chore(standards): migrate reusable caller templates to <name>/stable channels (#482)#491
Conversation
…channels (#482) Phase 2 of the stub-pin reconciliation (#482). Channels were cut at the v2 release commit (376a4fc) for all six reusables (Phase 1); this points the caller templates at them: agent-shield, auto-rebase, dependency-audit, dependabot-automerge, dependabot-rebase, pr-review-mention → uses: …/<name>-reusable.yml@<name>/stable This also fixes the two templates that were pinned off-standard — agent-shield (SHA @208ec2d) and dependabot-rebase (@9a694e5 # main) — which neither matched the audit's expected pin nor the channel model. Stale "bump the SHA/tag" guidance comments are replaced with channel guidance (a release is rolled out by moving the channel centrally, never by editing callers). No fleet impact from this PR: these are source-of-truth templates. The fleet re-sync to the channels (Phase 3, via deploy-standard-workflows.sh) and the compliance-audit update to expect the channel pins (Phase 4) follow — the audit change lands last so the fleet is never flagged non-compliant mid-migration. Refs #482. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
|
Dev-Lead — review-changes (no-changes)No changes were needed for this PR. |
There was a problem hiding this comment.
Code Review
This pull request updates multiple GitHub Actions workflow files in standards/workflows/ to reference centrally managed stable channel tags (e.g., @agent-shield/stable, @auto-rebase/stable) instead of specific SHAs or version tags. The inline documentation has also been updated to reflect this new versioning policy. There are no review comments, and I have no additional feedback to provide.
Dev-Lead — fix-reviews (no-changes)Agent reasoning |
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (6)
📝 WalkthroughWalkthroughSix caller workflow files under ChangesStable channel ref migration
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~3 minutes Possibly related issues
Possibly related PRs
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |



Summary
Phase 2 of the stub-pin reconciliation (#482). Points the six Tier-1 caller templates at the new per-reusable
stablechannels, adopting the documented North Star (Reusable workflow versioning).Phase 1 (done): cut
<name>/stable(moving) +<name>/v2.0.0(immutable) tags at the v2 release commit376a4fcbfor all six reusables.This PR:
agent-shield,auto-rebase,dependency-audit,dependabot-automerge,dependabot-rebase,pr-review-mentiontemplates →uses: …/<name>-reusable.yml@<name>/stable.agent-shield(was SHA@208ec2d) anddependabot-rebase(was@9a694e5 # main) — neither matched the audit's expected pin or the channel model.Safety / phasing
deploy-standard-workflows.sh— opens reviewablestandards-syncPRs per repo. Noteauto-rebase/dependabot-rebasemove v1→v2 (the channel points at v2); landing via per-repo PRs means each runs the repo's CI before merge.check_centralized_workflow_stubsto expect@<name>/stable. Deliberately ordered after Phase 3 so the fleet is never flagged non-compliant mid-migration.Validation
uses:refs point at the cut channels (verified resolving to376a4fcb).Refs #482.
🤖 Generated with Claude Code
Summary by CodeRabbit