Commit 6287d6f677f5
Changed files (6)
dots
config
claude
skills
CORE
GoogleWorkspace
scripts
QuarterlyReport
dots/config/claude/skills/CORE/history-system.md
@@ -74,26 +74,32 @@ Note: Tool-specific data (like tool-outputs JSONL) stays under tool config:
### Session Entry
```markdown
-# Session: <Description>
+# <Description>
**Date:** YYYY-MM-DD
-**Tool:** claude
+**Tool:** claude-code (or pi)
**Project:** org/repo or ~/path (REQUIRED — infer from cwd, git remote, or context)
**Directory:** /path/to/working/directory
-**Host:** hostname
## Summary
Brief description of what was accomplished.
## What Was Accomplished
-- Task 1
-- Task 2
-## Files Changed
-- `path/to/file.nix` - Description of change
+### 1. First thing done
+Description and details.
-## Outcome
-Result of the session.
+### 2. Second thing done
+Description and details.
+
+## Changes Made
+- **Modified** `path/to/file.ext` — description of change
+- **Added** `path/to/new-file.ext` — what it does
+- **Removed** `path/to/old-file.ext` — why
+
+## Learnings
+- Key insight 1
+- Key insight 2
```
**IMPORTANT metadata rules:**
@@ -105,25 +111,22 @@ Result of the session.
### Learning Entry
```markdown
-# Learning: <Description>
+# <Description>
-**Date:** YYYY-MM-DD
-**Tool:** claude
**Project:** org/repo or ~/path (when applicable)
-**Context:** What problem was being solved
+**Date:** YYYY-MM-DD
## The Problem
Clear description of the issue.
-## Solution
-How it was resolved.
+## The Fix
+How it was resolved (with code snippets, commands, config changes).
-## Key Insights
-- Insight 1
-- Insight 2
+## Key Details
+Tables, gotchas, and technical specifics.
-## Prevention
-How to avoid this in the future.
+## Why This Matters
+Impact and how to avoid in the future.
```
### Research Entry
dots/config/claude/skills/GoogleWorkspace/scripts/common.js
@@ -214,13 +214,34 @@ async function interactiveLogin(scopes) {
return authClient;
}
+async function authorizeWithADC(scopes) {
+ const google = getGoogleApis();
+ try {
+ const auth = new google.auth.GoogleAuth({ scopes });
+ const client = await auth.getClient();
+ // Verify the client works by fetching a token
+ await client.getAccessToken();
+ return client;
+ } catch {
+ return null;
+ }
+}
+
export async function authorize(options = {}) {
const scopes = options.scopes || DEFAULT_SCOPES;
const interactive = options.interactive !== false;
- ensureConfigDir();
loadRuntimeDeps();
+ // Try Application Default Credentials first (from gcloud)
+ const adcClient = await authorizeWithADC(scopes);
+ if (adcClient) {
+ return adcClient;
+ }
+
+ // Fall back to custom OAuth client with stored token
+ ensureConfigDir();
+
const token = loadToken();
const client = createOAuthClientFromCredentials(loadCredentialsFile());
dots/config/claude/skills/QuarterlyReport/reference/Template.html
@@ -0,0 +1,854 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta charset="UTF-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+ <title>Q1 2026 Achievements — Vincent Demeester</title>
+ <style>
+ :root {
+ --red: #cc0000;
+ --bg: #f7f7f7;
+ --card: #ffffff;
+ --text: #222;
+ --muted: #666;
+ --border: #e0e0e0;
+ --accent: #fef2f2;
+ --green: #16a34a;
+ --blue: #1d4ed8;
+ --amber: #d97706;
+ --purple: #7c3aed;
+ --teal: #0d9488;
+ --indigo: #4338ca;
+ }
+ * { box-sizing: border-box; margin: 0; padding: 0; }
+ body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; background: var(--bg); color: var(--text); line-height: 1.6; }
+
+ /* HERO */
+ .hero {
+ background: linear-gradient(135deg, #1e3a5f 0%, #0f2640 50%, #070f1a 100%);
+ color: white; padding: 56px 48px 48px; position: relative; overflow: hidden;
+ }
+ .hero::before {
+ content: ''; position: absolute; inset: 0;
+ background: url("data:image/svg+xml,%3Csvg width='60' height='60' viewBox='0 0 60 60' xmlns='http://www.w3.org/2000/svg'%3E%3Cg fill='none'%3E%3Cg fill='%23ffffff' fill-opacity='0.04'%3E%3Cpath d='M36 34v-4h-2v4h-4v2h4v4h2v-4h4v-2h-4zm0-30V0h-2v4h-4v2h4v4h2V6h4V4h-4z'/%3E%3C/g%3E%3C/g%3E%3C/svg%3E");
+ }
+ .hero-inner { position: relative; max-width: 960px; margin: 0 auto; }
+ .hero-badge {
+ display: inline-block; background: rgba(255,255,255,0.12); border: 1px solid rgba(255,255,255,0.25);
+ border-radius: 20px; padding: 4px 14px; font-size: 0.78rem; font-weight: 600;
+ letter-spacing: 0.08em; text-transform: uppercase; margin-bottom: 16px;
+ }
+ .hero h1 { font-size: 2.6rem; font-weight: 700; letter-spacing: -0.02em; margin-bottom: 8px; }
+ .hero h1 span { opacity: 0.6; font-weight: 400; }
+ .hero-sub { font-size: 1.05rem; opacity: 0.85; margin-bottom: 28px; }
+ .hero-meta { display: flex; flex-wrap: wrap; gap: 24px; }
+ .hero-meta-item { display: flex; align-items: center; gap: 8px; font-size: 0.88rem; opacity: 0.9; }
+ .hero-meta-item .icon { width: 28px; height: 28px; background: rgba(255,255,255,0.12); border-radius: 6px; display: flex; align-items: center; justify-content: center; font-size: 14px; }
+
+ /* STATS */
+ .stats-strip { background: white; border-bottom: 1px solid var(--border); }
+ .stats-inner { max-width: 960px; margin: 0 auto; display: grid; grid-template-columns: repeat(7, 1fr); }
+ .stat-item { padding: 20px 16px; text-align: center; border-right: 1px solid var(--border); }
+ .stat-item:last-child { border-right: none; }
+ .stat-num { font-size: 2rem; font-weight: 700; color: var(--indigo); line-height: 1; margin-bottom: 4px; }
+ .stat-label { font-size: 0.72rem; color: var(--muted); text-transform: uppercase; letter-spacing: 0.06em; font-weight: 600; }
+
+ /* LAYOUT */
+ .main { max-width: 960px; margin: 40px auto; padding: 0 24px; display: grid; gap: 28px; }
+
+ /* CARD */
+ .card { background: var(--card); border-radius: 12px; border: 1px solid var(--border); overflow: hidden; box-shadow: 0 1px 4px rgba(0,0,0,0.04); }
+ .card-header { padding: 18px 24px; border-bottom: 1px solid var(--border); display: flex; align-items: center; gap: 12px; background: #fafafa; }
+ .card-icon { width: 36px; height: 36px; border-radius: 8px; display: flex; align-items: center; justify-content: center; font-size: 18px; flex-shrink: 0; }
+ .card-icon.red { background: #fef2f2; }
+ .card-icon.blue { background: #eff6ff; }
+ .card-icon.green { background: #f0fdf4; }
+ .card-icon.amber { background: #fffbeb; }
+ .card-icon.purple { background: #faf5ff; }
+ .card-icon.teal { background: #f0fdfa; }
+ .card-icon.indigo { background: #eef2ff; }
+ .card-title { font-size: 1rem; font-weight: 700; }
+ .card-subtitle { font-size: 0.8rem; color: var(--muted); }
+
+ /* TABLE */
+ table { width: 100%; border-collapse: collapse; }
+ thead tr { background: #f8f8f8; }
+ th { padding: 10px 20px; text-align: left; font-size: 0.75rem; font-weight: 700; text-transform: uppercase; letter-spacing: 0.06em; color: var(--muted); border-bottom: 1px solid var(--border); }
+ td { padding: 11px 20px; font-size: 0.88rem; border-bottom: 1px solid #f0f0f0; vertical-align: top; }
+ tr:last-child td { border-bottom: none; }
+ tr:hover td { background: #fafafa; }
+
+ .key-badge { display: inline-block; font-family: 'SF Mono', monospace; font-size: 0.75rem; font-weight: 600; color: var(--indigo); background: #eef2ff; border: 1px solid #c7d2fe; border-radius: 4px; padding: 2px 7px; white-space: nowrap; text-decoration: none; }
+ a.key-badge:hover { background: #e0e7ff; text-decoration: underline; }
+ .status-closed { display: inline-flex; align-items: center; gap: 4px; font-size: 0.73rem; font-weight: 600; color: var(--green); background: #f0fdf4; border: 1px solid #bbf7d0; border-radius: 20px; padding: 2px 9px; }
+ .status-closed::before { content: '●'; font-size: 0.55rem; }
+ .repo-badge { font-size: 0.75rem; font-weight: 600; color: var(--muted); background: #f4f4f5; border-radius: 4px; padding: 2px 7px; white-space: nowrap; }
+ .pr-link { color: var(--blue); text-decoration: none; font-weight: 500; }
+ .pr-link:hover { text-decoration: underline; }
+ .cve-badge { display: inline-block; font-size: 0.72rem; font-weight: 700; color: #991b1b; background: #fef2f2; border: 1px solid #fecaca; border-radius: 4px; padding: 1px 6px; margin-left: 4px; }
+
+ /* GROUPED ROWS */
+ .group-header td { background: #f5f5f5; font-size: 0.75rem; font-weight: 700; text-transform: uppercase; letter-spacing: 0.06em; color: #777; padding: 7px 20px; }
+
+ /* ACHIEVEMENT GRID */
+ .achievement-grid { display: grid; grid-template-columns: 1fr 1fr; }
+ .achievement-item { padding: 18px 20px; border-right: 1px solid #f0f0f0; border-bottom: 1px solid #f0f0f0; }
+ .achievement-item:nth-child(even) { border-right: none; }
+ .achievement-item:nth-last-child(-n+2) { border-bottom: none; }
+ .achievement-icon { font-size: 1.4rem; margin-bottom: 8px; }
+ .achievement-title { font-size: 0.9rem; font-weight: 700; margin-bottom: 4px; }
+ .achievement-desc { font-size: 0.82rem; color: var(--muted); line-height: 1.5; }
+
+ /* TAGS */
+ .tags { display: flex; flex-wrap: wrap; gap: 6px; padding: 16px 20px; }
+ .tag { display: inline-block; font-size: 0.78rem; font-weight: 600; border-radius: 20px; padding: 4px 12px; }
+ .tag.red { background: #fef2f2; color: #991b1b; border: 1px solid #fecaca; }
+ .tag.blue { background: #eff6ff; color: #1e40af; border: 1px solid #bfdbfe; }
+ .tag.green { background: #f0fdf4; color: #166534; border: 1px solid #bbf7d0; }
+ .tag.amber { background: #fffbeb; color: #92400e; border: 1px solid #fde68a; }
+ .tag.purple { background: #faf5ff; color: #5b21b6; border: 1px solid #e9d5ff; }
+ .tag.teal { background: #f0fdfa; color: #115e59; border: 1px solid #99f6e4; }
+ .tag.indigo { background: #eef2ff; color: #3730a3; border: 1px solid #c7d2fe; }
+
+ /* MEETINGS */
+ .meeting-list { list-style: none; }
+ .meeting-list li { padding: 12px 20px; border-bottom: 1px solid #f0f0f0; display: flex; align-items: flex-start; gap: 12px; font-size: 0.88rem; }
+ .meeting-list li:last-child { border-bottom: none; }
+ .meeting-dot { width: 8px; height: 8px; border-radius: 50%; background: var(--indigo); margin-top: 6px; flex-shrink: 0; }
+ .meeting-title { font-weight: 600; }
+ .meeting-meta { font-size: 0.78rem; color: var(--muted); margin-top: 2px; }
+
+ /* COUNT PILL */
+ .count-pill { display: inline-flex; align-items: center; justify-content: center; background: var(--indigo); color: white; font-size: 0.7rem; font-weight: 700; border-radius: 10px; padding: 1px 7px; margin-left: 6px; }
+
+ .section-summary { padding: 14px 24px; background: #f8f9ff; border-bottom: 1px solid var(--border); font-size: 0.86rem; color: #444; line-height: 1.65; }
+ .section-summary strong { color: var(--indigo); }
+ .footer { text-align: center; padding: 32px; font-size: 0.78rem; color: #aaa; }
+
+ @media (max-width: 640px) {
+ .hero { padding: 32px 20px; }
+ .hero h1 { font-size: 1.8rem; }
+ .stats-inner { grid-template-columns: repeat(3, 1fr); }
+ .achievement-grid { grid-template-columns: 1fr; }
+ .achievement-item { border-right: none; }
+ }
+ </style>
+</head>
+<body>
+
+<!-- HERO -->
+<header class="hero">
+ <div class="hero-inner">
+ <div class="hero-badge">Q1 2026 · Quarterly Achievements</div>
+ <h1>Vincent Demeester <span>/ vdemeest</span></h1>
+ <p class="hero-sub">Senior Principal Software Engineer · R&D Secure Flow</p>
+ <div class="hero-meta">
+ <div class="hero-meta-item"><div class="icon">👤</div><span>Reports to Eyal Edri, Director Engineering</span></div>
+ <div class="hero-meta-item"><div class="icon">📅</div><span>Jan 1 – Mar 31, 2026</span></div>
+ <div class="hero-meta-item"><div class="icon">🌍</div><span>EMEA Region</span></div>
+ <div class="hero-meta-item"><div class="icon">🐙</div><span>github.com/vdemeester</span></div>
+ </div>
+ </div>
+</header>
+
+<!-- STATS -->
+<div class="stats-strip">
+ <div class="stats-inner">
+ <div class="stat-item">
+ <div class="stat-num">2</div>
+ <div class="stat-label">Epics Closed</div>
+ </div>
+ <div class="stat-item">
+ <div class="stat-num">50+</div>
+ <div class="stat-label">GitHub PRs Merged</div>
+ </div>
+ <div class="stat-item">
+ <div class="stat-num">50+</div>
+ <div class="stat-label">GitHub PRs Reviewed</div>
+ </div>
+ <div class="stat-item">
+ <div class="stat-num">70+</div>
+ <div class="stat-label">GitLab MRs Reviewed</div>
+ </div>
+ <div class="stat-item">
+ <div class="stat-num">50+</div>
+ <div class="stat-label">Issues Filed (tektoncd)</div>
+ </div>
+ <div class="stat-item">
+ <div class="stat-num">1</div>
+ <div class="stat-label">CVE Advisory Filed</div>
+ </div>
+ <div class="stat-item">
+ <div class="stat-num">15+</div>
+ <div class="stat-label">Repos Contributed To</div>
+ </div>
+ </div>
+</div>
+
+<main class="main">
+
+ <!-- EXECUTIVE SUMMARY -->
+ <div class="card">
+ <div class="card-header">
+ <div class="card-icon indigo">📋</div>
+ <div>
+ <div class="card-title">Executive Summary</div>
+ <div class="card-subtitle">Q1 2026 · Jan 1 – Mar 31</div>
+ </div>
+ </div>
+ <div class="card-body" style="padding: 20px 24px; line-height: 1.75; font-size: 0.93rem;">
+ <p style="margin-bottom: 12px;">
+ Vincent Demeester had an exceptionally broad and high-impact Q1 2026, closing <strong>2 major Jira epics</strong> — PipelineRun concurrency control with Kueue integration (<a href="https://issues.redhat.com/browse/SRVKP-1669" target="_blank" class="key-badge">SRVKP-1669</a>) and the UBI 9 Minimal base image migration across all OpenShift Pipelines components (<a href="https://issues.redhat.com/browse/SRVKP-10255" target="_blank" class="key-badge">SRVKP-10255</a>) — while shipping <strong>50 pull requests across 18 repositories</strong> on GitHub and reviewing <strong>70+ GitLab MRs</strong> to keep the OSP 1.15, 1.20, 1.21, and 1.22/5.0 release tracks on schedule.
+ </p>
+ <p style="margin-bottom: 12px;">
+ Beyond shipping code, Vincent drove a significant org-wide <strong>security hardening campaign</strong>: he filed and tracked zizmor CI audit issues across 9+ tektoncd repositories, proposed least-privilege GitHub Actions workflow changes, investigated SubjectAccessReview enforcement in Tekton resolvers, and published a coordinated CVE advisory (<a href="https://github.com/github/advisory-database/pull/7222" target="_blank" style="color:var(--indigo)">GHSA-cv4x-93xx-wgfj</a>) for a Tekton controller panic vulnerability — all activities that directly reduce the attack surface of the upstream project and Red Hat's downstream product.
+ </p>
+ <p style="margin-bottom: 12px;">
+ Vincent's community leadership was equally prominent. He authored the <strong>Prow decommission plan</strong> (10 structured issues covering Tide migration, slash-command replacement, branch protection, label sync, and cluster teardown), led CNCF post-acceptance work including defining the Tekton AI contribution policy and contributor ladder, onboarded the 2026 governing board, and prepared KubeCon EU 2026 kiosk materials in Amsterdam. He nominated new maintainers and moved inactive ones to alumni across six tektoncd repositories, keeping the project's governance healthy.
+ </p>
+ <p>
+ With <strong>50+ issues filed in the tektoncd org</strong> — spanning security, infrastructure modernisation, feature proposals, and code quality — Vincent functioned as both a prolific contributor and a strategic planner who translated long-term goals into tracked, actionable work items. Three of his own feature proposals were implemented and closed within the same quarter, demonstrating tight end-to-end ownership from idea to merged code.
+ </p>
+ </div>
+ </div>
+
+ <!-- JIRA EPICS -->
+ <div class="card">
+ <div class="card-header">
+ <div class="card-icon indigo">🎯</div>
+ <div>
+ <div class="card-title">Jira — Epics & Notable Issues Closed</div>
+ <div class="card-subtitle">Q1 2026 · SRVKP / SECFLOWOTL</div>
+ </div>
+ </div>
+ <div class="section-summary">
+ Closed <strong>2 multi-year engineering epics</strong> in Q1: concurrency control for PipelineRuns via Kueue integration — enabling cluster-admins to throttle concurrent pipeline executions — and the migration of all OpenShift Pipelines component images to <strong>UBI 9 Minimal</strong>, directly reducing CVE attack surface across the product. Both epics required sustained effort across multiple quarters of design, implementation, and cross-team coordination.
+ </div>
+ <div class="card-body">
+ <table>
+ <thead><tr><th>Key</th><th>Summary</th><th>Impact</th><th>Status</th></tr></thead>
+ <tbody>
+ <tr>
+ <td><a href="https://issues.redhat.com/browse/SRVKP-1669" target="_blank" class="key-badge">SRVKP-1669</a></td>
+ <td>
+ <strong>R&D PipelineRun Concurrency Control</strong><br>
+ <span style="font-size:0.78rem;color:#666">Cluster-level max concurrent PipelineRuns with Kueue integration; queuing/cancellation policy</span>
+ </td>
+ <td><span style="font-size:0.78rem">Multi-year · Kueue + Tekton integration</span></td>
+ <td><span class="status-closed">Closed</span></td>
+ </tr>
+ <tr>
+ <td><a href="https://issues.redhat.com/browse/SRVKP-10255" target="_blank" class="key-badge">SRVKP-10255</a></td>
+ <td>
+ <strong>Set UBI 9 Minimal as base image across all components</strong><br>
+ <span style="font-size:0.78rem;color:#666">Reduced CVE attack surface across all Pipeline images by migrating to optimised UBI 9 Minimal</span>
+ </td>
+ <td><span style="font-size:0.78rem">Security hardening · All components</span></td>
+ <td><span class="status-closed">Closed</span></td>
+ </tr>
+ </tbody>
+ </table>
+ </div>
+ </div>
+
+ <!-- GITHUB PRs AUTHORED -->
+ <div class="card">
+ <div class="card-header">
+ <div class="card-icon blue">⚙️</div>
+ <div>
+ <div class="card-title">GitHub — Pull Requests Authored & Merged <span class="count-pill">50+</span></div>
+ <div class="card-subtitle">Grouped by repository · Jan–Mar 2026</div>
+ </div>
+ </div>
+ <div class="section-summary">
+ Shipped <strong>50 pull requests across 18 repositories</strong>. Highest volume in <strong>tektoncd/plumbing</strong> (14 PRs) — driving the CI fan-in rollout, Prow plugin isolation, and dogfooding upgrades — followed by <strong>tektoncd/pipeline</strong> (7 PRs) including PVC auto-cleanup, zizmor security hardening, and release cherry-picks, and <strong>tektoncd/website</strong> and <strong>tektoncd/community</strong> (5 PRs each) covering the CNCF transition, contributor ladder, and AI contribution policy. Also filed a coordinated CVE advisory in <strong>github/advisory-database</strong> and shipped new LSP and MCP tooling for the Tekton ecosystem.
+ </div>
+ <div class="card-body">
+ <table>
+ <thead><tr><th>Repository</th><th>Notable Contributions</th><th>Count</th></tr></thead>
+ <tbody>
+ <tr class="group-header"><td colspan="3">⚡ Tekton Core</td></tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/pipeline</span></td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9354" target="_blank">feat: add optional PVC auto-cleanup annotation for workspaces mode</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9667" target="_blank">ci: fix GitHub Actions security issues found by zizmor</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9624" target="_blank">[release-v1.3.x] fix(ci): fix e2e test failures</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9616" target="_blank">docs: update releases.md with security patch releases</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9436" target="_blank">Cherry-pick OCI release pipeline migration to release-v1.6.x</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9552" target="_blank">Update tj-actions/changed-files version comment to v47.0.5</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9519" target="_blank">Nominate khrm and aThorp96 as pipeline approvers</a>
+ </td>
+ <td style="font-weight:700;color:var(--indigo)">7</td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/plumbing</span></td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3262" target="_blank">chore: update dogfooding to Tekton Pipelines v1.11.0</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3256" target="_blank">feat: Add Pipelines-as-Code deployment to oci-ci-cd cluster</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3258" target="_blank">fix(koparse): pin to stable Python 3.14.3-alpine</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3255" target="_blank">chore(cd): update Tekton components to latest versions</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3234" target="_blank">sync-issue-types: fix error detection for GraphQL mutations</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3233" target="_blank">Fix sync-issue-types broken pipe in jq error checking</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3220" target="_blank">Fix sync-issue-types infinite pagination loop</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3161" target="_blank">ci: Add CI summary as required check for tektoncd/results</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3157" target="_blank">Update cli required checks to use CI summary fan-in</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3089" target="_blank">Add workflow to sync issue types based on kind/* labels</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3218" target="_blank">prow: exclude pipelines-as-code from org-level plugins</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3217" target="_blank">prow: disable all plugins for tektoncd/pipelines-as-code</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3199" target="_blank">Move inactive approvers to alumni</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3169" target="_blank">Modernize create-draft-release-oci: hub → gh, flexible paths</a>
+ </td>
+ <td style="font-weight:700;color:var(--indigo)">14</td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/cli</span></td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/cli/pull/2741" target="_blank">Add CI summary fan-in job to presubmit CI</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/cli/pull/2682" target="_blank">feat: add cherry-pick command workflow</a>
+ </td>
+ <td style="font-weight:700;color:var(--indigo)">2</td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/operator</span></td>
+ <td><a class="pr-link" href="https://github.com/tektoncd/operator/pull/3233" target="_blank">ci: Add CI summary fan-in check</a></td>
+ <td style="font-weight:700;color:var(--indigo)">1</td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/pruner</span></td>
+ <td><a class="pr-link" href="https://github.com/tektoncd/pruner/pull/182" target="_blank">ci: add unified CI summary job</a></td>
+ <td style="font-weight:700;color:var(--indigo)">1</td>
+ </tr>
+
+ <tr class="group-header"><td colspan="3">🌐 Community, Governance & Website</td></tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/website</span></td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/website/pull/712" target="_blank">Add blog post for Tekton joining the CNCF</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/website/pull/710" target="_blank">docs: Add Pipelines-as-Code references to documentation</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/website/pull/711" target="_blank">Update affiliation from CDF to CNCF</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/website/pull/700" target="_blank">blog: Tekton Pipelines v1.10.0 release announcement</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/website/pull/704" target="_blank">Fix "How to Contribute" documentation funnel</a>
+ </td>
+ <td style="font-weight:700;color:var(--indigo)">5</td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/community</span></td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/community/pull/1240" target="_blank">Add anithapriyanatarajan to community.collaborators</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/community/pull/1233" target="_blank">Proposal: Add AI contribution policy</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/community/pull/1256" target="_blank">Onboard 2026 governing board election results</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/community/pull/1257" target="_blank">Sync org.yaml maintainer teams with OWNERS files</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/community/pull/1255" target="_blank">Update org.yaml: move inactive maintainers to alumni</a>
+ </td>
+ <td style="font-weight:700;color:var(--indigo)">5</td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/results</span></td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/results/pull/1246" target="_blank">Move inactive approvers and reviewers to alumni</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/results/pull/1247" target="_blank">Nominate divyansh42 as results approver</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/results/pull/1225" target="_blank">ci: Add CI summary fan-in job to presubmit workflow</a>
+ </td>
+ <td style="font-weight:700;color:var(--indigo)">3</td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/chains</span></td>
+ <td><a class="pr-link" href="https://github.com/tektoncd/chains/pull/1576" target="_blank">Move inactive approvers to emeritus</a></td>
+ <td style="font-weight:700;color:var(--indigo)">1</td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/triggers</span></td>
+ <td><a class="pr-link" href="https://github.com/tektoncd/triggers/pull/1965" target="_blank">Move inactive approvers to emeritus</a></td>
+ <td style="font-weight:700;color:var(--indigo)">1</td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/dashboard</span></td>
+ <td><a class="pr-link" href="https://github.com/tektoncd/dashboard/pull/4795" target="_blank">Move skaegi to alumni</a></td>
+ <td style="font-weight:700;color:var(--indigo)">1</td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/mcp-server</span></td>
+ <td><a class="pr-link" href="https://github.com/tektoncd/mcp-server/pull/113" target="_blank">Nominate jbpratt as mcp-server approver and reviewer</a></td>
+ <td style="font-weight:700;color:var(--indigo)">1</td>
+ </tr>
+
+ <tr class="group-header"><td colspan="3">🔴 OpenShift Pipelines</td></tr>
+ <tr>
+ <td><span class="repo-badge">openshift-pipelines/must-gather</span></td>
+ <td>
+ <a class="pr-link" href="https://github.com/openshift-pipelines/must-gather/pull/58" target="_blank">ci: restore multi-platform build using ose-must-gather-rhel9</a><br>
+ <a class="pr-link" href="https://github.com/openshift-pipelines/must-gather/pull/57" target="_blank">ci: fix build by limiting platforms to linux/amd64</a>
+ </td>
+ <td style="font-weight:700;color:var(--indigo)">2</td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">openshift-pipelines/catalog-cd</span></td>
+ <td><a class="pr-link" href="https://github.com/openshift-pipelines/catalog-cd/pull/143" target="_blank">chore: upgrade CI lint tooling and Go version</a></td>
+ <td style="font-weight:700;color:var(--indigo)">1</td>
+ </tr>
+
+ <tr class="group-header"><td colspan="3">🔐 Security</td></tr>
+ <tr>
+ <td><span class="repo-badge">github/advisory-database</span></td>
+ <td>
+ <a class="pr-link" href="https://github.com/github/advisory-database/pull/7222" target="_blank">[GHSA-cv4x-93xx-wgfj] Tekton Pipelines: controller panic via long resolver name</a>
+ <span class="cve-badge">CVE</span><br>
+ <span style="font-size:0.78rem;color:#666">Published security advisory for Tekton Pipelines vulnerability (Mar 25)</span>
+ </td>
+ <td style="font-weight:700;color:#991b1b">1</td>
+ </tr>
+
+ <tr class="group-header"><td colspan="3">🔬 Personal Projects & Ecosystem</td></tr>
+ <tr>
+ <td><span class="repo-badge">vdemeester/tekton-lsp-go</span></td>
+ <td><a class="pr-link" href="https://github.com/vdemeester/tekton-lsp-go/pull/24" target="_blank">feat: multi-document YAML support for all LSP features</a></td>
+ <td style="font-weight:700;color:var(--indigo)">1</td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">vdemeester/chisel</span></td>
+ <td>
+ <a class="pr-link" href="https://github.com/vdemeester/chisel/pull/51" target="_blank">Harden release workflow: job-level permissions, environment, concurrency</a><br>
+ <a class="pr-link" href="https://github.com/vdemeester/chisel/pull/49" target="_blank">Fix zizmor findings in GitHub Actions workflows</a>
+ </td>
+ <td style="font-weight:700;color:var(--indigo)">2</td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">illegalstudio/lazyagent</span></td>
+ <td><a class="pr-link" href="https://github.com/illegalstudio/lazyagent/pull/8" target="_blank">feat: add pi coding agent session monitoring (--agent pi|claude|all)</a></td>
+ <td style="font-weight:700;color:var(--indigo)">1</td>
+ </tr>
+ </tbody>
+ </table>
+ </div>
+ </div>
+
+ <!-- GITHUB PRs REVIEWED -->
+ <div class="card">
+ <div class="card-header">
+ <div class="card-icon green">👁️</div>
+ <div>
+ <div class="card-title">GitHub — Pull Requests Reviewed <span class="count-pill">50+</span></div>
+ <div class="card-subtitle">Merged PRs reviewed in tektoncd/pipeline and ecosystem · Q1 2026</div>
+ </div>
+ </div>
+ <div class="section-summary">
+ Reviewed <strong>50 merged pull requests</strong>, with the deepest focus on <strong>tektoncd/pipeline</strong> (26 reviews) spanning security fixes, resolver correctness bugs, SSH credential handling, metrics accuracy, webhook TLS upgrades, and documentation. Also provided ecosystem-level reviews across pruner, chains, operator, community, website, <strong>NixOS/nixpkgs</strong> (5 package reviews for gosmee, gauge, lazyworktree, krew), and <strong>containers/kubernetes-mcp-server</strong> — demonstrating broad technical reach well beyond the core Tekton codebase.
+ </div>
+ <div class="card-body">
+ <table>
+ <thead><tr><th>Repository</th><th>Reviews</th></tr></thead>
+ <tbody>
+ <tr class="group-header"><td colspan="2">⚡ tektoncd/pipeline — 26 reviews</td></tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/pipeline</span></td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9643" target="_blank">Fix: Add SSH Host aliases to support multiple SSH credentials on same host</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9465" target="_blank">Add multi-URL support and per-resolution url param to Hub Resolver</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9464" target="_blank">Add pending status support for TaskRun (parity with PipelineRun)</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9365" target="_blank">Bugfix: deduplicate concurrent resolver cache requests with singleflight</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9664" target="_blank">[cherry-pick: release-v1.9.x] fix: deduplicate concurrent resolver cache requests</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9660" target="_blank">[cherry-pick: release-v1.10.x] Fix running_taskruns metric overcounting</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9485" target="_blank">Fix running_taskruns metric overcounting TaskRuns with no condition</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9658" target="_blank">fix: record metrics for cancelled PipelineRuns</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9466" target="_blank">feat(webhook): Bump knative.dev/pkg to enable centrally managed WEBHOOK_* TLS</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9594" target="_blank">fix: replace silent "default" namespace fallback with explicit error</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9596" target="_blank">Extract memberOfLookup from createChildResourceLabels to reduce nested loop</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9592" target="_blank">fix: cluster resolver namespace access control whitespace and wildcard bugs</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9600" target="_blank">fix: make step-init symlink creation idempotent</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9661" target="_blank">Update stale comment about storing TaskSpec in status</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9568" target="_blank">fix: Upgrade Gitea test infrastructure from v1.17.1 to latest</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9505" target="_blank">docs: add README files for pipelinerun and taskrun examples</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9143" target="_blank">Fix: Add useHttpPath to support multiple Git credentials on same host</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9461" target="_blank">doc: Clarify scope of auth documentation</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9462" target="_blank">doc: Fix broken Tekton Bundles example link in taskruns.md</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9507" target="_blank">docs: fix broken internal markdown links</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9512" target="_blank">docs: add 4 undocumented metrics to docs/metrics.md</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9604" target="_blank">Re-enable pipeline-api.md generation</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9593" target="_blank">fix: resolve context key collision and ownerRef nil panic in resolution framework</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9618" target="_blank">fix: Pin container images to digests in step-script.yaml examples</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9354" target="_blank">feat: add optional PVC auto-cleanup annotation for workspaces mode</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/pull/9650" target="_blank">build(deps): bump actions/cache from 5.0.3 to 5.0.4</a>
+ </td>
+ </tr>
+ <tr class="group-header"><td colspan="2">🔧 tektoncd/plumbing — 8 reviews</td></tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/plumbing</span></td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3270" target="_blank">build(deps): bump astral-sh/setup-uv from 7.6.0 to 8.0.0</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3269" target="_blank">build(deps): bump actions/setup-go from 6.3.0 to 6.4.0</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3268" target="_blank">build(deps): bump the all group in pr-status-updater with 2 updates</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3267" target="_blank">build(deps): bump google/cloud-sdk from 561.0.0-alpine to 562.0.0-alpine</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3266" target="_blank">build(deps): bump google.golang.org/api from 0.272.0 to 0.273.0</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3265" target="_blank">build(deps): bump google.com/cloudsdktool/cloud-sdk in buildx-gcloud</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3264" target="_blank">build(deps): bump the all group in pr-commenter with 2 updates</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/pull/3236" target="_blank">build(deps): bump github.com/tektoncd/pipeline from 1.9.0 to 1.10.2</a>
+ </td>
+ </tr>
+ <tr class="group-header"><td colspan="2">🧹 tektoncd ecosystem — 10 reviews</td></tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/pruner</span></td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/pruner/pull/219" target="_blank">chore(deps): bump chainguard-dev/actions from 1.6.8 to 1.6.9</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pruner/pull/218" target="_blank">chore(deps): bump actions/cache from 5.0.3 to 5.0.4</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pruner/pull/217" target="_blank">chore(deps): bump the all group in /tekton with 4 updates</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pruner/pull/216" target="_blank">chore(deps): bump github/codeql-action from 4.32.6 to 4.34.1</a>
+ </td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/chains</span></td>
+ <td><a class="pr-link" href="https://github.com/tektoncd/chains/pull/1550" target="_blank">feat(metrics): Migrate from OpenCensus to OpenTelemetry</a></td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/operator</span></td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/operator/pull/3302" target="_blank">chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/operator/pull/3298" target="_blank">chore: bump pipelines component version to v1.6.1</a>
+ </td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/community</span></td>
+ <td><a class="pr-link" href="https://github.com/tektoncd/community/pull/1265" target="_blank">Add divyansh42 to results maintainers and collaborators</a></td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">tektoncd/website</span></td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/website/pull/711" target="_blank">Update affiliation from CDF to CNCF</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/website/pull/708" target="_blank">add blog post on Pipelines-as-Code joining Tekton</a>
+ </td>
+ </tr>
+ <tr class="group-header"><td colspan="2">🌿 NixOS/nixpkgs & containers — 6 ecosystem reviews</td></tr>
+ <tr>
+ <td><span class="repo-badge">NixOS/nixpkgs</span></td>
+ <td>
+ <a class="pr-link" href="https://github.com/NixOS/nixpkgs/pull/504121" target="_blank">gauge-unwrapped: 1.6.25 → 1.6.28</a><br>
+ <a class="pr-link" href="https://github.com/NixOS/nixpkgs/pull/503966" target="_blank">gosmee: 0.30.0 → 0.31.0</a><br>
+ <a class="pr-link" href="https://github.com/NixOS/nixpkgs/pull/502469" target="_blank">lazyworktree: 1.43.0 → 1.44.0</a><br>
+ <a class="pr-link" href="https://github.com/NixOS/nixpkgs/pull/500945" target="_blank">gosmee: 0.29.0 → 0.30.0</a><br>
+ <a class="pr-link" href="https://github.com/NixOS/nixpkgs/pull/500022" target="_blank">krew: fix version display</a>
+ </td>
+ </tr>
+ <tr>
+ <td><span class="repo-badge">containers/kubernetes-mcp-server</span></td>
+ <td><a class="pr-link" href="https://github.com/containers/kubernetes-mcp-server/pull/917" target="_blank">feat(tekton): add Tekton Pipelines eval tasks</a></td>
+ </tr>
+ </tbody>
+ </table>
+ </div>
+ </div>
+
+ <!-- TEKTONCD ISSUES -->
+ <div class="card">
+ <div class="card-header">
+ <div class="card-icon indigo">🐛</div>
+ <div>
+ <div class="card-title">GitHub Issues Filed — tektoncd org <span class="count-pill">50+</span></div>
+ <div class="card-subtitle">Issues opened in tektoncd/* during Q1 2026 · Grouped by theme</div>
+ </div>
+ </div>
+ <div class="section-summary">
+ Filed <strong>50+ issues across the tektoncd org</strong>, acting as the primary architect of the project's Q1 security and infrastructure roadmap. The issues break into four impact areas: a <strong>org-wide GitHub Actions security audit</strong> (zizmor, least-privilege, secret scoping, SSRF hardening) spanning 9+ repos; a <strong>structured 10-issue Prow decommission plan</strong> for migrating CI/CD infrastructure to Tekton/PaC and GitHub-native tooling; <strong>pipeline feature proposals</strong> — 3 of which were proposed and merged within the same quarter — and <strong>code modernization and CVE tracking</strong> across cli, chains, operator, and triggers.
+ </div>
+ <div class="card-body">
+ <table>
+ <thead><tr><th>Theme</th><th>Issues Filed</th><th>Repos</th></tr></thead>
+ <tbody>
+ <tr class="group-header"><td colspan="3">🔐 Security Hardening — org-wide zizmor campaign + least-privilege CI</td></tr>
+ <tr>
+ <td style="white-space:nowrap;font-weight:600">GitHub Actions Security</td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/issues/9696" target="_blank">ci: scope workflow permissions to least privilege</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/issues/9668" target="_blank">ci: move secrets to dedicated GitHub environments</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/issues/9669" target="_blank">ci: replace secrets:inherit with explicit secrets in chatops_retest</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/issues/9557" target="_blank">Build our own static base image (remove external dependency)</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/issues/9602" target="_blank">HTTP resolver: block requests to private/internal IP ranges by default</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/issues/9609" target="_blank">Investigate adding SubjectAccessReview checks before resolvers read Secrets</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/community/issues/1258" target="_blank">Assign <code>tekton-vmt</code> team as GitHub Organization Security Manager</a><br>
+ <span style="font-size:0.78rem;color:#666">zizmor CI audits also filed in: chains (closed), pipelines-as-code (closed), operator (closed), results, triggers, catalog, cli, plumbing, dashboard</span>
+ </td>
+ <td>
+ <span class="repo-badge">pipeline</span><br>
+ <span class="repo-badge">community</span><br>
+ <span class="repo-badge">+9 repos</span>
+ </td>
+ </tr>
+ <tr class="group-header"><td colspan="3">🔧 Prow Migration & Infrastructure Modernisation (plumbing)</td></tr>
+ <tr>
+ <td style="white-space:nowrap;font-weight:600">Prow Decommission</td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/issues/3183" target="_blank">Complete migration out of Prow</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/issues/3182" target="_blank">Decommission the Prow cluster and infrastructure</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/issues/3181" target="_blank">Migrate Terraform branch protection to repository rulesets</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/issues/3180" target="_blank">Migrate label sync from Prow to Tekton CronJob or Terraform</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/issues/3179" target="_blank">Replace Prow automated PR plugins with lightweight tasks or services</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/issues/3178" target="_blank">Migrate Prow slash-command plugins to Tekton / PaC</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/issues/3177" target="_blank">Replace Tide merge queue with GitHub Merge Queue</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/issues/3176" target="_blank">Persistent log storage for PipelineRun/TaskRun logs using OCI Object Storage</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/issues/3126" target="_blank">Create Tekton Task/Pipeline for /retest slash command</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/plumbing/issues/3123" target="_blank">Add permission-checking interceptor for slash commands</a>
+ </td>
+ <td><span class="repo-badge">plumbing</span></td>
+ </tr>
+ <tr class="group-header"><td colspan="3">✨ Feature Proposals & Bug Tracking (pipeline) — several closed after merge</td></tr>
+ <tr>
+ <td style="white-space:nowrap;font-weight:600">Pipeline Features</td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/issues/9284" target="_blank">Proposal: Optional PVC Auto-Cleanup for Workspaces Mode</a> <span class="status-closed">Closed</span><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/issues/9376" target="_blank">Add pending status support for TaskRun (parity with PipelineRun)</a> <span class="status-closed">Closed</span><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/issues/9353" target="_blank">Support multiple Artifact Hub URLs in the Hub Resolver</a> <span class="status-closed">Closed</span><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/issues/9617" target="_blank">Remove deprecated <code>pkg/resolution/resolver/</code> and consolidate</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/issues/9705" target="_blank">Rename "affinity-assistant" to "coschedule-assistant" in user-visible surfaces</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/issues/9684" target="_blank">hub resolver: remove placeholder URL workaround in Validate()</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/issues/9670" target="_blank">docs: document horizontal controller scaling via leader election buckets</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/pipeline/issues/9443" target="_blank">Upgrade Gitea test infrastructure from v1.17.1 to latest</a> <span class="status-closed">Closed</span>
+ </td>
+ <td><span class="repo-badge">pipeline</span></td>
+ </tr>
+ <tr class="group-header"><td colspan="3">🛠 Code Modernisation, CVEs & Docs</td></tr>
+ <tr>
+ <td style="white-space:nowrap;font-weight:600">Code & Deps</td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/chains/issues/1583" target="_blank">Use <code>//go:fix</code> inline for deprecated storage backends (chains)</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/operator/issues/3280" target="_blank">Use <code>//go:fix</code> inline and go fix to modernize codebase (operator)</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/triggers/issues/1971" target="_blank">Use <code>//go:fix</code> inline and go fix to modernize codebase (triggers)</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/cli/issues/2716" target="_blank">Bump Go to 1.24.12+ to fix CVE-2025-61726/61728/61729 (cli)</a>
+ <span class="cve-badge">CVE</span><br>
+ <a class="pr-link" href="https://github.com/tektoncd/cli/issues/2717" target="_blank">Bump sigstore/timestamp-authority to v2.0.3+ — CVE-2025-66564 (cli)</a>
+ <span class="cve-badge">CVE</span><br>
+ <a class="pr-link" href="https://github.com/tektoncd/cli/issues/2718" target="_blank">Bump hashicorp/vault/api to v1.16.27+ — CVE-2025-11621/12044 (cli)</a>
+ <span class="cve-badge">CVE</span>
+ </td>
+ <td>
+ <span class="repo-badge">chains</span><br>
+ <span class="repo-badge">operator</span><br>
+ <span class="repo-badge">triggers</span><br>
+ <span class="repo-badge">cli</span>
+ </td>
+ </tr>
+ <tr>
+ <td style="white-space:nowrap;font-weight:600">Governance & Community</td>
+ <td>
+ <a class="pr-link" href="https://github.com/tektoncd/community/issues/1260" target="_blank">Proposal: AI Coding Agent Skills for the Tekton Organization</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/website/issues/716" target="_blank">Integrate Pipelines-as-Code documentation into tekton.dev</a><br>
+ <a class="pr-link" href="https://github.com/tektoncd/operator/issues/3301" target="_blank">Include component release notes in operator release notes</a>
+ </td>
+ <td>
+ <span class="repo-badge">community</span><br>
+ <span class="repo-badge">website</span><br>
+ <span class="repo-badge">operator</span>
+ </td>
+ </tr>
+ </tbody>
+ </table>
+ </div>
+ </div>
+
+ <!-- GITLAB -->
+ <div class="card">
+ <div class="card-header">
+ <div class="card-icon amber">🦊</div>
+ <div>
+ <div class="card-title">GitLab — Release MRs Reviewed <span class="count-pill">70+</span></div>
+ <div class="card-subtitle">gitlab.cee.redhat.com · releng/konflux-release-data · Q1 2026</div>
+ </div>
+ </div>
+ <div class="section-summary">
+ Reviewed <strong>70+ merge requests</strong> in <code>releng/konflux-release-data</code> across four active OSP release tracks simultaneously (1.15.x, 1.20.x, 1.21.x, 1.22/5.0). Reviews covered CDN configuration, policy exception approvals, component naming corrections, binary publishing setup (macOS/Windows/FIPS), OCP channel updates, and GA flag management. This sustained throughput — averaging <strong>5–6 release MRs per week</strong> — directly enabled the on-schedule delivery of multiple OpenShift Pipelines releases throughout the quarter.
+ </div>
+ <div class="card-body">
+ <table>
+ <thead><tr><th>Release Track</th><th>Scope of Reviews</th><th>Count</th></tr></thead>
+ <tbody>
+ <tr>
+ <td><strong>OSP 1.21 / 1.21.1</strong></td>
+ <td>
+ <a class="pr-link" href="https://gitlab.cee.redhat.com/releng/konflux-release-data/-/merge_requests/16537" target="_blank">!16537 Add release plan for bundle release of 1.21</a><br>
+ <a class="pr-link" href="https://gitlab.cee.redhat.com/releng/konflux-release-data/-/merge_requests/16534" target="_blank">!16534 set auto-release=false for stage cdn release of 1.21</a><br>
+ <a class="pr-link" href="https://gitlab.cee.redhat.com/releng/konflux-release-data/-/merge_requests/16496" target="_blank">!16496 update osp 1-21 Release Plan to fix jira-collector</a><br>
+ <span style="font-size:0.78rem;color:#666">+ 12 more: CDN config, stage/prod toggles, date updates, component naming, policy exceptions, GA flag management</span>
+ </td>
+ <td style="font-weight:700;color:var(--amber)">15+</td>
+ </tr>
+ <tr>
+ <td><strong>OSP 1.20 / 1.20.3</strong></td>
+ <td>
+ <a class="pr-link" href="https://gitlab.cee.redhat.com/releng/konflux-release-data/-/merge_requests/14638" target="_blank">!14638 Fix: CDN RPA for contentType=binary</a><br>
+ <a class="pr-link" href="https://gitlab.cee.redhat.com/releng/konflux-release-data/-/merge_requests/14613" target="_blank">!14613 Revert content section from RP and RPA</a><br>
+ <span style="font-size:0.78rem;color:#666">+ 6 more: CDN files, mirror push toggles, OCP 4.21 channel updates</span>
+ </td>
+ <td style="font-weight:700;color:var(--amber)">8+</td>
+ </tr>
+ <tr>
+ <td><strong>OSP 1.15 / 1.15.4</strong></td>
+ <td>
+ <a class="pr-link" href="https://gitlab.cee.redhat.com/releng/konflux-release-data/-/merge_requests/14081" target="_blank">!14081 Add OCP 4.21 FBC support for OpenShift Pipelines 1.15</a><br>
+ <a class="pr-link" href="https://gitlab.cee.redhat.com/releng/konflux-release-data/-/merge_requests/14040" target="_blank">!14040 update MacOS os to darwin</a><br>
+ <a class="pr-link" href="https://gitlab.cee.redhat.com/releng/konflux-release-data/-/merge_requests/14036" target="_blank">!14036 Add macos and windows binaries</a><br>
+ <span style="font-size:0.78rem;color:#666">+ 9 more: patch release exception policies, OS naming fixes, binary serve-tkn-cli, FIPS exceptions</span>
+ </td>
+ <td style="font-weight:700;color:var(--amber)">12+</td>
+ </tr>
+ <tr>
+ <td><strong>OSP 1.22 / nightly / 5.0</strong></td>
+ <td>
+ <a class="pr-link" href="https://gitlab.cee.redhat.com/releng/konflux-release-data/-/merge_requests/14521" target="_blank">!14521 Add tektoncd-pruner-1-22-webhook</a><br>
+ <a class="pr-link" href="https://gitlab.cee.redhat.com/releng/konflux-release-data/-/merge_requests/14500" target="_blank">!14500 Add scheduler in RPA-122</a><br>
+ <a class="pr-link" href="https://gitlab.cee.redhat.com/releng/konflux-release-data/-/merge_requests/14493" target="_blank">!14493 update component name for serve-tkn-cli-1-22-serve-tkn-cli</a><br>
+ <span style="font-size:0.78rem;color:#666">+ 7 more: nightly rename to 5.0, CDN stage setup, single app config</span>
+ </td>
+ <td style="font-weight:700;color:var(--amber)">10+</td>
+ </tr>
+ <tr>
+ <td><strong>Cross-release</strong></td>
+ <td>
+ <a class="pr-link" href="https://gitlab.cee.redhat.com/releng/konflux-release-data/-/merge_requests/13626" target="_blank">!13626 Add Prod Policy Exception for 1.21</a><br>
+ <a class="pr-link" href="https://gitlab.cee.redhat.com/releng/konflux-release-data/-/merge_requests/13505" target="_blank">!13505 Add FIPS exception policy for OpenShift Pipelines v1.14–v1.19</a><br>
+ <a class="pr-link" href="https://gitlab.cee.redhat.com/releng/konflux-release-data/-/merge_requests/13546" target="_blank">!13546 Add Product and Product Version for openshift-pipelines</a><br>
+ <span style="font-size:0.78rem;color:#666">+ 22 more: OCP 4.22 changes, enforceContainerFirstSecurityLabels, unused ECP cleanup, CDN content type fixes</span>
+ </td>
+ <td style="font-weight:700;color:var(--amber)">25+</td>
+ </tr>
+ </tbody>
+ </table>
+ </div>
+ </div>
+
+ <!-- KEY INITIATIVES -->
+ <div class="card">
+ <div class="card-header">
+ <div class="card-icon purple">🚀</div>
+ <div>
+ <div class="card-title">Key Initiatives & Strategic Contributions</div>
+ <div class="card-subtitle">High-impact work beyond individual PRs</div>
+ </div>
+ </div>
+ <div class="card-body">
+ <div class="achievement-grid">
+ <div class="achievement-item">
+ <div class="achievement-icon">🎓</div>
+ <div class="achievement-title">Tekton CNCF Graduation & Community</div>
+ <div class="achievement-desc">Led post-CNCF acceptance work: defined AI contribution policy (first in Tekton), created contributor ladder, fixed contribution docs funnel, prepared KubeCon EU kiosk (Amsterdam), wrote CNCF announcement blog. Onboarded 2026 governing board.</div>
+ </div>
+ <div class="achievement-item">
+ <div class="achievement-icon">🔐</div>
+ <div class="achievement-title">CVE Advisory: Tekton Controller Panic</div>
+ <div class="achievement-desc">Filed and published GHSA-cv4x-93xx-wgfj — a Tekton Pipelines security advisory for controller panic via long resolver name in TaskRun/PipelineRun. Coordinated responsible disclosure via GitHub Advisory Database.</div>
+ </div>
+ <div class="achievement-item">
+ <div class="achievement-icon">🏗️</div>
+ <div class="achievement-title">CI/CD Infrastructure & Prow Migration</div>
+ <div class="achievement-desc">Rolled out unified CI summary fan-in checks across pipeline, cli, results, pruner, operator repos. Added Pipelines-as-Code deployment to oci-ci-cd cluster. Authored 8-issue Prow decommission plan — covering Tide migration, slash-command replacement, branch protection, label sync, and cluster teardown.</div>
+ </div>
+ <div class="achievement-item">
+ <div class="achievement-icon">🤖</div>
+ <div class="achievement-title">Tekton LSP & MCP Tooling</div>
+ <div class="achievement-desc">Shipped multi-document YAML support for all LSP features in tekton-lsp-go. Contributed Tekton eval tasks to containers/kubernetes-mcp-server. Added coding agent session monitoring in lazyagent (Claude/Pi support).</div>
+ </div>
+ <div class="achievement-item">
+ <div class="achievement-icon">🏢</div>
+ <div class="achievement-title">Community Governance & Maintainers</div>
+ <div class="achievement-desc">Nominated new approvers across pipeline, results, mcp-server. Moved inactive maintainers to alumni/emeritus in triggers, chains, dashboard, results, plumbing. Synced org.yaml with OWNERS files. Updated CNCF affiliation across all repos.</div>
+ </div>
+ <div class="achievement-item">
+ <div class="achievement-icon">🚀</div>
+ <div class="achievement-title">OpenShift Pipelines Release Cadence</div>
+ <div class="achievement-desc">Sustained review of 70+ GitLab MRs across OSP 1.15.x, 1.20.x, 1.21.x, 1.22 / 5.0 release tracks. Managed CDN configurations, binary publishing, OCP channel updates, and policy exceptions to keep multi-track releases on schedule.</div>
+ </div>
+ </div>
+ </div>
+ </div>
+
+ <!-- MEETING ENGAGEMENT -->
+ <div class="card">
+ <div class="card-header">
+ <div class="card-icon teal">📅</div>
+ <div>
+ <div class="card-title">Meeting & Cross-Team Engagement</div>
+ <div class="card-subtitle">Recurring meetings confirmed via Gemini notes in Q1 2026</div>
+ </div>
+ </div>
+ <div class="card-body">
+ <ul class="meeting-list">
+ <li>
+ <div class="meeting-dot"></div>
+ <div>
+ <div class="meeting-title">Pipelines Weekly Architecture Decision Review (ADR) Calls</div>
+ <div class="meeting-meta">Weekly · Active participant · Confirmed Mar 2, Mar 9, Mar 23, Mar 30</div>
+ </div>
+ </li>
+ <li>
+ <div class="meeting-dot"></div>
+ <div>
+ <div class="meeting-title">OpenShift Pipelines Program Call</div>
+ <div class="meeting-meta">Weekly · Confirmed Mar 2, Mar 30</div>
+ </div>
+ </li>
+ <li>
+ <div class="meeting-dot"></div>
+ <div>
+ <div class="meeting-title">2026 Goals: Weekly / Bi-Weekly Sync</div>
+ <div class="meeting-meta">Bi-weekly → weekly cadence · Confirmed Feb 25, Mar 25</div>
+ </div>
+ </li>
+ <li>
+ <div class="meeting-dot"></div>
+ <div>
+ <div class="meeting-title">Eyal:Vincent 1:1</div>
+ <div class="meeting-meta">Weekly 1:1 with manager · Confirmed Feb 24, Mar 3, Mar 10, Mar 24</div>
+ </div>
+ </li>
+ <li>
+ <div class="meeting-dot"></div>
+ <div>
+ <div class="meeting-title">Stakeholder Meeting</div>
+ <div class="meeting-meta">Bi-weekly · Confirmed Feb 25, Mar 4</div>
+ </div>
+ </li>
+ </ul>
+ </div>
+ </div>
+
+ <!-- TAGS -->
+ <div class="card">
+ <div class="card-header">
+ <div class="card-icon red">🏷️</div>
+ <div>
+ <div class="card-title">Areas of Focus</div>
+ <div class="card-subtitle">Themes and technologies active in Q1 2026</div>
+ </div>
+ </div>
+ <div class="card-body">
+ <div class="tags">
+ <span class="tag indigo">Tekton Pipelines</span>
+ <span class="tag indigo">CNCF Graduation</span>
+ <span class="tag red">OpenShift Pipelines</span>
+ <span class="tag red">Release Management</span>
+ <span class="tag blue">Pipelines-as-Code</span>
+ <span class="tag blue">CI/CD Infrastructure</span>
+ <span class="tag green">Security (RH-SDL)</span>
+ <span class="tag green">CVE Advisory</span>
+ <span class="tag green">UBI 9 Minimal</span>
+ <span class="tag amber">GitHub Actions / zizmor</span>
+ <span class="tag amber">PipelineRun Concurrency</span>
+ <span class="tag purple">Tekton LSP</span>
+ <span class="tag purple">MCP Server / Tooling</span>
+ <span class="tag teal">Community Governance</span>
+ <span class="tag teal">KubeCon EU 2026</span>
+ <span class="tag indigo">AI Contribution Policy</span>
+ <span class="tag blue">NixOS / nixpkgs</span>
+ <span class="tag red">CDN / Binary Publishing</span>
+ <span class="tag green">zizmor / CI Security Audit</span>
+ <span class="tag amber">Prow Migration</span>
+ <span class="tag indigo">Issue Triage & Planning</span>
+ </div>
+ </div>
+ </div>
+
+</main>
+
+<div class="footer">
+ Generated by Claude Code · Data sources: Jira, GitHub (vdemeester) — PRs + Issues (tektoncd/*), GitLab (gitlab.cee.redhat.com), Gmail/Gemini · Period: Jan 1 – Mar 31, 2026
+</div>
+
+</body>
+</html>
dots/config/claude/skills/QuarterlyReport/workflows/Generate.md
@@ -0,0 +1,225 @@
+# Generate Quarterly Report
+
+## Step 1 — Determine Period
+
+Parse the user's request to extract the quarter and year. Convert to date range:
+
+| Input | Start | End |
+|-------|-------|-----|
+| Q1 2026 | 2026-01-01 | 2026-03-31 |
+| Q2 2026 | 2026-04-01 | 2026-06-30 |
+| Q3 2026 | 2026-07-01 | 2026-09-30 |
+| Q4 2026 | 2026-10-01 | 2026-12-31 |
+| "last quarter" | Calculate from current date |
+
+## Step 2 — Collect Data (Parallel)
+
+Run all data collection concurrently.
+
+### 2a. daily-plan review (GitHub + Jira + Org + AI)
+
+```bash
+daily-plan review "<START>..<END>" --json --no-discussions --no-comments
+```
+
+This returns JSON with:
+- `org_done` — completed org-mode TODO items
+- `ai_sessions` — AI coding sessions
+- `jira_completed` — Jira issues resolved via `resolutiondate` JQL (keys: `key`, `summary`, `status`, `priority`, `url`)
+- `github_merged` — PRs authored and merged (keys: `repo`, `number`, `title`, `url`)
+- `github_reviewed` — PRs reviewed, excluding own PRs (keys: `repo`, `number`, `title`, `author`, `url`)
+- `github_issues_created` — Issues filed (keys: `repo`, `number`, `title`, `url`)
+- `github_security_advisories` — Security advisories where user is credited or author (keys: `ghsa_id`, `cve_id`, `summary`, `severity`, `state`, `repo`, `url`, `credits`, `role`). Filtered to only advisories where the user appears in `credits` or is the `author` — `collaborating_users` is skipped (indicates team access, not active involvement). Comments on advisories are not accessible via the API (private fork).
+
+daily-plan automatically splits queries by month and uses `--limit 1000` to avoid GitHub Search API truncation. Results are scoped to the configured owners (tektoncd, openshift-pipelines).
+
+daily-plan's GitHub queries are scoped to the configured owners (`tektoncd`, `openshift-pipelines`). PRs in other orgs (NixOS/nixpkgs, containers/*, chmouel/*, github/advisory-database, etc.) are **not** included — add those orgs to daily-plan's config if they should be tracked. Security advisories are filtered to only those where the user is in `credits` or is `author` — team-based `collaborating_users` access is excluded.
+
+### 2b. GitLab (gitlab.cee.redhat.com)
+
+The internal Red Hat GitLab instance requires REST API with a personal access token. The `mcp__plugin_gitlab_gitlab__*` MCP plugin targets `gitlab.com` only — do NOT use it for internal GitLab.
+
+**Load token:**
+```bash
+export GITLAB_TOKEN=$(passage show gitlab/cee-redhat/token 2>/dev/null || echo "")
+```
+
+If empty, ask the user to provide it or skip GitLab. Generate tokens at: `https://gitlab.cee.redhat.com/-/user_settings/personal_access_tokens` (scope: `read_api`).
+
+**Resolve user ID:**
+```bash
+curl -s "https://gitlab.cee.redhat.com/api/v4/users?username=vdemeest" \
+ -H "PRIVATE-TOKEN: $GITLAB_TOKEN" | python3 -c "import json,sys; u=json.load(sys.stdin)[0]; print(u['id'], u['name'])"
+```
+
+**MRs authored:**
+```bash
+curl -s "https://gitlab.cee.redhat.com/api/v4/merge_requests?author_id=<ID>&state=merged&scope=all&order_by=updated_at&sort=desc&per_page=100&created_after=<START>&created_before=<END>" \
+ -H "PRIVATE-TOKEN: $GITLAB_TOKEN"
+```
+
+**MRs reviewed:**
+```bash
+curl -s "https://gitlab.cee.redhat.com/api/v4/merge_requests?reviewer_id=<ID>&state=merged&scope=all&order_by=updated_at&sort=desc&per_page=100&created_after=<START>&created_before=<END>" \
+ -H "PRIVATE-TOKEN: $GITLAB_TOKEN"
+```
+
+Note: `author_username` filter does NOT work on the global MR endpoint — always use `author_id` (numeric) + `scope=all`.
+
+Extract from each MR: `iid`, `title`, `references.full`, `merged_at`, `web_url`. Group by namespace/project.
+
+### 2c. Google Calendar — Meetings
+
+Use GoogleWorkspace skill scripts to query calendar events for the quarter:
+
+```bash
+cd ~/.config/claude/skills/GoogleWorkspace/scripts && node workspace.js call calendar events.list '{
+ "calendarId": "primary",
+ "timeMin": "<START>T00:00:00Z",
+ "timeMax": "<END>T23:59:59Z",
+ "singleEvents": true,
+ "orderBy": "startTime",
+ "maxResults": 2500,
+ "fields": "items(summary,start,end,status,attendees)"
+}'
+```
+
+Filter to work meetings (exclude personal blocks like "Focus time", "Home", etc.). Count by meeting name to identify recurring series. Only count meetings with 2+ attendees.
+
+### 2d. Gmail / mu — Meeting Notes
+
+Use `mu find` (Maildir) to search for Gemini meeting notes in Q1:
+
+```bash
+mu find 'from:gemini-notes@google.com AND date:<START_YYYYMMDD>..<END_YYYYMMDD>' --fields 's' 2>/dev/null
+```
+
+Alternatively use GoogleWorkspace scripts:
+```bash
+cd ~/.config/claude/skills/GoogleWorkspace/scripts && node workspace.js gmail-search \
+ "from:gemini-notes@google.com newer_than:120d"
+```
+
+If MCP tools are available instead (e.g. in Claude Desktop):
+```
+mcp__google-workspace__search_emails: from:gemini-notes@google.com to:vdemeest@redhat.com after:<START> before:<END>
+```
+
+### 2e. Google Drive — Documents
+
+```bash
+cd ~/.config/claude/skills/GoogleWorkspace/scripts && node workspace.js drive-search \
+ "modifiedTime > '<START>T00:00:00' and modifiedTime < '<END>T23:59:59' and trashed=false"
+```
+
+### 2f. Slack
+
+Use the Slack skill:
+```bash
+~/.config/claude/skills/Slack/tools/SlackRead.sh search "from:vdemeest <relevant_terms>" --after <START> --before <END>
+```
+
+Or via MCP if available:
+```
+mcp__slack__search_messages: from:vdemeest after:<START> before:<END>
+```
+
+## Step 3 — Analyze & Categorize
+
+Before generating HTML, analyze the raw data:
+
+1. **Count totals** for the stats strip (PRs merged, reviewed, GitLab MRs, issues filed, repos contributed to)
+2. **Group GitHub PRs** by repository, ordered by PR count descending
+3. **Group GitHub issues** by theme (security, infrastructure, features, governance, code modernization)
+4. **Group GitLab MRs** by release track (OSP 1.15, 1.20, 1.21, 1.22, cross-release)
+5. **Identify Jira epics** — filter `jira_completed` for Epics and Features only (exclude Stories, Tasks, Sub-tasks, Bugs for the main epic section; keep notable bugs separate)
+6. **Identify key initiatives** — look for patterns: security campaigns, governance work, community leadership, tooling, release management
+7. **Extract meeting patterns** from Gmail/Gemini notes — recurring meetings, frequency
+
+## Step 4 — Generate HTML
+
+Use the template from `reference/Template.html` in this skill directory. The template is a complete, self-contained HTML file with all CSS inline.
+
+**Read the template:**
+```
+read reference/Template.html
+```
+
+Fill in all data sections. Key rules:
+
+### Linking — every item must be clickable
+
+| Item type | URL format |
+|-----------|------------|
+| Jira keys | `<a href="https://issues.redhat.com/browse/<KEY>" target="_blank" class="key-badge">KEY</a>` |
+| GitHub PRs/issues | Use the `url` field from `gh search` JSON output: `<a href="<url>" target="_blank" class="pr-link">title</a>` |
+| GitLab MRs | Use `web_url` from API: `<a href="<web_url>" target="_blank" class="pr-link">!iid title</a>` |
+
+### Section summaries
+
+Every data section must open with a `<div class="section-summary">` containing 2–3 sentences synthesizing the section's impact. Cover: total volume, standout items, and business/technical significance. Interpret — don't just repeat the table.
+
+### Executive summary
+
+3–5 sentences in third person, past tense, executive-readable prose. Cover:
+- Major outcomes (epics closed, features shipped, security work)
+- Breadth of contribution (repos, systems, teams)
+- Standout contributions (CVEs, governance, proposals → merged)
+- Quantified signal ("50+ PRs merged across 15 repos")
+
+### Sections to include (omit any with zero results)
+
+1. Executive Summary (always)
+2. Jira — Epics & Features Closed
+3. GitHub — PRs Authored & Merged (grouped by repo, with group headers like "⚡ Tekton Core", "🏛 Community")
+4. GitHub — PRs Reviewed (grouped by repo)
+5. GitHub — Issues Filed (grouped by theme)
+6. GitHub — Security Advisories (credited/authored only)
+7. GitLab — MRs Reviewed (grouped by release track)
+8. Key Initiatives & Strategic Contributions (achievement grid)
+9. Meeting & Cross-Team Engagement (Google Calendar)
+10. Documents & Presentations (Google Drive)
+11. Communication Highlights (mu/Gmail — notable outbound threads)
+12. Areas of Focus (tag cloud)
+
+### Stats strip values
+
+Count from the collected data:
+- Epics Closed (Jira epics/features with Done status)
+- GitHub PRs Merged (authored)
+- GitHub PRs Reviewed
+- Issues Filed
+- Security Advisories (credited/authored)
+- Jira Issues Closed
+- GitLab MRs Reviewed (if available)
+
+## Step 5 — Write Output
+
+```bash
+# Write the HTML report
+write ~/desktop/downloads/q<N>-<YEAR>-achievements-vincent-demeester.html
+```
+
+Confirm to the user: file path, total counts, any data sources that were unavailable.
+
+## Common Mistakes
+
+| Mistake | Fix |
+|---------|-----|
+| Including personal repos (vdemeester/*) | Exclude — only include org repos (tektoncd, openshift-pipelines, etc.) |
+| Plain text Jira keys, PR titles, MR titles | Always hyperlink with `<a>` tags |
+| Including Jira Stories/Tasks in the epics section | Filter for `issuetype in (Epic, Feature)` only |
+| Using MCP gitlab plugin for internal GitLab | MCP targets gitlab.com — use REST API for gitlab.cee.redhat.com |
+| `author_username` on global MR endpoint | Use `author_id` (numeric) + `scope=all` |
+| Missing section summaries | Every card must have a `section-summary` div |
+| Sections with zero results | Omit entirely — no "No items found" text |
+| Forgetting to load GITLAB_TOKEN | Load from passage or ask user before GitLab queries |
+
+## Graceful Degradation
+
+If a data source is unavailable:
+1. **GitLab token missing** → Skip GitLab section, note in footer
+2. **Google Workspace not configured** → Skip Gmail/Drive sections
+3. **Slack not configured** → Skip Slack section
+4. **daily-plan not found** → Fall back to direct `gh` + Jira CLI queries
+5. Always note unavailable sources in the footer "Data sources" line
dots/config/claude/skills/QuarterlyReport/SKILL.md
@@ -0,0 +1,65 @@
+---
+name: QuarterlyReport
+description: Generate a polished quarterly achievement HTML report. USE WHEN user asks for quarterly report, Q1/Q2/Q3/Q4 achievements, performance review data, or wants to summarize a quarter's work for their manager.
+---
+
+# QuarterlyReport
+
+Generate a comprehensive, styled HTML achievement report for a quarter by combining `daily-plan review` output with GitLab, Gmail/Drive, and Slack data.
+
+## Workflow Routing
+
+| Workflow | Trigger | File |
+|----------|---------|------|
+| **Generate** | "generate Q1 report", "quarterly achievements", "report for Eyal" | `workflows/Generate.md` |
+
+## Overview
+
+This skill produces a single self-contained HTML file with:
+- Executive summary
+- Stats strip (PRs merged, reviewed, issues filed, security advisories, etc.)
+- Jira epics/features closed
+- GitHub PRs authored & reviewed (grouped by repo)
+- GitHub issues filed (grouped by theme)
+- GitHub security advisories (filtered to credited/authored only)
+- GitLab MRs reviewed (grouped by release track)
+- Key initiatives & strategic contributions
+- Meeting & cross-team engagement (Google Calendar)
+- Documents & presentations (Google Drive)
+- Communication highlights (mu/Gmail)
+- Areas of focus tags
+
+## Data Sources
+
+| Source | Tool | What |
+|--------|------|------|
+| **GitHub + Jira + Org + AI + Security Advisories** | `daily-plan review <range> --json` | Primary data: PRs (monthly pagination, no truncation), reviews, issues, Jira (resolutiondate JQL), org-mode done items, AI sessions, security advisories (filtered to credits+author involvement) |
+| **GitLab** (gitlab.cee.redhat.com) | REST API via `curl` | MRs authored and reviewed (internal Red Hat instance) |
+| **Google Calendar** | GoogleWorkspace skill scripts (`workspace.js calendar`) | Recurring meetings, cross-team engagement |
+| **Gmail / mu** | `mu find` (Maildir) + GoogleWorkspace skill scripts | Meeting notes (Gemini), key email threads, outbound communications |
+| **Google Drive** | GoogleWorkspace skill scripts (`workspace.js drive-search`) | Documents authored/co-authored |
+| **Slack** | Slack skill tools | Notable messages, announcements |
+
+## Quarter Date Ranges
+
+- Q1: Jan 1 – Mar 31
+- Q2: Apr 1 – Jun 30
+- Q3: Jul 1 – Sep 30
+- Q4: Oct 1 – Dec 31
+
+## Identity
+
+| Field | Value |
+|-------|-------|
+| Full name | Vincent Demeester |
+| Username | vdemeest |
+| GitHub | vdemeester |
+| GitLab | vdemeest |
+| Email | vdemeest@redhat.com |
+| Title | Senior Principal Software Engineer |
+| Team | R&D Secure Flow |
+| Manager | Eyal Edri, Director Engineering |
+
+## Output
+
+The report is written to `~/desktop/downloads/q<N>-<YEAR>-achievements-vincent-demeester.html`.
dots/config/claude/settings.json
@@ -102,7 +102,8 @@
"hookify@claude-code-plugins": true,
"gh-tools@vdemeester-claude-code-plugins": true,
"session-manager": true,
- "gopls-lsp@claude-plugins-official": true
+ "gopls-lsp@claude-plugins-official": true,
+ "typescript-lsp@claude-plugins-official": true
},
"alwaysThinkingEnabled": true,
"mcpServers": {