- Move check-dependencies into ci.yml as Checks / Dependencies
(upgrade to osv-scanner-reusable-pr.yml@v2.3.3, drop merge_group)
- Move pr-scan into ci.yml as Checks / Image
(upgrade Trivy to 0.33.1, use SARIF + upload-sarif instead of
custom PR comment logic)
- Rename Setup job to Build
- Fix format job git checkout HEAD^2 to only run on pull_request
- Rename PHPStan step correctly (was mislabeled CodeQL)
- Add Docker Hub login to benchmark job
- Remove no-op pull_request trigger from ai-moderator
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Merge linter, static-analysis, tests, and benchmark workflows into ci.yml
with structured job naming (Checks / Format, Tests / E2E / ..., etc.).
Shared Docker image build between tests and benchmark. Update actions to
latest versions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
loks0n