add git action to keep ledger clear signing registry updated

[0xDEnYO]

Which Jira task belongs to this PR?

Why did I implement it this way?

Checklist before requesting a review

• I have performed a self-review of my code
• This pull request is as small as possible and only tackles one problem
• I have added tests that cover the functionality / test the bug
• For new facets: I have checked all points from this list: https://www.notion.so/lifi/New-Facet-Contract-Checklist-157f0ff14ac78095a2b8f999d655622e
• I have updated any required documentation

Checklist for reviewer (DO NOT DEPLOY and contracts BEFORE CHECKING THIS!!!)

• I have checked that any arbitrary calls to external contracts are validated and or restricted
• I have checked that any privileged calls (i.e. storage modifications) are validated and or restricted
• I have ensured that any new contracts have had AT A MINIMUM 1 preliminary audit conducted on by <company/auditor>

[coderabbitai]

Warning

Rate limit exceeded

@0xDEnYO has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 15 minutes and 1 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

Walkthrough

Adds a GitHub Actions pinning guideline, a scheduled/manual workflow to regenerate and sync the Ledger Clear Signing (ERC-7730) registry, and a new TypeScript CLI that builds, diffs, and updates a Ledger registry JSON from Foundry artifacts and deployments.

Changes

Cohort / File(s)	Summary
GitHub Actions Conventions \.cursor/rules/500-github-actions.mdc	Introduces a rule requiring all non-local GitHub Actions be pinned to immutable full commit SHAs; adds Good (SHA-pinned) and Bad (tagged) examples.
Ledger Sync Workflow .github/workflows/syncLedgerClearSigning.yml	Adds a workflow "Sync Ledger Clear Signing (ERC-7730)" that builds artifacts, regenerates registry/calldata-LIFIDiamond.json, clones/prepares a fork branch (sync/lifi-erc7730), commits/pushes changes, and creates/updates a PR; triggered by manual dispatch, daily schedule, and relevant pushes.
Ledger Generation CLI tasks/generateLedgerClearSigning.ts	New CLI implementing ABI aggregation/deduplication from Foundry facet artifacts, normalized deployment extraction, diffing against a remote ledger (functions and deployments), printing diffs, and writing merged output with various CLI flags.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• Update solc and evm version #981 — Alters ABI-cleaning tooling; related because both PRs modify/introduce scripts that process and deduplicate contract ABIs.

Suggested labels

WIP

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description only contains the unfilled template with no actual information provided. Critical sections like Jira task, implementation rationale, and checklist items remain unchecked and undocumented.	Fill in the PR description with: the relevant Jira task ID, clear explanation of why this implementation approach was chosen, and check off completed checklist items with supporting details.
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly describes the main change: adding a GitHub Action to keep the ledger clear signing registry updated. It's concise and directly related to the changeset.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch add-ledger-clear-signing-git-action

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)

• JIRA integration encountered authorization issues. Please disconnect and reconnect the integration in the CodeRabbit UI.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In @.github/workflows/syncLedgerClearSigning.yml:
- Around line 92-99: Unset the default GITHUB_TOKEN and authenticate the gh CLI
with the custom PAT before calling gh commands: remove reliance on implicit
GITHUB_TOKEN by unsetting GITHUB_TOKEN, export GH_TOKEN="${LEDGER_SYNC_TOKEN}"
(or set a GH_PAT variable), and run gh auth login --with-token piping the PAT so
subsequent calls that use HEAD_REF and gh pr view / gh pr edit authenticate with
the provided PAT rather than the default token.
- Around line 22-30: Move the top-level concurrency block into the single job
definition so the workflow follows required section ordering: remove the
top-level "concurrency" and add a job-level concurrency entry under the
"sync-ledger" job (use the same group name "sync-ledger-clear-signing" and
"cancel-in-progress: true"); ensure "permissions" remains at top level and
"jobs" contains "sync-ledger" with the new concurrency key so the file validates
and behavior is unchanged.