Trigger chain
There is no dedicated merge or push stage governance-sync workflow today. Governance repair happens on the Monday schedule or when a maintainer runs it manually.
Auto-fixed vs needs human
Auto-repaired- Phantom JSON entries are removed from
tasks/reports/script-classifications.json. - Missing JSON rows can be added when a governed script already has valid category, purpose, and scope metadata.
- Existing JSON rows can be updated from valid header metadata when missing fields are safely recoverable.
@owneris backfilled todocs.@scriptis derived from the filename when it is missing.@usageis derived from the file path and command type when it is missing.@pipelineis corrected only when the proposed value is a safe superset of detected automation triggers.- Script indexes and aggregate indexes are regenerated when governance changes affect them.
- Missing or invalid
@category - Missing or invalid
@purpose - Missing or invalid
@scope - Missing
@needs - Missing
@purpose-statement - Unsafe pipeline mismatches, including claims that would hide detected triggers
- Missing classification rows that cannot be created from already valid metadata
- Wiring decisions such as whether a script should stay manual or join a commit, PR, or scheduled path
Commands
Adding a new script
- Create the script under a governed root such as
operations/scripts/,tests/,.githooks/, ortasks/scripts/. - Add the framework header fields:
@script,@category,@purpose,@scope,@owner,@needs,@purpose-statement,@pipeline, and@usage. - Run
node tests/unit/script-docs.test.js --write --rebuild-indexes. - Commit the change. The pre-commit hook can auto-fill a missing placeholder template for newly added scripts, but it does not invent judgement fields for you.
- Open the pull request and let
tests/run-pr-checks.jsverify the changed governance surface. - Use the weekly repair workflow or a manual
repair-governancerun to sync safe JSON and header drift after the script lands.
The 9-field schema
tests/unit/script-docs.test.js currently enforces the framework header set including @needs, @purpose-statement, and @pipeline. Governance repair extends that model by deriving @usage and other safe defaults where possible, but it still treats judgement fields and risky pipeline changes as human work.