From 3692a6fa2260afd88013dc6edc74299e80a7c2f0 Mon Sep 17 00:00:00 2001 From: Curtis Mercier Date: Mon, 11 May 2026 03:33:11 -0400 Subject: [PATCH 1/2] fix(muscle): add missing triggers: field on verification-instinct (frontmatter validation) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The pr-review.yml frontmatter validator has been failing on muscles/verification-instinct.md since 2026-04-10 — it was added without a triggers: (or legacy topic:) field. Three consecutive PR CI runs flagged this but the file wasn't fixed; the workflow's failure has been a silent papercut for 4 weeks. Adds triggers: based on the muscle's content (verify, smoke-test, claim-done, rationalization, anti-pattern, discipline, quality). Also bumps version 1.0.0 → 1.0.1 and updated: date. This is also a smoke test for the meetsoma/community PR workflow itself — the last 3 PRs to this repo were April 10 (4 weeks ago); we want to verify pr-review.yml still functions before relying on it for upcoming soma-cmux hub-extension delivery (SX-747). Companion: .soma/releases/cycles/tools-architecture/cycle.md Phase 5 Seeded: s01-345201 (meetsoma) --- muscles/verification-instinct.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/muscles/verification-instinct.md b/muscles/verification-instinct.md index 987381a..b01d418 100644 --- a/muscles/verification-instinct.md +++ b/muscles/verification-instinct.md @@ -5,12 +5,13 @@ status: active description: "Before reporting work as done, verify it actually works. Run it. Not 'it looks correct' — run it. Recognize your own rationalizations for skipping checks." heat-default: cold tags: [quality, verification, anti-patterns, discipline] +triggers: [verify, verification, run-it, before-shipping, claim-done, smoke-test, rationalization, anti-pattern, discipline, quality] applies-to: [development, shipping] scope: bundled tier: core created: 2026-04-03 -updated: 2026-04-04 -version: 1.0.0 +updated: 2026-05-11 +version: 1.0.1 author: meetsoma license: MIT heat: 0 From 48f4c7a8247d8590832f7451698d77171b78102b Mon Sep 17 00:00:00 2001 From: Curtis Mercier Date: Mon, 11 May 2026 03:51:15 -0400 Subject: [PATCH 2/2] =?UTF-8?q?fix(ci):=20update=20SOMA=5FAPP=5FPEM=20App?= =?UTF-8?q?=20ID=203043971=20=E2=86=92=203108591?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The soma-agent GitHub App was rotated at some point; the workflow's hardcoded `app-id: 3043971` no longer matches the current app (`3108591` per github.com/organizations/meetsoma/settings/apps/soma-agent). This caused JWT decoding failures in the Auto-Merge job: the workflow signed JWTs with the new private key but claimed the wrong issuer (stale App ID), so GitHub rejected the JWT signature. Symptom: 'A JSON web token could not be decoded' in Auto-Merge step after SOMA_APP_PEM was rotated to a fresh key. Companion to PR #11 (verification-instinct triggers fix) — both needed to restore meetsoma/community CI workflow health. --- .github/workflows/pr-review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-review.yml b/.github/workflows/pr-review.yml index 34c45e1..96f8072 100644 --- a/.github/workflows/pr-review.yml +++ b/.github/workflows/pr-review.yml @@ -78,7 +78,7 @@ jobs: id: token uses: actions/create-github-app-token@v1 with: - app-id: 3043971 + app-id: 3108591 private-key: ${{ secrets.SOMA_APP_PEM }} - name: Approve and merge