Detector spec (from hypatia#333 Pattern 3)
Pattern 3 — Workflow has multiple cron: entries firing on the same day-of-week
Severity: medium (runner-cost waste, log noise)
Detection (Hypatia.Rules.CicdRules — cicd_waste_detection):
- Parse
on.schedule[].cron strings.
- Group by the day-of-week field (5th cron position). If 2+ entries fire on the same day-of-week (incl.
*), flag with the entries' minutes/hours.
- Special case: if one entry uses
* (every day) and another targets a specific day-of-week with the same hour:minute, the specific-day entry is a strict subset and should be removed.
Worked examples (this session):
hypatia/.github/workflows/tests.yml had 0 3 * * * (daily) + 0 3 * * 1 (Monday) — same hour, Monday is a subset. Fix: hypatia#331 dropped the Monday-only cron.hypatia/.github/workflows/verify-proofs.yml had 0 5 * * 1, 30 4 * * 1, 0 4 * * 1 — three Monday triggers inherited from pre-consolidation source workflows. Fix: hypatia#331 collapsed to a single 0 4 * * 1.
Remediation guidance to emit:
Collapse to a single cron unless the multiple triggers serve distinct purposes (e.g. different if: gates per trigger). If they're a consolidation artefact, drop the redundant entries.
Implementation pointers
- Detection algorithm: Parse
on.schedule[].cron; group by day-of-week (5th position); flag if 2+ entries share a day-of-week (incl. *). Special case: subset detection when * overlaps a specific day-of-week at the same hour:minute.
- Real-world example:
hypatia/.github/workflows/tests.yml (0 3 * * * + 0 3 * * 1 — Monday is a subset); hypatia/.github/workflows/verify-proofs.yml (three Monday crons inherited from consolidation).
- Landed fix (reference): hypatia#331 (dropped Monday-only cron in tests.yml; collapsed three Monday triggers to one in verify-proofs.yml).
- Rule statement: Collapse to a single cron unless the multiple triggers serve distinct purposes (e.g. different
if: gates per trigger). If they're a consolidation artefact, drop the redundant entries.
Acceptance
Source cohort: hypatia#333.
Detector spec (from hypatia#333 Pattern 3)
Pattern 3 — Workflow has multiple
cron:entries firing on the same day-of-weekSeverity: medium (runner-cost waste, log noise)
Detection (
Hypatia.Rules.CicdRules—cicd_waste_detection):on.schedule[].cronstrings.*), flag with the entries' minutes/hours.*(every day) and another targets a specific day-of-week with the same hour:minute, the specific-day entry is a strict subset and should be removed.Worked examples (this session):
hypatia/.github/workflows/tests.ymlhad0 3 * * *(daily) +0 3 * * 1(Monday) — same hour, Monday is a subset. Fix: hypatia#331 dropped the Monday-only cron.hypatia/.github/workflows/verify-proofs.ymlhad0 5 * * 1,30 4 * * 1,0 4 * * 1— three Monday triggers inherited from pre-consolidation source workflows. Fix: hypatia#331 collapsed to a single0 4 * * 1.Remediation guidance to emit:
Implementation pointers
on.schedule[].cron; group by day-of-week (5th position); flag if 2+ entries share a day-of-week (incl.*). Special case: subset detection when*overlaps a specific day-of-week at the same hour:minute.hypatia/.github/workflows/tests.yml(0 3 * * *+0 3 * * 1— Monday is a subset);hypatia/.github/workflows/verify-proofs.yml(three Monday crons inherited from consolidation).if:gates per trigger). If they're a consolidation artefact, drop the redundant entries.Acceptance
lib/rules/<name>.exif Elixir, or matching the repo's rule DSL)Source cohort: hypatia#333.