harald/zeroclaw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3

docs(ci): define phase-1 actions source allowlist policy (#405)

Browse source
This commit is contained in:
Will Sarg 2026-02-16 12:26:10 -05:00 committed by GitHub
parent 40e592ffed
commit 90deb8fd5e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 65 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/ci-map.md
View file

@ -76,6 +76,7 @@ Merge-blocking checks should stay small and deterministic. Optional checks are u
- Keep merge-blocking checks deterministic and reproducible (`--locked` where applicable).
- Prefer explicit workflow permissions (least privilege).
- Keep Actions source policy restricted to approved allowlist patterns (see `docs/actions-source-policy.md`).
- Use path filters for expensive workflows when practical.
- Keep docs quality checks low-noise (`markdownlint` + offline link checks).
- Keep dependency update volume controlled (grouping + PR limits).