[Alert] Smart Alert — 2026-03-19 06:33 UTC (Cycle 21) #356
Description
Run: 23282879823 | Window: 00:53–06:33 UTC | Previous alert: #353 (00:53 UTC)
✅ RESOLVED — Critical Security Alert Closed
🎉 subcog AWS Credentials Exposure — CLOSED
| Field | Value |
|---|---|
| Issue | subcog#153 |
| Closed by | @zircote |
| Closed at | 2026-03-19T03:48:08Z (this cycle) |
| Duration | ~149 hours (Day 6) after 20+ alert cycles |
| Reason | completed |
The highest-priority item from 20+ previous cycles has been resolved. The AWS key exposure in
src/security/mod.rsis now closed. Ensure credentials were rotated and git history was purged per the issue recommendations.
🔴 CRITICAL — CI Failures Ongoing (No Change)
| Repo | Workflow | Age | Root Cause | Action |
|---|---|---|---|---|
vscode-git-adr |
CI | ~23d | upload-artifact v6→v7 breaking change |
Update action to v7 API |
sdlc-quality |
CI | ~19d | Broken since dependabot config change (2026-03-01) | Investigate config regression |
atlatl-spec |
Validate Specification | ~19d | Invalid <br/> in Mermaid sequence diagram |
Fix diagram syntax |
atlatl-spec |
Deploy to GitHub Pages | ~19d | @redocly/cli 2.20.0→2.20.4 breaking change |
Pin/downgrade or fix compat |
atlatl |
CI Checks | ~15d | Clippy 1.94 strict lints + broken doc links | Fix lints |
No new CI failures detected this cycle. All failures are pre-existing.
🟡 WARNING
Review Backlog — Open PRs Pending
Threshold: >10 pending reviews | Actual: 10+ open PRs with review-requested:zircote
Notable items:
- github-project-manager#4:
gh-aw0.56.2→0.58.3 bump — still open,mergeable_state: blocked - subcog#152: External contributor
/healthzendpoint — CI passing, needs 2 approvals - subcog#151: External contributor OTEL fix — CI passing, needs 2 approvals
- atlatl-spec#189: Astro v5→v6 major bump — careful review needed
- +Dependabot PRs across managed repos
✅ Within Threshold This Cycle
| Check | Status |
|---|---|
| New issues (last 6h) | ✅ 3 issues, all bot-generated (CI report, maintenance, previous alert) — no spike |
| Issue spike (>5 human-filed in 6h) | ✅ No spike |
| New CI failures | ✅ None — all pre-existing |
| Stale critical/high labeled items | ✅ None (security issue now resolved) |
Summary
| Severity | Item | Delta |
|---|---|---|
| 🟢 Resolved | AWS credentials exposure in subcog |
CLOSED by @zircote at 03:48 UTC ✅ |
| 🔴 Critical | CI failures in 4 repos / 5 workflows | No change — all persist |
| 🟡 Warning | 10+ open PRs pending review (@zircote) |
Stable |
| ✅ Info | No issue spike this cycle | Automation noise only |
Top priorities:
- 🔧 Fix
vscode-git-adrCI — oldest failure at ~23d (upload-artifact v7 migration) - 🔧 Fix
atlatl-specCI — Mermaid<br/>syntax and@redocly/clicompat - ✅ Merge github-project-manager#4 — gh-aw bump (unblock if required checks can be satisfied)
- 👀 Review external contributor PRs subcog#151 and subcog#152
gh-aw-workflow-id: smart-alerts
Generated by Smart Alerts · ◷
Generated by Smart Alerts · ◷