fix(t3275): address quality-debt review feedback for milestone-validation-worker.sh

[alex-solovyev]

Summary

Addresses all 5 findings from the CodeRabbit review on PR #2519 for .agents/scripts/milestone-validation-worker.sh.

Closes #3275

Changes

CRITICAL fixes

• Reject --max-retries 0: Updated regex from ^[0-9]+$ to ^[1-9][0-9]*$ so zero is rejected with a clear error. Previously --max-retries 0 skipped the validation loop entirely and returned success without running any checks.

• Dependency install failure no longer aborts early: Changed return 1 to return 0 in check_dependencies after recording the failure. Under set -e, the previous return 1 could abort the script before report generation, mission status update, and fix-task creation ran.

HIGH fix

• ShellCheck recurses into subdirectories: Removed -maxdepth 1 from the find invocation so all .agents/scripts/**/*.sh files are linted, not just top-level scripts.

MEDIUM fixes

• Lint/type-check is now advisory: Changed record_fail → record_warning for JS linter, TypeScript type check, and Python ruff. These checks no longer flip the milestone to failed — they produce warnings only, consistent with documented behaviour.

• --json flag for machine-consumable output: Added JSON_OUTPUT config var, --json CLI flag, and generate_json_report function. When --json is set, human-readable logs are redirected to stderr and a single JSON object is emitted to stdout with: mission_id, milestone, total_checks, passed_count, failed_count, skipped_count, warnings_count, passed, failures[], warnings[], exit_code. Exit status behaviour is unchanged.

Verification

• ShellCheck: zero new violations (only pre-existing SC1091 info note for sourced file)

[gemini-code-assist]

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

[coderabbitai]

Important

Review skipped

Auto reviews are limited based on label configuration.

🚫 Review skipped — only excluded labels are configured. (1)

• no-review

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: ce8be57d-aa9a-480c-8dfe-7be45f494f71

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch bugfix/t3275-milestone-validation-quality-debt

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

�[0;34m[INFO]�[0m Latest Quality Status:
SonarCloud: 0 bugs, 0 vulnerabilities, 413 code smells

�[0;34m[INFO]�[0m Recent monitoring activity:
Sat Mar 14 05:57:56 UTC 2026: Code review monitoring started
Sat Mar 14 05:57:57 UTC 2026: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 413

📈 Current Quality Metrics

• BUGS: 0
• CODE SMELLS: 413
• VULNERABILITIES: 0

Generated on: Sat Mar 14 05:57:59 UTC 2026

---

Generated by AI DevOps Framework Code Review Monitoring

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud