gnezim/clawsec
1
0
Fork 0
mirror of https://github.com/prompt-security/clawsec.git synced 2026-06-24 02:41:20 +03:00
Code Issues Packages Projects Releases Wiki Activity

chore(release): bump skill metadata for republish (#278)

Browse Source 
* chore(release): bump skill metadata for republish

* fix(release): keep skillspector PR comments non-blocking

* fix(release): resolve metadata review comments
This commit is contained in:
davida-ps
2026-06-23 09:25:50 +03:00
committed by GitHub
parent de28dadd39
commit 4c26671dc3
49 changed files with 143 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files
scripts/test-skill-release-workflow.mjs
+13
View File
@@ -254,12 +254,25 @@ assert.match(
'Skill release workflow must download generated SkillSpector reports in a separate PR comment job with comment permissions',
);
const commentJob = workflow.match(/[ ]{2}comment-skillspector-report:[\s\S]*?\n[ ]{2}[a-z][^:\n]*:/)?.[0] || "";
assert.doesNotMatch(
commentJob,
/pull-requests: write/,
'SkillSpector PR comment publishing should not request redundant pull-requests write permissions',
);
assert.match(
workflow,
/comment-skillspector-report:[\s\S]*if: always\(\) && github\.event_name == 'pull_request' && needs\.release\.result != 'cancelled'[\s\S]*Download SkillSpector reports[\s\S]*continue-on-error: true/,
'SkillSpector PR comments must still run when the release dry-run produced reports but the release job failed later',
);
assert.match(
workflow,
/Comment SkillSpector reports[\s\S]*continue-on-error: true[\s\S]*actions\/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9\.0\.0/,
'SkillSpector PR comment publishing must not fail the release dry-run check',
);
assert.match(
workflow,
/function sanitizeReportForComment\(report\)[\s\S]*code block omitted from PR comment[\s\S]*inline snippet omitted[\s\S]*redacted-email[\s\S]*redacted-token/,
scripts/test-skill-tag-release-simulation.mjs
+4 -4
View File
@@ -140,16 +140,16 @@ writeFileSync(process.argv[outputIndex + 1], "# Fake SkillSpector Report\\n\\nNo
await runSimulation({
skillDir: "skills/clawsec-suite",
outputDir: path.join(tempRoot, "stable"),
expectedOriginal: "0.1.10",
expectedSimulated: "0.1.11",
expectedOriginal: "0.1.11",
expectedSimulated: "0.1.12",
expectedAgent: "openclaw",
});
await runSimulation({
skillDir: "skills/hermes-traffic-guardian",
outputDir: path.join(tempRoot, "beta"),
expectedOriginal: "0.0.1-beta3",
expectedSimulated: "0.0.1-beta4",
expectedOriginal: "0.0.1-beta4",
expectedSimulated: "0.0.1-beta5",
expectedAgent: "hermes-agent",
});
scripts/test-skill-trust-packet.mjs
+4 -4
View File
@@ -25,7 +25,7 @@ function runTrustPacket(skillDir, targetDir, tag) {
}
try {
const result = runTrustPacket("skills/clawsec-suite", outputDir, "clawsec-suite-v0.1.10");
const result = runTrustPacket("skills/clawsec-suite", outputDir, "clawsec-suite-v0.1.11");
assert.equal(
result.status,
@@ -41,10 +41,10 @@ try {
assert.match(skillCard, /## License\/Terms of Use/);
assert.match(skillCard, /AGPL-3\.0-or-later/);
assert.match(skillCard, /skillspector-report\.md/);
assert.match(skillCard, /clawsec-suite-v0\.1\.10/);
assert.match(skillCard, /clawsec-suite-v0\.1\.11/);
assert.equal(permissions.skill, "clawsec-suite");
assert.equal(permissions.version, "0.1.10");
assert.equal(permissions.version, "0.1.11");
assert.equal(permissions.platform, "openclaw");
assert.deepEqual(
permissions.required_binaries,
@@ -62,7 +62,7 @@ try {
const hermesResult = runTrustPacket(
"skills/hermes-attestation-guardian",
hermesOutputDir,
"hermes-attestation-guardian-v0.1.4",
"hermes-attestation-guardian-v0.1.5",
);
assert.equal(
hermesResult.status,