feat: port 8 public-safe patterns and release system

2026-04-26 01:25:06 +02:00 · 2026-03-01 17:38:03 -03:00
parent 00ff7136c6
commit 35275d8b2b
34 changed files with 1614 additions and 553 deletions
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -111,3 +111,16 @@ jobs:

      - name: Validate public edition scope
        run: python scripts/check_open_core_boundary.py --repo-root .
+
+  internal-instruction-boundary:
+    name: Internal Instruction Boundary
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Ensure internal assistant files are not tracked
+        run: |
+          if git ls-files | grep -E '(^|/)(CLAUDE\.md|AGENTS.*\.md)$'; then
+            echo "Forbidden tracked files found: CLAUDE.md / AGENTS*.md"
+            exit 1
+          fi