gnezim/clawsec
1
0
Fork 0
mirror of https://github.com/prompt-security/clawsec.git synced 2026-06-13 05:28:02 +03:00
Code Issues Packages Projects Releases Wiki Activity
217 Commits 19 Branches 95 Tags
main
Commit Graph

217 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
davida-ps 9fd3059271 fix(traffic): require a traffic-capable PAT for the archive workflow (#265) 
* fix(traffic): use a traffic-capable PAT for the archive workflow

The daily Archive GitHub Traffic run has failed since creation: the
TRAFFIC_ARCHIVE_TOKEN secret was never provisioned, so the workflow fell
back to github.token, which GitHub categorically rejects on traffic
endpoints (403 "Resource not accessible by integration").

- Fall back to the existing POLL_NVD_CVES_PAT automation token instead
  of github.token, keeping TRAFFIC_ARCHIVE_TOKEN as the preferred
  override once provisioned.
- Fail fast with an actionable error when no traffic-capable token is
  configured.
- Explain token requirements in the script's 401/403 errors.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

* fix(traffic): require dedicated TRAFFIC_ARCHIVE_TOKEN, drop expired PAT fallback

A live dispatch confirmed POLL_NVD_CVES_PAT is expired (401 Bad
credentials), so falling back to it only trades one daily failure for
another. Require the dedicated secret and fail fast with setup
instructions instead.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

---------

Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
 2026-06-11 08:25:56 +03:00
davida-ps 1b676fd42c fix(skills): scan staged payload with SkillSpector (#264) 
* fix(skills): scan staged payload with skillspector

* fix(skills): embed skillspector report in releases

* fix(skills): use body path for release notes
openclaw-audit-watchdog-v0.1.7 picoclaw-security-guardian-v0.0.4 clawsec-suite-v0.1.10 clawtributor-v0.0.7 hermes-attestation-guardian-v0.1.4 hermes-traffic-guardian-v0.0.1-beta3 picoclaw-traffic-guardian-v0.0.1-beta3 picoclaw-self-pen-testing-v0.0.3 clawsec-scanner-v0.0.5 soul-guardian-v0.0.7 clawsec-nanoclaw-v0.0.8 clawsec-feed-v0.0.9 		2026-06-10 17:18:54 +03:00
davida-ps 59d54ed778 fix(skills): namespace ClawHub skill slugs (#263) 
* fix(release): map ClawHub publish slugs

* fix(release): share skill platform parsing
clawsec-clawhub-checker-v0.0.6 		2026-06-10 16:39:19 +03:00
Burak Bayır d99f324f72 feat(openclaw-traffic-guardian): add social action review scope (#261) 
* feat(openclaw-traffic-guardian): add social action review scope

* fix(openclaw-traffic-guardian): cover background repeats

* fix(openclaw-traffic-guardian): address policy review release gates

* docs(openclaw-traffic-guardian): credit policy review contributor

* docs(openclaw-traffic-guardian): inline contributor credit

* docs(openclaw-traffic-guardian): reference policy review spec

* ci(skills): allow unreleased version edits

* ci(skills): use directory name for release tag checks

---------

Co-authored-by: kriptoburak <kriptoburak@users.noreply.github.com>
Co-authored-by: David Abutbul <David.a@prompt.security>
 2026-06-10 14:46:52 +03:00
davida-ps c1d1824f86 ci(skills): publish release trust packets + expand skill installer awareness (vercel) (#262) 
* ci(skills): publish release trust packets

* ci(skills): simulate beta tag releases

* ci(skills): match release version bump rules

* chore(skills): group agent skills for installer

* chore(skills): make clawtributor global

* chore(skills): bump all skills for trust release

* ci(skills): require npx install docs

* fix(skills): simulate prerelease tag versions

* fix(skills): aggregate trust artifact checksum failures

* fix(frontend): advertise npx skills suite install

* chore(frontend): drop ad hoc homepage copy test

* fix(ci): run skill release tooling tests
openclaw-traffic-guardian-v0.0.1-beta3 		2026-06-10 13:22:22 +03:00
github-actions[bot] d7312d7429 chore: update NVD/GHSA advisories - 1 NVD new, 0 NVD updated (#257) 
Automated update from NVD CVE and GHSA advisory feeds.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-06-03T07:38:12Z to 2026-06-10T08:29:07.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-06-10 11:35:17 +03:00
davida-ps cb58e588c5 fix(workflow): filter dispatched codeql runs with jq (#260) 2026-06-10 11:23:30 +03:00
davida-ps 3cef7aa46b fix(security): harden high scan findings (#258) 
* fix(security): harden high scan findings

* fix(security): tighten review hardening

* fix(nanoclaw): preserve prerelease advisory matching
clawsec-scanner-v0.0.4 clawsec-nanoclaw-v0.0.7 clawsec-clawhub-checker-v0.0.5 		2026-06-07 13:00:56 +03:00
davida-ps 11f0fc50c4 fix(deps): bump react-router (#256) 2026-06-04 11:10:54 +03:00
davida-ps cfe1b40cf2 feat(traffic): archive repository traffic metrics (#252) 
* feat(traffic): archive repository traffic metrics

* fix(traffic): address archive review feedback

* fix(traffic): keep archive output json-only

* test(traffic): centralize archive fixture dates
 2026-06-04 11:00:13 +03:00
github-actions[bot] f56a0864f7 chore: update NVD/GHSA advisories - 6 NVD new, 6 NVD updated (#251) 
Automated update from NVD CVE and GHSA advisory feeds.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-05-31T07:16:20Z to 2026-06-03T07:36:53.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-06-03 11:10:10 +03:00
github-actions[bot] 58b092d6d0 chore: update NVD/GHSA advisories - 7 NVD new, 1 NVD updated (#250) 
Automated update from NVD CVE and GHSA advisory feeds.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-05-27T06:34:09Z to 2026-05-31T07:15:12.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-31 10:32:39 +03:00
dependabot[bot] babddfd3f2 chore(deps): bump github/codeql-action from 4.35.4 to 4.36.0 (#245) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.4 to 4.36.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/68bde559dea0fdcac2102bfdf6230c5f70eb485e...7211b7c8077ea37d8641b6271f6a365a22a5fbfa)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-27 14:39:47 +03:00
davida-ps 47a5696cb6 fix(workflow): wait for dispatched codeql run by sha and time (#248) 2026-05-27 10:03:29 +03:00
github-actions[bot] 5d868bf60f chore: update NVD/GHSA advisories - 9 NVD new, 9 NVD updated (#247) 
Automated update from NVD CVE and GHSA advisory feeds.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-05-24T18:52:13Z to 2026-05-27T06:32:58.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-27 09:48:52 +03:00
davida-ps b57d0f1db2 fix(deps): avoid vulnerable brace-expansion range (#244) 
* fix(deps): avoid vulnerable brace-expansion range

* fix(deps): use patched brace-expansion release
 2026-05-27 09:23:45 +03:00
davida-ps b91e5e4c94 docs: add citation metadata (#246) 
* docs: add citation metadata

* docs: add project release metadata
v0.1.0 		2026-05-27 03:10:02 +03:00
github-actions[bot] 2e793639f2 chore: update NVD/GHSA advisories - 0 NVD new, 1 NVD updated (#241) 
Automated update from NVD CVE and GHSA advisory feeds.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-05-16T22:02:27Z to 2026-05-24T18:50:11.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-25 00:37:22 +03:00
davida-ps 4dbac421ab feat(advisories): add provisional GHSA feed (#242) 
* feat(advisories): add provisional ghsa feed

* fix(workflows): include advisory signatures in checksums

* fix(workflows): mirror ghsa feed at release root

* feat(advisories): consolidate ghsa into agent feed

* ci(advisories): consolidate ghsa during nvd poll

* fix(advisories): retain unreplaced ghsa feed entries

* chore(skills): bump advisory feed consumers

* fix(release): resolve ts import closure dry run

* fix(release): preserve urls while stripping comments

* fix(release): ignore skill test-only changes

* fix(advisories): follow ghsa pagination links

* test(advisories): add nvd ghsa pipeline dry run
picoclaw-security-guardian-v0.0.3 hermes-attestation-guardian-v0.1.3 clawsec-nanoclaw-v0.0.6 clawsec-feed-v0.0.8 clawsec-suite-v0.1.9 		2026-05-24 21:41:59 +03:00
dependabot[bot] 8a9bdfcd23 chore(deps): bump ruff from 0.15.12 to 0.15.13 in /.github (#237) 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.15.12 to 0.15.13.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.15.12...0.15.13)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.15.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-19 11:07:13 +03:00
github-actions[bot] 0ee0d065ec chore: CVE advisories - 0 new, 19 updated (#233) 
Automated update from NVD CVE feed.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-05-12T06:56:03Z to 2026-05-16T22:00:50.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-17 01:04:46 +03:00
dependabot[bot] 5d2173226c chore(deps-dev): bump @types/node from 25.4.0 to 25.8.0 (#223) 
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.4.0 to 25.8.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 25.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-17 00:54:40 +03:00
David Abutbul 19c5113511 fix(attestation): include runtime libs in release sbom (#235) 
* fix(attestation): include runtime libs in release sbom

* ci: verify staged skill release import closure

* fix(release): include missing skill runtime sbom files

* fix(release): require files for import closure

---------

Co-authored-by: David Abutbul <David.a@prompt.security>
openclaw-audit-watchdog-v0.1.6 hermes-attestation-guardian-v0.1.2 clawsec-suite-v0.1.8 		2026-05-17 00:40:12 +03:00
David Abutbul 1e48a955cc fix(release): exclude tests from skill payloads (#230) 
* fix(release): exclude tests from skill payloads

* fix(release): normalize test path filtering

* fix(release): prefer GitHub artifacts for non-OpenClaw installs

* fix(release): keep legacy ClawHub publishing

* fix(release): address skill packaging review feedback

* chore(skills): bump release versions

* feat(skills): surface recommended platforms

* docs(skills): add signed release verification

* fix(skills): normalize PR version bumps

---------

Co-authored-by: David Abutbul <David.a@prompt.security>
soul-guardian-v0.0.6 picoclaw-self-pen-testing-v0.0.2 nanoclaw-traffic-guardian-v0.0.1-beta2 picoclaw-traffic-guardian-v0.0.1-beta2 picoclaw-security-guardian-v0.0.2 openclaw-audit-watchdog-v0.1.5 hermes-traffic-guardian-v0.0.1-beta2 hermes-attestation-guardian-v0.1.1 clawtributor-v0.0.6 clawsec-scanner-v0.0.3 claw-release-v0.0.3 clawsec-nanoclaw-v0.0.5 clawsec-clawhub-checker-v0.0.4 clawsec-feed-v0.0.7 openclaw-traffic-guardian-v0.0.1-beta2 		2026-05-14 14:38:58 +03:00
dependabot[bot] 0e503c3d5a chore(deps): bump github/codeql-action from 4.35.1 to 4.35.4 (#231) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.1 to 4.35.4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/c10b8064de6f491fea524254123dbe5e09572f13...68bde559dea0fdcac2102bfdf6230c5f70eb485e)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-12 10:11:49 +03:00
github-actions[bot] 382ec4971b chore: CVE advisories - 18 new, 1 updated (#232) 
Automated update from NVD CVE feed.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-05-10T13:15:38Z to 2026-05-12T06:54:54.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-12 10:08:29 +03:00
dependabot[bot] 9595dad58b chore(deps): bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 (#181) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 8.1.0 to 8.1.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/c0f553fe549906ede9cf27b5156039d195d2ece0...5f6978faf089d4d20b00c7766989d076bb2fc7f1)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-version: 8.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-11 10:43:12 +03:00
github-actions[bot] 6e512a5e43 chore: CVE advisories - 461 new, 0 updated (#228) 
Automated update from NVD CVE feed.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-01-10T13:13:55.000Z to 2026-05-10T13:13:55.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-11 08:56:04 +03:00
davida-ps e4c1e07544 fix(skills-catalog): resolve platform metadata fallbacks (#229) 
* fix(skills-catalog): resolve platform metadata fallbacks

* fix(skills-catalog): harden platform metadata guards
 2026-05-10 16:07:31 +03:00
davida-ps 369745821f feat(traffic-guardian): add runtime monitoring skill baselines (#217) 
* feat(traffic-guardian): add runtime monitoring skill baselines

* fix(traffic-guardian): align changelog and i18n fallback docs

* chore(traffic-guardian): prepare beta1 release metadata
nanoclaw-traffic-guardian-v0.0.1-beta1 picoclaw-traffic-guardian-v0.0.1-beta1 openclaw-traffic-guardian-v0.0.1-beta1 hermes-traffic-guardian-v0.0.1-beta1 		2026-05-10 15:04:17 +03:00
github-actions[bot] 85caad5601 chore: CVE advisories - 461 new, 0 updated (#227) 
Automated update from NVD CVE feed.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-01-07T12:10:52.000Z to 2026-05-07T12:10:52.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-07 15:14:30 +03:00
davida-ps dfe62457fb Include hermes-agent in NVD queries and export keywords to environment (#226) 
* fix(workflow): expand NVD Hermes coverage and keep keyword export

* fix(workflow): export concise nvd summary keywords
 2026-05-07 14:58:08 +03:00
dependabot[bot] 95f9d758ee chore(deps): bump actions/github-script from 8.0.0 to 9.0.0 (#180) 
Bumps [actions/github-script](https://github.com/actions/github-script) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/ed597411d8f924073f98dfc5c65a23a2325f34cd...3a2844b7e9c422d3c10d287c895573f7108da1b3)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-05 13:06:01 +03:00
dependabot[bot] f6afc80aa2 chore(deps): bump actions/setup-node from 6.3.0 to 6.4.0 (#218) 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 6.3.0 to 6.4.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/53b83947a5a98c8d113130e565377fae1a50d02f...48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: 6.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-05 12:58:47 +03:00
dependabot[bot] 9462fe7e1b chore(deps): bump actions/configure-pages from 5.0.0 to 6.0.0 (#219) 
Bumps [actions/configure-pages](https://github.com/actions/configure-pages) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/configure-pages/releases)
- [Commits](https://github.com/actions/configure-pages/compare/983d7736d9b0ae728b81ab479565c72886d7745b...45bfe0192ca1faeb007ade9deae92b16b8254a0d)

---
updated-dependencies:
- dependency-name: actions/configure-pages
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-05 12:43:36 +03:00
dependabot[bot] e3337d0f33 chore(deps): bump actions/upload-pages-artifact from 4.0.0 to 5.0.0 (#220) 
Bumps [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact) from 4.0.0 to 5.0.0.
- [Release notes](https://github.com/actions/upload-pages-artifact/releases)
- [Commits](https://github.com/actions/upload-pages-artifact/compare/7b1f4a764d45c48632c6b24a0339c27f5614fb0b...fc324d3547104276b827a68afc52ff2a11cc49c9)

---
updated-dependencies:
- dependency-name: actions/upload-pages-artifact
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-05 11:13:41 +03:00
davida-ps 72663ab80b fix(codeql): ignore generated dist artifacts (#216) 2026-05-04 11:37:37 +03:00
github-actions[bot] 4042a388a9 chore: CVE advisories - 0 new, 59 updated (#215) 
Automated update from NVD CVE feed.
Keywords:
Poll window: 2026-04-30T06:50:23Z to 2026-05-03T06:48:42.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-03 13:28:47 +03:00
dependabot[bot] d491fde73a chore(deps): bump react-dom from 19.2.4 to 19.2.5 (#188) 
Bumps [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) from 19.2.4 to 19.2.5.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.5/packages/react-dom)

---
updated-dependencies:
- dependency-name: react-dom
  dependency-version: 19.2.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 00:52:52 +03:00
dependabot[bot] 6e318384a9 chore(deps-dev): bump fast-check from 4.5.3 to 4.7.0 (#189) 
Bumps [fast-check](https://github.com/dubzzz/fast-check/tree/HEAD/packages/fast-check) from 4.5.3 to 4.7.0.
- [Release notes](https://github.com/dubzzz/fast-check/releases)
- [Changelog](https://github.com/dubzzz/fast-check/blob/main/packages/fast-check/CHANGELOG.md)
- [Commits](https://github.com/dubzzz/fast-check/commits/v4.7.0/packages/fast-check)

---
updated-dependencies:
- dependency-name: fast-check
  dependency-version: 4.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 00:49:44 +03:00
dependabot[bot] d23f1f9612 chore(deps): bump aquasecurity/trivy-action (#184) 
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from e368e328979b113139d6f9068e03accaed98a518 to ed142fd0673e97e23eac54620cfb913e5ce36c25.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/e368e328979b113139d6f9068e03accaed98a518...ed142fd0673e97e23eac54620cfb913e5ce36c25)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-version: 264c9c5e188ea085e7377fd77abd17bfbd4e5926
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-30 18:11:57 +03:00
dependabot[bot] ef6b5f63d4 chore(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#179) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 7.0.0 to 7.0.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-30 18:06:10 +03:00
dependabot[bot] 12afd15dd6 chore(deps): bump softprops/action-gh-release from 2.6.1 to 3.0.0 (#182) 
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.6.1 to 3.0.0.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](https://github.com/softprops/action-gh-release/compare/153bb8e04406b158c6c84fc1615b65b24149a1fe...b4309332981a82ec1c5618f44dd2e27cc8bfbfda)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-30 18:00:01 +03:00
github-actions[bot] 0e22d8f9bd chore: CVE advisories - 0 new, 12 updated (#214) 
Automated update from NVD CVE feed.
Keywords:
Poll window: 2026-04-29T06:48:08Z to 2026-04-30T06:49:19.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-30 15:04:42 +03:00
github-actions[bot] f8614a21b3 chore: CVE advisories - 53 new, 28 updated (#213) 
Automated update from NVD CVE feed.
Keywords:
Poll window: 2026-04-28T06:52:17Z to 2026-04-29T06:46:53.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-29 19:19:03 +03:00
David Abutbul b37162a33d feat(i18n): add multilingual wiki scaffolding, language switcher, and… (#212) 
* feat(i18n): add multilingual wiki scaffolding, language switcher, and translation QA pipeline

* docs(readme): adopt picoclaw-style multilingual link bar

* fix(i18n): repair localized index links and tighten partial-pair QA

* ci(i18n): fail on broken markdown links in README/wiki

* ci(i18n): add changed-files mode for markdown link checks

* i18n(de): use local Argos MT to fill untranslated German sections

* i18n(es,fr): fill untranslated sections via local Argos workflow

* i18n(ja): fill untranslated sections with scoped local Argos pass

* i18n(ko): fill untranslated sections with scoped local Argos pass

* fix(i18n): address review feedback

---------

Co-authored-by: David Abutbul <David.a@prompt.security>
 2026-04-29 09:00:31 +03:00
dependabot[bot] 627d20b7e1 chore(deps): bump ruff from 0.15.9 to 0.15.12 in /.github (#210) 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.15.9 to 0.15.12.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.15.9...0.15.12)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.15.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-28 14:37:49 +03:00
dependabot[bot] 87afa0de2f chore(deps): bump postcss from 8.5.6 to 8.5.12 (#209) 
Bumps [postcss](https://github.com/postcss/postcss) from 8.5.6 to 8.5.12.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.5.6...8.5.12)

---
updated-dependencies:
- dependency-name: postcss
  dependency-version: 8.5.10
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-28 13:51:19 +03:00
github-actions[bot] 5e298bc1f7 chore: CVE advisories - 11 new, 16 updated (#211) 
Automated update from NVD CVE feed.
Keywords:
Poll window: 2026-04-26T11:27:34Z to 2026-04-28T06:51:12.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-28 13:29:28 +03:00
github-actions[bot] 808aefe40d chore: CVE advisories - 1 new, 1 updated (#207) 
Automated update from NVD CVE feed.
Keywords:
Poll window: 2026-04-24T06:36:58Z to 2026-04-26T11:26:31.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-26 14:38:45 +03:00