Refresh repo-config carry to current reference; add self-audit carry#417
Merged
Conversation
Rename repo-config/ruleset-develop.json and ruleset-main.json to develop.json and main.json to match the current fleet reference layout (the fleet audit letter-checks the new paths), and refresh README.md, configure.sh, and settings.json to the current reference content. Add the adapted self-audit carry per the repo-config Downstream Carry: AUDIT.md at the repo root plus spec/secrets.json, adapted from the blessed Vantage-Config reference for this repo's release model with the nuget-oidc and codecov secret mechanisms. Sync .github/workflows/merge-bot-pull-request.yml to the current fleet reference: notably gh pr merge no longer uses --delete-branch, and the header and comments are updated. Live rulesets, settings, and secrets were verified in sync with the reference payloads today; this change touches committed files only. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## develop #417 +/- ##
========================================
Coverage 66.89% 66.89%
========================================
Files 13 13
Lines 1160 1160
Branches 108 108
========================================
Hits 776 776
Misses 338 338
Partials 46 46 ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
Contributor
There was a problem hiding this comment.
Pull request overview
Refreshes the carried repo-config/ baseline to match the current fleet reference layout and adds a repo-scoped self-audit (AUDIT.md + spec/secrets.json) so this repo can locally detect drift in rulesets/settings/secrets without applying changes.
Changes:
- Renames/syncs ruleset payloads to
repo-config/{develop,main}.jsonand updatesrepo-config/README.md,settings.json, andconfigure.shaccordingly. - Adds repo-scoped self-audit docs (
AUDIT.md) and a secrets specification (spec/secrets.json) aligned with NuGet OIDC + Codecov. - Syncs the merge-bot workflow with the fleet reference (notably dropping
gh pr merge --delete-branch).
Reviewed changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| spec/secrets.json | Adds a repo-scoped secrets spec for baseline app creds + NuGet OIDC + Codecov. |
| repo-config/settings.json | Refreshes committed repository settings baseline (wikis/projects off, update-branch on). |
| repo-config/ruleset-main.json | Removes legacy ruleset filename (superseded by repo-config/main.json). |
| repo-config/ruleset-develop.json | Removes legacy ruleset filename (superseded by repo-config/develop.json). |
| repo-config/README.md | Updates repo-config carry documentation and includes regen snippet for ruleset payloads. |
| repo-config/main.json | Adds new main ruleset payload at the fleet-standard path. |
| repo-config/develop.json | Adds new develop ruleset payload at the fleet-standard path. |
| repo-config/configure.sh | Replaces the old apply/check script with a fleet-style apply-only configuration script. |
| AUDIT.md | Adds repo-scoped self-audit instructions to diff live settings/rulesets/secrets vs committed baseline. |
| .github/workflows/merge-bot-pull-request.yml | Syncs merge-bot workflow behavior with the current fleet reference (no --delete-branch). |
This was referenced Jul 18, 2026
Merged
ptr727
added a commit
that referenced
this pull request
Jul 18, 2026
Promotion of the current `develop` integration state to `main`. ## Contents | Area | Change | | --- | --- | | Analyzer conformance | #418 -- removed the repo-wide `dotnet_analyzer_diagnostic` relaxation, fixed the 29 `xUnit1051` sites it hid | | Docs | #419 -- Codecov coverage shield in the README build status block | | Repo config | #417 -- repo-config carry refresh and self-audit carry | ## Conformance issues resolved Closes #380 Closes #387 #380 (xUnit v3 + AwesomeAssertions, `ILoggerFactory` seam) was already satisfied in the tree -- verified rather than assumed: 0 `Assert.*` remaining against 245 `.Should()` calls, `xunit.v3` 3.2.2 pinned with no v2 package, zero Serilog references in the library, and `Utilities/LogOptions.cs` matching the LanguageTags reference seam. #387's four findings were likewise already addressed except finding 1 (analyzer suppression hygiene), which #418 closes. Every remaining suppression was independently probed by removing it and rebuilding, and all proved load-bearing (`CA1711`, `CA1707`, `CA1515`, `NoWarn IL3058`). ## Release impact: no auto-publish This promotion carries **no shipped input**. Per [WORKFLOW.md](../blob/main/WORKFLOW.md) the inclusion list is `Utilities/**`, `version.json`, `Directory.Build.props`, `Directory.Packages.props`; this diff is confined to tests, docs, CI, and repo config: ``` .editorconfig .github/workflows/merge-bot-pull-request.yml AUDIT.md README.md UtilitiesTests/*.cs repo-config/* spec/secrets.json ``` `Utilities/**` is byte-identical between `main` and `develop`, so the published package is already current and merging this will correctly **not** trigger a stable release.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Implements the fleet hub drift finding (ProjectTemplate #330): earlier downstream carries drifted from the current repo-config and merge-bot reference.
Repo-config carry refresh
repo-config/ruleset-develop.jsonandruleset-main.jsontodevelop.jsonandmain.json, matching the current fleet reference layout (the fleet audit letter-checks the new paths).README.md,configure.sh, andsettings.jsonto the current reference content.Self-audit carry
AUDIT.mdat the repo root plusspec/secrets.jsonper the repo-config Downstream Carry, adapted from the blessed Vantage-Config reference for this repo's release model with the nuget-oidc and codecov secret mechanisms.Merge-bot workflow sync
.github/workflows/merge-bot-pull-request.ymlto the current fleet reference: notablygh pr mergeno longer uses--delete-branch, and the header and comments are updated.Scope
Live rulesets, settings, and secrets were verified in sync with the reference payloads today; this change touches committed files only. No live repo configuration was modified.
🤖 Generated with Claude Code