security-burndown-sample-user-2026-04-12.json`, +`output/demo/weekly-command-center--.json`, +`output/demo/security-burndown--.json`, `output/demo/pending-proposals.json`, and `output/demo/portfolio-warehouse.db`. To browse the same fixture in the local web UI: @@ -393,7 +393,7 @@ That command generates stable sample `standard` and `template` workbooks, valida After that manual desktop Excel check, record the outcome back into the gate artifacts: ```bash -make workbook-signoff ARGS="--reviewer --outcome passed --check excel-open-no-repair=passed --check visible-tabs-present=passed --check normal-zoom-readable=passed --check chart-placement-clean=passed --check filters-work=passed" +make workbook-signoff ARGS="--reviewer yourname --outcome passed --check excel-open-no-repair=passed --check visible-tabs-present=passed --check normal-zoom-readable=passed --check chart-placement-clean=passed --check filters-work=passed" ``` ## Managed Campaigns and Governance diff --git a/proof-pr.json b/proof-pr.json deleted file mode 100644 index 7b6a5ae..0000000 --- a/proof-pr.json +++ /dev/null @@ -1,182 +0,0 @@ -{ - "schema_version": "proof-pr.v1", - "receipt_id": "saagpatel-github-repo-auditor-proof-pr-dogfood", - "generated_at": "2026-06-20T09:00:00Z", - "subject": { - "repo": "saagpatel/GithubRepoAuditor", - "pr_number": null, - "pr_url": null, - "base_ref": "main", - "base_sha": "b69bd828a240572594ed4a8afec159e546fccefa", - "head_ref": "chore/proof-pr-dogfood", - "head_sha": "pending-pr-head", - "head_sha_status": "pending_commit" - }, - "producer": { - "tool": "proof-pr", - "version": "0.1.3", - "agent": "codex", - "mode": "local", - "example_pattern": { - "pattern": "Workflow dogfood", - "example": "examples/pr-087-github-repo-auditor-dogfood.json", - "tier": "T3", - "source": "explicit" - } - }, - "risk": { - "tier": "T3", - "reasons": [ - "adds a GitHub Actions workflow", - "introduces proof-pr as a reusable CI evidence consumer", - "commits a machine-readable proof receipt" - ], - "changed_surfaces": [ - "github-actions", - "proof-receipt", - "public-repo-evidence" - ] - }, - "change": { - "summary": "Adds an advisory proof-pr dogfood workflow and committed receipt for GitHub Repo Auditor.", - "files_touched": [ - ".github/workflows/proof-pr.yml", - "proof-pr.json" - ], - "diff_stats": { - "files": 2, - "additions": 175, - "deletions": 0 - }, - "scope_notes": "No application code, package metadata, generated portfolio truth, or release workflow behavior changes." - }, - "evidence": [ - { - "id": "proof-pr-validate", - "kind": "repo-native", - "command": [ - "proof-pr validate proof-pr.json" - ], - "status": "passed", - "required": true, - "summary": "Committed receipt validates against proof-pr.v1 schema." - }, - { - "id": "proof-pr-render", - "kind": "repo-native", - "command": [ - "proof-pr render proof-pr.json" - ], - "status": "passed", - "required": true, - "summary": "Receipt renders into the standard Markdown PR block." - }, - { - "id": "workflow-yaml", - "kind": "repo-native", - "command": [ - "ruby -e \"require 'yaml'; YAML.load_file('.github/workflows/proof-pr.yml')\"" - ], - "status": "passed", - "required": true, - "summary": "New workflow YAML parses." - }, - { - "id": "public-fixture-proof-package", - "kind": "repo-native", - "command": [ - "PYTHONDONTWRITEBYTECODE=1 python3 scripts/validate_proof_package.py docs/demo-proof/public-fixture/proof-package.json" - ], - "status": "passed", - "required": true, - "summary": "Existing public fixture proof package remains valid." - }, - { - "id": "secrets-scan", - "kind": "security", - "command": [ - "gitleaks detect --source . --no-banner --redact --verbose" - ], - "status": "passed", - "required": true, - "summary": "No leaks found in the dogfood worktree." - }, - { - "id": "public-boundary-scan", - "kind": "security", - "status": "passed", - "required": true, - "summary": "No private repo names, local paths, personal email, or token prefixes found in the new public dogfood files." - }, - { - "id": "full-test-suite", - "kind": "test", - "status": "skipped", - "required": false, - "summary": "No Python source, package metadata, or generated truth surface changed.", - "reason": "The PR adds only an advisory workflow caller and proof receipt; normal CI still runs on pull_request." - }, - { - "id": "screenshots", - "kind": "screenshot", - "status": "not_applicable", - "required": false, - "summary": "No UI, workbook, dashboard, or visual artifact changed." - }, - { - "id": "public-git-metadata", - "kind": "security", - "command": [ - "proof-pr", - "check-public-git-metadata", - "--ref", - "HEAD", - "--base-ref", - "origin/main", - "--summary-format", - "text" - ], - "status": "passed", - "required": true, - "summary": "Public git metadata checked in introduced mode for origin/main..HEAD; legacy history and tags were not in scope; findings=0." - } - ], - "security": { - "secrets_scan": { - "status": "passed", - "summary": "Gitleaks scan found no leaks." - }, - "permission_diff": { - "status": "passed", - "summary": "New workflow grants explicit read-only permissions: contents: read and actions: read." - }, - "redaction": { - "status": "not_applicable", - "summary": "No screenshots or generated portfolio artifacts are included in this PR." - } - }, - "rollback": { - "status": "documented", - "path": "Revert this PR or remove .github/workflows/proof-pr.yml and proof-pr.json.", - "notes": "The workflow is manual-only and advisory, so rollback does not require data migration or external cleanup." - }, - "artifacts": [ - { - "id": "proof-pr-json", - "kind": "json", - "path_or_url": "proof-pr.json", - "description": "Committed proof-pr dogfood receipt.", - "required": true, - "external": false - } - ], - "limitations": [ - "The committed receipt uses pending-pr-head because a receipt committed in the same change cannot know its final commit SHA before the commit exists.", - "PR number and PR URL should be reflected in the pull request proof block after PR creation.", - "The workflow is manual-only for dogfood; pull_request enforcement is intentionally deferred." - ], - "overall": { - "status": "passed_with_warnings", - "review_decision": "ready_with_operator_awareness" - } -} diff --git a/pyproject.toml b/pyproject.toml index 7cbe7ef..92bef89 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -18,7 +18,7 @@ keywords = [ "developer-tools", ] classifiers = [ - "Development Status :: 3 - Alpha", + "Development Status :: 4 - Beta", "Environment :: Console", "Intended Audience :: Developers", "Programming Language :: Python :: 3", @@ -100,4 +100,4 @@ target-version = "py311" ignore = ["E501"] [tool.setuptools_scm] -fallback_version = "0.19.0" +fallback_version = "0.1.4" diff --git a/sprint13-dismissal-history.png b/sprint13-dismissal-history.png deleted file mode 100644 index a8aeee2..0000000 Binary files a/sprint13-dismissal-history.png and /dev/null differ diff --git a/sprint13-dismissed-with-history-link.png b/sprint13-dismissed-with-history-link.png deleted file mode 100644 index 333f836..0000000 Binary files a/sprint13-dismissed-with-history-link.png and /dev/null differ