Exclude kit metadata from release artifacts
This commit is contained in:
MrSphay
@@ -27,6 +27,7 @@ PROJECT_NAME: PROJECT_DESCRIPTION
|
||||
- Repository cleanup automation must be non-destructive. Do not delete branches, packages, releases, or tracked files without explicit user approval.
|
||||
- Dependency, compliance, and release dry-run automation must report findings only. Do not auto-update dependencies, auto-open PRs, create tags, publish packages, or create releases without explicit user approval.
|
||||
- Gitea Actions artifacts are not Gitea Package Registry packages. If the user expects a package/download entry, add an explicit registry publish step and verify the package URL after the workflow succeeds.
|
||||
- Keep Codex kit files in source control when they are useful for agents, but exclude them from user-facing release, package, installer, archive, and GitHub/Gitea upload artifacts unless the user explicitly asks to ship repository-maintenance files.
|
||||
|
||||
## Commands
|
||||
|
||||
@@ -69,6 +70,7 @@ ARTIFACT_NAME
|
||||
- Prefer local processing for user data.
|
||||
- Keep CI publishing secrets in repository or organization secrets, not in tracked files. `REGISTRY_TOKEN` is the default package publishing secret name for the Gitea workflow template.
|
||||
- Use URL-safe package filenames when publishing to a registry. Do not put raw artifact names with spaces or punctuation directly into upload URLs.
|
||||
- Do not include Codex kit metadata such as `AGENTS.md`, `.codex/`, `blueprint.md`, `blueprint.json`, template workflow files, or agent handoff notes in downloadable release artifacts unless explicitly requested.
|
||||
- Ensure `.gitignore` covers local config, build outputs, logs, temporary files, and secret material for the detected stack.
|
||||
|
||||
## Finish Checklist
|
||||
|
||||
Reference in New Issue
Block a user