Skip to content

chore: add Dependabot version updates and gitignore compliance#18

Open
metyatech wants to merge 1 commit intomainfrom
chore/add-dependabot-codeql-scanning
Open

chore: add Dependabot version updates and gitignore compliance#18
metyatech wants to merge 1 commit intomainfrom
chore/add-dependabot-codeql-scanning

Conversation

@metyatech
Copy link
Copy Markdown
Owner

@metyatech metyatech commented Apr 2, 2026

Summary

  • Add .github/dependabot.yml configuring weekly version updates for npm and github-actions ecosystems (required by AGENTS.md: "Repositories with GitHub Actions must configure Dependabot version updates")
  • Add .threads.jsonl to .gitignore per thread-inbox rules ("Do not commit it to version control")
  • Refresh AGENTS.md via compose-agentsmd (deduplicates global rules already loaded via CLAUDE.md)

Deferred

  • CodeQL workflow: .github/workflows/codeql.yml requires a PAT with workflow scope; deferred until token is updated

Test plan

  • npm run verify passes (318 tests, lint, format, build)
  • Verify Dependabot starts creating version update PRs after merge
  • Verify CodeQL can be added once token scope is updated

🤖 Generated with Claude Code

@metyatech @claude
chore: add Dependabot version updates and gitignore update
5727133 
- Add .github/dependabot.yml for npm and github-actions version updates
- Add .threads.jsonl to .gitignore per thread-inbox rules
- Refresh AGENTS.md via compose-agentsmd (deduplicate global rules)

Note: CodeQL workflow requires a token with `workflow` scope; adding
that workflow is deferred until the token is updated.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings April 2, 2026 04:07
@metyatech
Copy link
Copy Markdown
Owner Author

metyatech commented Apr 2, 2026

Adds Dependabot version updates (npm + github-actions) and .threads.jsonl gitignore entry to satisfy AGENTS.md compliance gaps. AGENTS.md refreshed via compose-agentsmd. CodeQL workflow deferred due to PAT scope limitation. All 318 tests pass.

@metyatech metyatech self-assigned this Apr 2, 2026
@metyatech
Copy link
Copy Markdown
Owner Author

metyatech commented Apr 2, 2026

Agent runner idle completed.

Repo: metyatech/agent-runner
Engine: claude
Notify: @metyatech

Summary:
(missing)

Copilot AI reviewed Apr 2, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds repository maintenance/configuration updates to align with the agent ruleset requirements and local tooling expectations.

Changes:

  • Introduces .github/dependabot.yml to enable weekly Dependabot updates for npm and github-actions.
  • Updates .gitignore to exclude .threads.jsonl from version control.
  • Regenerates AGENTS.md via compose-agentsmd (reducing duplicated global rule content and reflowing formatting).

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated no comments.

File Description
AGENTS.md Regenerated composed rules output; removes duplicated global content and applies formatting reflow.
.gitignore Adds .threads.jsonl to ensure thread inbox state is not committed.
.github/dependabot.yml Configures weekly dependency/version update PRs for npm and GitHub Actions.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@metyatech metyatech

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@metyatech