Skip to content

ci: add fallow audit job (PR-scoped, new-only gate)#942

Merged
jrusso1020 merged 1 commit into
mainfrom
05-18-ci_add_fallow_audit_job_pr-scoped_new-only_gate_
May 19, 2026
Merged

ci: add fallow audit job (PR-scoped, new-only gate)#942
jrusso1020 merged 1 commit into
mainfrom
05-18-ci_add_fallow_audit_job_pr-scoped_new-only_gate_

Conversation

@jrusso1020
Copy link
Copy Markdown
Collaborator

@jrusso1020 jrusso1020 commented May 18, 2026
edited
Loading

What

Adds a Fallow audit job to CI that runs on PRs and fails when new dead-code, complexity, or duplication issues are introduced into the changed files.

Why

After #938 landed a fallow config + the first round of cleanup, the codebase still has ~276 inherited dead-code findings, ~482 clone groups, and ~680 functions above complexity thresholds. Fixing those is a multi-PR effort. Until then, we want to stop bleeding: prevent new debt from sneaking in via PRs.

How

fallow audit --base origin/main --fail-on-issues uses the default --gate new-only, which compares the PR's findings against the base-snapshot and only counts findings introduced by the changeset. Inherited findings still appear in the log for visibility but don't fail the build.

Behavior verified locally:

  • Clean PR (no findings) → exit 0, "✓ No issues in N changed files"
  • PR introduces a new unused file → exit 1, "✗ 1 file"
  • PR only touches a file with existing complexity finding (no new finding) → exit 0, "audit gate excluded 1 inherited finding"

Pinned to fallow@2.75.0 — the same version that produced the current .fallowrc.jsonc. Bumps will land via deliberate PRs, not transitive latest shifts.

The job runs only on PRs (github.event_name == 'pull_request') since audit needs a base to diff against, and is gated behind the existing Detect changes job so docs-only PRs skip it.

Test plan

  • YAML parses (python3 -c 'import yaml; yaml.safe_load(...)')
  • Audit exits 0 on clean diff
  • Audit exits 1 when a new unused file is introduced
  • Audit exits 0 when only touching a file with legacy complexity findings (inherited-finding exclusion confirmed)
  • Verify in CI on this PR — should exit 0 since this PR only adds workflow YAML

Follow-ups

  • Auto-fix existing exportsfallow fix --auto-fixable covers the bulk of the 228 unused-export findings; stacked PR will land next
  • Producer renderOrchestrator hub cycle — 8 circular deps converging on one orchestrator; a real refactor PR
  • Per-PR comment — once we trust the signal, can add --format pr-comment-github for inline review comments

@jrusso1020 Graphite App
Copy link
Copy Markdown
Collaborator Author

jrusso1020 commented May 18, 2026
edited
Loading

This stack of pull requests is managed by Graphite. Learn more about stacking.

@jrusso1020 jrusso1020 mentioned this pull request May 18, 2026
Merged
5 tasks
@jrusso1020 jrusso1020 merged commit 3eec777 into main May 19, 2026
42 of 51 checks passed
@jrusso1020 jrusso1020 deleted the 05-18-ci_add_fallow_audit_job_pr-scoped_new-only_gate_ branch May 19, 2026 00:46
This was referenced May 19, 2026
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@miguel-heygen miguel-heygen miguel-heygen approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jrusso1020 @miguel-heygen