ci(autoupdate): cron Sat 03:00 Tbilisi (Fri 23:00 UTC)

.github/workflows/autoupdate.yml

@@ -1,7 +1,7 @@
 name: Autoupdate
 on:
   schedule:
-    - cron: "0 6 * * 1"
+    - cron: "0 23 * * 5"
   workflow_dispatch:
   workflow_call:
 concurrency:
@@ -16,8 +16,10 @@ env:
   AUTOUPDATE_BRANCH: chore/autoupdate-${{ github.run_id }}
 jobs:
   update:
+    name: Autoupdate dependencies
     runs-on: ubuntu-latest
     timeout-minutes: 30
+
     steps:
       - name: Checkout repo
         uses: actions/checkout@v5
@@ -37,7 +39,8 @@ jobs:
         uses: actions/setup-node@v6
         with:
           node-version: 24
-      - name: Autoupdate
+
+      - name: Run autoupdater
         id: autoupdate
         continue-on-error: true
         uses: siarheidudko/autoupdater@v6
@@ -82,7 +85,7 @@ jobs:
         run: |
           gh label create autoupdate --color "0e8a16" --description "Automated dependency update PRs" --force || true
           gh label create needs-claude --color "d4c5f9" --description "Needs Claude GitHub App to fix" --force || true
-      - name: Check for diff vs main on remote branch
+      - name: Detect diff vs main
         id: diff
         if: always()
         run: |
@@ -141,8 +144,8 @@ jobs:
               npm run build
               npm run test:ts
 
-          See **Actions → Claude** for progress. The "PR checks" workflow will
-          re-run on each new commit to confirm a green state before merge.
+          Claude will leave a status comment on this PR when it finishes.
+          PR-checks will re-run on each new commit.
           EOF
           )
           PR_URL=$(gh pr create \
@@ -162,25 +165,13 @@ jobs:
         if: steps.pr_failure.outputs.pr_url != ''
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          PR_URL: ${{ steps.pr_failure.outputs.pr_url }}
           RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
         run: |
           gh workflow run claude.yml --ref main \
             -f branch="$AUTOUPDATE_BRANCH" \
+            -f pr_url="$PR_URL" \
             -f run_url="$RUN_URL"
-      - name: Post info comment on the failure PR
-        if: steps.pr_failure.outputs.pr_url != ''
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          PR_URL: ${{ steps.pr_failure.outputs.pr_url }}
-          RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
-        run: |
-          COMMENT=$(cat <<EOF
-          Claude has been dispatched to fix this PR. See [Actions → Claude](${{ github.server_url }}/${{ github.repository }}/actions/workflows/claude.yml) for progress.
-
-          Failing autoupdate run: $RUN_URL
-          EOF
-          )
-          gh pr comment "$PR_URL" --body "$COMMENT"
       - name: Add labels to PR
         if: steps.pr_success.outputs.pr_url != '' || steps.pr_failure.outputs.pr_url != ''
         env:

.github/workflows/claude.yml

@@ -14,6 +14,10 @@ on:
         description: "Branch Claude should operate on (used by autoupdate flow)"
         required: true
         type: string
+      pr_url:
+        description: "PR URL where Claude should post a status comment"
+        required: false
+        type: string
       run_url:
         description: "URL of the failing autoupdate run, included in the prompt for context"
         required: false
@@ -23,6 +27,7 @@ concurrency:
   cancel-in-progress: false
 jobs:
   claude:
+    name: Run Claude
     if: |
       github.event_name == 'workflow_dispatch' ||
       (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
@@ -48,32 +53,49 @@ jobs:
         id: prep
         env:
           BRANCH: ${{ github.event.inputs.branch }}
+          PR_URL: ${{ github.event.inputs.pr_url }}
           RUN_URL: ${{ github.event.inputs.run_url }}
         run: |
           {
             echo 'prompt<<PROMPT_EOF'
             cat <<EOF
           The dependency autoupdater failed on branch \`$BRANCH\` (run: $RUN_URL).
+          PR: $PR_URL
 
-          Push commits to this branch until ALL THREE of the following exit
-          with code 0 in your local working tree, observed via the Bash tool —
+          Run these commands and observe their exit codes via the Bash tool —
           not inferred:
 
               npm run lint
               npm run build
               npm run test:ts
 
           Hard rules:
-          - Run those three commands yourself before every push. Do not push
+          - Run those commands yourself before every push. Do not push
             if any of them is red.
           - If \`npm install\` or \`npm ci\` is needed, run it first with
             \`--no-audit --no-fund\` and confirm exit 0.
           - Limit edits to compatibility shims (types, renamed exports,
             breaking-change adjustments, eslint-config tweaks for new rule
             defaults). Do NOT change product logic.
           - Do NOT bump the package version.
-          - When all three are green, push and stop. CI's \`PR checks\`
-            workflow will re-verify on the PR.
+          - When all commands are green, push commits with your fixes
+            (if any). \`pr-checks\` will re-run automatically on each push.
+
+          ## MANDATORY final step
+
+          When you are done — whether you pushed fixes or determined no
+          changes were needed — you MUST post a status comment on the PR.
+          Run the following with the Bash tool:
+
+              gh pr comment "$PR_URL" --body "<your status summary>"
+
+          The comment must state plainly:
+          - Which command(s) failed initially (or "all green on first run").
+          - What changes you made (or "no fix needed").
+          - Whether you pushed any commits, and the SHA(s) if so.
+
+          Do NOT exit without posting this comment. The maintainer relies
+          on it to know what happened without reading the action log.
 
           See CLAUDE.md in the repo root for the full project conventions.
           EOF
@@ -86,4 +108,4 @@ jobs:
           allowed_bots: "*"
           prompt: ${{ steps.prep.outputs.prompt }}
           claude_args: |
-            --allowedTools "Edit,Write,MultiEdit,Bash(git:*),Bash(npm:*),Bash(npx:*),Bash(node:*),Bash(rm:*),Bash(mkdir:*),Bash(cat:*),Bash(ls:*),Bash(echo:*),Bash(grep:*),Bash(find:*),Bash(sed:*),Bash(awk:*),Bash(head:*),Bash(tail:*),Bash(diff:*),Bash(mv:*),Bash(cp:*),Bash(touch:*)"
+            --allowedTools "Edit,Write,MultiEdit,Bash(git:*),Bash(gh:*),Bash(npm:*),Bash(npx:*),Bash(node:*),Bash(rm:*),Bash(mkdir:*),Bash(cat:*),Bash(ls:*),Bash(echo:*),Bash(grep:*),Bash(find:*),Bash(sed:*),Bash(awk:*),Bash(head:*),Bash(tail:*),Bash(diff:*),Bash(mv:*),Bash(cp:*),Bash(touch:*)"

.github/workflows/pr-checks.yml

@@ -1,8 +1,7 @@
 name: PR checks
 on:
   pull_request:
-    branches:
-      - main
+    branches: [main]
   workflow_dispatch:
 concurrency:
   group: "${{ github.workflow }} @ ${{ github.ref }}"
@@ -11,6 +10,7 @@ permissions:
   contents: read
 jobs:
   build:
+    name: Build
     runs-on: ubuntu-latest
     timeout-minutes: 5
     env:
@@ -24,40 +24,36 @@ jobs:
           node-version: ${{ env.NODE_VERSION }}
       - name: Cache node modules
         uses: actions/cache@v4
-        env:
-          cache-name: cache-node-modules
         with:
           path: ~/.npm
-          key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
+          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
           restore-keys: |
-            ${{ runner.os }}-build-${{ env.cache-name }}-
-            ${{ runner.os }}-build-
-            ${{ runner.os }}-
+            ${{ runner.os }}-node-
       - name: Install dependencies
         run: npm ci
-      - name: Install builder
-        run: sudo npm install typescript tslint -g
       - name: Run linter
         run: npm run lint
       - name: Run builder
         run: npm run build
-      - name: Archiving dist directory
+      - name: Archive build artifact
         uses: actions/upload-artifact@v4
         with:
           name: dist
           path: ${{ github.workspace }}/dist
   test:
+    name: Test (Node ${{ matrix.node-version }})
     runs-on: ubuntu-latest
     timeout-minutes: 15
     needs: build
     strategy:
       matrix:
         node-version: [20, 22, 24]
+
     steps:
       - name: Checkout repo
         uses: actions/checkout@v5
-      - name: Unarchiving dist directory
-        uses: actions/download-artifact@v5
+      - name: Download build artifact
+        uses: actions/download-artifact@v4
         with:
           name: dist
           path: ${{ github.workspace }}/dist
@@ -67,19 +63,16 @@ jobs:
           node-version: ${{ matrix.node-version }}
       - name: Cache node modules
         uses: actions/cache@v4
-        env:
-          cache-name: cache-node-modules
         with:
           path: ~/.npm
-          key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
+          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
           restore-keys: |
-            ${{ runner.os }}-build-${{ env.cache-name }}-
-            ${{ runner.os }}-build-
-            ${{ runner.os }}-
+            ${{ runner.os }}-node-
       - name: Install dependencies
         run: npm ci
+
       - name: Run test
         run: npm run cov
-      - name: Run test sql
+      - name: Run SQL test
         if: ${{ matrix.node-version >= 22 }}
         run: npm run test:sql

.github/workflows/release-on-version-bump.yml

@@ -1,8 +1,7 @@
 name: Release on version bump
 on:
   push:
-    branches:
-      - main
+    branches: [main]
 concurrency:
   group: "${{ github.workflow }} @ ${{ github.ref }}"
   cancel-in-progress: false
@@ -13,6 +12,7 @@ env:
   RELEASE_WORKFLOW: build-and-deploy.yml
 jobs:
   release:
+    name: Release on version bump
     runs-on: ubuntu-latest
     timeout-minutes: 5
     steps: