MrSphay/Modrinth-plus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Apply updated Codex kit guidance
Some checks failed
Codex Template Compliance / template-compliance (push) Failing after 7s
Details
Build / build-windows (push) Successful in 35m52s
Details

Browse Source
This commit is contained in:
MrSphay
2026-05-15 17:39:59 +02:00
parent b130cced60
commit 1ebaab2750
5 changed files with 66 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
AGENTS.md
View File

@@ -7,9 +7,13 @@ This fork adds Modrinth Plus work on top of those rules.
- Preserve upstream Modrinth structure and style unless a Modrinth Plus feature requires a focused change.
- Keep desktop app work in the existing app boundaries: `apps/app-frontend`, `apps/app`, and `packages/app-lib`.
- Conserve context tokens: search with `rg` or targeted file lists first, read only files needed for the task, summarize large outputs, and avoid generated folders, dependency folders, build outputs, or full logs unless directly relevant.
- Do not commit secrets, `.env` files with private values, private keys, certificates, or tokens.
- If `GITEA_TOKEN` is available locally, use it only for read-only Gitea API checks such as private repository metadata and Actions run status. Never print, commit, or store the token.
- At the start of every user-requested task, briefly check for upstream repository updates and apply a safe fast-forward pull when the working tree is clean. If local changes exist, do not overwrite them.
- If `GITEA_TOKEN` is available locally, use it only for read-only Gitea API checks such as private repository metadata, package-read visibility, and Actions run status. Never print, commit, or store the token.
- After pushing commits that trigger a Gitea workflow, poll the workflow run until it succeeds. If it fails or is cancelled, inspect the failing job/logs, fix the issue when in scope, push again, and repeat the workflow check loop. Fixing and pushing a workflow failure is not a stopping point.
- Gitea Actions artifacts are not Gitea Package Registry packages. If the user expects a package/download entry, add or verify an explicit registry publish step and verify the package URL after the workflow succeeds.
- Keep Codex kit files in source control for agents, but exclude them from user-facing installer/package/release artifacts unless the user explicitly asks to ship repository-maintenance files.
## Commands
@@ -29,3 +33,5 @@ If local Node/Rust toolchains are unavailable, use the Gitea runner as the autho
- Connected Library supports public HTTPS raw manifest URLs only in v1.
- Keep private Git repository authentication out of Connected Library until token storage is designed.
- Document new external network calls in `docs/security-review.md`.
- Keep CI publishing secrets in repository or organization secrets. `REGISTRY_TOKEN` is the Gitea package publishing secret.
- Use URL-safe package filenames when publishing to a registry. Do not put raw artifact names with spaces or punctuation directly into upload URLs.