Catch-all for the smaller "everything else" (scope e). Mostly surfaced by the Hypatia advisory scan on #196 plus the standing audit.
Hygiene / workflow audit
Two broken CI gates (pre-existing; surfaced on #196, both in lsp-dap-bsp.yml)
Legal / versioning (P0-ish)
Pick off opportunistically or hand to a background agent.
Filed via Claude Code · https://claude.ai/code/session_019tMcRS1Dm1nWjjYP4WvbJa
Catch-all for the smaller "everything else" (scope e). Mostly surfaced by the Hypatia advisory scan on #196 plus the standing audit.
Hygiene / workflow audit
GEMINI.md→ delete (hypatiaroot_hygiene).e2e.yml(upload-artifact),governance.yml(reusable@main) → pin to SHA.timeout-minutes:abi-drift.yml,codeql.yml,container-publish.yml,dogfood-gate.yml(×several); several missingconcurrency.python3usage vs the no-Python policy:lsp-dap-bsp.yml,fuzz.yml.src/abi/build/ttc/**(.ttc/.ttm),**/zig-out/**, committed*.so.Two broken CI gates (pre-existing; surfaced on #196, both in
lsp-dap-bsp.yml)curl ziglang.org/builds/zig-linux-x86_64-0.15.2.tar.xz→ error page (xz: File format not recognized). Released Zig is under/download/<ver>/, not/builds/. Switch to thegoto-bus-stop/setup-zigaction (ase2e.ymldoes) or fix the URL.believe_me|assert_total|sorrygrep matchesREADME.adoc) — fix also tracked from scopes a/b.Legal / versioning (P0-ish)
package.jsonsaysAGPL-3.0-or-latervsMPL-2.0everywhere else — reconcile (legal).0.4.6vs0.4.7acrossCITATION.cff,smithery.yaml,package.json,jsr.json,gemini-extension.json,glama.json.Pick off opportunistically or hand to a background agent.
Filed via Claude Code · https://claude.ai/code/session_019tMcRS1Dm1nWjjYP4WvbJa