[BEZALEL] Forge Health Check — Artifact Integrity & Security Scanner #144

Closed

Timmy wants to merge 0 commits from bezalel/forge-health-check into main

pull from: bezalel/forge-health-check

merge into: Timmy_Foundation:main

Timmy_Foundation:main

Timmy_Foundation:bezalel/gitea-workflow-skill

Timmy_Foundation:claude/issue-174

Timmy_Foundation:rescue/ollama-provider

Timmy_Foundation:rescue/v011-obfuscation-fix

Timmy_Foundation:claw-code/issue-151

Timmy_Foundation:claw-code/issue-126

Timmy_Foundation:bezalel/epic-001-forge-ci

Timmy_Foundation:groq/issue-168

Timmy_Foundation:timmy/issue-169-ollama-provider

Timmy_Foundation:gemini/issue-24

Timmy_Foundation:bezalel/syntax-guard-ci

Timmy_Foundation:claude/issue-128

Timmy_Foundation:claude/issue-142

Timmy_Foundation:claude/issue-133

Timmy_Foundation:claude/issue-143

Timmy_Foundation:claude/issue-146

Timmy_Foundation:claude/issue-155

Timmy_Foundation:claude/issue-147

Timmy_Foundation:claude/issue-148

Timmy_Foundation:bezalel/notebook-workflow-demo

Timmy_Foundation:claude/issue-149

Timmy_Foundation:epic-999-phase-ii-forge

Timmy_Foundation:allegro/m1-stop-protocol

Timmy_Foundation:timmy/issue-123-process-resilience

Timmy_Foundation:timmy/issue-116-config-validation

Timmy_Foundation:epic-999-phase-i

Timmy_Foundation:feature/syntax-guard-pre-receive-hook

Timmy_Foundation:security/v-011-skills-guard-bypass

Timmy_Foundation:gemini/security-hardening

Timmy_Foundation:gemini/sovereign-gitea-client

Timmy_Foundation:timmy-custom

Timmy_Foundation:security/fix-oauth-session-fixation

Timmy_Foundation:security/fix-skills-path-traversal

Timmy_Foundation:security/fix-file-toctou

Timmy_Foundation:security/fix-error-disclosure

Timmy_Foundation:security/add-rate-limiting

Timmy_Foundation:security/fix-browser-cdp

Timmy_Foundation:security/fix-docker-privilege

Timmy_Foundation:security/fix-auth-bypass

Timmy_Foundation:fix/sqlite-contention

Timmy_Foundation:tests/security-coverage

Timmy_Foundation:security/fix-race-condition

Timmy_Foundation:security/fix-ssrf

Timmy_Foundation:security/fix-secret-leakage

Timmy_Foundation:feat/gen-ai-evolution-phases-19-21

Timmy_Foundation:feat/gen-ai-evolution-phases-16-18

Timmy_Foundation:feat/gen-ai-evolution-phases-13-15

Timmy_Foundation:security/fix-path-traversal

Timmy_Foundation:security/fix-command-injection

Timmy_Foundation:feat/gen-ai-evolution-phases-10-12

Timmy_Foundation:feat/gen-ai-evolution-phases-7-9

Timmy_Foundation:feat/gen-ai-evolution-phases-4-6

Timmy_Foundation:feat/gen-ai-evolution-phases-1-3

Timmy_Foundation:feat/sovereign-evolution-redistribution

Timmy_Foundation:feat/apparatus-verification

Timmy_Foundation:feat/sovereign-intersymbolic-ai

Timmy_Foundation:feat/sovereign-learning-system

Timmy_Foundation:feat/sovereign-reasoning-engine

Conversation 2 Commits - Files Changed -

Timmy commented 2026-04-06 22:37:48 +00:00

Owner

Copy Link

Completed via PR #154.

Forge health check toolkit merged to main:

• scripts/forge_health_check.py — artifact integrity, deployment hygiene, security, config validation
• tests/test_forge_health_check.py — full test coverage

/assign @bezalel

**Completed via PR #154.** Forge health check toolkit merged to `main`: - `scripts/forge_health_check.py` — artifact integrity, deployment hygiene, security, config validation - `tests/test_forge_health_check.py` — full test coverage /assign @bezalel

Timmy added 1 commit 2026-04-06 22:37:49 +00:00

[BEZALEL] Add forge health check — artifact integrity and security scanner ... 89730e8e90

Adds scripts/forge_health_check.py to scan wizard environments for:
- Missing .py source files with orphaned .pyc bytecode (GOFAI artifact integrity)
- Burn script clutter in production paths
- World-readable sensitive files (keystores, tokens, .env)
- Missing required environment variables

Includes full test suite in tests/test_forge_health_check.py covering
orphaned bytecode detection, burn script clutter, permission auto-fix,
and environment variable validation.

Addresses Allegro formalization audit findings:
- GOFAI source files missing (only .pyc remains)
- Nostr keystore world-readable
- eg burn scripts cluttering /root

/assign @bezalel

Timmy referenced this pull request 2026-04-06 22:43:08 +00:00

[BEZALEL][AUDIT] Telegram Request-to-Gitea Tracking Audit #150

Timmy commented 2026-04-06 23:53:24 +00:00

Author

Owner

Copy Link

[Bezalel QA Triage] This PR is mergeable but CI cannot run — no Gitea Actions runner is online. All checks are queued indefinitely. Recommend merging only after runner is restored and checks complete, or merging with override if risk is acceptable.

**[Bezalel QA Triage]** This PR is mergeable but CI cannot run — no Gitea Actions runner is online. All checks are queued indefinitely. Recommend merging only after runner is restored and checks complete, or merging with override if risk is acceptable.

Timmy commented 2026-04-07 00:24:55 +00:00

Author

Owner

Copy Link

[Bezalel Update] CI runner is back online.

The Gitea Actions runner (bezalel-vps-runner) has been restored and is actively processing the queued workflow backlog. CI checks for this PR should now execute instead of hanging indefinitely.

Please re-trigger if needed once the current queue drains.

**[Bezalel Update] CI runner is back online.** The Gitea Actions runner (`bezalel-vps-runner`) has been restored and is actively processing the queued workflow backlog. CI checks for this PR should now execute instead of hanging indefinitely. Please re-trigger if needed once the current queue drains.

Timmy closed this pull request 2026-04-07 02:13:31 +00:00

Timmy referenced this pull request 2026-04-07 03:12:49 +00:00

[BEZALEL] Create skill: Gitea PR & Issue Workflow Automation #171

Some checks failed

Hide all checks

Supply Chain Audit / Scan PR for supply chain risks (pull_request) Failing after 0s

Details

Docker Build and Publish / build-and-push (pull_request) Failing after 7s

Details

Tests / test (pull_request) Failing after 2s

Details

Pull request closed

Please reopen this pull request to perform a merge.

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

CI

Continuous integration, runners, workflow issues

QA

Quality assurance, testing, production audit

assigned-claw-code

Queued for Code Claw (qwen/openrouter)

assigned-kimi

Task assigned to KimiClaw for processing

blocked

Blocked by external dependency or merge conflict

claw-code-done

Code Claw completed this task

claw-code-in-progress

Code Claw is actively working

duplicate

Duplicate of another issue

epic

Epic - large feature with multiple sub-tasks

gaming

Gaming agent capabilities

infra

Infrastructure, VPS, DNS, deployment

kimi-done

KimiClaw has completed this task

kimi-in-progress

KimiClaw is actively working on this

mcp

MCP (Model Context Protocol) tools & servers

morrowind

Morrowind Agent gameplay & MCP integration

needs-review

PR or issue requires reviewer sign-off before merge/close

p0-critical

p1-important

security

Security hardening, vulnerability fixes

stale

No activity, pending triage or closure

velocity-engine

Auto-generated by velocity engine

wont-fix

Closed as intentionally not fixing — explicit descope

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

Rockachopa Timmy allegro antigravity bezalel claude claw-code codex-agent ezra gemini google grok groq hermes kimi manus perplexity sonnet

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: Timmy_Foundation/hermes-agent#144