chore: public-readiness cleanup (gitignore internal docs, refresh README, v3)#6
Conversation
…DME, v3) - Untrack CLAUDE.md and GRADES.md via .gitignore (kept locally, not published) — these are internal SDLC docs and a stale audit; not for customer eyes. - Delete run.sh — dead legacy Go-binary downloader, not referenced by action.yml. - Refresh README: highlight v3 features (secret masking, streaming upload, retries, real test suite), add "Upgrading from v2" guide for customers migrating from buildpulse/buildpulse-action@v2. - Bump package.json: name buildpulse-action → test-reporter-action, version 2.0.0 → 3.0.0 to align with the marketplace tag. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
buildpulse-agent
Bot
added
the
agent-review-pending
loera140
left a comment
loera140
left a comment
There was a problem hiding this comment.
Agent code review
Walkthrough
Public-readiness cleanup for the marketplace repo: gitignores and removes internal-only docs (CLAUDE.md, GRADES.md), deletes the unreferenced legacy run.sh Go-binary downloader, refreshes README.md with a Quick Start / What's New in v3 / Upgrading From v2 narrative, and aligns package.json name+version with the published v3 marketplace tag (buildpulse-action@2.0.0 → test-reporter-action@3.0.0). No source code under src/, no action.yml, and no dist/ changes — purely docs and metadata.
Findings
- No issues found. Spot-checked that
run.shwas not referenced fromaction.yml(entrypoint isdist/index.js,using: node20),LICENSEexists for the README link, and the new README claims (secret masking, streaming upload, retries, HTTPS enforcement, real test suite) are framed as already-shipped — they match the PR description's references to prior PRs #1/#2/#5 rather than introducing new behavior in this diff.
Verdict
APPROVE. Docs/cleanup-only PR with no behavioral risk to customers. The package.json name change is cosmetic (GitHub Actions resolves the action by the uses: slug, not the name field), and removing unreferenced files (run.sh, internal .mds) cannot break the published action. Adding CLAUDE.md/GRADES.md to .gitignore is appropriate so they do not get re-committed.
Confidence
HIGH — read every changed file plus action.yml and the repo root listing; the /tmp/review-diff.patch and /tmp/changed-lines.tsv files arrived empty so all diff inspection was done against the GitHub API directly.
loera140
added
agent-reviewed
1 participant
Summary
Make the public marketplace repo presentable to non-BuildPulse customers browsing the action.
Untrack internal-only docs:
CLAUDE.mdwas documenting the whole 9-repo monorepo architecture (DocumentDB migration date, internal Lambda names, AWS region rules). Not for customers — gitignored, kept locally for development.GRADES.mdwas a self-deprecating audit dated 2026-05-09 grading the action "D+" and listing issues like "no tests at all", "secrets not masked", "10 npm vulnerabilities". Most of those have been fixed since (PRs fix: secret masking, upload retries, HTTPS enforcement, drop fast-xml-parser #1, test+fix: bootstrap Jest, accept http://[::1] loopback, rebuild dist #2, upload: stream archive to S3 instead of buffering (L20) #5), but the audit text remained — a confusing first impression for customers. Gitignored.Delete dead code:
run.sh(legacy Go-binary downloader) was already unreferenced fromaction.ymland called out as dead code inGRADES.md.Refresh README:
uses:diff for customers onbuildpulse/buildpulse-action@v2.npm test(which now actually works) and the dist-rebuild contract.Version alignment:
package.jsonwas"buildpulse-action" 2.0.0while the marketplace tag isv3. Renamed totest-reporter-actionand bumped to3.0.0.Test plan
npm test— 31/31 passingnpm run build— dist/ byte-identical to committed (build is reproducible)git status— no untracked sensitive files left🤖 Generated with Claude Code