* security: harden release workflows against secret leakage
Verify trusted refs before secret-bearing jobs, narrow secret scope, pin key actions, and remove the opencode agents workflow to reduce workflow attack surface.
* security: drop third-party action pinning
Keep the trusted ref gates and narrower secret exposure, but revert external GitHub Actions back to their tagged versions to avoid broad supply-chain hardening changes in this PR.
* security: scope trusted release refs to dev
Update the workflow trust gates to validate tags and manual refs only against origin/dev, matching this repository's actual protected branch layout.
---------
Co-authored-by: src-opn <src-opn@users.noreply.github.com>
Keep OpenCode version selection predictable by reading a single repo-wide constant and packaging that pin into orchestrator builds. Remove env and latest-release fallbacks so desktop, workers, snapshots, and CI stay aligned.
Co-authored-by: Omar McAdam <omar@OpenWork-Studio.localdomain>
The triage-issue job interpolated $ISSUE_TITLE and $ISSUE_BODY unquoted
inside a double-quoted shell string, allowing any GitHub user to execute
arbitrary commands by opening an issue with shell metacharacters.
The duplicate-prs job similarly interpolated $COMMENT unquoted into a
gh pr comment --body argument.
Fix both by using printf with %s (prevents shell interpretation) and
--body-file (avoids inline interpolation entirely).
Co-authored-by: xj <gh-xj@users.noreply.github.com>
