CalvinBackup/shannon
1
0
Fork 0
mirror of https://github.com/KeygraphHQ/shannon.git synced 2026-05-31 12:49:30 +02:00
Code Issues Packages Projects Releases Wiki Activity
240 Commits 4 Branches 5 Tags
4e703ef183cefddb30c5ab3d5bd5d8a15c79929a
Commit Graph

5 Commits

Author SHA1 Message Date
ezl-keygraph 167f3c3ccd feat: add beta release and rollback workflows with cosign signing 2026-03-18 22:07:58 +05:30
ezl-keygraph a513aad161 fix: remove environment gates and add NPM_TOKEN to publish step 2026-03-18 16:09:40 +05:30
ezl-keygraph 955eae5d65 fix: remove duplicate environment gate from merge-docker job 
Move DOCKERHUB_USERNAME from vars to secrets so merge-docker can access
credentials without its own environment scope. This eliminates the
redundant double approval since build-docker already gates on
release-publish.
 2026-03-18 15:58:45 +05:30
ezl-keygraph 96732306a8 feat: mark GitHub release as latest during rollback 2026-03-18 15:58:45 +05:30
ezl-keygraph 9b1abd9ec0 feat: integrate npx CLI, CI/CD, and ephemeral worker architecture 
Bring in changes from shannon-npx: npx-distributable CLI package (cli/),
semantic-release CI/CD workflows, ephemeral per-scan worker containers,
TOML config support, setup wizard, and workspace management.

Preserves all shannon-only changes: security hardening (localhost-bound
ports, MCP env allowlist, path traversal guard), updated benchmarks
(XBEN 19/31/35/44), README assets, and prompt injection disclaimer.

Applies security hardening to cli/infra/compose.yml as well.
 2026-03-18 15:57:57 +05:30