Skip to content

fix: compile metrics-collector agentic workflow#34

Merged
homeles merged 1 commit intomainfrom
fix/aw-compile
Mar 4, 2026
Merged

fix: compile metrics-collector agentic workflow#34
homeles merged 1 commit intomainfrom
fix/aw-compile

Conversation

@lupita-hom
Copy link
Collaborator

@lupita-hom lupita-hom commented Mar 4, 2026

Fixes the metrics-collector agentic workflow so it can run:

  • Removed imports: shared/mood.md — file doesn't exist in repo
  • Generated metrics-collector.lock.yml via gh aw compile
  • Also generated .gitattributes and .github/aw/actions-lock.json (gh-aw compiler outputs)

The workflow will run daily at ~21:11 UTC or via manual dispatch.

@github-actions
Copy link

github-actions bot commented Mar 4, 2026
edited
Loading

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/actions/checkout de0fac2e4500dabe0009e67214ff5f5447ce83dd 🟢 6
Details
CheckScoreReason
Maintained⚠️ 23 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2
Code-Review🟢 10all changesets reviewed
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 9security policy file detected
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
SAST🟢 8SAST tool detected but not run on all commits
actions/actions/download-artifact 70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 🟢 6.2
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 9security policy file detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST🟢 10SAST tool is run on all commits
actions/actions/github-script ed597411d8f924073f98dfc5c65a23a2325f34cd 🟢 7.8
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1013 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 9security policy file detected
SAST🟢 10SAST tool is run on all commits
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
actions/actions/upload-artifact bbbca2ddaa5d8feaa63e36b76fdaad77386f024f 🟢 6.2
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1029 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 9security policy file detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST🟢 10SAST tool is run on all commits
actions/github/gh-aw/actions/setup bd9c0ca491e6334a2797ef56ad6ee89958d54ab9 UnknownUnknown

Scanned Files

  • .github/workflows/metrics-collector.lock.yml

@lupita-hom
fix: remove missing shared/mood.md import and compile metrics-collect…
4de080a 
…or workflow

- Removed 'imports: shared/mood.md' (file doesn't exist)
- Generated metrics-collector.lock.yml via gh aw compile
@homeles homeles merged commit 2510eae into main Mar 4, 2026
12 checks passed
@homeles homeles deleted the fix/aw-compile branch March 24, 2026 16:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@homeles homeles homeles approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lupita-hom @homeles