Skip to content

Refresh repo-config carry to current reference; add self-audit carry#417

Merged
ptr727 merged 1 commit into
developfrom
conformance-repo-config-carry
Jul 16, 2026
Merged

Refresh repo-config carry to current reference; add self-audit carry#417
ptr727 merged 1 commit into
developfrom
conformance-repo-config-carry

Conversation

@ptr727

@ptr727 ptr727 commented Jul 16, 2026

Copy link
Copy Markdown
Owner

Implements the fleet hub drift finding (ProjectTemplate #330): earlier downstream carries drifted from the current repo-config and merge-bot reference.

Repo-config carry refresh

  • Rename repo-config/ruleset-develop.json and ruleset-main.json to develop.json and main.json, matching the current fleet reference layout (the fleet audit letter-checks the new paths).
  • Refresh README.md, configure.sh, and settings.json to the current reference content.

Self-audit carry

  • Add AUDIT.md at the repo root plus spec/secrets.json per the repo-config Downstream Carry, adapted from the blessed Vantage-Config reference for this repo's release model with the nuget-oidc and codecov secret mechanisms.

Merge-bot workflow sync

  • Sync .github/workflows/merge-bot-pull-request.yml to the current fleet reference: notably gh pr merge no longer uses --delete-branch, and the header and comments are updated.

Scope

Live rulesets, settings, and secrets were verified in sync with the reference payloads today; this change touches committed files only. No live repo configuration was modified.

🤖 Generated with Claude Code

Rename repo-config/ruleset-develop.json and ruleset-main.json to
develop.json and main.json to match the current fleet reference layout
(the fleet audit letter-checks the new paths), and refresh README.md,
configure.sh, and settings.json to the current reference content.

Add the adapted self-audit carry per the repo-config Downstream Carry:
AUDIT.md at the repo root plus spec/secrets.json, adapted from the
blessed Vantage-Config reference for this repo's release model with the
nuget-oidc and codecov secret mechanisms.

Sync .github/workflows/merge-bot-pull-request.yml to the current fleet
reference: notably gh pr merge no longer uses --delete-branch, and the
header and comments are updated.

Live rulesets, settings, and secrets were verified in sync with the
reference payloads today; this change touches committed files only.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings July 16, 2026 17:27
@codecov

codecov Bot commented Jul 16, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 66.89%. Comparing base (1bedf84) to head (3d72374).

Additional details and impacted files
@@           Coverage Diff            @@
##           develop     #417   +/-   ##
========================================
  Coverage    66.89%   66.89%           
========================================
  Files           13       13           
  Lines         1160     1160           
  Branches       108      108           
========================================
  Hits           776      776           
  Misses         338      338           
  Partials        46       46           

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Refreshes the carried repo-config/ baseline to match the current fleet reference layout and adds a repo-scoped self-audit (AUDIT.md + spec/secrets.json) so this repo can locally detect drift in rulesets/settings/secrets without applying changes.

Changes:

  • Renames/syncs ruleset payloads to repo-config/{develop,main}.json and updates repo-config/README.md, settings.json, and configure.sh accordingly.
  • Adds repo-scoped self-audit docs (AUDIT.md) and a secrets specification (spec/secrets.json) aligned with NuGet OIDC + Codecov.
  • Syncs the merge-bot workflow with the fleet reference (notably dropping gh pr merge --delete-branch).

Reviewed changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
spec/secrets.json Adds a repo-scoped secrets spec for baseline app creds + NuGet OIDC + Codecov.
repo-config/settings.json Refreshes committed repository settings baseline (wikis/projects off, update-branch on).
repo-config/ruleset-main.json Removes legacy ruleset filename (superseded by repo-config/main.json).
repo-config/ruleset-develop.json Removes legacy ruleset filename (superseded by repo-config/develop.json).
repo-config/README.md Updates repo-config carry documentation and includes regen snippet for ruleset payloads.
repo-config/main.json Adds new main ruleset payload at the fleet-standard path.
repo-config/develop.json Adds new develop ruleset payload at the fleet-standard path.
repo-config/configure.sh Replaces the old apply/check script with a fleet-style apply-only configuration script.
AUDIT.md Adds repo-scoped self-audit instructions to diff live settings/rulesets/secrets vs committed baseline.
.github/workflows/merge-bot-pull-request.yml Syncs merge-bot workflow behavior with the current fleet reference (no --delete-branch).

Comment thread AUDIT.md
Comment thread repo-config/README.md
Comment thread repo-config/README.md
Comment thread repo-config/configure.sh
@ptr727
ptr727 merged commit 281b96c into develop Jul 16, 2026
12 checks passed
@ptr727
ptr727 deleted the conformance-repo-config-carry branch July 16, 2026 17:48
ptr727 added a commit that referenced this pull request Jul 18, 2026
Promotion of the current `develop` integration state to `main`.

## Contents

| Area | Change |
| --- | --- |
| Analyzer conformance | #418 -- removed the repo-wide
`dotnet_analyzer_diagnostic` relaxation, fixed the 29 `xUnit1051` sites
it hid |
| Docs | #419 -- Codecov coverage shield in the README build status
block |
| Repo config | #417 -- repo-config carry refresh and self-audit carry |

## Conformance issues resolved

Closes #380
Closes #387

#380 (xUnit v3 + AwesomeAssertions, `ILoggerFactory` seam) was already
satisfied in the tree -- verified rather than assumed: 0 `Assert.*`
remaining against 245 `.Should()` calls, `xunit.v3` 3.2.2 pinned with no
v2 package, zero Serilog references in the library, and
`Utilities/LogOptions.cs` matching the LanguageTags reference seam.

#387's four findings were likewise already addressed except finding 1
(analyzer suppression hygiene), which #418 closes. Every remaining
suppression was independently probed by removing it and rebuilding, and
all proved load-bearing (`CA1711`, `CA1707`, `CA1515`, `NoWarn IL3058`).

## Release impact: no auto-publish

This promotion carries **no shipped input**. Per
[WORKFLOW.md](../blob/main/WORKFLOW.md) the inclusion list is
`Utilities/**`, `version.json`, `Directory.Build.props`,
`Directory.Packages.props`; this diff is confined to tests, docs, CI,
and repo config:

```
.editorconfig  .github/workflows/merge-bot-pull-request.yml  AUDIT.md  README.md
UtilitiesTests/*.cs  repo-config/*  spec/secrets.json
```

`Utilities/**` is byte-identical between `main` and `develop`, so the
published package is already current and merging this will correctly
**not** trigger a stable release.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants