From #45 (design review). forge_config.CONFIG_KEYS is the declared enumeration of every [tool.forge.*] key forge reads, but nothing couples it to the actual readers (config.load_config, verify_cli_wiring, verify_docstring_coverage._badge_enabled/_scan_paths). A new reader can land without a CONFIG_KEYS entry, or a CONFIG_KEYS entry can go stale — forge-config --list would then show an incomplete/incorrect picture silently.
Proposal
A test (or forge-audit-*-style check) that greps the source tree for each CONFIG_KEYS path's read-site (e.g. get("<leaf>"), failing when:
- a key is in CONFIG_KEYS but no reader references it (stale registry entry), or
- a
[tool.forge.*] read-site appears with no matching CONFIG_KEYS entry (undocumented key).
Makes the 'CONFIG_KEYS is the single enumeration' claim enforced, not convention. Non-blocking discovery; ties in with the advisor's transparency goal.
Related: #12 (the advisor), #6 (would add [tool.forge.precommit] keys the registry must then cover).
From #45 (design review).
forge_config.CONFIG_KEYSis the declared enumeration of every[tool.forge.*]key forge reads, but nothing couples it to the actual readers (config.load_config,verify_cli_wiring,verify_docstring_coverage._badge_enabled/_scan_paths). A new reader can land without a CONFIG_KEYS entry, or a CONFIG_KEYS entry can go stale —forge-config --listwould then show an incomplete/incorrect picture silently.Proposal
A test (or
forge-audit-*-style check) that greps the source tree for eachCONFIG_KEYSpath's read-site (e.g.get("<leaf>"), failing when:[tool.forge.*]read-site appears with no matching CONFIG_KEYS entry (undocumented key).Makes the 'CONFIG_KEYS is the single enumeration' claim enforced, not convention. Non-blocking discovery; ties in with the advisor's transparency goal.
Related: #12 (the advisor), #6 (would add
[tool.forge.precommit]keys the registry must then cover).