Skip to content

docs(sync-security-issue): codify "rollup is default; standalone comments only for RM"#19

Merged
potiuk merged 1 commit into
mainfrom
sync-rollup-comment-policy
May 1, 2026
Merged

docs(sync-security-issue): codify "rollup is default; standalone comments only for RM"#19
potiuk merged 1 commit into
mainfrom
sync-rollup-comment-policy

Conversation

@potiuk

@potiuk potiuk commented May 1, 2026

Copy link
Copy Markdown
Member

Summary

  • The sync-security-issue skill already lists two release-manager-directed standalone comments (hand-off at Step 12, publication-ready at Step 14) as exceptions to the rollup model, but never states the closed-list rule itself.
  • Add a principle paragraph at the top of Step 2b's comment-policy section so the two RM-comment bullets read as the exhaustive exception list — not just two examples among others.
  • No behavioural change for the existing two comments; just makes "default to rollup; standalone is RM-only" load-bearing for any future contributor or sync run.

Test plan

  • Re-read Step 2b in the rendered SKILL.md — the new paragraph slots between the rollup-comment principle and the "Entry shape for a sync pass" subsection.
  • Verify the two existing RM-comment bullets (hand-off, publication-ready) still parse as the natural realisations of the new rule.

🤖 Generated with Claude Code

…ents only for RM"

The skill already documented two release-manager-directed
standalone comments (hand-off at Step 12, publication-ready at
Step 14) as exceptions to the rollup model, but did not state the
closed-list rule itself: that those two are the *only* allowed
standalone comments and everything else goes into the rollup.
Add a principle paragraph at the top of Step 2b's comment-policy
section so the two RM-comment bullets that follow read as the
exhaustive exception list, not just two examples among others.

Reason: separate comments on the tracker read as direct asks to
the release manager; mixing routine sync bookkeeping (label
swaps, milestone moves, fix-PR links, etc.) into standalone
comments dilutes the RM's signal. The rollup keeps housekeeping
in one collapsible block; standalone comments stay reserved for
"RM: do this".

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@potiuk potiuk merged commit 4dffd62 into main May 1, 2026
5 checks passed
@potiuk potiuk deleted the sync-rollup-comment-policy branch May 1, 2026 07:30
@andreahlert andreahlert added the mode:Triage Agentic Triage — spot, classify, route, surface duplicates label May 7, 2026
potiuk pushed a commit to justinmclean/airflow-steward that referenced this pull request Jul 3, 2026
…SOFT advisory)

contract:mail-source and contract:mail-archive adapter READMEs must
declare that fetched mail content is external data (not instructions)
and mention the prompt-injection risk in embedded mail content. Both
are SOFT advisories.

Co-authored-by: Justin McLean <justin@classsoftware.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

mode:Triage Agentic Triage — spot, classify, route, surface duplicates

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants