Commit e46e143
Remove unused brew pr-pull workflow (#11)
* Remove unused brew pr-pull workflow
The pull_request_target publish workflow has never been triggered — no PR
has ever received the pr-pull label. Formulas are updated and merged
directly without the bottle-publishing flow.
https://claude.ai/code/session_01BDfJrUtNfNBR3Zep9vLJC6
* Pin workflow actions to commit SHAs
Fixes zizmor unpinned-uses findings for Homebrew/actions/setup-homebrew
and actions/upload-artifact.
https://claude.ai/code/session_01BDfJrUtNfNBR3Zep9vLJC6
* Revert actions/upload-artifact pin, keep setup-homebrew pin
https://claude.ai/code/session_01BDfJrUtNfNBR3Zep9vLJC6
* Install bubblewrap on Linux before brew test-bot
Homebrew uses bubblewrap for sandboxed formula builds on Linux; it is
not pre-installed on ubuntu-latest runners.
https://claude.ai/code/session_01BDfJrUtNfNBR3Zep9vLJC6
* Allow unprivileged user namespaces for bubblewrap on Ubuntu 24.04
ubuntu-latest is Ubuntu 24.04, which restricts unprivileged user
namespaces via AppArmor by default, preventing bwrap from running
rootless as required by Homebrew's Linux sandbox.
https://claude.ai/code/session_01BDfJrUtNfNBR3Zep9vLJC6
* Enable all kernel settings needed for rootless bubblewrap
https://claude.ai/code/session_01BDfJrUtNfNBR3Zep9vLJC6
* Disable Linux sandbox via HOMEBREW_NO_SANDBOX_LINUX
Replaces the bubblewrap+sysctl approach with the Homebrew-native env var
that disables the Linux sandbox, avoiding kernel configuration entirely.
https://claude.ai/code/session_01BDfJrUtNfNBR3Zep9vLJC6
---------
Co-authored-by: Claude <noreply@anthropic.com>1 parent f6789c4 commit e46e143
2 files changed
Lines changed: 3 additions & 34 deletions
This file was deleted.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
9 | 9 | | |
10 | 10 | | |
11 | 11 | | |
| 12 | + | |
| 13 | + | |
12 | 14 | | |
13 | 15 | | |
14 | 16 | | |
15 | | - | |
| 17 | + | |
16 | 18 | | |
17 | 19 | | |
18 | 20 | | |
| |||
0 commit comments