Skip to content

fix: use curl instead of wget and add agent docs #100

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tembleking merged 3 commits into from
Jan 27, 2026
Merged

fix: use curl instead of wget and add agent docs #100

tembleking merged 3 commits into from
Jan 27, 2026

Conversation

@tembleking
Copy link
Member

@tembleking tembleking commented Jan 27, 2026
edited
Loading

Summary

  • curl instead of wget: The integration tests were failing on macOS because wget is not pre-installed. Since curl is available by default on both macOS and Linux, this ensures developers can run tests locally regardless of their OS.

  • undici override: @actions/http-client depends on a vulnerable version of undici (CVE GHSA-g9mf-h72j-4rw9). Since there's no fixed version available yet and npm audit creates an infinite loop between package versions, we use an override as a temporary workaround. This is documented in AGENTS.md as technical debt to remove once upstream fixes the issue.

  • Pre-commit protection: Added no-commit-to-branch hook to prevent accidental direct commits to master.

  • Agent documentation: Added AGENTS.md and CLAUDE.md for LLM-based coding agents working with this repository.

Test plan

  • All 109 tests pass locally on macOS
  • npm audit reports 0 vulnerabilities
  • CI pipeline passes on Linux runners

@tembleking
fix: use curl instead of wget for scanner download
9fd3268 
curl is available by default on both macOS and Linux, while wget
is typically not pre-installed on macOS systems.
@tembleking tembleking requested a review from a team as a code owner January 27, 2026 14:21
@tembleking
chore: add agent documentation and pre-commit protection
523599d 
Add no-commit-to-branch hook to prevent direct commits to master.
@tembleking tembleking changed the title fix: use curl instead of wget for scanner download fix: use curl instead of wget and add agent docs Jan 27, 2026
@tembleking
fix: add undici override to resolve CVE GHSA-g9mf-h72j-4rw9
97a14b2 
Temporary workaround until @actions/http-client updates its undici
dependency. Documented in AGENTS.md as technical debt.
@tembleking tembleking enabled auto-merge (squash) January 27, 2026 14:36
@tembleking tembleking merged commit f60c02c into master Jan 27, 2026
10 checks passed
@tembleking tembleking deleted the fix/use-curl-instead-of-wget branch January 27, 2026 14:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@davidag davidag davidag approved these changes

@alecron alecron alecron approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@tembleking @davidag @alecron