Step35 1b97aa395d [AUDIT][RISK] Enforce branch protection — agents merge before review ...

Add set_branch_protection() and related methods to GiteaClient.

Fixes #482 via three-way enforcement:
1. gitea_client.py: Added get/set/delete_branch_protection() API wrappers
2. bin/enable-branch-protection.py: Idempotent script protects main branches
   of all Timmy_Foundation core repos with:
   ── required_approvals: 1 (at least one human review)
   ── require_status_checks: true (CI must pass)
   ── restrict_merge: true (only admins + reviewers can merge)
3. tests/test_gitea_client_core.py: Added TestBranchProtection suite

Usage: after merging, run:
  bin/enable-branch-protection.py --dry-run  # verify
  bin/enable-branch-protection.py             # apply to all core repos

This prevents agents from merging their own PRs before human review.

2026-04-26 12:00:23 -04:00

..

agent-dispatch.sh

feat: auto-commit-guard — 4-layer work preservation (#511) (#525)

2026-04-14 22:16:49 +00:00

agent-loop.sh

Merge PR #758: bin/agent-loop.sh (changed)

2026-04-16 05:08:26 +00:00

auto-commit-guard.sh

feat: auto-commit-guard — 4-layer work preservation (#511) (#525)

2026-04-14 22:16:49 +00:00

banned_provider_scan.py

feat: add Anthropic ban enforcement scanner

2026-04-13 01:34:35 +00:00

claude-loop.sh

feat: genchi-genbutsu — verify world state, not log vibes (#348)

2026-04-07 16:12:05 +00:00

claudemax-watchdog.sh

fix: replace hardcoded public IPs with Tailscale resolution and Forge URL

2026-04-05 23:25:02 +00:00

conflict_detector.py

Add merge conflict detector for sibling PRs

2026-04-13 00:26:28 +00:00

context-overflow-guard.py

Merge PR #723: bin/context-overflow-guard.py (added)

2026-04-16 05:04:16 +00:00

crucible_mcp_server.py

feat(crucible): Z3 sidecar MCP verifier -- rebased onto current main

2026-04-03 18:58:43 -04:00

deadman-fallback.py

fix: repair all CI failures (smoke, lint, architecture, secret scan)

2026-04-13 09:51:08 -04:00

deadman-switch.sh

fix: replace hardcoded public IPs with Tailscale resolution and Forge URL

2026-04-05 23:25:02 +00:00

deploy-allegro-house.sh

feat: add Allegro Kimi wizard house assets (#91)

2026-03-29 22:22:24 +00:00

enable-branch-protection.py

[AUDIT][RISK] Enforce branch protection — agents merge before review

2026-04-26 12:00:23 -04:00

fleet-status.sh

fix: replace hardcoded public IPs with Tailscale resolution and Forge URL

2026-04-05 23:25:02 +00:00

gemini-loop.sh

feat: genchi-genbutsu — verify world state, not log vibes (#348)

2026-04-07 16:12:05 +00:00

genchi-genbutsu.sh

feat: genchi-genbutsu — verify world state, not log vibes (#348)

2026-04-07 16:12:05 +00:00

gitea-api.sh

feat(ops): start-loops, gitea-api wrapper, fleet-status

2026-04-04 12:05:04 -04:00

glitch_patterns.py

fix: restore pytest collection — fix 7 syntax/import errors (#823)

2026-04-18 15:37:33 -04:00

harm_facilitation_adversary.py

Merge PR #657: bin/harm_facilitation_adversary.py (added)

2026-04-16 05:06:34 +00:00

hermes_cleanup.py

feat: stale hermes process cleanup script (#829)

2026-04-20 20:38:20 -04:00

hermes-startup.sh

feat: add operational scripts and deploy.sh

2026-03-25 10:05:55 -04:00

hotspot-keepalive.sh

feat: add operational scripts and deploy.sh

2026-03-25 10:05:55 -04:00

issue-filter.json

feat(ops): deadman switch, model health check, issue filter

2026-04-04 12:00:05 -04:00

kaizen-retro.sh

[KAIZEN] Implement automated burn-cycle retrospective (fixes #349)

2026-04-07 15:57:21 +00:00

matrix_glitch_detector.py

feat: add --threejs flag and Three.js-aware severity inference (#543)

2026-04-15 05:34:16 +00:00

model-fallback-verify.py

Merge PR #709: bin/model-fallback-verify.py (added)

2026-04-16 05:05:05 +00:00

model-health-check.sh

purge: remove Anthropic from timmy-config (14 files) (#502)

2026-04-13 02:02:06 +00:00

muda-audit.sh

[MUDA] Issue #350 — weekly fleet waste audit

2026-04-07 15:05:16 +00:00

nostr-agent-demo.py

fix: add python3 shebang to bin/nostr-agent-demo.py (#681)

2026-04-15 02:57:00 +00:00

ops-gitea.sh

Refresh ops tooling around current agent lanes (#142)

2026-04-04 22:43:48 +00:00

ops-helpers.sh

Refresh ops tooling around current agent lanes (#142)

2026-04-04 22:43:48 +00:00

ops-panel.sh

Refresh ops tooling around current agent lanes (#142)

2026-04-04 22:43:48 +00:00

pane-watchdog.sh

feat: pane-watchdog — stuck pane detection + auto-restart (#515) (#526)

2026-04-14 22:16:52 +00:00

pipeline-freshness.sh

Tighten Hermes cutover and export checks

2026-03-27 17:35:07 -04:00

pr-checklist.py

feat: add PR checklist enforcement script

2026-04-08 10:53:44 +00:00

preflight-provider-check.py

feat: add pre-flight provider check script (#508)

2026-04-15 03:55:04 +00:00

provider-health-monitor.py

feat: add provider health monitor script (#509)

2026-04-15 03:48:37 +00:00

quality-gate.py

feat: quality gate pipeline validation (#623)

2026-04-17 05:53:33 +00:00

soul_eval_gate.py

Merge PR #705: bin/soul_eval_gate.py

2026-04-16 05:10:10 +00:00

start-loops.sh

feat(ops): start-loops, gitea-api wrapper, fleet-status

2026-04-04 12:05:04 -04:00

sync-up.sh

config: update bin/sync-up.sh,channel_directory.json

2026-03-26 08:00:46 -04:00

timmy-dashboard

Cut over status surfaces to live workflow state (#145)

2026-04-04 22:47:34 +00:00

timmy-orchestrator.sh

feat: auto-commit-guard — 4-layer work preservation (#511) (#525)

2026-04-14 22:16:49 +00:00

timmy-status.sh

Cut over status surfaces to live workflow state (#145)

2026-04-04 22:47:34 +00:00

tmux-resume.sh

feat: session state persistence — tmux-state.json manifest (#512)

2026-04-13 17:26:03 -04:00

tmux-state.sh

feat: session state persistence — tmux-state.json manifest (#512)

2026-04-13 17:26:03 -04:00

validate_config.py

Merge PR #720: bin/validate_config.py (added)

2026-04-16 05:04:38 +00:00