build(deps): Bump github/codeql-action from 3 to 4#3
Open
dependabot[bot] wants to merge 1 commit into
Open
Conversation
spektre-labs
pushed a commit
that referenced
this pull request
Apr 16, 2026
…ubagents, σ-triangulated convergence, disagreement abstention, automatic profile learning; Claude/GPT/Gemini/DeepSeek as σ-characterized subagents Scaffold-tier (C) + interpretive (I) integration. No network calls from src/v54/ (creation.md invariant #3); callers supply per-agent responses + σ, the scaffold encodes the orchestration policy and the aggregation / abstention logic. 14/14 deterministic, offline, embeddings-free self-test. Shipped surfaces - src/v54/proconductor.{c,h}: v54_subagent_t, v54_proconductor_t, registry + five hand-tuned reference profiles (claude, gpt, gemini, deepseek, local_bitnet) across 5 domains (logic/factual/creative/ code/meta). Profiles are illustrative, not measured. - src/v54/dispatch.{c,h}: keyword-heuristic classifier → v54_query_profile_t (primary+secondary domain, complexity, stakes); deterministic top-K selector with stakes-scaled K ∈ {1, 2, 4} and easy-query shortcut when σ_primary < 0.10; σ-weighted aggregator with five outcomes (CONSENSUS / SIGMA_WINNER / ABSTAIN_SIGMA / ABSTAIN_DISAGREE / EMPTY). - src/v54/disagreement.{c,h}: Jaccard-over-tokens similarity with outlier detection. Pluggable; a real runtime swaps in an embedding backend without touching the rest of the pipeline. - src/v54/learn_profiles.{c,h}: EWMA updater (α = 0.05) for per-domain σ + observed-accuracy; v54_learn_from_aggregation() attributes ground truth to the winner only (others get 'unknown'). - src/v54/creation_os_v54.c: --self-test (14/14) + --architecture banner. No network, no embeddings, no tokenizer — by design. Docs + positioning - docs/v54/ARCHITECTURE.md: full wire map (classify → select → caller dispatch → aggregate → learn), selection scoring formula, outcome table, reference profile table (marked illustrative). - docs/v54/POSITIONING.md: side-by-side vs MoA (ICLR '25), RouteLLM (ICLR '25), MoMA (2025), FrugalGPT, LLMRouterBench / RouterArena (2026), Bayesian Orchestration (Jan 2026), MoErging (2026). Three structural axes where v54 differs: σ-profile routing (not question-type routing), σ-weighted aggregation (exponential suppression with independent channels, not majority vote), explicit disagreement abstention (not tiebreaker). - docs/v54/paper_draft.md: 'σ-Proconductor: σ as the Missing Routing Signal for Multi-LLM Ensembles' (I-tier position paper). Testable prediction: σ-observing router strictly dominates σ-blind router on runaway_rate + high_confidence_wrong_rate. Benchmark arm on LLMRouterBench / RouterArena deferred to follow-up. Build + docs wiring - Makefile: standalone-v54 / test-v54 / check-v54; help + .PHONY updated. Not part of merge-gate; merge-gate stays clean (v6..v29, unchanged). - .gitignore: exclude creation_os_v54 binary. - README.md, CHANGELOG.md, docs/WHAT_IS_REAL.md, docs/DOC_INDEX.md, docs/SIGMA_FULL_STACK.md, CONTRIBUTING.md, scripts/generate_trust_report.sh: v54 row added; version range v31–v51 / v33–v51 → v31–v54 / v33–v54; tier tags applied consistently. - creation.md: last landed milestone bumped to v54; check-v54 added to live optional labs; v54 architecture / positioning / paper pointers linked. Honest scope (tier discipline) - M: make check-v54 (14/14) — orchestration policy is deterministic and measurable offline. - I: docs/v54/ARCHITECTURE.md, POSITIONING.md, paper_draft.md — structural argument; no router benchmark run in this commit. - P: live Claude / GPT / Gemini / DeepSeek ensemble with real billing, embedding similarity, and measured σ-profiles — requires HTTP client, embedding backend, billing layer, measured profile corpus (out of scope). K_eff = (1 − σ) · K. Also in the proconductor. Made-with: Cursor
spektre-labs
pushed a commit
that referenced
this pull request
Apr 18, 2026
- specs/constitution.toml: seed constitution with 7 axioms
(1=1, σ-honesty, no silent failure, no auth w/o measurement,
human primacy, resonance, no firmware), each carrying a
machine-checkable predicate name.
- src/v191/constitution.{h,c} + main.c: constitutional checker
over 24-sample fixture spanning every flaw type
(FIRMWARE / OVERCONFIDENT / UNLOGGED / UNMEASURED / BLOCKS /
SUPPRESSES_DISAGREEMENT / DECLARED_NE_REALIZED).
- each candidate output is ACCEPTED only when all 7 predicates
pass; otherwise REVISED (low σ) or ABSTAINED (σ > 0.5).
- every verdict appends an FNV-1a hashed record into an
append-only chain so axiom #3 (no silent failure) is itself
auditable; chain replay verifies byte-identically.
- anti-firmware: outputs that carry disclaimers σ doesn't
warrant are rejected (axiom #7).
- benchmarks/v191/check_v191_constitutional_check.sh:
* self-test PASSES
* 7 axioms + specs/constitution.toml match
* every FLAW_NONE output accepted with 7/7 axioms
* every flawed output rejected (not ACCEPT)
* ≥ 1 firmware rejection, ≥ 1 safe acceptance
* chain_valid == true
* byte-deterministic
- Makefile: check-v191-constitutional-check wired up
- v191.1 (named): SHA-256-signed constitution, live v148 +
v150 + v183 axiom-proposal pipeline with TLA+ consistency
check before merge.
Made-with: Cursor
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/github_actions/github/codeql-action-4
branch
from
April 20, 2026 21:03
87e88b2 to
442256b
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps github/codeql-action from 3 to 4.
Release notes
Sourced from github/codeql-action's releases.
... (truncated)
Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
43d8420Do not run Swift in debug artifacts after failure check76a687eMerge pull request #3804 from github/dependabot/npm_and_yarn/npm-minor-e84c60...751f3e2Bump eslint-plugin-jsdoc from 62.8.1 to 62.9.0 in the npm-minor group808513fUpdate language aliases teste452857Throw error early rather than warningb623f5fMerge pull request #3799 from github/mario-campos/test-multiple-registries