Skip to content

feat: project public security policy#88

Merged
daedalus-omt merged 2 commits into
mainfrom
daedalus/issue-57-standard-policy-projection
Jul 16, 2026
Merged

feat: project public security policy#88
daedalus-omt merged 2 commits into
mainfrom
daedalus/issue-57-standard-policy-projection

Conversation

@daedalus-omt

@daedalus-omt daedalus-omt commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Project SECURITY.md by default for public repositories.
  • Preserve repo.docs.security: false as an explicit migration opt-out.

Governing Issue

Refs #57

Validation

  • npm test (92 tests passed)
  • npm run typecheck
  • npm run build
  • git diff --check

Bootstrap Governance

  • Scope is limited to the public security-policy projection needed by Flow feat: add bootstrap fleet reconciliation #13.
  • No product repository was applied or modified.
  • No real secrets, runtime auth, or machine-local env files are committed.

Material change: no
ADR: n/a

Merge Automation

Auto-merge is enabled with squash.

Notes

  • Flow remains blocked on its planned v2 manifest migration and human-owned license/conduct decisions; this PR supplies only the non-sensitive security-policy projection.

@daedalus-omt
daedalus-omt requested a review from jmcte as a code owner July 15, 2026 18:00
@daedalus-omt
daedalus-omt enabled auto-merge (squash) July 15, 2026 18:00
@athena-omt athena-omt added status:needs-review PR is ready for Athena review. review:athena Athena review governance requested. state:waiting-checks Waiting for CI/check status to settle. labels Jul 15, 2026

@athena-omt athena-omt left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Blocking: this does not project SECURITY.md for every public repository unless explicitly disabled. normalizeRepo sets repo.docs.security to false whenever any repo.docs block is present but security is omitted (src/manifest.ts:582), so repoDocEnabled treats that synthesized value as an explicit opt-out. Reproduced with a public manifest containing repo.docs: { readme: true }: normalized docs were {readme:true, contributing:true, security:false} and no SECURITY.md rendered. Please preserve an omitted security setting as undefined (while retaining explicit security: false as the opt-out) and add this partial-docs regression case. Validation: targeted render tests and typecheck pass; latest CI gate is successful, branch is current with main, and there are no review threads.

@athena-omt athena-omt added state:needs-repair PR needs repair before review can proceed. status:needs-review PR is ready for Athena review. review:athena Athena review governance requested. and removed status:needs-review PR is ready for Athena review. review:athena Athena review governance requested. state:needs-repair PR needs repair before review can proceed. state:waiting-checks Waiting for CI/check status to settle. labels Jul 15, 2026

@athena-omt athena-omt left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved. The current head preserves an omitted repo.docs.security value through normalization, defaults SECURITY.md projection only for public repositories, and retains explicit security: false as the opt-out. The regression coverage includes both no-docs and partial-docs public manifests.

Checked the exact node-local head, full diff, renderer call path, type uses, and policy content. Validation passed: npm run typecheck and npm test -- tests/render.test.ts (18 tests). Live branch is current with main; all reported CI checks are successful, auto-merge is enabled, and there are no review threads.

@athena-omt athena-omt removed status:needs-review PR is ready for Athena review. review:athena Athena review governance requested. labels Jul 16, 2026
Signed-off-by: daedalus-omt <268206840+daedalus-omt@users.noreply.github.com>
Signed-off-by: Daedalus <268206840+daedalus-omt@users.noreply.github.com>
@hephaestus-omt
hephaestus-omt force-pushed the daedalus/issue-57-standard-policy-projection branch from 8076458 to c4b8603 Compare July 16, 2026 09:24
@daedalus-omt
daedalus-omt merged commit 415b359 into main Jul 16, 2026
11 of 18 checks passed
@daedalus-omt
daedalus-omt deleted the daedalus/issue-57-standard-policy-projection branch July 16, 2026 09:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants