deps: Bump actions/setup-go from 5 to 6#2
Merged
Conversation
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5 to 6. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v5...v6) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
Deploying ctx with
|
| Latest commit: |
b7bf090
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://6ad64581.ctx-bhl.pages.dev |
| Branch Preview URL: | https://dependabot-github-actions-ac-w6d4.ctx-bhl.pages.dev |
3 tasks
CoderMungan
pushed a commit
to CoderMungan/ctx
that referenced
this pull request
Jun 19, 2026
…hook (Phase 1a) Stand up the audit channel sketched in specs/audit-channel.md: the structural substrate that lets out-of-band auditor sessions (a separate Claude Code instance, run on the user's plan to avoid per-commit API cost) drop structured reports into `.context/audit/<kind>.md`, and that surfaces those reports to the next in-session interaction via the only discipline channel in this codebase that empirically survives agent tunnel vision: verbatim relay. Phase 1a deliverables: - `ctx audit` CLI: `list` (default), `show ID`, `dismiss [ID...]` or `dismiss --all`. Dismissals are bound to the report digest at dismiss time so a fresh audit run with new findings re-surfaces the report. Mirrors `ctx remind` shape and registers in internal/bootstrap/group.go under the sessions group. - `ctx system check-audit` UserPromptSubmit hook: reads every report under `.context/audit/`, skips status:clean and dismissed-against-current-digest, renders each remaining body inside the standard nudge box (auditRender package), and prefixes reports older than [cfgAudit.StalenessAge] (30 days) with a STALE marker. Uses the same nudge.LoadAndEmit machinery as check-reminder. - Report format: YAML frontmatter (kind/status/commit-range/ generated-at/generator/digest) + verbatim body. Parsed by internal/cli/audit/core/parse with sentinel ErrNoFrontmatter / ErrUnterminatedFrontmatter in internal/err/audit. - Persistence: reports at `.context/audit/<id>.md`, dismissal ledger at `.context/audit/.dismissed.json` (NOT under `.context/state/` — a user nuking state should not silently re-surface dismissed audits, per spec Open Question ActiveMemory#2). - Full i18n plumbing: 8 error keys, 4 writer keys, 7 check-audit hook keys, plus matching descriptors in commands.yaml / examples.yaml / flags.yaml / hooks.yaml / registry.yaml. - Tests: 8 CLI tests (list/show/dismiss happy paths + unknown-id + no-ids-no-all + fresh-digest-resurfaces); 4 parser tests (round-trip + sentinel errors + body byte-preservation); 5 hook tests (no-leak invariant + silent-on-clean + relays-findings-body + silent-when- dismissed + STALE-prefix-on-old-report). Phase 1b (separate commit, per the User-Facing Surface Completeness convention added in 77fa01f): the first auditor skill (/ctx-surface-audit SKILL.md with refuse-on-dirty-tree guard) + recipe touch-ups. Phase 2 (separate spec / commits): auto-dismissal on detected resolution, sibling audit skills (/ctx-spec-trailer-audit, /ctx-capture-audit), and stale- report graceful escalation. Bundled as the fourth commit on feat/pad-undo-snapshot because this work grew directly from the doc-gap fixup in 77fa01f — the audit channel is the structural fix for the tunnel-vision failure mode that commit only papered over with a CONVENTIONS prose rule. Spec: specs/audit-channel.md Signed-off-by: Jose Alekhinne <jose@ctx.ist>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps actions/setup-go from 5 to 6.
Release notes
Sourced from actions/setup-go's releases.
... (truncated)
Commits
7a3fe6cBump qs from 6.14.0 to 6.14.1 (#703)b9adafdBump actions/checkout from 5 to 6 (#686)d73f6bcREADME.md: correct to actions/checkout@v6 (#683)ae252eeBump@actions/cacheto v5 (#695)bf7446aBump js-yaml from 3.14.1 to 3.14.2 (#682)02aadfeFix Node.js version in action.yml (#691)4aaadf4Example for restore-only cache in documentation (#696)4dc6199Bump semver and@types/semver(#652)f3787beAdd comprehensive breaking changes documentation for v6 (#674)3a0c2c8Bump actions/publish-action from 0.3.0 to 0.4.0 (#641)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)