- Exclude test files from admin password detection
- Ignore obvious fallback passwords (admin123, test_*)
- Require minimum 8 character passwords to avoid catching trivial examples
- Focus on detecting actual production secrets rather than development/test values
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Install devDependencies (including sass) with --include=dev flag
- Add proper error handling for missing main branch files
- Skip bundle size analysis if no frontend changes detected
- Improve git diff logic for changed files detection
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add fallback logic when git diff fails due to no merge base between branches. This handles cases where the branch history has diverged significantly.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Updated secret detection to look for actual hardcoded tokens (pk./sk. patterns) rather than environment variable references. This prevents false positives when using process.env.MAPBOX_ACCESS_TOKEN correctly.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Prevents multiple workflow runs from the same PR/branch from running simultaneously, saving runner resources and providing faster feedback.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Replace -size +1M with du-based approach since BusyBox find doesn't support size suffixes.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Replace GNU grep --include/--exclude-dir options with find + xargs pattern for BusyBox grep compatibility on self-hosted runners.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Replace actions/setup-node with simple version checks to avoid "Text file busy" errors on self-hosted runners. This assumes Node.js is already installed on the runner.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Changed all workflow files from ubuntu-latest to self-hosted runners to match deployment environment requirements.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Workflow now updates deploy.sh with the actual S3 bucket name before uploading
- Add S3_BUCKET_NAME=none override option to README for local-only deployment
- Update README to show both ARM64 and x86_64 support
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
