Use API bounty state in submission gate

[jtc268]

Summary:

• Use the validated MergeWork API bounty state when live submission-gate context has an API row for a bounty.
• Add a regression for the false-fail case where GitHub issue state is closed but the API row is open with awards remaining.

Linked bounty:
Refs #406

Evidence:
Before this fix, _load_live_context() could build a bounty with payability_verified: true and API awards_remaining: 1, but keep the GitHub issue state: CLOSED. evaluate_submission() then failed the claim as closed/exhausted even though the API row said it was payable.

Changed files:

• scripts/submission_quality_gate.py
• tests/test_submission_quality_gate.py

Tests:

• PYTEST_DISABLE_PLUGIN_AUTOLOAD=1 uv run --extra dev python -m pytest tests/test_submission_quality_gate.py::test_submission_quality_gate_live_context_uses_api_state_for_payability -q -> 1 passed
• PYTEST_DISABLE_PLUGIN_AUTOLOAD=1 uv run --extra dev python -m pytest tests/test_submission_quality_gate.py -q -> 24 passed
• PYTEST_DISABLE_PLUGIN_AUTOLOAD=1 uv run --extra dev python -m pytest -q -> 415 passed
• uv run --extra dev ruff check scripts/submission_quality_gate.py tests/test_submission_quality_gate.py -> passed
• uv run --extra dev ruff format --check scripts/submission_quality_gate.py tests/test_submission_quality_gate.py -> 2 files already formatted
• uv run --extra dev mypy app scripts/submission_quality_gate.py -> success
• PYTEST_DISABLE_PLUGIN_AUTOLOAD=1 uv run --extra dev python scripts/docs_smoke.py -> docs smoke ok
• git diff --check -> clean

Out of scope:

• No changes to API loading, active-attempt validation, wallet code, tokenomics, public transfer claims, or payout policy.

Summary by CodeRabbit

• Bug Fixes

  • Improved bounty state evaluation logic to prioritize API-provided data, resulting in more accurate payability assessments.

• Tests

  • Added test coverage for bounty state evaluation scenarios.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 00694a54-f635-4df9-8370-49e7e3871db4

📥 Commits

Reviewing files that changed from the base of the PR and between d8532d4 and 7141b1f.

📒 Files selected for processing (2)

• scripts/submission_quality_gate.py
• tests/test_submission_quality_gate.py

---

📝 Walkthrough

Walkthrough

Live-context bounty state resolution now prefers MergeWork API state over GitHub issue state when available. The _load_live_context function uses api_bounty.get("state") with fallback to issue.get("state"). A new test validates that the payability check uses API-provided state over GitHub state.

Changes

API Bounty State Preference

Layer / File(s)	Summary
API bounty state preference with payability validation scripts/submission_quality_gate.py, tests/test_submission_quality_gate.py	Live-context bounty state is set from the MergeWork API bounty record when available, falling back to GitHub issue state. A test verifies that evaluate_submission uses the API state for bounty_payable checks, passing when API state is "open" despite GitHub issue state being "CLOSED".

Possibly related PRs

• ramimbo/mergework#325: Modifies submission quality gate live-context bounty handling and payability logic by drawing signals from MergeWork API data.

🚥 Pre-merge checks | ✅ 5 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Bounty Pr Focus	⚠️ Warning	PR objectives claim +1/-1 lines in 2 files, but commit adds 129 files with 1453+ lines. Core API state fallback functionality is correctly implemented and tested.	Accurately reflect that this is a fresh repo addition (129 files, 1453+ insertions), not incremental 2-file ±1 line change.

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly describes the main change: using API bounty state in the submission gate logic.
Description check	✅ Passed	The description covers summary, evidence, changed files, test results, and out-of-scope items. All required sections are present.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Mergework Public Artifact Hygiene	✅ Passed	No investment, price, cash-out, fabricated payout, or security claims in PR. Only code changes to submission quality gate logic, no README/docs modified.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[GHX5T-SOL]

Reviewed PR #481 at current head 7141b1fffb37fd9c7d1f614ec7769ee9fb25e560 as a non-author review. No blocker found in this focused pass.

Evidence checked:

• Diff is limited to scripts/submission_quality_gate.py and tests/test_submission_quality_gate.py.
• _load_live_context() already uses MergeWork API rows to verify awards_remaining; this change also takes the API state when the API row is present, so a stale/closed GitHub issue state cannot false-fail a bounty that the MergeWork API says is open and payable.
• The new regression covers the exact mismatch: GitHub issue CLOSED, API row open with awards_remaining: 1, and the gate now reports bounty_payable as passing instead of closed/exhausted.
• Current live public API rows for ramimbo/mergework#406 and #447 both report status: open with awards remaining, matching the intended API-as-payability-source behavior.
• GitHub CI is successful and CodeRabbit reports no actionable comments on the reviewed head.

Validation run locally:

• uv run --extra dev python -m pytest tests/test_submission_quality_gate.py -q -> 24 passed
• uv run --extra dev python -m pytest tests/test_pr_queue_health.py -q -> 9 passed
• uv run --extra dev python -m pytest -q -> 415 passed
• uv run --extra dev ruff check scripts/submission_quality_gate.py tests/test_submission_quality_gate.py -> passed
• uv run --extra dev ruff format --check scripts/submission_quality_gate.py tests/test_submission_quality_gate.py -> 2 files already formatted
• uv run --extra dev python -m mypy scripts/submission_quality_gate.py -> success
• uv run --extra dev python scripts/docs_smoke.py -> docs smoke ok
• git diff --check origin/main...HEAD -> clean
• gitleaks detect --no-banner --redact --source . --log-opts origin/main..HEAD --exit-code 1 -> no leaks found

Assessment: this is a narrow correctness fix for the live submission gate. It keeps GitHub issue data as the fallback, but when API payability data is present it makes the state and awards source consistent.

[adliebe]

Reviewed current head 7141b1fffb37fd9c7d1f614ec7769ee9fb25e560. No blocker found.

This is a focused correctness fix for the live submission quality gate: when MergeWork API bounty data is available, the gate should use the API-backed bounty state for payability instead of the GitHub issue state. I checked the API-field boundary specifically because the live API returns status, while the gate internally evaluates state.

Evidence inspected:

• scripts/submission_quality_gate.py lines 399-421 on this head: _load_api_bounties() reads /api/v1/bounties?status=open, filters by repo, and normalizes live API status into internal state via item.get("status", "open").
• scripts/submission_quality_gate.py lines 495-517: _load_live_context() loads API bounties first, then sets bounty state from api_bounty.get("state", issue.get("state")), so the one-line change consumes the normalized API field rather than raw API JSON.
• Live API readback from https://api.mrwk.ltclab.site/api/v1/bounties?status=open&limit=1 shows bounty rows expose status: "open" plus awards_remaining, matching the loader's normalization contract.
• The added regression covers the intended stale-GitHub-state case: GitHub issue CLOSED, API bounty open, awards_remaining: 1, and the gate now passes bounty_payable.
• GitHub current-head checks are successful: Quality, readiness, docs, and image checks and CodeRabbit both passed for this head.

I did not rerun local pytest in this Windows workspace; this review is based on exact current-head file inspection, live API readback, the PR regression, and successful remote CI. The API status -> internal state normalization is the key path, and it is covered by the current implementation.