singularity/singularity-forge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
singularity-forge/scripts
History
Mikael Hugo fa9baf71d5 feat(secret-scan): SF_SECURITY_FAST contract for the regex-only fast path 
Codifies AC4 of sf-mp4w2dij-xm6cwj: the regex-only path is the
today-default fast mode. SF_SECURITY_FAST=1 is the explicit opt-in for
callers that want to assert "regex-only, no LLM escalation, sub-100ms"
regardless of any future tiered reviewer landing in the script.

Today the env var changes only the trailing status line so operators
can verify the contract is observable. When the LLM-backed review hook
(AC1) lands, the absence of SF_SECURITY_FAST becomes the trigger for
escalation; setting it=1 keeps offline / pre-commit callers on the
fast path. Locked in by tests in both the .sh and .mjs scanners.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-14 07:57:02 +02:00
..
base64-scan.sh chore: purge bun from internal toolchain 2026-05-02 08:38:20 +02:00
build-web-if-stale.cjs chore: commit current workspace state 2026-05-05 14:46:18 +02:00
bump-version.mjs refactor: rename pi-* packages to forge-native names (Phase 1) 2026-05-10 11:28:01 +02:00
check-circular-deps.mjs fix(lint): fix all pre-existing lint failures 2026-05-11 04:02:31 +02:00
check-protected-deletions.mjs fix: block extension declaration deletions 2026-05-05 18:28:07 +02:00
check-sf-extension-inventory.mjs fix(lint): fix all pre-existing lint failures 2026-05-11 04:02:31 +02:00
check-skill-references.mjs chore: commit current workspace state 2026-05-05 14:46:18 +02:00
check-versioned-json.mjs sf snapshot: uncommitted changes after 43m inactivity 2026-05-05 21:39:56 +02:00
check-versioned-json.test.mjs sf snapshot: uncommitted changes after 43m inactivity 2026-05-05 21:39:56 +02:00
ci_monitor.cjs chore: commit current workspace state 2026-05-05 14:46:18 +02:00
ci_monitor.md feat: add GitHub Workflows skill with CI workflow and ci_monitor tool (#294) 2026-03-13 22:31:17 -06:00
copy-export-html.cjs chore: commit current workspace state 2026-05-05 14:46:18 +02:00
copy-resources.cjs sf snapshot: uncommitted changes after 197m inactivity 2026-05-10 15:59:33 +02:00
copy-themes.cjs chore: commit current workspace state 2026-05-05 14:46:18 +02:00
dev-cli.js chore: node 24 native APIs, import.meta.dirname, parsers rename, dep updates 2026-05-02 06:18:25 +02:00
dev-server.js style: format repository with biome 2026-05-05 14:31:16 +02:00
dev.js chore: commit current workspace state 2026-05-05 14:46:18 +02:00
docs-prompt-injection-scan.sh feat(ci): skip build/test for docs-only PRs and add prompt injection scan (#1699) 2026-03-21 08:39:03 -06:00
ensure-source-resources.cjs Automate source resource rebuild for SF 2026-04-30 09:35:59 +02:00
ensure-workspace-builds.cjs sf snapshot: uncommitted changes after 131m inactivity 2026-05-09 02:53:47 +02:00
generate-changelog.mjs chore: commit current workspace state 2026-05-05 14:46:18 +02:00
generate-features-inventory.mjs fix(lint): fix all pre-existing lint failures 2026-05-11 04:02:31 +02:00
install-hooks.mjs fix: block extension declaration deletions 2026-05-05 18:28:07 +02:00
install-hooks.sh refactor: update log prefixes and string values from gsd- to sf- namespace 2026-04-15 15:37:12 +02:00
install-pi-global.js sf snapshot: uncommitted changes after 131m inactivity 2026-05-09 02:53:47 +02:00
link-workspace-packages.cjs sf snapshot: uncommitted changes after 131m inactivity 2026-05-09 02:53:47 +02:00
model-smoke-benchmark.mjs refactor: rename pi-* packages to forge-native names (Phase 1) 2026-05-10 11:28:01 +02:00
parallel-monitor.mjs feat(sf): align uok task state and steering 2026-05-08 06:57:59 +02:00
postinstall.js chore: commit current workspace state 2026-05-05 14:46:18 +02:00
pr-risk-check.mjs sf snapshot: uncommitted changes after 43m inactivity 2026-05-05 21:39:56 +02:00
prepublish-check.mjs style: format repository with biome 2026-05-05 14:31:16 +02:00
preview-dashboard.ts refactor: rename pi-* packages to forge-native names (Phase 1) 2026-05-10 11:28:01 +02:00
recover-sf-1364.sh sf snapshot: uncommitted changes after 49m inactivity 2026-05-08 01:07:24 +02:00
require-tests.sh chore: sync workspace state after rebrand 2026-04-15 14:54:20 +02:00
rtk-benchmark.mjs chore: commit current workspace state 2026-05-05 14:46:18 +02:00
secret-scan.mjs feat(secret-scan): SF_SECURITY_FAST contract for the regex-only fast path 2026-05-14 07:57:02 +02:00
secret-scan.sh feat(secret-scan): SF_SECURITY_FAST contract for the regex-only fast path 2026-05-14 07:57:02 +02:00
stage-web-standalone.cjs style: format repository with biome 2026-05-05 14:31:16 +02:00
sync-pkg-version.cjs chore: commit current workspace state 2026-05-05 14:46:18 +02:00
test-replace.txt chore: sync workspace state after rebrand 2026-04-15 14:54:20 +02:00
test-reporter-compact.mjs style: format repository with biome 2026-05-05 14:31:16 +02:00
test-write.txt chore: sync workspace state after rebrand 2026-04-15 14:54:20 +02:00
uninstall-pi-global.js sf snapshot: uncommitted changes after 131m inactivity 2026-05-09 02:53:47 +02:00
update-changelog.mjs chore: commit current workspace state 2026-05-05 14:46:18 +02:00
validate-model-cost-table.mjs refactor: complete rf-01/rf-02/rf-11 blocked todos 2026-05-11 16:45:39 +02:00
validate-pack.js fix(lint): fix all pre-existing lint failures 2026-05-11 04:02:31 +02:00
validate-pack.sh refactor: update log prefixes and string values from gsd- to sf- namespace 2026-04-15 15:37:12 +02:00
verify-s03.sh refactor: rebrand gsd_ tool names and references to sf_ namespace 2026-04-15 15:51:38 +02:00
verify-s04.sh sf snapshot: pre-dispatch, uncommitted changes after 53m inactivity 2026-04-30 19:10:38 +02:00
version-stamp.mjs chore: commit current workspace state 2026-05-05 14:46:18 +02:00
watch-resources.js chore: commit current workspace state 2026-05-05 14:46:18 +02:00
with-env.mjs style: format repository with biome 2026-05-05 14:31:16 +02:00