Problem
Branch-protection JSON and pr-title.yml allow-lists drift independently from ci.yml jobs and pyproject.toml commitizen schema. Without an automated check, the drift is invisible until something breaks.
Proposed solution
Port .github/scripts/check_required_contexts.py (fails if a ci.yml job exists but is missing from branch-protection JSON). Port .github/scripts/check_commit_types.py (fails if commitizen schema_pattern disagrees with pr-title.yml allowed types). Wire both as CI jobs.
Acceptance criteria
Priority rationale
High: meta-gates are what distinguish a maintained harness from a snapshot. Without them, the harness rots.
Depends on
#9
Problem
Branch-protection JSON and
pr-title.ymlallow-lists drift independently fromci.ymljobs andpyproject.tomlcommitizen schema. Without an automated check, the drift is invisible until something breaks.Proposed solution
Port
.github/scripts/check_required_contexts.py(fails if aci.ymljob exists but is missing from branch-protection JSON). Port.github/scripts/check_commit_types.py(fails if commitizenschema_patterndisagrees withpr-title.ymlallowed types). Wire both as CI jobs.Acceptance criteria
check_required_contexts.pyruns in CI and exits non-zero on drift.check_commit_types.pyruns in CI and exits non-zero on drift.tests/test_check_commit_types.pyto lock down the parsing logic.Priority rationale
High: meta-gates are what distinguish a maintained harness from a snapshot. Without them, the harness rots.
Depends on
#9