ci: validate registry schema + type-list consistency on PR#86
Merged
Conversation
Two new data-quality checks running on every PR that touches registry data or the schema. 1. scripts/validate-registry-schema.py — validates every registry/**/*.json against schemas/registry-namespace.schema.json. Catches malformed entries (missing required fields, wrong types, invalid enums) before they reach production KV. Current state: all 1,768 registry files already pass; the script is preventive going forward. 2. scripts/validate-type-list.py — verifies the JSON Schema's `type` enum matches SecID-Service's canonical TYPE_REGISTRY in type-registry.ts. These two files are independent hardcoded sources of truth (per CLAUDE.md's WARNING block); the script catches drift between them at PR time rather than in production. Fetches type-registry.ts from main branch by default; --type-registry-path for offline testing. 3. .github/workflows/validate-registry.yml — wires both into CI on PRs that modify registry data, the schema, or the scripts themselves. Together with validate-subtypes.py (existing), the three checks form the spec-side test surface: schema validity for entries, type consistency across repos, subtype consistency across repos. Verified locally: both scripts exit 0 against current main. Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds two data-quality CI checks for the spec repo and a workflow to run them. Part of Phase 0 of the testing-maturity initiative.
What the checks do
`scripts/validate-registry-schema.py`
Validates every `registry/**/*.json` against `schemas/registry-namespace.schema.json`. Currently all 1,768 registry files pass; the check is preventive going forward — catches malformed entries (missing required fields, wrong types, invalid enums) before they reach production KV.
`scripts/validate-type-list.py`
Verifies the schema's `type` enum matches SecID-Service's canonical `TYPE_REGISTRY` in `src/type-registry.ts`. These are independent hardcoded sources of truth (per CLAUDE.md's WARNING block), so drift is possible. The script catches it at PR time rather than at production.
By default fetches `type-registry.ts` from `main`; `--type-registry-path` for offline testing.
Combined coverage
Together with the existing `validate-subtypes.py`, the three checks form the spec-side test surface:
Verified locally
Security review
🤖 Generated with Claude Code