chore(work): finish 05-trace-revalidation-workflow

2026-05-14 19:53:07 +02:00
parent 6869a51541
commit 331573bc4f
2 changed files with 5 additions and 10 deletions
--- a/docs/work/2026-05-14-ci-security-and-supply-chain/05-trace-revalidation-workflow/_story.md
+++ b/docs/work/2026-05-14-ci-security-and-supply-chain/05-trace-revalidation-workflow/_story.md
@@ -3,7 +3,7 @@ id: 05-trace-revalidation-workflow
 epic: 2026-05-14-ci-security-and-supply-chain
 title: Trace revalidation workflow
 type: technical-story
-status: in-progress
+status: done
 feature: scripts
 depends-on: [01-trace-schema-extensions, 04-major-bump-reevaluation]
 blocks: [09-ci-security-guide-and-docs]
@@ -41,4 +41,4 @@ ADR-022 traces go stale silently when new CVEs drop or Socket picks up behaviora
 ## Tasks

 - [x] Write `scripts/library-decisions/revalidate.mjs` (walk approved+pre-shipped traces, re-run `verification-commands`, classify soft/hard divergence, open/update/close issues via `gh` CLI; mock-friendly `gh` surface for tests); write `revalidate.test.mjs` integration tests with fixture traces covering: no-drift, soft-drift (dashboard issue), hard-drift (per-dep issue with correct labels+title), duplicate-issue guard, stale-issue close on refreshed `lastRevalidated`, rejected-trace skip; one commit, all gates pass.
- [ ] Create `.github/workflows/trace-revalidation-weekly.yml` (trigger: `schedule: cron: "30 6 * * 1"` + `workflow_dispatch`; steps: checkout, `pnpm install --frozen-lockfile`, `node scripts/library-decisions/revalidate.mjs`; permissions: `issues: write`, `contents: read`); one commit, all gates pass.
+- [x] Create `.github/workflows/trace-revalidation-weekly.yml` (trigger: `schedule: cron: "30 6 * * 1"` + `workflow_dispatch`; steps: checkout, `pnpm install --frozen-lockfile`, `node scripts/library-decisions/revalidate.mjs`; permissions: `issues: write`, `contents: read`); one commit, all gates pass.
--- a/docs/work/_state.json
+++ b/docs/work/_state.json
@@ -1,5 +1,5 @@
 {
-  "updated_at": "2026-05-14T17:50:50.219Z",
+  "updated_at": "2026-05-14T17:53:08.262Z",
  "epics": {
    "2026-05-13-binder-wrap-helper": {
      "status": "done",
@@ -87,10 +87,10 @@
          ]
        },
        "05-trace-revalidation-workflow": {
-          "status": "in-progress",
+          "status": "done",
          "title": "Trace revalidation workflow",
          "ac_total": 2,
-          "ac_completed": 1,
+          "ac_completed": 2,
          "depends_on": [
            "01-trace-schema-extensions",
            "04-major-bump-reevaluation"
@@ -258,11 +258,6 @@
    }
  },
  "ready": [
-    {
-      "epic": "2026-05-14-ci-security-and-supply-chain",
-      "story": "05-trace-revalidation-workflow",
-      "title": "Trace revalidation workflow"
-    },
    {
      "epic": "2026-05-14-ci-security-and-supply-chain",
      "story": "06-codeql-and-audit-signatures",