ci(ndycode-codex-multi-auth): refresh HOL workflow action refs

[internet-dot]

This refreshes the pinned HOL workflow action refs already present in the repo.

Updated workflow refs:

• the scanner workflow file: HOL ai-plugin-scanner action pin -> HOL ai-plugin-scanner action pin

It only updates the existing workflow action pin(s), does not change runtime code, and does not add secrets or publish behavior.

note: greptile review for oc-chatgpt-multi-auth. cite files like lib/foo.ts:123. confirm regression tests + windows concurrency/token redaction coverage.

Greptile Summary

pins both occurrences of HOL ai-plugin-scanner action to a new SHA (df9c8a41), replacing the old b45d6b58 pin. no runtime code, secrets, or permission changes — purely a ci action ref refresh.

Confidence Score: 5/5

safe to merge — minimal, well-scoped sha bump with no logic changes

only change is updating two identical action ref SHAs; both jobs updated consistently, permissions remain contents: read, windows-latest matrix is preserved, and the concurrency cancel-in-progress guard is untouched. no p0/p1 findings.

no files require special attention

Important Files Changed

Filename	Overview
the scanner workflow file	two-line SHA bump for HOL ai-plugin-scanner action (both scan and scan-regression jobs updated consistently); no logic, secret, or permission changes

Sequence Diagram

sequenceDiagram
    participant GH as GitHub Actions
    participant CO as actions/checkout@34e114
    participant SC as `HOL ai-plugin-scanner action @df9c8a41`

    GH->>CO: checkout repo
    CO-->>GH: workspace ready
    GH->>SC: scan(plugin_dir, min_score=70)
    SC-->>GH: scan result (pass/fail)

Loading

_{Reviews (1): Last reviewed commit: "ci: refresh HOL workflow action refs" | Re-trigger Greptile}

[chatgpt-codex-connector]

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

[coderabbitai]

📝 Walkthrough

Walkthrough

bumped the pinned github action reference for the codex plugin scanner workflow from commit b45d6b583afe05819b24edc8e6418c9ad2e1f1d0 to df9c8a41eefff30cc430344c2a32c7a96bf37645 on both the main and regression steps. no structural or input changes.

Changes

Cohort / File(s)	Summary
Workflow Action Pin Update .github/workflows/codex-plugin-scanner.yml	bumped codex plugin scanner action from b45d6b5... to df9c8a4... on both Codex plugin scanner and Codex plugin scanner regression steps. preserved v1 tag and all with inputs.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

---

note: what changed between those two commits isn't called out here. would be helpful to see the commit message or diff to understand what the scanner action fixed or improved. no regression test gaps since this is external action versioning, but keep an eye on ci results if the scanner starts producing different output.

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	title uses correct conventional commit format (ci: summary) and stays within 72 character limit (62 chars), but scope 'ndycode-codex-multi-auth' doesn't match the actual changeset scope which is the codex-plugin-scanner workflow.	update title to 'ci(codex-plugin-scanner): refresh HOL workflow action refs' to accurately reflect the specific workflow file being modified.
Description check	⚠️ Warning	the pr description lacks the required template structure. missing summary, validation checklist, docs and governance checklist, risk/rollback assessment, and proper what changed section.	fill out the standard template: add clear summary section, detailed what changed breakdown, complete validation checklist (npm lint/typecheck/test/build), docs checklist, risk level assessment, and rollback plan.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

✨ Simplify code

• Create PR with simplified code

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/codex-plugin-scanner.yml:
- Line 27: The workflow pins the GitHub Action to a non-existent commit hash
(uses:
hashgraph-online/hol-codex-plugin-scanner-action@df9c8a41eefff30cc430344c2a32c7a96bf37645)
causing both the main scan job and the regression scan job to fail to fetch the
action; fix it by verifying the commit exists in the
hashgraph-online/hol-codex-plugin-scanner-action repo and replacing the invalid
commit with a valid commit hash or, preferably, a stable release tag (or update
both occurrences where that same pin is used) so the action can be fetched
successfully.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 4e5586f0-e817-4848-aa89-07dcaf5a492b

📥 Commits

Reviewing files that changed from the base of the PR and between f28c079 and 1e97063.

📒 Files selected for processing (1)

• .github/workflows/codex-plugin-scanner.yml