Skip to content

fix: update wsc repo URL and add release process rules #24

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
avrabe merged 1 commit into from
Jan 2, 2026
Merged

fix: update wsc repo URL and add release process rules #24

avrabe merged 1 commit into from
Jan 2, 2026

Conversation

@avrabe
Copy link
Contributor

@avrabe avrabe commented Jan 2, 2026

Summary

Fixes the wasm-signing workflow and establishes mandatory release process rules for this security-critical tool.

Changes

  1. Fix wasm-signing.yml: Update repo URL from aspect-build/wsc to pulseengine/wsc
  2. Add CLAUDE.md: Mandatory security-critical release process rules

Why This Matters

wsc is a cryptographic signing tool. The previous release (v0.4.0) was created before CI completed, and the signing workflow failed because it referenced a non-existent repository. This should never happen for a security tool.

New Release Process Rules

From CLAUDE.md:

  • All changes must go through PR
  • CI must pass completely before merge
  • Watch the full CI run - do not assume it passes
  • Sign & Verify workflow must succeed
  • Never push tags before PR is merged and CI passes

Test plan

  • All CI jobs pass
  • Sign WASM Module workflow succeeds
  • Signed artifact can be downloaded and verified

@avrabe
fix: update wsc repo URL and add release process rules
1df2632 
- Fix wasm-signing.yml to use pulseengine/wsc instead of aspect-build/wsc
- Add CLAUDE.md with mandatory security-critical release process rules

This is a cryptographic security tool - releases must:
1. Go through PR with full CI verification
2. Have signing workflow demonstrate end-to-end functionality
3. Never be created without watching CI complete
@avrabe avrabe merged commit 21155c0 into main Jan 2, 2026
8 checks passed
@avrabe avrabe deleted the fix/release-workflow-and-process branch January 2, 2026 12:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@avrabe