Conversation
iamzifei
force-pushed
the
repo-sync/github/default
branch
from
91dd608 to
a8fb6dc
Compare
There was a problem hiding this comment.
Pull request overview
This PR updates the repository’s thin CI caller workflow to match the organization-standard workflow in OrrisTech/.github, primarily changing how lint/typecheck and security audit failures affect the overall CI result.
Changes:
- Make
lint-typecheckjob advisory by allowing it to fail without failing the workflow (continue-on-error: true). - Make
securityaudit job advisory by allowing it to fail without failing the workflow (continue-on-error: true). - Remove the build job’s dependency on
lint-typecheck, allowing build to run independently.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # Advisory only — does not block other jobs. | ||
| continue-on-error: true |
There was a problem hiding this comment.
Marking the Security Audit job as continue-on-error: true means the workflow will succeed even when the security audit fails (including on pushes to main/master). This significantly reduces the value of the audit; consider making failures blocking at least on default-branch pushes, or gating continue-on-error to PRs only.
| # Advisory only — does not block other jobs. | |
| continue-on-error: true | |
| # Advisory only on pull requests — blocks on pushes to main/master. | |
| continue-on-error: ${{ github.event_name == 'pull_request' }} |
| # Advisory only — does not block build or other jobs. | ||
| # Remove continue-on-error once repo lint errors are resolved. | ||
| continue-on-error: true |
There was a problem hiding this comment.
continue-on-error: true makes lint/typecheck failures non-blocking for both PRs and pushes to main/master. If the intent is only to avoid blocking PRs while existing lint debt is worked down, consider making this conditional (e.g., allow failures on pull_request but enforce on push to default branches) so main stays protected.
| # Advisory only — does not block build or other jobs. | |
| # Remove continue-on-error once repo lint errors are resolved. | |
| continue-on-error: true | |
| # Advisory only for pull requests — does not block build or other jobs. | |
| # Remove or tighten continue-on-error once repo lint errors are resolved. | |
| continue-on-error: ${{ github.event_name == 'pull_request' }} |
1 participant
synced local file(s) with OrrisTech/.github.
This PR was automatically created by the org file sync workflow. It syncs the latest org standard files from the .github repo. Review the changes and merge when ready.
Changed files
.github/workflows/ci.ymlwith remotesync/.github/workflows/ci.ymlThis PR was created automatically by the repo-file-sync-action workflow run #22211856352