CI health gates: workspace integrity, prerelease guard, export smoke #114
Description
Summary
Add 3 new CI validation gates to squad-ci.yml motivated by the PR bradygaster#640 prerelease version incident where npm silently resolved a stale published SDK instead of the local workspace copy.
Gates
1. Workspace Integrity Check
Verify workspace packages resolve to local file: links, not registry versions. Catches the exact class of bug from PR bradygaster#640.
2. Prerelease Version Guard
Prevent prerelease version strings (-build, -alpha, -beta, -rc) from being committed to dev or main. Catches version hygiene issues before merge.
3. Export Smoke Test
Verify that subpath exports actually resolve after build. Complements the existing exports-map-check (which validates config) by validating built artifacts.
Design
- Follow existing gate patterns (feature flags, skip labels, three-dot diff)
- Lightweight: gates 1-2 need no npm install; gate 3 depends on build artifacts
- All gates default to enabled with vars.SQUAD_* feature flags
References
- PR feat(sdk): StorageProvider abstraction — complete migration + example providers bradygaster/squad#640: prerelease version incident
- Existing patterns: changelog-gate, exports-map-check, publish-policy