moonarch

nevaforget/moonarch

Fork 0

Commit Graph

Author	SHA1	Message	Date
nevaforget	ac2b210a1f	fix: audit remediation — security, quality and performance fixes All checks were successful Update PKGBUILD version / update-pkgver (push) Successful in 3s Details - CI Dockerfile: verify act_runner SHA256, restrict sudoers to safe pacman arguments (S-C1, S-C2) - cliphist: split into cliphist-text + cliphist-image services with Type=simple for proper PID tracking and restart (Q-C3) - batsaver-toggle: validate sysfs input as numeric, check state file write (Q-C2, S-W2) - udev battery rule: add ACTION=="add" filter to avoid firing on every battery event (Q-W3) - cpugov: replace eval with direct expansion, switch waybar module to signal-based updates, send SIGRTMIN+10 after toggle (Q-W1, S-W1, P-W4) - Remove docker group auto-assignment from install scripts (S-I1)	2026-04-08 11:45:56 +02:00
nevaforget	80c395fc14	feat: add cliphist service, move user services to /etc/systemd/user/ All checks were successful Update PKGBUILD version / update-pkgver (push) Successful in 2s Details - Add cliphist.service that wipes clipboard history on session start (crash-safe: cleans up at next boot, not at shutdown) - Move kanshi, walker, nautilus services from ~/.config/systemd/user/ to /etc/systemd/user/ (system-level defaults, consistent with moonarch's config philosophy) - Remove cliphist spawn-sh-at-startup from niri config (managed by systemd service now) - Add cliphist to USER_SERVICES in post-install.sh and transform.sh Closes #1	2026-04-07 11:27:49 +02:00

Author

SHA1

Message

Date

nevaforget

ac2b210a1f

fix: audit remediation — security, quality and performance fixes

Update PKGBUILD version / update-pkgver (push) Successful in 3s

Details

- CI Dockerfile: verify act_runner SHA256, restrict sudoers to safe
  pacman arguments (S-C1, S-C2)
- cliphist: split into cliphist-text + cliphist-image services with
  Type=simple for proper PID tracking and restart (Q-C3)
- batsaver-toggle: validate sysfs input as numeric, check state file
  write (Q-C2, S-W2)
- udev battery rule: add ACTION=="add" filter to avoid firing on
  every battery event (Q-W3)
- cpugov: replace eval with direct expansion, switch waybar module
  to signal-based updates, send SIGRTMIN+10 after toggle (Q-W1,
  S-W1, P-W4)
- Remove docker group auto-assignment from install scripts (S-I1)

2026-04-08 11:45:56 +02:00

nevaforget

80c395fc14

feat: add cliphist service, move user services to /etc/systemd/user/

Update PKGBUILD version / update-pkgver (push) Successful in 2s

Details

- Add cliphist.service that wipes clipboard history on session start
  (crash-safe: cleans up at next boot, not at shutdown)
- Move kanshi, walker, nautilus services from ~/.config/systemd/user/
  to /etc/systemd/user/ (system-level defaults, consistent with
  moonarch's config philosophy)
- Remove cliphist spawn-sh-at-startup from niri config (managed by
  systemd service now)
- Add cliphist to USER_SERVICES in post-install.sh and transform.sh

Closes #1

2026-04-07 11:27:49 +02:00

2 Commits