diff --git a/.claude/triage-state.json b/.claude/triage-state.json index af7517d..c00cc0c 100644 --- a/.claude/triage-state.json +++ b/.claude/triage-state.json @@ -1,6 +1,6 @@ { - "last_run": "2026-05-26T05:18:00Z", - "last_commit": "5083c52b64190381eadbb9f0c13b42e52c358a5a", + "last_run": "2026-05-26T05:45:00Z", + "last_commit": "81f8735d167b597ed7a7a88cc7f89ba0b440b07d", "actions": [ { "issue": 4, @@ -19,6 +19,12 @@ "action": "B", "timestamp": "2026-05-26T05:18:00Z", "summary": "User-directed override of 48h skip. Applied priority: high label (kept bug, security). Posted follow-up to existing triage comment with two new points: README.md:63 and src/rules.ts:46 themselves ship the vulnerable policy; proposed base-uri regex rejects valid multi-source restrictions (design choice to surface)." + }, + { + "issue": 18, + "action": "A", + "timestamp": "2026-05-26T05:45:00Z", + "summary": "Confirmed no-referrer-when-downgrade in strongValues at src/rules.ts:113 and locked in by test/analyzer.test.ts:245-248; posted fix path (remove from strongValues, update test to expect score:5/warning)." } ], "skipped": [ @@ -26,6 +32,26 @@ "issue": 5, "reason": "recently commented (substantive triage comment from BodenMcHale at 2026-05-26T00:35:18Z, ~4h ago, well within 48h skip window)", "timestamp": "2026-05-26T04:45:00Z" + }, + { + "issue": 17, + "reason": "lower priority than #18; #18 selected as top candidate (also security bug, 0 comments vs 1)", + "timestamp": "2026-05-26T05:45:00Z" + }, + { + "issue": 16, + "reason": "lower priority than #18; #18 selected as top candidate", + "timestamp": "2026-05-26T05:45:00Z" + }, + { + "issue": 8, + "reason": "lower priority than #18; #18 selected as top candidate", + "timestamp": "2026-05-26T05:45:00Z" + }, + { + "issue": 15, + "reason": "correctness bug (Priority 2) ranked below #18 security bug (Priority 1)", + "timestamp": "2026-05-26T05:45:00Z" } ] }