chore: bump max-sixty/tend from 0.1.4 to 0.1.6

[dependabot]

Bumps max-sixty/tend from 0.1.4 to 0.1.6.

Release notes

Sourced from max-sixty/tend's releases.

0.1.6

Improved

• The default claude harness runs the official binary headless behind the credential proxy. The root action.yaml was rewritten to run claude -p as a non-sudo tend-sandbox user behind the same credential-injecting mitmproxy the interactive harness uses, replacing the anthropics/claude-code-action@v1 wrapper that handed the bot PAT and the Anthropic credential to the agent directly. Both credentials now live only in the proxy and never enter the agent's environment or disk; completion is the claude -p exit code. The action gains claude_version, timeout_seconds, and mitmproxy_version inputs and drops the unused claude-code-action passthroughs. (#704)

Internal

• Bundled skills replace guidance duplicated from running-in-ci — triage's recheck-before-posting and review-runs' read-only-mount workaround — with references to the canonical sections. (#703)
• The claude-smoke workflow that exercises the headless harness end-to-end becomes workflow_dispatch-only, matching interactive-smoke. (#706)

0.1.5

Improved

• Interactive harness isolates both credentials behind the proxy. Phase 2 extends the credential-injecting proxy to the Anthropic model credential, so the sandboxed agent holds only dummies for both the GitHub PAT and the model token while the runner-owned proxy injects the real values per host. The agent toolchain now installs directly as the non-sudo sandbox user (dropping a ~200 MB per-run copy), and the proxy also injects the PAT for raw.githubusercontent.com. (#686, #683, #684)
• install-tend isolates each bot's auth in a per-bot GH_CONFIG_DIR. Bot credentials live in a dedicated ~/.config/gh-bots/<bot-name> dir selected per command and stored outside the OS keychain, removing the gh auth switch choreography that could strand a bot as the active account and 403 a maintainer's pushes. (#688)
• Interactive harness updated to claude-code 2.1.179. The pinned claude binary resolves --model opus to Opus 4.8. (#697)

Internal

• Bundled skill refinements: nightly skips stamp-only workflow-regen PRs and scopes "Notable changes" to adopter-relevant entries, review-reviewers keeps an audit trail on empty-window cycles, and over-prescriptive guidance is reframed as examples and open frames. (#693, #692, #689, #690, #675)
• tend-repo maintenance: a weekly task keeps the pinned agent binaries current, integration-fixture secrets reseed outside the sandbox, and the secret env-gating rejection analysis is recorded alongside a CLAUDE.md restructure. (#696, #685, #687)

Changelog

Sourced from max-sixty/tend's changelog.

0.1.6

Improved

• The default claude harness runs the official binary headless behind the credential proxy. The root action.yaml was rewritten to run claude -p as a non-sudo tend-sandbox user behind the same credential-injecting mitmproxy the interactive harness uses, replacing the anthropics/claude-code-action@v1 wrapper that handed the bot PAT and the Anthropic credential to the agent directly. Both credentials now live only in the proxy and never enter the agent's environment or disk; completion is the claude -p exit code. The action gains claude_version, timeout_seconds, and mitmproxy_version inputs and drops the unused claude-code-action passthroughs. (#704)

Internal

• Bundled skills replace guidance duplicated from running-in-ci — triage's recheck-before-posting and review-runs' read-only-mount workaround — with references to the canonical sections. (#703)
• The claude-smoke workflow that exercises the headless harness end-to-end becomes workflow_dispatch-only, matching interactive-smoke. (#706)

0.1.5

Improved

• Interactive harness isolates both credentials behind the proxy. Phase 2 extends the credential-injecting proxy to the Anthropic model credential, so the sandboxed agent holds only dummies for both the GitHub PAT and the model token while the runner-owned proxy injects the real values per host. The agent toolchain now installs directly as the non-sudo sandbox user (dropping a ~200 MB per-run copy), and the proxy also injects the PAT for raw.githubusercontent.com. (#686, #683, #684)
• install-tend isolates each bot's auth in a per-bot GH_CONFIG_DIR. Bot credentials live in a dedicated ~/.config/gh-bots/<bot-name> dir selected per command and stored outside the OS keychain, removing the gh auth switch choreography that could strand a bot as the active account and 403 a maintainer's pushes. (#688)
• Interactive harness updated to claude-code 2.1.179. The pinned claude binary resolves --model opus to Opus 4.8. (#697)

Internal

• Bundled skill refinements: nightly skips stamp-only workflow-regen PRs and scopes "Notable changes" to adopter-relevant entries, review-reviewers keeps an audit trail on empty-window cycles, and over-prescriptive guidance is reframed as examples and open frames. (#693, #692, #689, #690, #675)
• tend-repo maintenance: a weekly task keeps the pinned agent binaries current, integration-fixture secrets reseed outside the sandbox, and the secret env-gating rejection analysis is recorded alongside a CLAUDE.md restructure. (#696, #685, #687)

Commits

• 2025896 chore: release 0.1.6 (#708)
• 072da59 Make claude-smoke dispatch-only (#706)
• 5ead5a4 Run the default claude harness headless behind the credential proxy (#704)
• 90aa9bc skills: replace duplicated guidance with running-in-ci references (#703)
• cb1981f chore(review-reviewers): bump action pin to interactive@0.1.5 (#702)
• a9d39d9 chore: regenerate workflows with tend 0.1.5 (#701)
• 9bf2c29 chore: release 0.1.5 (#699)
• eabebc7 chore: roll back to the default claude harness; demote claude-interactive (#698)
• b1fb1db skills: a pushed fix waits for and owns its CI (#700)
• 838b10f interactive: bump pinned claude_version to 2.1.179 (#697)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Looks like max-sixty/tend is up-to-date now, so this is no longer needed.