Skip to content

ci: enforce python -m pip workflows + add pip-policy guard#673

Merged
an0mium merged 12 commits into
mainfrom
codex/pipeline-hardening-next-steps-20260306
Mar 6, 2026
Merged

ci: enforce python -m pip workflows + add pip-policy guard#673
an0mium merged 12 commits into
mainfrom
codex/pipeline-hardening-next-steps-20260306

Conversation

@an0mium

@an0mium an0mium commented Mar 6, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • convert workflow shell commands from bare pip install to python -m pip install across GitHub workflows
  • fix security gate tooling execution to avoid PATH drift (python -m bandit, python -m pip_audit)
  • reduce smoke/offline install extras from .[dev,test] to .[dev] to avoid runner disk exhaustion
  • add scripts/check_workflow_pip_install_policy.py and wire it into lint policy enforcement
  • add tests for the new policy script and tighten meta-planner objective-fidelity/track assertions for infrastructure prompts
  • refresh dogfood benchmark artifact for pipeline hard-check scenario (2026-03-06)

Validation

  • python -m pytest tests/scripts/test_check_workflow_pip_install_policy.py tests/scripts/test_check_required_check_priority_policy.py tests/scripts/test_check_execution_gate_defaults.py tests/nomic/test_meta_planner.py tests/cli/test_pipeline_command.py -q --timeout=60
  • python scripts/check_workflow_pip_install_policy.py
  • python scripts/check_required_check_priority_policy.py
  • python scripts/check_execution_gate_defaults.py

Notes

  • benchmark refresh currently records timeout blocker (debate_timeout) in the artifact; no hard-check signals emitted for the timed-out run.

@an0mium an0mium merged commit 8e299d8 into main Mar 6, 2026
22 of 43 checks passed
@an0mium an0mium deleted the codex/pipeline-hardening-next-steps-20260306 branch March 6, 2026 07:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants