From e70b91da78b1cd5ee75a5ac0ca1545a5bffa2fa6 Mon Sep 17 00:00:00 2001
From: JacobPEvans <20714140+JacobPEvans@users.noreply.github.com>
Date: Sat, 14 Mar 2026 01:02:54 -0400
Subject: [PATCH 1/3] fix(ci): exclude lock files from file-size checks

Lock files (flake.lock, package-lock.json, yarn.lock, etc.) are
auto-generated and should not be subject to file size or line count
limits. This was causing CI failures on repos with large lock files.

(claude)
---
 .github/workflows/_file-size.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/_file-size.yml b/.github/workflows/_file-size.yml
index d56ccd9..6a1b9ff 100644
--- a/.github/workflows/_file-size.yml
+++ b/.github/workflows/_file-size.yml
@@ -50,7 +50,7 @@ jobs:
                 echo "FAIL: $file (${size_kb}KB > ${MAX_FILE_SIZE_KB}KB)"
                 EXIT_CODE=1
               fi
-            done < <(find . -type f -not -path './.git/*' -not -path './node_modules/*' -not -path './result*' -print0)
+            done < <(find . -type f -not -path './.git/*' -not -path './node_modules/*' -not -path './result*' -not -name '*.lock' -print0)
 
             echo ""
             echo "=== Line Count Check (max: ${MAX_LINE_COUNT} lines) ==="
@@ -62,7 +62,7 @@ jobs:
                   EXIT_CODE=1
                 fi
               fi
-            done < <(find . -type f -not -path './.git/*' -not -path './node_modules/*' -not -path './result*' -print0)
+            done < <(find . -type f -not -path './.git/*' -not -path './node_modules/*' -not -path './result*' -not -name '*.lock' -print0)
 
             exit $EXIT_CODE
           fi

From 7c39ff774e4f9ac2e97e291f00337c8e8eef2453 Mon Sep 17 00:00:00 2001
From: JacobPEvans <20714140+JacobPEvans@users.noreply.github.com>
Date: Sat, 14 Mar 2026 09:03:49 -0400
Subject: [PATCH 2/3] fix(ci): broaden lock file exclusions for
 package-lock.json and pnpm-lock.yaml

(claude)
---
 .github/workflows/_file-size.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/_file-size.yml b/.github/workflows/_file-size.yml
index 6a1b9ff..19c83fb 100644
--- a/.github/workflows/_file-size.yml
+++ b/.github/workflows/_file-size.yml
@@ -50,7 +50,7 @@ jobs:
                 echo "FAIL: $file (${size_kb}KB > ${MAX_FILE_SIZE_KB}KB)"
                 EXIT_CODE=1
               fi
-            done < <(find . -type f -not -path './.git/*' -not -path './node_modules/*' -not -path './result*' -not -name '*.lock' -print0)
+            done < <(find . -type f -not -path './.git/*' -not -path './node_modules/*' -not -path './result*' -not -name '*.lock' -not -name 'package-lock.json' -not -name 'pnpm-lock.yaml' -print0)
 
             echo ""
             echo "=== Line Count Check (max: ${MAX_LINE_COUNT} lines) ==="
@@ -62,7 +62,7 @@ jobs:
                   EXIT_CODE=1
                 fi
               fi
-            done < <(find . -type f -not -path './.git/*' -not -path './node_modules/*' -not -path './result*' -not -name '*.lock' -print0)
+            done < <(find . -type f -not -path './.git/*' -not -path './node_modules/*' -not -path './result*' -not -name '*.lock' -not -name 'package-lock.json' -not -name 'pnpm-lock.yaml' -print0)
 
             exit $EXIT_CODE
           fi

From 7fe98395d884409855af85d986e9269868adbe90 Mon Sep 17 00:00:00 2001
From: JacobPEvans <20714140+JacobPEvans@users.noreply.github.com>
Date: Sat, 14 Mar 2026 11:24:30 -0400
Subject: [PATCH 3/3] fix(ci): simplify file-size workflow to size-only with
 JSON exclusions
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Drop line count check entirely — it added a second find traversal plus
expensive `file` detection per file with little value over size limits.

Replace hardcoded find exclusions with a configurable `exclude-patterns`
JSON array input so callers can customize without forking. Use `stat -c%s`
instead of `wc -c` for faster size reads and `::error` annotations for
inline PR feedback.

BREAKING: removes `max-line-count` input — nix-ai needs to drop this
parameter from its ci-gate.yml caller.

(claude)
---
 .github/workflows/_file-size.yml | 69 +++++++++++++-------------------
 1 file changed, 27 insertions(+), 42 deletions(-)

diff --git a/.github/workflows/_file-size.yml b/.github/workflows/_file-size.yml
index 19c83fb..55b76c8 100644
--- a/.github/workflows/_file-size.yml
+++ b/.github/workflows/_file-size.yml
@@ -1,21 +1,18 @@
 # Reusable: File Size Check
-# Checks that no files exceed size limits. Uses repo's own config script if
-# available, otherwise falls back to inline defaults.
+# Delegates to repo's own script if available, otherwise runs inline check.
 name: _file-size
 
 on:
   workflow_call:
     inputs:
       max-file-size-kb:
-        description: "Maximum file size in KB (default: 500)"
-        required: false
+        description: "Maximum file size in KB"
         type: number
         default: 500
-      max-line-count:
-        description: "Maximum line count per file (default: 1000)"
-        required: false
-        type: number
-        default: 1000
+      exclude-patterns:
+        description: 'JSON array of find exclusions (path if contains /, name otherwise)'
+        type: string
+        default: '["./.git/*", "./node_modules/*", "./result*", "*.lock", "package-lock.json", "pnpm-lock.yaml"]'
 
 concurrency:
   group: file-size-${{ github.workflow }}-${{ github.ref }}
@@ -29,40 +26,28 @@ jobs:
     name: Check
     runs-on: ubuntu-latest
     steps:
-      - name: Checkout
-        uses: actions/checkout@v6
+      - uses: actions/checkout@v6
 
       - name: Check file sizes
         env:
-          MAX_FILE_SIZE_KB: ${{ inputs.max-file-size-kb }}
-          MAX_LINE_COUNT: ${{ inputs.max-line-count }}
+          MAX_KB: ${{ inputs.max-file-size-kb }}
+          EXCLUDES: ${{ inputs.exclude-patterns }}
         run: |
-          # Use repo's own script if available, otherwise inline check
-          if [ -x "./scripts/workflows/check-file-sizes.sh" ]; then
-            ./scripts/workflows/check-file-sizes.sh
-          else
-            EXIT_CODE=0
-
-            echo "=== File Size Check (max: ${MAX_FILE_SIZE_KB}KB) ==="
-            while IFS= read -r -d '' file; do
-              size_kb=$(( $(wc -c < "$file") / 1024 ))
-              if [ "$size_kb" -gt "$MAX_FILE_SIZE_KB" ]; then
-                echo "FAIL: $file (${size_kb}KB > ${MAX_FILE_SIZE_KB}KB)"
-                EXIT_CODE=1
-              fi
-            done < <(find . -type f -not -path './.git/*' -not -path './node_modules/*' -not -path './result*' -not -name '*.lock' -not -name 'package-lock.json' -not -name 'pnpm-lock.yaml' -print0)
-
-            echo ""
-            echo "=== Line Count Check (max: ${MAX_LINE_COUNT} lines) ==="
-            while IFS= read -r -d '' file; do
-              if file "$file" | grep -q text; then
-                lines=$(wc -l < "$file")
-                if [ "$lines" -gt "$MAX_LINE_COUNT" ]; then
-                  echo "FAIL: $file (${lines} lines > ${MAX_LINE_COUNT})"
-                  EXIT_CODE=1
-                fi
-              fi
-            done < <(find . -type f -not -path './.git/*' -not -path './node_modules/*' -not -path './result*' -not -name '*.lock' -not -name 'package-lock.json' -not -name 'pnpm-lock.yaml' -print0)
-
-            exit $EXIT_CODE
-          fi
+          # Delegate to repo script if available
+          [ -x "./scripts/workflows/check-file-sizes.sh" ] && exec ./scripts/workflows/check-file-sizes.sh
+
+          # Build find exclusions from JSON input
+          args=()
+          for p in $(echo "$EXCLUDES" | jq -r '.[]'); do
+            [[ "$p" == */* ]] && args+=(-not -path "$p") || args+=(-not -name "$p")
+          done
+
+          rc=0
+          while IFS= read -r -d '' f; do
+            kb=$(( $(stat -c%s "$f") / 1024 ))
+            if [ "$kb" -gt "$MAX_KB" ]; then
+              echo "::error file=$f::${kb}KB exceeds ${MAX_KB}KB limit"
+              rc=1
+            fi
+          done < <(find . -type f "${args[@]}" -print0)
+          exit $rc