You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
## Security Hardening
- Pin all GitHub Actions to full 40-character commit SHAs
- Remove @main/@master references (security risk)
- Update actions to latest stable versions with SHA pins
## Files Updated
- All 13 workflow files in .github/workflows/
- security.txt: Extend expiration to 2026-12-31
- SECURITY.md: Fix license info (dual MIT/AGPL), update date
## SCM Files
- STATE.scm: Updated roadmap with security milestone
- META.scm: Fixed languages (racket, powershell, bash, guile)
- ECOSYSTEM.scm: Converted to valid Guile module syntax
- guix.scm: Updated to v0.2.0, added dual license
## RSR Gold Compliance
- SHA-pinned actions per RSR security requirements
- SPDX headers updated where needed
- License consistency across all documentation
# Pull Request
## Description
<!-- Provide a brief description of the changes in this PR -->
## Type of Change
<!-- Mark the relevant option with an "x" -->
- [ ] Bug fix (non-breaking change that fixes an issue)
- [ ] New feature (non-breaking change that adds functionality)
- [ ] Breaking change (fix or feature that would cause existing
functionality to change)
- [ ] Documentation update
- [ ] Code refactoring
- [ ] Performance improvement
- [ ] Test addition/improvement
- [ ] CI/CD improvement
- [ ] Dependency update
## Related Issues
<!-- Link to related issues using #issue-number -->
Fixes #
Relates to #
## Changes Made
<!-- List the specific changes made in this PR -->
-
-
-
## Testing Performed
<!-- Describe the testing you've done -->
### Manual Testing
- [ ] Tested on Windows
- [ ] Tested on Linux
- [ ] Tested on macOS
- [ ] Tested PowerShell scaffolder
- [ ] Tested Racket scaffolder
- [ ] Tested Bash scaffolder
- [ ] Tested all template types (practitioner, researcher, student)
### Automated Testing
- [ ] All existing tests pass
- [ ] New tests added for new functionality
- [ ] Test coverage maintained or improved
**Test Output:**
```
<!-- Paste test output here if relevant -->
```
## Documentation
- [ ] README.md updated (if needed)
- [ ] CONTRIBUTING.md updated (if needed)
- [ ] CLAUDE.md updated (if needed)
- [ ] CHANGELOG.md updated
- [ ] Code comments added/updated
- [ ] Template documentation updated (if templates changed)
## Screenshots / Examples
<!-- Add screenshots or example output if applicable -->
## Breaking Changes
<!-- If this PR includes breaking changes, list them here with migration
instructions -->
None
OR
- **Change 1**: Description and migration path
- **Change 2**: Description and migration path
## Checklist
<!-- Mark completed items with an "x" -->
### Code Quality
- [ ] Code follows the project's style guidelines
- [ ] Self-review of code performed
- [ ] Comments added for complex/non-obvious code
- [ ] No new warnings generated
- [ ] Code is DRY (Don't Repeat Yourself)
### Testing
- [ ] All tests pass locally
- [ ] New tests added as appropriate
- [ ] Edge cases considered and tested
- [ ] No existing functionality broken
### Documentation
- [ ] Documentation updated as needed
- [ ] All new functions/methods documented
- [ ] README examples work correctly
- [ ] Commit messages are clear and descriptive
### Security
- [ ] No sensitive information (passwords, keys, etc.) in code
- [ ] Input validation added where appropriate
- [ ] No new security vulnerabilities introduced
- [ ] Dependencies are up-to-date and secure
## Additional Notes
<!-- Any additional information reviewers should know -->
## Reviewer Guidance
<!-- Help reviewers by pointing out specific areas that need attention
-->
Please pay special attention to:
-
-
## Post-Merge Actions
<!-- List any actions that need to be taken after merging -->
- [ ] Update related documentation
- [ ] Announce changes to users
- [ ] Create release notes
- [ ] Other:
---
**For Maintainers:**
- [ ] PR title follows conventional commits format
- [ ] Labels applied correctly
- [ ] Milestone set (if applicable)
- [ ] Linked to project board (if applicable)
Signed-off-by: Claude Code <claude@anthropic.com>
Co-authored-by: Claude <noreply@anthropic.com>
0 commit comments