Summary
Make repository green checks trustworthy by aligning CI, pre-commit, and automated PR review semantics so required checks actually block and advisory checks are explicitly advisory.
Why
Current quality coverage is broad, but enforcement is inconsistent:
- some CI jobs in
pr-orchestrator.yml still suppress failure while looking authoritative in GitHub
- local pre-commit behavior is stronger in the smart-check wrapper than in
.pre-commit-config.yaml
- CodeRabbit auto-review covers
dev PRs but not main-bound release PRs
dev -> main fast-path skipping can hide follow-up commit risk
That makes "green checks" less trustworthy than they should be.
Proposed changes
- harden required jobs in
.github/workflows/pr-orchestrator.yml so required tool failures fail the job
- define explicit required vs advisory gate taxonomy and naming
- tighten
dev -> main skip logic so fast-path skips only happen when parity is provable
- require workflow lint/static validation in CI for
.github/workflows/** changes
- align supported local pre-commit installation with core CI gate semantics
- extend CodeRabbit auto-review coverage to both
dev and main
OpenSpec
- Change ID:
ci-02-trustworthy-green-checks
- Proposal:
openspec/changes/ci-02-trustworthy-green-checks/proposal.md
- Validation:
openspec validate ci-02-trustworthy-green-checks --strict ✅
Parent Feature
Summary
Make repository green checks trustworthy by aligning CI, pre-commit, and automated PR review semantics so required checks actually block and advisory checks are explicitly advisory.
Why
Current quality coverage is broad, but enforcement is inconsistent:
pr-orchestrator.ymlstill suppress failure while looking authoritative in GitHub.pre-commit-config.yamldevPRs but notmain-bound release PRsdev -> mainfast-path skipping can hide follow-up commit riskThat makes "green checks" less trustworthy than they should be.
Proposed changes
.github/workflows/pr-orchestrator.ymlso required tool failures fail the jobdev -> mainskip logic so fast-path skips only happen when parity is provable.github/workflows/**changesdevandmainOpenSpec
ci-02-trustworthy-green-checksopenspec/changes/ci-02-trustworthy-green-checks/proposal.mdopenspec validate ci-02-trustworthy-green-checks --strict✅Parent Feature