Skip to content

Comments

🔧 update (ci): bump release-build-flow-action to v1.5.0#16

Merged
warengonzaga merged 69 commits intomainfrom
dev
Feb 22, 2026
Merged

🔧 update (ci): bump release-build-flow-action to v1.5.0#16
warengonzaga merged 69 commits intomainfrom
dev

Conversation

@warengonzaga
Copy link
Owner

@warengonzaga warengonzaga commented Feb 22, 2026

This pull request updates the release workflow to use a newer version of the wgtechlabs/release-build-flow-action GitHub Action. This ensures that the release process benefits from the latest features and bug fixes.

Release workflow update:

warengonzaga and others added 30 commits February 18, 2026 23:38
@warengonzaga
📦 new: add update checker functionality and context injection
0d15382
@warengonzaga
📦 new: implement update checker with caching and runtime detection
ec863b1
@warengonzaga
🧪 test: add comprehensive tests for update checker module
054b7c8
@warengonzaga
📦 new: add updateContext to AgentContext for software updates
59c79d9
@warengonzaga
📦 new: add software update check and context to start command
c0a9883
@warengonzaga
📦 new: update package versions to 1.0.1 across all packages
9398d21
@warengonzaga
⚙️ setup: update CI workflows for release process and permissions
4e31c8a
@warengonzaga
🔧 update: enhance version parsing in isNewerVersion function
1cd2fca
@warengonzaga
📦 new: add build step for all packages in CI workflow
3f91a71
@warengonzaga @Copilot
⚙️ setup (ci): update package-build-flow-action to v2.0.1
080224e 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
⚙️ setup: enforce clean commit convention with husky and ci
6e46e61 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
⚙️ setup (husky): add clean commit validation hook
57d3d0f 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
⚙️ setup (ci): fix security, guards, and validation issues
d71d865 
- add if-guard to package/container jobs (main push only)
- narrow ci.yml top-level permissions to contents: read
- add per-job permissions for package and container jobs
- remove unused packages/security-events write from release.yml
- fix commit-lint push range to validate all commits (before..after)
- quote SHA interpolations in commit-lint PR log command
- remove duplicate bun run build step from package.yml
- add --bail flag to pre-commit bun test hook
- add msgFile undefined guard in validate-commit-msg.mjs
- make variation selector optional for trash and gear emojis
- strengthen readCache to validate latest and runtime field types

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
⚙️ setup (ci): remove redundant permissions from reusable workflow calls
0407858 
permissions are already defined in the called workflows (package.yml,
container.yml) - specifying them in the caller causes startup_failure
on duplicate runs triggered by open PRs.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
🔧 update (ci): handle initial push and improve update-checker test
a240bb6 
- update commit-lint workflow to capture all reachable commits on initial push
- improve update-checker test to assert cache file absence when fetch fails

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
📦 new (landing): add landing page with svelte and tailwindcss
283a069 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
⚙️ setup (ci): add deploy workflow for landing page
cbe57e2 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
⚙️ setup (landing): add build:landing script and update lockfile
01135d6 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
⚙️ setup (husky): add error handling and allow revert commits
af268be 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
🔒 security (update-checker): sanitize version and url for prompt inje…
cf70b85 
…ction

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
🧪 test (update-checker): add sanitizeForPrompt tests and improve mocking
7094636 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
⚙️ setup (ci): pin action shas and scope deploy permissions
858ff22 
- pin all GitHub Actions to full commit SHAs for supply chain security
- move pages/id-token permissions to deploy job only
- pin bun version to 1.2.x and use --frozen-lockfile
- use dynamic concurrency group name with workflow prefix

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
🔒 security (core): harden update checker cache and fetch logic
a5c1305 
- validate runtime value against allowed list when reading cache
- sanitize current version before embedding in prompt context
- move AbortController setup outside try block and use finally to clear timeout

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
📦 new (landing): extract GitHubIcon component and improve accessibility
ea45a35 
- add reusable GitHubIcon Svelte component to replace inline SVG duplication
- add skip-to-main-content link for keyboard navigation
- add aria-label to primary nav element
- add aria-hidden to decorative SVG icons

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
🔧 update (landing): improve scrollbar styling and Firefox support
c142513 
- add scrollbar-width and scrollbar-color for Firefox compatibility
- use CSS variable for scrollbar thumb hover color
- remove quoted font family name for Inter

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga @Copilot
🔧 update (landing): clarify QuickStart step 3 description
302f44b 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@warengonzaga
⚙️ setup (ci): streamline CI workflows by removing unused jobs
99c228a
@warengonzaga
🗑️ remove: delete pre-commit script for bun test
bab10e0
@warengonzaga
🔧 update (ci): add build step for workspace packages
3004a38
@warengonzaga
🔧 update (dockerfile): upgrade bun version for builder and production…
67f0a76 
… stages
warengonzaga and others added 27 commits February 20, 2026 19:20
@warengonzaga
⚙️ setup: update actions/checkout version in CI workflow
0a6b4ff
@warengonzaga
⚙️ setup: remove version check job and update release action to v1.3.0
a710869
@warengonzaga
☕ chore: merge branch 'dev' of https://github.com/warengonzaga/tinyclaw
3cf25ab 
… into dev
@warengonzaga
🔧 update (dev): merge main into dev
bb0bb6d
@warengonzaga
🔧 update (ci): upgrade release-build-flow-action to v1.4.3
90b5742
@warengonzaga
🔧 update: change shebang from node to bun
47a3fd7
@youhanasheriff @warengonzaga
🔧 update (web): correct path references in dev notice fallback page (#9)
96838af 
* 🔧 update (cli): move bundled deps to devDependencies for global install

* 🔧 update (ci): upgrade release-build-flow-action to v1.4.0

* 🔧 update (ci): upgrade release-build-flow-action to v1.4.1

* 🔧 update (ci): upgrade release-build-flow-action to v1.4.2

* 🔧 update (web): correct path references in dev notice fallback page

---------

Co-authored-by: Waren Gonzaga <opensource@warengonzaga.com>
@warengonzaga
🔧 update (cli): add auto-build for web ui in setup --web
f58c5e1
@warengonzaga
🔧 update (cli): change build command to use process.execPath
104c9cb
@warengonzaga
🔧 update (cli): add webRoot to setupWebUI configuration
4c07100
@warengonzaga
🔧 update (cli): add webRoot to createWebUI configuration
1dacabf
@warengonzaga
🔧 update (web): allow override of webRoot in resolveUiPaths and findS…
eb92852 
…taticFile
@warengonzaga
📦 new: outbound gateway with SSE push and channel routing
d761952
@warengonzaga
📦 new: wire nudge engine, agent tools, and update check into start
01a4a78
@warengonzaga
📦 new: nudge engine with intercom wiring and delivery queue
4f88443
@warengonzaga
📦 new: nudge user preferences with config and API endpoints
8e33f61
@warengonzaga
📦 new: outbound messaging for Discord and Friends channels
53683ac
@warengonzaga
📦 new: add gateway and nudge package.json to Dockerfile
601267a
@warengonzaga
📦 new: companion nudge system with mood roulette
9fdf3e3
@warengonzaga
📦 new: add companion jobs and touch activity mocks
40b4cf6
@warengonzaga
🔧 update (agentloop): prevent feedback loop by refining tool call han…
94781c6 
…dling
@warengonzaga
🔧 update: fix regex for commit message scope to allow uppercase letters
79d8429
@warengonzaga
📦 new: add SSE push channel for receiving nudges and proactive messages
ce23d43
@warengonzaga
🔧 update: enhance prompt injection defense for internal system users
47f3e7c
@warengonzaga
🔧 update: re-check auth status periodically to handle session expiry
f8bd089
@warengonzaga
☕ chore: merge branch 'main' into dev
92b48c5
@warengonzaga
⚙️ setup: update release-build-flow-action to v1.5.0
3613b71
@github-actions
Copy link

github-actions bot commented Feb 22, 2026

📦 Package Build Flow — Monorepo Build

🔀 Pull Request Build — Pre-release package for testing PR changes

Package Version Status Install
@tinyclaw/plugins 1.1.0-dev.176586e ✅ Published npm i @tinyclaw/plugins@1.1.0-dev.176586e
@tinyclaw/types 1.1.0-dev.176586e ✅ Published npm i @tinyclaw/types@1.1.0-dev.176586e
tinyclaw 1.1.0-dev.176586e ✅ Published npm i tinyclaw@1.1.0-dev.176586e
@tinyclaw/plugin-channel-discord 1.1.0-dev.176586e ✅ Published npm i @tinyclaw/plugin-channel-discord@1.1.0-dev.176586e
@tinyclaw/plugin-channel-friends 1.1.0-dev.176586e ✅ Published npm i @tinyclaw/plugin-channel-friends@1.1.0-dev.176586e
@tinyclaw/plugin-provider-openai 1.1.0-dev.176586e ✅ Published npm i @tinyclaw/plugin-provider-openai@1.1.0-dev.176586e

📥 Quick Install (changed packages)

npm i @tinyclaw/types@1.1.0-dev.176586e @tinyclaw/plugins@1.1.0-dev.176586e @tinyclaw/plugin-channel-discord@1.1.0-dev.176586e @tinyclaw/plugin-channel-friends@1.1.0-dev.176586e @tinyclaw/plugin-provider-openai@1.1.0-dev.176586e tinyclaw@1.1.0-dev.176586e

This package was built automatically by the Package Build Flow action.

@github-actions
Copy link

github-actions bot commented Feb 22, 2026
edited
Loading

🛠️ Container Build Complete - Dev Build

Build Status: ✅ Success
Flow Type: dev
Description: Development and testing

📦 Pull Image

Docker Hub: docker pull warengonzaga/tinyclaw:dev-176586e
GHCR: docker pull ghcr.io/warengonzaga/tinyclaw:dev-176586e

📋 Build Details

Property Value
Flow Type dev
Commit 3613b71
Registry Docker Hub + GHCR

🏷️ Image Tags

warengonzaga/tinyclaw:dev-176586e
ghcr.io/warengonzaga/tinyclaw:dev-176586e

🔍 Testing Your Changes

  1. Pull the image using one of the commands above
  2. Run the container with your test configuration
  3. Verify the changes work as expected
  4. Report any issues in this PR

🚀 Quick Start

# Pull and run the container
Docker Hub: docker pull warengonzaga/tinyclaw:dev-176586e
docker run <your-options> <image>

🔒 Security Scan Results

📋 Pre-Build Security Checks

Source Code Scan: 0 vulnerabilities found
Dockerfile Scan: 0 misconfigurations found

🐳 Container Image Vulnerabilities

Severity Count
Total 0

📊 Detailed Security Reports

View detailed vulnerability reports in the GitHub Security tab.

🤖 Powered by Container Build Flow Action v1.2.0
💻 with ❤️ by Waren Gonzaga under WG Technology Labs, and Him 🙏

@warengonzaga warengonzaga merged commit 3649640 into main Feb 22, 2026
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@warengonzaga @youhanasheriff