8 Commits

Author SHA1 Message Date
Alireza Rezvani 77cac6ffd6 fix(ci): remove branch naming requirement for PRs into dev (#17)
Removed strict branch naming validation that was blocking PRs.
Contributors can now use any branch name when creating PRs into dev.

Changes:
- Removed "Validate branch name" step from pr-into-dev workflow
- Updated error comment script to remove branch name references
- Kept PR title validation (Conventional Commits) and linked issues check

Rationale: Branch naming requirements add unnecessary friction for
contributors without significant benefit. PR title validation provides
sufficient commit message hygiene.

Fixes validation failure in PR #14 and future contributor PRs.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com>
2026-01-07 17:47:45 +01:00
Reza Rezvani 776220f441 fix(ci): skip bash -n check for install.sh in validate workflow
Interactive script with /dev/tty cannot be syntax-checked non-interactively.
2025-11-12 15:22:33 +01:00
Reza Rezvani 2307f06221 fix(ci): exclude docs from secret scanning and skip interactive script validation
- Security checks: Exclude docs/ and examples/ from secret pattern matching
  (prevents false positives on documentation examples)
- Install validation: Skip bash -n check for scripts using /dev/tty
  (interactive scripts are valid but fail non-interactive syntax checking)

Fixes workflow failures in dev-to-main PRs.
2025-11-12 15:18:55 +01:00
Reza Rezvani ad03dea942 fix(ci): handle multi-line PR body in linked issues check
Use heredoc to safely write PR body to temp file instead of storing in variable.
This prevents bash from interpreting special characters and multi-line content
as commands (exit code 127 error).

Fixes workflow failure in PR #3.
2025-11-12 14:33:32 +01:00
Reza Rezvani dd6a6c24d7 feat(ci): implement comprehensive CI/CD workflows and quality gates
Phase 1: Core GitHub Workflows Implementation

Composite Actions (4):
- setup-python-deps: Cache Python dependencies for faster runs
- fork-safety: Detect fork PRs and prevent malicious write operations
- rate-limit-check: Circuit breaker pattern for GitHub API exhaustion
- quality-gates: Python syntax, Markdown lint, Bash validation, secret scanning

Workflows (5):
- bootstrap.yml: One-time repository setup (labels, milestones, settings)
- reusable-pr-checks.yml: DRY quality gate orchestrator
- pr-into-dev.yml: Feature PR validation (branch names, conventional commits, linked issues)
- dev-to-main.yml: Release gate validation (source branch, CHANGELOG, production readiness)
- release.yml: Manual release creation with GitHub releases and auto-generated notes

Branch Strategy: Standard (feature/* → dev → main)
Quality Gates: Python, Markdown, Bash, Secrets
Release Trigger: Manual via /release command or workflow_dispatch

Implements comprehensive CI/CD system adapted from blueprint:
- Fork safety and rate limiting for security
- Conventional commits enforcement
- Automated quality validation
- Production release gates
- GitHub release automation

Next: Phase 2 (templates, CODEOWNERS, dependabot)
2025-11-12 12:51:48 +01:00
Alireza Rezvani b1884c428f "Claude Code Review workflow" 2025-11-12 11:49:32 +01:00
Alireza Rezvani 60dd6d9f5f "Claude PR Assistant workflow" 2025-11-12 11:49:31 +01:00
Reza Rezvani 37422c1667 Initial commit: ClaudeForge v1.0.0 2025-11-12 11:19:48 +01:00