maintenance: expand weekly guardrails, add utils.js tests, PR hygiene CI

[comphy-bot]

Description

Implements all four maintenance items identified from the March 16–20 PR chain review (#62, #73, #75, #76, #77).

Changes Made

1. Expanded weekly-tests.yml (was: npm test + lint only)

The weekly schedule now also runs:

• python3 scripts/check-content-rules-trigger-parity.py
• ./scripts/validate-content-rules.sh
• bash tests/deploy-script-regression.sh
• npm test -- --runInBand tests/news-bullet-regression.test.js tests/command-palette-stale-search.test.js
• markdownlint-cli2 over teaching content
• bash scripts/check-ruby-toolchain.sh (using ruby/setup-ruby with the pinned .ruby-version)
• bundle exec jekyll build — exercises the Ruby+Node pipeline end-to-end

All the guardrails added in PRs #73/#76 now run continuously, not just when their source paths change.

2. New tests/utils.test.js (18 tests)

Direct Jest coverage for assets/js/utils.js shared utilities — previously untested:

• initScrollReveal(): IO unavailable → immediate fallback; IO available → observer set up and fires; no blocks → no-op
• copyToClipboard(): navigator.clipboard path; execCommand fallback when clipboard missing; fallback when writeText rejects; no-text guard; data-text / data-clipboard-text / explicit argument variants
• safeQuery() / safeQueryAll(): valid selector, no match, invalid selector (warn + null/[]), context element
• window.Utils export shape and backwards-compat aliases

All 69 tests pass (18 new + 51 existing).

3. New pr-hygiene-check.yml (warning mode)

Flags PRs that mix dependency/security changes with unrelated app/content files — the pattern that let CVE+issue-closure mixing slip through in #77.

• Runs in warning-only mode (ENFORCE: false) — never blocks merge
• Suppress with the mixed-changes-ok label on a PR
• Flip ENFORCE: true to make it a hard failure once confidence is high

4. PR template: regression-test / follow-up requirement

Added one checklist item:

Every accepted review finding that identifies a reproducible bug or edge case either lands a regression test in this PR or has a linked follow-up issue referenced in the thread resolution

Testing Done

• npx jest --runInBand --no-coverage: 69/69 pass
• Workflow YAML validated (no syntax errors)
• weekly-tests.yml script commands verified against files present in repo

Type of Change

• Bug fix
• New feature

Checklist

• Code follows the project's style guidelines
• Changes have been tested locally
• This PR is single-purpose and does not mix dependency/security updates with unrelated formatting or content cleanups
• All review threads are resolved or have an explicit won't-fix / follow-up disposition before merge
• Every accepted review finding that identifies a reproducible bug or edge case either lands a regression test in this PR or has a linked follow-up issue referenced in the thread resolution

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: bff45ba799

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".