You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
None. Open PR queue is empty. Yesterday's #3371 (pnpm overrides migration) merged at 2026-05-24T13:26Z.
Security
None requiring action. 0 open Dependabot alerts. Three OpenSSF Scorecard meta-findings still open (Fuzzing #7, CII-Best-Practices #5, Branch-Protection #1). Unchanged.
Health & Maintenance
Failing scheduled workflow: Merge Data Branch (run 26375057529 at 2026-05-24T22:54Z, re-dispatch 26390324135 at 2026-05-25T08:05Z failed identically). Root cause is not transient and not in the workflow — it's two private wiki entries in metadata/repos.yaml whose GraphQL node IDs return NOT_FOUND:
Either the repos were deleted/transferred before onboarding completed, or the App invitation was never accepted. Verified with a direct GraphQL probe — GitHub returns {"data":{"node":null},"errors":[{"type":"NOT_FOUND",...}]} for both.
Diagnostic gap noted: scripts/check-wiki-private-presence.ts:144 labels both failures [subprocess-threw] — investigate network/rate-limit/auth, but the actual mode is node-null (repo lifecycle/App access). The bare catch at line 133 fires before the isGraphQLNodeNullResponse branch (line 127) can dispatch — gh api graphql exits non-zero on GraphQL errors, so node-null cases get misclassified as subprocess failures. Mentioning this for human awareness; not patching, since the fail-closed safety property is intentional and any change to the script's error semantics deserves Marcus's review.
Developer Experience
None. Repository validation green:
pnpm run lint — clean
pnpm run check-types — clean
pnpm test — 22 files / 644 passed + 3 todo in ~3s
Needs Human Attention
Merge Data Branch will keep failing until the two orphan entries are resolved. Choose one:
Complete onboarding for the two pending repos (re-issue App invitations).
Remove the orphaned entries from metadata/repos.yaml.
The weekly sweep is currently blocked end-to-end.
Optional follow-up: improve the diagnostic in check-wiki-private-presence.ts so future operators see "investigate repo lifecycle/App access" instead of the wrong network hint. Small targeted change; could be a one-line PR if you want it.
Daily Autohealing Report — 2026-05-25 (UTC)
Errored PRs
None. Open PR queue is empty. Yesterday's #3371 (pnpm overrides migration) merged at 2026-05-24T13:26Z.
Security
None requiring action. 0 open Dependabot alerts. Three OpenSSF Scorecard meta-findings still open (Fuzzing #7, CII-Best-Practices #5, Branch-Protection #1). Unchanged.
Health & Maintenance
Failing scheduled workflow:
Merge Data Branch(run 26375057529 at 2026-05-24T22:54Z, re-dispatch 26390324135 at 2026-05-25T08:05Z failed identically). Root cause is not transient and not in the workflow — it's two private wiki entries inmetadata/repos.yamlwhose GraphQL node IDs returnNOT_FOUND:R_kgDOSVJgdw—[REDACTED](added 2026-05-05,onboarding_status: pending)R_kgDOSZ9x-w—[REDACTED](added 2026-05-13,onboarding_status: pending)Either the repos were deleted/transferred before onboarding completed, or the App invitation was never accepted. Verified with a direct GraphQL probe — GitHub returns
{"data":{"node":null},"errors":[{"type":"NOT_FOUND",...}]}for both.Diagnostic gap noted:
scripts/check-wiki-private-presence.ts:144labels both failures[subprocess-threw] — investigate network/rate-limit/auth, but the actual mode isnode-null(repo lifecycle/App access). The barecatchat line 133 fires before theisGraphQLNodeNullResponsebranch (line 127) can dispatch —gh api graphqlexits non-zero on GraphQL errors, so node-null cases get misclassified as subprocess failures. Mentioning this for human awareness; not patching, since the fail-closed safety property is intentional and any change to the script's error semantics deserves Marcus's review.Developer Experience
None. Repository validation green:
pnpm run lint— cleanpnpm run check-types— cleanpnpm test— 22 files / 644 passed + 3 todo in ~3sNeeds Human Attention
Merge Data Branchwill keep failing until the two orphan entries are resolved. Choose one:pendingrepos (re-issue App invitations).metadata/repos.yaml.The weekly sweep is currently blocked end-to-end.
Optional follow-up: improve the diagnostic in
check-wiki-private-presence.tsso future operators see "investigate repo lifecycle/App access" instead of the wrong network hint. Small targeted change; could be a one-line PR if you want it.OpenSSF Scorecard alerts (Fuzzing Update
peter-murray/workflow-application-token-actionto v2 #7, CII-Best-Practices feat: add Renovate workflow for dependency auto-updates #5, Branch-Protection feat: set default settings #1) — same three meta-recommendations across many cycles. Implement or dismiss.