@codyswann/lisa 2.195.8 → 2.196.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/all/github-rulesets/base.json +64 -0
- package/all/github-rulesets/prevent-delete.json +25 -0
- package/all/github-rulesets/protect-tags.json +31 -0
- package/cdk/github-rulesets/cdk-validation.json +43 -0
- package/expo/github-rulesets/playwright.json +38 -0
- package/package.json +2 -2
- package/plugins/lisa/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa/.codex-plugin/plugin.json +1 -1
- package/plugins/lisa/.codex-plugin/skills/lisa-setup-github-repo/SKILL.md +66 -0
- package/plugins/lisa/.codex-plugin/skills/lisa-setup-github-repo/agents/openai.yaml +4 -0
- package/plugins/lisa/commands/lisa/setup/github-repo.md +7 -0
- package/plugins/lisa/skills/lisa-setup-github-repo/SKILL.md +66 -0
- package/plugins/lisa/skills/lisa-setup-github-repo/agents/openai.yaml +4 -0
- package/plugins/lisa-agy/commands/lisa/setup/github-repo.md +7 -0
- package/plugins/lisa-agy/plugin.json +1 -1
- package/plugins/lisa-agy/skills/lisa-setup-github-repo/SKILL.md +66 -0
- package/plugins/lisa-cdk/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-cdk/.codex-plugin/plugin.json +1 -1
- package/plugins/lisa-cdk-agy/plugin.json +1 -1
- package/plugins/lisa-cdk-copilot/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-cdk-cursor/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-copilot/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-copilot/commands/lisa/setup/github-repo.md +7 -0
- package/plugins/lisa-copilot/skills/lisa-setup-github-repo/SKILL.md +66 -0
- package/plugins/lisa-cursor/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-cursor/commands/lisa/setup/github-repo.md +7 -0
- package/plugins/lisa-cursor/skills/lisa-setup-github-repo/SKILL.md +66 -0
- package/plugins/lisa-expo/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-expo/.codex-plugin/plugin.json +1 -1
- package/plugins/lisa-expo-agy/plugin.json +1 -1
- package/plugins/lisa-expo-copilot/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-expo-cursor/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-harper-fabric/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-harper-fabric/.codex-plugin/plugin.json +1 -1
- package/plugins/lisa-harper-fabric-agy/plugin.json +1 -1
- package/plugins/lisa-harper-fabric-copilot/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-harper-fabric-cursor/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-nestjs/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-nestjs/.codex-plugin/plugin.json +1 -1
- package/plugins/lisa-nestjs-agy/plugin.json +1 -1
- package/plugins/lisa-nestjs-copilot/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-nestjs-cursor/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-openclaw/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-openclaw/.codex-plugin/plugin.json +1 -1
- package/plugins/lisa-openclaw-agy/plugin.json +1 -1
- package/plugins/lisa-openclaw-copilot/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-openclaw-cursor/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-phaser/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-phaser/.codex-plugin/plugin.json +1 -1
- package/plugins/lisa-phaser-agy/plugin.json +1 -1
- package/plugins/lisa-phaser-copilot/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-phaser-cursor/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-rails/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-rails/.codex-plugin/plugin.json +1 -1
- package/plugins/lisa-rails-agy/plugin.json +1 -1
- package/plugins/lisa-rails-copilot/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-rails-cursor/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-typescript/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-typescript/.codex-plugin/plugin.json +1 -1
- package/plugins/lisa-typescript-agy/plugin.json +1 -1
- package/plugins/lisa-typescript-copilot/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-typescript-cursor/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-wiki/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-wiki/.codex-plugin/plugin.json +1 -1
- package/plugins/lisa-wiki-agy/plugin.json +1 -1
- package/plugins/lisa-wiki-copilot/.claude-plugin/plugin.json +1 -1
- package/plugins/lisa-wiki-cursor/.claude-plugin/plugin.json +1 -1
- package/plugins/src/base/commands/lisa/setup/github-repo.md +7 -0
- package/plugins/src/base/skills/lisa-setup-github-repo/SKILL.md +66 -0
- package/rails/github-rulesets/quality-checks.json +51 -0
- package/scripts/cleanup-github-branches.sh +96 -72
- package/scripts/cleanup-local-merged-branches.sh +110 -0
- package/scripts/cleanup-worktrees.sh +222 -0
- package/scripts/lisa-github-repo-settings.sh +152 -0
- package/scripts/lisa-github-repo-setup.sh +63 -0
- package/scripts/lisa-github-rulesets.sh +549 -0
- package/scripts/setup-deploy-key.sh +61 -2
- package/typescript/github-rulesets/quality-checks.json +67 -0
- package/typescript/github-rulesets/base.json +0 -33
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: lisa-setup-github-repo
|
|
3
|
+
description: "Apply Lisa's GitHub repository governance baseline to the current project's repo: repository settings (merge-only, auto-merge, delete-branch-on-merge, update-branch suggestions, wiki off, secret scanning where available), branch + tag rulesets from Lisa templates (base PR gate with CodeRabbit/GitGuardian/Quality Checks, prevent delete, protect tags, stack overlays), and a write-access deploy key + DEPLOY_KEY secret so release workflows can push version bumps through the rulesets' DeployKey bypass. Idempotent — re-running updates settings and rulesets in place and skips an already-configured deploy key."
|
|
4
|
+
allowed-tools: ["Bash", "Read", "AskUserQuestion"]
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
# Setup GitHub Repository Governance
|
|
8
|
+
|
|
9
|
+
Apply the fleet-standard GitHub repository configuration to this project's repo. The settings, rulesets, and deploy key that used to be clicked together by hand for every new repo are applied here as one scripted flow.
|
|
10
|
+
|
|
11
|
+
## What gets applied
|
|
12
|
+
|
|
13
|
+
1. **Repository settings** (`scripts/lisa-github-repo-settings.sh`)
|
|
14
|
+
- Merge commits on; squash and rebase merging **off** (merge-only policy)
|
|
15
|
+
- Merge commit title/message from the PR (`MERGE_MESSAGE` / `PR_TITLE`)
|
|
16
|
+
- Auto-merge **on** — per-repo opt-out via `.lisa.config.json`:
|
|
17
|
+
```json
|
|
18
|
+
{ "github": { "settings": { "allow_auto_merge": false } } }
|
|
19
|
+
```
|
|
20
|
+
(any key under `github.settings` overrides the baseline)
|
|
21
|
+
- Delete head branches after merge (environment branches survive — the rulesets' `deletion` rule means GitHub refuses to delete them)
|
|
22
|
+
- "Always suggest updating pull request branches" on
|
|
23
|
+
- GitHub wiki tab off (Lisa projects use in-repo `wiki/`)
|
|
24
|
+
- Secret scanning + push protection enabled where the plan supports it
|
|
25
|
+
2. **Rulesets** (`scripts/lisa-github-rulesets.sh`) from Lisa's `<type>/github-rulesets/` templates, matched by project type:
|
|
26
|
+
- `base` — deletion/force-push protection on `main`/`dev`/`staging` + default, PRs required (0 approvals, review-thread resolution required, merge method = merge only), required checks: CodeRabbit + GitGuardian
|
|
27
|
+
- `quality checks` — the stack's CI checks (TypeScript emoji names or Rails names)
|
|
28
|
+
- `prevent delete`, `protect tags` (`v*`), plus stack overlays (`cdk validation`, staging-only `playwright`)
|
|
29
|
+
- Repos without `.github/workflows/` get only app-based required checks — an Actions check that can never report would block every PR forever
|
|
30
|
+
3. **Deploy key** (`scripts/setup-deploy-key.sh --yes`) — write-access deploy key + `DEPLOY_KEY` secret, skipped when already configured. The `base` ruleset's `DeployKey: always` bypass is what lets CI version-bump pushes through protected branches.
|
|
31
|
+
|
|
32
|
+
## Workflow
|
|
33
|
+
|
|
34
|
+
### Step 1 — Locate the scripts
|
|
35
|
+
|
|
36
|
+
In the Lisa repo itself, use `scripts/` directly. In a downstream project, use the installed package:
|
|
37
|
+
|
|
38
|
+
```bash
|
|
39
|
+
LISA_SCRIPTS=$(ls -d node_modules/@codyswann/lisa/scripts 2>/dev/null || echo scripts)
|
|
40
|
+
```
|
|
41
|
+
|
|
42
|
+
### Step 2 — Dry-run and show the plan
|
|
43
|
+
|
|
44
|
+
```bash
|
|
45
|
+
bash "$LISA_SCRIPTS/lisa-github-repo-setup.sh" --dry-run .
|
|
46
|
+
```
|
|
47
|
+
|
|
48
|
+
Present what would change. If the repo already matches the baseline, say so and stop.
|
|
49
|
+
|
|
50
|
+
### Step 3 — Apply
|
|
51
|
+
|
|
52
|
+
```bash
|
|
53
|
+
bash "$LISA_SCRIPTS/lisa-github-repo-setup.sh" .
|
|
54
|
+
```
|
|
55
|
+
|
|
56
|
+
Requires `gh` authenticated with **admin** permission on the repo. A 403 on rulesets means the plan doesn't support them (private repo on a free personal plan) — settings and deploy key still apply; the script skips rulesets gracefully.
|
|
57
|
+
|
|
58
|
+
### Step 4 — Verify
|
|
59
|
+
|
|
60
|
+
```bash
|
|
61
|
+
gh api "repos/$(gh repo view --json nameWithOwner -q .nameWithOwner)" \
|
|
62
|
+
--jq '{allow_squash_merge, allow_auto_merge, delete_branch_on_merge, allow_update_branch}'
|
|
63
|
+
gh api "repos/$(gh repo view --json nameWithOwner -q .nameWithOwner)/rulesets" --jq '[.[].name]'
|
|
64
|
+
```
|
|
65
|
+
|
|
66
|
+
Report the applied settings and ruleset names. If any step failed, surface the error — do not mark the setup complete.
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "lisa-openclaw",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.196.0",
|
|
4
4
|
"description": "Connect staff roles to Telegram or Slack via OpenClaw — facilitator/specialist hub-and-spoke routing and repo-coding topics, for Claude Code and Codex",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "Cody Swann"
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "lisa-openclaw",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.196.0",
|
|
4
4
|
"description": "Connect staff roles to Telegram or Slack via OpenClaw — facilitator/specialist hub-and-spoke routing and repo-coding topics, across Claude and Codex.",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "Cody Swann"
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "lisa-openclaw",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.196.0",
|
|
4
4
|
"description": "Connect staff roles to Telegram or Slack via OpenClaw — facilitator/specialist hub-and-spoke routing and repo-coding topics, for Claude Code and Codex",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "Cody Swann"
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "lisa-openclaw",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.196.0",
|
|
4
4
|
"description": "Connect staff roles to Telegram or Slack via OpenClaw — facilitator/specialist hub-and-spoke routing and repo-coding topics, for Claude Code and Codex",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "Cody Swann"
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "lisa-openclaw",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.196.0",
|
|
4
4
|
"description": "Connect staff roles to Telegram or Slack via OpenClaw — facilitator/specialist hub-and-spoke routing and repo-coding topics, for Claude Code and Codex",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "Cody Swann"
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
description: "Apply Lisa's GitHub repository governance baseline: merge-only settings with auto-merge and delete-branch-on-merge, branch + tag rulesets (CodeRabbit/GitGuardian/Quality Checks gates, prevent delete, protect tags), and a CI deploy key + DEPLOY_KEY secret. Idempotent; per-repo overrides via .lisa.config.json github.settings."
|
|
3
|
+
allowed-tools: ["Skill"]
|
|
4
|
+
argument-hint: ""
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
Use the /lisa-setup-github-repo skill to apply the GitHub repository governance baseline. $ARGUMENTS
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: lisa-setup-github-repo
|
|
3
|
+
description: "Apply Lisa's GitHub repository governance baseline to the current project's repo: repository settings (merge-only, auto-merge, delete-branch-on-merge, update-branch suggestions, wiki off, secret scanning where available), branch + tag rulesets from Lisa templates (base PR gate with CodeRabbit/GitGuardian/Quality Checks, prevent delete, protect tags, stack overlays), and a write-access deploy key + DEPLOY_KEY secret so release workflows can push version bumps through the rulesets' DeployKey bypass. Idempotent — re-running updates settings and rulesets in place and skips an already-configured deploy key."
|
|
4
|
+
allowed-tools: ["Bash", "Read", "AskUserQuestion"]
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
# Setup GitHub Repository Governance
|
|
8
|
+
|
|
9
|
+
Apply the fleet-standard GitHub repository configuration to this project's repo. The settings, rulesets, and deploy key that used to be clicked together by hand for every new repo are applied here as one scripted flow.
|
|
10
|
+
|
|
11
|
+
## What gets applied
|
|
12
|
+
|
|
13
|
+
1. **Repository settings** (`scripts/lisa-github-repo-settings.sh`)
|
|
14
|
+
- Merge commits on; squash and rebase merging **off** (merge-only policy)
|
|
15
|
+
- Merge commit title/message from the PR (`MERGE_MESSAGE` / `PR_TITLE`)
|
|
16
|
+
- Auto-merge **on** — per-repo opt-out via `.lisa.config.json`:
|
|
17
|
+
```json
|
|
18
|
+
{ "github": { "settings": { "allow_auto_merge": false } } }
|
|
19
|
+
```
|
|
20
|
+
(any key under `github.settings` overrides the baseline)
|
|
21
|
+
- Delete head branches after merge (environment branches survive — the rulesets' `deletion` rule means GitHub refuses to delete them)
|
|
22
|
+
- "Always suggest updating pull request branches" on
|
|
23
|
+
- GitHub wiki tab off (Lisa projects use in-repo `wiki/`)
|
|
24
|
+
- Secret scanning + push protection enabled where the plan supports it
|
|
25
|
+
2. **Rulesets** (`scripts/lisa-github-rulesets.sh`) from Lisa's `<type>/github-rulesets/` templates, matched by project type:
|
|
26
|
+
- `base` — deletion/force-push protection on `main`/`dev`/`staging` + default, PRs required (0 approvals, review-thread resolution required, merge method = merge only), required checks: CodeRabbit + GitGuardian
|
|
27
|
+
- `quality checks` — the stack's CI checks (TypeScript emoji names or Rails names)
|
|
28
|
+
- `prevent delete`, `protect tags` (`v*`), plus stack overlays (`cdk validation`, staging-only `playwright`)
|
|
29
|
+
- Repos without `.github/workflows/` get only app-based required checks — an Actions check that can never report would block every PR forever
|
|
30
|
+
3. **Deploy key** (`scripts/setup-deploy-key.sh --yes`) — write-access deploy key + `DEPLOY_KEY` secret, skipped when already configured. The `base` ruleset's `DeployKey: always` bypass is what lets CI version-bump pushes through protected branches.
|
|
31
|
+
|
|
32
|
+
## Workflow
|
|
33
|
+
|
|
34
|
+
### Step 1 — Locate the scripts
|
|
35
|
+
|
|
36
|
+
In the Lisa repo itself, use `scripts/` directly. In a downstream project, use the installed package:
|
|
37
|
+
|
|
38
|
+
```bash
|
|
39
|
+
LISA_SCRIPTS=$(ls -d node_modules/@codyswann/lisa/scripts 2>/dev/null || echo scripts)
|
|
40
|
+
```
|
|
41
|
+
|
|
42
|
+
### Step 2 — Dry-run and show the plan
|
|
43
|
+
|
|
44
|
+
```bash
|
|
45
|
+
bash "$LISA_SCRIPTS/lisa-github-repo-setup.sh" --dry-run .
|
|
46
|
+
```
|
|
47
|
+
|
|
48
|
+
Present what would change. If the repo already matches the baseline, say so and stop.
|
|
49
|
+
|
|
50
|
+
### Step 3 — Apply
|
|
51
|
+
|
|
52
|
+
```bash
|
|
53
|
+
bash "$LISA_SCRIPTS/lisa-github-repo-setup.sh" .
|
|
54
|
+
```
|
|
55
|
+
|
|
56
|
+
Requires `gh` authenticated with **admin** permission on the repo. A 403 on rulesets means the plan doesn't support them (private repo on a free personal plan) — settings and deploy key still apply; the script skips rulesets gracefully.
|
|
57
|
+
|
|
58
|
+
### Step 4 — Verify
|
|
59
|
+
|
|
60
|
+
```bash
|
|
61
|
+
gh api "repos/$(gh repo view --json nameWithOwner -q .nameWithOwner)" \
|
|
62
|
+
--jq '{allow_squash_merge, allow_auto_merge, delete_branch_on_merge, allow_update_branch}'
|
|
63
|
+
gh api "repos/$(gh repo view --json nameWithOwner -q .nameWithOwner)/rulesets" --jq '[.[].name]'
|
|
64
|
+
```
|
|
65
|
+
|
|
66
|
+
Report the applied settings and ruleset names. If any step failed, surface the error — do not mark the setup complete.
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "quality checks",
|
|
3
|
+
"target": "branch",
|
|
4
|
+
"enforcement": "active",
|
|
5
|
+
"conditions": {
|
|
6
|
+
"ref_name": {
|
|
7
|
+
"exclude": [],
|
|
8
|
+
"include": [
|
|
9
|
+
"~DEFAULT_BRANCH",
|
|
10
|
+
"refs/heads/dev",
|
|
11
|
+
"refs/heads/staging",
|
|
12
|
+
"refs/heads/main"
|
|
13
|
+
]
|
|
14
|
+
}
|
|
15
|
+
},
|
|
16
|
+
"bypass_actors": [
|
|
17
|
+
{
|
|
18
|
+
"actor_id": null,
|
|
19
|
+
"actor_type": "DeployKey",
|
|
20
|
+
"bypass_mode": "always"
|
|
21
|
+
},
|
|
22
|
+
{
|
|
23
|
+
"actor_id": 5,
|
|
24
|
+
"actor_type": "RepositoryRole",
|
|
25
|
+
"bypass_mode": "always"
|
|
26
|
+
}
|
|
27
|
+
],
|
|
28
|
+
"rules": [
|
|
29
|
+
{
|
|
30
|
+
"type": "required_status_checks",
|
|
31
|
+
"parameters": {
|
|
32
|
+
"strict_required_status_checks_policy": false,
|
|
33
|
+
"do_not_enforce_on_create": true,
|
|
34
|
+
"required_status_checks": [
|
|
35
|
+
{
|
|
36
|
+
"context": "Quality Checks / Lint",
|
|
37
|
+
"integration_id": 15368
|
|
38
|
+
},
|
|
39
|
+
{
|
|
40
|
+
"context": "Quality Checks / Code Quality",
|
|
41
|
+
"integration_id": 15368
|
|
42
|
+
},
|
|
43
|
+
{
|
|
44
|
+
"context": "Quality Checks / Security",
|
|
45
|
+
"integration_id": 15368
|
|
46
|
+
}
|
|
47
|
+
]
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
]
|
|
51
|
+
}
|