diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..871c592 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,9 @@ +version: 2 +updates: + - package-ecosystem: github-actions + directory: / + schedule: + interval: weekly + labels: + - dependencies + - github-actions diff --git a/.github/workflows/autoclose-labeled-issues.yml b/.github/workflows/autoclose-labeled-issues.yml index 45b4bf5..2d8173c 100644 --- a/.github/workflows/autoclose-labeled-issues.yml +++ b/.github/workflows/autoclose-labeled-issues.yml @@ -26,7 +26,7 @@ jobs: timeout-minutes: 10 steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v7 - name: Close inactive duplicate issues env: diff --git a/.github/workflows/backfill-dedupe.yml b/.github/workflows/backfill-dedupe.yml index ef0edff..9518a3e 100644 --- a/.github/workflows/backfill-dedupe.yml +++ b/.github/workflows/backfill-dedupe.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v7 - name: Fetch issues and run dedupe env: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..ea02994 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,34 @@ +name: CodeQL + +on: + push: + branches: [main] + pull_request: + branches: [main] + schedule: + - cron: '37 9 * * 1' + +permissions: + security-events: write + contents: read + actions: read + +jobs: + analyze: + name: Analyze (actions) + runs-on: ubuntu-latest + timeout-minutes: 30 + steps: + - name: Checkout repository + uses: actions/checkout@v7 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v4 + with: + languages: actions + build-mode: none + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v4 + with: + category: /language:actions diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml new file mode 100644 index 0000000..dcd7025 --- /dev/null +++ b/.github/workflows/dependency-review.yml @@ -0,0 +1,22 @@ +name: Dependency Review + +on: + pull_request: + branches: [main] + +permissions: + contents: read + +jobs: + dependency-review: + name: Dependency Review + runs-on: ubuntu-latest + timeout-minutes: 10 + steps: + - name: Checkout repository + uses: actions/checkout@v7 + + - name: Dependency Review + uses: actions/dependency-review-action@v4 + with: + fail-on-severity: moderate diff --git a/.github/workflows/issue-dedupe.yml b/.github/workflows/issue-dedupe.yml index 096401f..287570d 100644 --- a/.github/workflows/issue-dedupe.yml +++ b/.github/workflows/issue-dedupe.yml @@ -31,7 +31,7 @@ jobs: !endsWith(github.actor, '[bot]') && github.actor != 'github-actions') steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v7 - name: Determine issue number id: issue diff --git a/README.md b/README.md index d18b212..24d2967 100644 --- a/README.md +++ b/README.md @@ -13,10 +13,10 @@ # PageIndex: Vectorless, Reasoning-based RAG -
Reasoning-based RAG ◦ No Vector DB ◦ No Chunking ◦ Human-like Retrieval
+Reasoning-based RAG ◦ No Vector DB, No Chunking ◦ Context-Aware Retrieval ◦ Reads Like a Human