mirror of
https://github.com/garrytan/gstack.git
synced 2026-07-05 07:37:55 +02:00
Merge remote-tracking branch 'origin/main' into garrytan/cut-skill-token-bloat
# Conflicts: # scripts/gen-skill-docs.ts # scripts/resolvers/index.ts # ship/SKILL.md # ship/SKILL.md.tmpl # test/fixtures/golden/claude-ship-SKILL.md
This commit is contained in:
+33
-6
@@ -2423,7 +2423,7 @@ gh pr view --json url,number,state -q 'if .state == "OPEN" then "PR #\(.number):
|
||||
glab mr view -F json 2>/dev/null | jq -r 'if .state == "opened" then "MR_EXISTS" else "NO_MR" end' 2>/dev/null || echo "NO_MR"
|
||||
```
|
||||
|
||||
If an **open** PR/MR already exists: **update** the PR body using `gh pr edit --body "..."` (GitHub) or `glab mr update -d "..."` (GitLab). Always regenerate the PR body from scratch using this run's fresh results (test output, coverage audit, review findings, adversarial review, TODOS summary, documentation_section from Step 18). Never reuse stale PR body content from a prior run.
|
||||
If an **open** PR/MR already exists: **update** the PR body using `gh pr edit --body-file "$PR_BODY_FILE"` (GitHub) or `glab mr update -d ...` (GitLab). Always regenerate the PR body from scratch using this run's fresh results (test output, coverage audit, review findings, adversarial review, TODOS summary, documentation_section from Step 18). Never reuse stale PR body content from a prior run. **Run the same redaction scan-at-sink (PR body + title) as the create path (Step 19) before editing — scan the temp file, then `gh pr edit --body-file` from it.**
|
||||
|
||||
**Always update the PR title to start with `v$NEW_VERSION`.** PR titles use the workspace-aware format `v<NEW_VERSION> <type>: <summary>` — version ALWAYS first, no exceptions, no "custom title kept intentionally" escape hatch. The shared helper `bin/gstack-pr-title-rewrite.sh` is the single source of truth for the rule.
|
||||
|
||||
@@ -2532,15 +2532,42 @@ you missed it.>
|
||||
🤖 Generated with [Claude Code](https://claude.com/claude-code)
|
||||
```
|
||||
|
||||
**If GitHub:**
|
||||
#### Redaction scan (PR body + title) — runs before create AND edit
|
||||
|
||||
The PR body is world-readable on a public repo. Scan-at-sink before sending:
|
||||
write the composed body to a temp file, scan THAT file with the shared engine,
|
||||
and pass the same file to `gh`/`glab`. Wrap any Codex / Greptile / eval output
|
||||
sections in tool-attributed fences (` ```codex-review ` / ` ```greptile `) so the
|
||||
engine WARN-degrades the example credentials those tools quote instead of blocking
|
||||
the PR (a live-format credential inside the fence still blocks).
|
||||
|
||||
```bash
|
||||
REDACT_VIS=$($GSTACK_ROOT/bin/gstack-config get redact_repo_visibility 2>/dev/null)
|
||||
[ -z "$REDACT_VIS" ] && REDACT_VIS=$(gh repo view --json visibility -q .visibility 2>/dev/null | tr 'A-Z' 'a-z')
|
||||
REDACT_VIS="${REDACT_VIS:-unknown}"
|
||||
PR_BODY_FILE=$(mktemp)
|
||||
cat > "$PR_BODY_FILE" <<'PR_BODY_EOF'
|
||||
<PR body from above>
|
||||
PR_BODY_EOF
|
||||
$GSTACK_ROOT/bin/gstack-redact --from-file "$PR_BODY_FILE" --repo-visibility "$REDACT_VIS" --self-email "$(git config user.email 2>/dev/null)" --json
|
||||
case $? in
|
||||
3) echo "BLOCKED — credential in PR body. Rotate + redact, do not create the PR."; exit 1 ;;
|
||||
2) echo "MEDIUM findings — confirm per finding (sterner on public) before proceeding." ;;
|
||||
esac
|
||||
# Also scan the title (short, single-line):
|
||||
printf '%s' "v$NEW_VERSION <type>: <summary>" | $GSTACK_ROOT/bin/gstack-redact --repo-visibility "$REDACT_VIS" --json
|
||||
```
|
||||
|
||||
HIGH blocks (exit 3, no skip). MEDIUM → AskUserQuestion (PII subset offers
|
||||
`--auto-redact`). Same scan runs before the `gh pr edit --body` path (Step 17).
|
||||
|
||||
**If GitHub:** create from the SCANNED file (exact bytes scanned = bytes sent):
|
||||
|
||||
```bash
|
||||
# PR title MUST start with v$NEW_VERSION — enforced on every run, no exceptions.
|
||||
# (See Step 19 idempotency block + bin/gstack-pr-title-rewrite.sh for the rule.)
|
||||
gh pr create --base <base> --title "v$NEW_VERSION <type>: <summary>" --body "$(cat <<'EOF'
|
||||
<PR body from above>
|
||||
EOF
|
||||
)"
|
||||
gh pr create --base <base> --title "v$NEW_VERSION <type>: <summary>" --body-file "$PR_BODY_FILE"
|
||||
rm -f "$PR_BODY_FILE"
|
||||
```
|
||||
|
||||
**If GitLab:**
|
||||
|
||||
+33
-6
@@ -2801,7 +2801,7 @@ gh pr view --json url,number,state -q 'if .state == "OPEN" then "PR #\(.number):
|
||||
glab mr view -F json 2>/dev/null | jq -r 'if .state == "opened" then "MR_EXISTS" else "NO_MR" end' 2>/dev/null || echo "NO_MR"
|
||||
```
|
||||
|
||||
If an **open** PR/MR already exists: **update** the PR body using `gh pr edit --body "..."` (GitHub) or `glab mr update -d "..."` (GitLab). Always regenerate the PR body from scratch using this run's fresh results (test output, coverage audit, review findings, adversarial review, TODOS summary, documentation_section from Step 18). Never reuse stale PR body content from a prior run.
|
||||
If an **open** PR/MR already exists: **update** the PR body using `gh pr edit --body-file "$PR_BODY_FILE"` (GitHub) or `glab mr update -d ...` (GitLab). Always regenerate the PR body from scratch using this run's fresh results (test output, coverage audit, review findings, adversarial review, TODOS summary, documentation_section from Step 18). Never reuse stale PR body content from a prior run. **Run the same redaction scan-at-sink (PR body + title) as the create path (Step 19) before editing — scan the temp file, then `gh pr edit --body-file` from it.**
|
||||
|
||||
**Always update the PR title to start with `v$NEW_VERSION`.** PR titles use the workspace-aware format `v<NEW_VERSION> <type>: <summary>` — version ALWAYS first, no exceptions, no "custom title kept intentionally" escape hatch. The shared helper `bin/gstack-pr-title-rewrite.sh` is the single source of truth for the rule.
|
||||
|
||||
@@ -2910,15 +2910,42 @@ you missed it.>
|
||||
🤖 Generated with [Claude Code](https://claude.com/claude-code)
|
||||
```
|
||||
|
||||
**If GitHub:**
|
||||
#### Redaction scan (PR body + title) — runs before create AND edit
|
||||
|
||||
The PR body is world-readable on a public repo. Scan-at-sink before sending:
|
||||
write the composed body to a temp file, scan THAT file with the shared engine,
|
||||
and pass the same file to `gh`/`glab`. Wrap any Codex / Greptile / eval output
|
||||
sections in tool-attributed fences (` ```codex-review ` / ` ```greptile `) so the
|
||||
engine WARN-degrades the example credentials those tools quote instead of blocking
|
||||
the PR (a live-format credential inside the fence still blocks).
|
||||
|
||||
```bash
|
||||
REDACT_VIS=$($GSTACK_ROOT/bin/gstack-config get redact_repo_visibility 2>/dev/null)
|
||||
[ -z "$REDACT_VIS" ] && REDACT_VIS=$(gh repo view --json visibility -q .visibility 2>/dev/null | tr 'A-Z' 'a-z')
|
||||
REDACT_VIS="${REDACT_VIS:-unknown}"
|
||||
PR_BODY_FILE=$(mktemp)
|
||||
cat > "$PR_BODY_FILE" <<'PR_BODY_EOF'
|
||||
<PR body from above>
|
||||
PR_BODY_EOF
|
||||
$GSTACK_ROOT/bin/gstack-redact --from-file "$PR_BODY_FILE" --repo-visibility "$REDACT_VIS" --self-email "$(git config user.email 2>/dev/null)" --json
|
||||
case $? in
|
||||
3) echo "BLOCKED — credential in PR body. Rotate + redact, do not create the PR."; exit 1 ;;
|
||||
2) echo "MEDIUM findings — confirm per finding (sterner on public) before proceeding." ;;
|
||||
esac
|
||||
# Also scan the title (short, single-line):
|
||||
printf '%s' "v$NEW_VERSION <type>: <summary>" | $GSTACK_ROOT/bin/gstack-redact --repo-visibility "$REDACT_VIS" --json
|
||||
```
|
||||
|
||||
HIGH blocks (exit 3, no skip). MEDIUM → AskUserQuestion (PII subset offers
|
||||
`--auto-redact`). Same scan runs before the `gh pr edit --body` path (Step 17).
|
||||
|
||||
**If GitHub:** create from the SCANNED file (exact bytes scanned = bytes sent):
|
||||
|
||||
```bash
|
||||
# PR title MUST start with v$NEW_VERSION — enforced on every run, no exceptions.
|
||||
# (See Step 19 idempotency block + bin/gstack-pr-title-rewrite.sh for the rule.)
|
||||
gh pr create --base <base> --title "v$NEW_VERSION <type>: <summary>" --body "$(cat <<'EOF'
|
||||
<PR body from above>
|
||||
EOF
|
||||
)"
|
||||
gh pr create --base <base> --title "v$NEW_VERSION <type>: <summary>" --body-file "$PR_BODY_FILE"
|
||||
rm -f "$PR_BODY_FILE"
|
||||
```
|
||||
|
||||
**If GitLab:**
|
||||
|
||||
@@ -0,0 +1,30 @@
|
||||
# Founder pitch — pixel.fund
|
||||
|
||||
Founder: Maya Chen (CEO, ex-Stripe), co-founder Aria Patel (CTO,
|
||||
ex-Robinhood). YC W26.
|
||||
|
||||
## What
|
||||
|
||||
A donation-budget tool for solo creators. Set a monthly $ floor for
|
||||
causes you care about, pixel.fund auto-allocates each dollar across your
|
||||
chosen orgs (Direct Relief, GiveDirectly, etc.) the moment a Stripe
|
||||
payout lands. One-line embeddable receipt. 1% platform fee.
|
||||
|
||||
## Traction
|
||||
|
||||
- 2026-04-01 launched private beta with 14 creators from her newsletter
|
||||
- 2026-05-15 hit 51 paying creators, $4,200 MRR
|
||||
- Waitlist of 230 from a single tweet by a tech-Twitter influencer
|
||||
- Two creators asked about a "team plan" (multi-seat) unprompted
|
||||
|
||||
## Status quo
|
||||
|
||||
Creators today either (a) write checks ad-hoc and forget about it, or
|
||||
(b) use Patreon-style platforms where the "cause" is opaque (general
|
||||
fund). Maya talked to 40 creators in YC interviews — 31 said they "want
|
||||
to give more but it's mental overhead."
|
||||
|
||||
## What Maya wants from office hours
|
||||
|
||||
Should she chase the team-plan signal, or go deeper on the solo flow
|
||||
first? She's two weeks from running out of YC dorm food.
|
||||
Reference in New Issue
Block a user