chore(manifest): bump YiAgent/OpenCI SHA to c4f0bfa8

[YiWang24]

Automated SHA bump: 9b40a02a to c4f0bfa8

The YiAgent/OpenCI self-reference SHA in manifest.yml was stale. Updated to the latest main HEAD so all reusable workflow calls resolve correctly.

Generated by the on-main-bump-sha workflow.

---

^{Need help on this PR? Tag @codesmith with what you need.}

• Let Codesmith autofix CI failures and bot reviews

Summary by CodeRabbit

• Chores
  • Updated CI/CD workflow infrastructure to use the latest versions of reusable workflows and shared actions.

[qodo-code-review]

ⓘ You've reached your Qodo monthly free-tier limit. Reviews pause until next month — upgrade your plan to continue now, or link your paid account if you already have one.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR updates the pinned commit SHA for the YiAgent/OpenCI external dependency across all GitHub Actions workflow files and the manifest, bumping from 9b40a02... to c4f0bfa... systematically for dependency management.

Changes

YiAgent/OpenCI Dependency Pin Update

Layer / File(s)	Summary
Dependency Manifest manifest.yml	YiAgent/OpenCI dependency pinned SHA is updated from 9b40a02a... to c4f0bfa8...
Reusable Workflow References .github/workflows/agent.yml, .github/workflows/ci-self-test.yml, .github/workflows/ci.yml, .github/workflows/dependencies.yml, .github/workflows/docs.yml, .github/workflows/issue-ops.yml, .github/workflows/on-maintenance.yml, .github/workflows/pull-request.yml, .github/workflows/release.yml	All workflow uses: references to YiAgent/OpenCI reusable workflows (e.g., reusable-agent.yml, reusable-ci.yml, reusable-pr.yml) are updated to the new commit SHA.
Action References in Reusable Workflows .github/workflows/reusable-ci.yml, .github/workflows/reusable-pr.yml	The pinned YiAgent/OpenCI/actions/_common/resolve-openci action reference is updated to the new commit SHA across all job steps (8 occurrences in reusable-ci.yml and 2 in reusable-pr.yml).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• YiAgent/OpenCI#80: Updates the same YiAgent/OpenCI workflow and action references by bumping pinned commit SHAs across the same workflow files.
• YiAgent/OpenCI#84: Performs the same systematic update pattern, bumping YiAgent/OpenCI reusable workflow and action reference SHAs across the same files.
• YiAgent/OpenCI#72: Updates pinned YiAgent/OpenCI commit SHAs for reusable workflows and actions following the same code-level change pattern across workflows and manifest.

Suggested labels

area:ci

Poem

🐰 A little bump, a SHA so bright,
Dependencies pinned just right!
From nine-b-four to c-four-f,
Our workflows dance without a hitch or gaff. ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and concisely describes the main change: bumping the YiAgent/OpenCI SHA in the manifest file to a specific commit hash.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/bump-self-sha-c4f0bfa8

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.github/workflows/reusable-ci.yml (1)

306-306: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Update all stale resolve-openci pins to match manifest.yml.

Line 306 in reusable-ci.yml and four additional pins in reusable-self-test.yml (lines 73, 190, 213, 258) still point to 9bd9cf..., which is inconsistent with the manifest pin c4f0bfa.... This causes SHA consistency failures and breaks pin uniformity across the repository.

Verification results showing all affected locations

manifest.yml YiAgent/OpenCI SHA: c4f0bfa8029781b30f641da83d44a0934d7a5e75

MISMATCH .github/workflows/reusable-self-test.yml:Line 73 => 9bd9cf085ba9d3a199b701d42ea054e1625a65ce
MISMATCH .github/workflows/reusable-self-test.yml:Line 190 => 9bd9cf085ba9d3a199b701d42ea054e1625a65ce
MISMATCH .github/workflows/reusable-self-test.yml:Line 213 => 9bd9cf085ba9d3a199b701d42ea054e1625a65ce
MISMATCH .github/workflows/reusable-self-test.yml:Line 258 => 9bd9cf085ba9d3a199b701d42ea054e1625a65ce
MISMATCH .github/workflows/reusable-ci.yml:Line 306 => 9bd9cf085ba9d3a199b701d42ea054e1625a65ce

Update all five occurrences to c4f0bfa8029781b30f641da83d44a0934d7a5e75.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/reusable-ci.yml at line 306, Replace the stale pin for the
action reference
"YiAgent/OpenCI/actions/_common/resolve-openci@9bd9cf085ba9d3a199b701d42ea054e1625a65ce"
with the manifest pin "c4f0bfa8029781b30f641da83d44a0934d7a5e75" in every
workflow occurrence (there are five instances); search for the exact action
string "YiAgent/OpenCI/actions/_common/resolve-openci@" to find each spot and
update the trailing SHA only so all references match the manifest.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In @.github/workflows/reusable-ci.yml:
- Line 306: Replace the stale pin for the action reference
"YiAgent/OpenCI/actions/_common/resolve-openci@9bd9cf085ba9d3a199b701d42ea054e1625a65ce"
with the manifest pin "c4f0bfa8029781b30f641da83d44a0934d7a5e75" in every
workflow occurrence (there are five instances); search for the exact action
string "YiAgent/OpenCI/actions/_common/resolve-openci@" to find each spot and
update the trailing SHA only so all references match the manifest.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 24684439-9e8d-41d1-84e4-45e23db39319

📥 Commits

Reviewing files that changed from the base of the PR and between c4f0bfa and 6f0453d.

📒 Files selected for processing (12)

• .github/workflows/agent.yml
• .github/workflows/ci-self-test.yml
• .github/workflows/ci.yml
• .github/workflows/dependencies.yml
• .github/workflows/docs.yml
• .github/workflows/issue-ops.yml
• .github/workflows/on-maintenance.yml
• .github/workflows/pull-request.yml
• .github/workflows/release.yml
• .github/workflows/reusable-ci.yml
• .github/workflows/reusable-pr.yml
• manifest.yml

[YiWang24]

Superseded by chore/bump-self-sha-99f2f5dd (bump to 99f2f5d).