[Self-Heal] Add self-scheduling auto-repair workflow

[badMade]

This PR introduces an automated self-healing CI pipeline configured via GitHub Actions.

Features include:

1. Triggers:

   • Scheduled: Proactive self-repair mechanism with dynamically computed cadence based on recent telemetry.
   • Reactive: Activates on a failing ci workflow to fix issues instantly.
   • Manual: Exposes workflow_dispatch to trigger the fix manually.

2. Self-Scheduling (compute-schedule.yml & compute_schedule.mjs):

   • The system checks repository activity and adjusts the cron schedule automatically mapping it to corresponding velocity tiers (dormant, low-churn, standard, active, high).
   • A schedule oscillation guard skips runs if an update occurred recently.
   • Opens PRs when updates are needed.

3. Self-Heal Pipeline (self-heal.yml & self_heal.mjs):

   • Analyzes codebase drift and repairs iteratively (reinstall, lint/format fix, update snapshots, re-resolve dependencies, regenerate types, etc.).
   • Runs healthcheck.mjs verifying correctness.
   • Automatically prevents duplicate or cyclic PRs, cleans stale ones, and safely handles generated secrets before staging.

4. Additional configurations:

   • Linter configured for self-heal (ESLint 9 eslint.config.mjs, Prettier) avoiding restricted or compiled folders.
   • SELF_HEAL_SETUP.md explaining configurations and mechanics.

---

PR created automatically by Jules for task 14255445763805154444 started by @badMade

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[gemini-code-assist]

Code Review

This pull request introduces an automated self-healing CI pipeline setup, including documentation, configuration files, and scripts to compute schedules based on repository velocity, run health checks, and execute self-healing steps. The review feedback highlights several key improvements: reverting workspace changes when a self-heal step fails to prevent subsequent failures, splitting linting and formatting into separate steps for better modularity, ensuring the CI workflow uses a deep clone (fetch-depth: 0) for accurate git telemetry, and removing redundant build steps in the health check script.

[gemini-code-assist]

If a step fails the health check, its changes are currently not reverted. This leaves the workspace in a broken state, which guarantees that all subsequent steps will also fail the health check. Reverting the changes for a failed step (using git reset --hard HEAD && git clean -fd) keeps the workspace clean and allows subsequent steps to run on a healthy codebase.

for (const step of steps) {
  console.log(`\n--- ${step.name} ---`);
  run(step.command);

  console.log("Checking health...");
  if (checkHealth()) {
    if (hasDiff()) {
      console.log("\n✅ Pipeline succeeded: Healthcheck passed AND diff exists!");
      process.exit(0);
    } else {
      console.log("Healthcheck passed but NO diff. Continuing to next step...");
    }
  } else {
    console.log("Healthcheck failed. Reverting changes for this step...");
    try {
      execSync("git reset --hard HEAD && git clean -fd", { stdio: "pipe" });
    } catch (err) {
      console.error("Failed to revert changes:", err);
    }
    console.log("Continuing to next step...");
  }
}

[gemini-code-assist]

Splitting the linting and formatting into separate steps ensures that formatting is still applied even if there are unfixable lint errors. Additionally, it makes the self-heal process more modular and easier to debug.

Suggested change

	const steps = [
	{ name: "Step 1: Rebuild/reinstall", command: "npm ci" },
	{ name: "Step 2: Lint/format auto-fix", command: "npx eslint --fix . && npx prettier -w ." },
	{ name: "Step 3: Snapshot updates", command: "npx vitest run -u --passWithNoTests" },
	{ name: "Step 4: Type stubs", command: "npx typesync || true" }, // Optional fallback if missing
	{ name: "Step 5: Dependency re-resolve", command: "npm update" },
	{ name: "Step 6: Static asset regeneration", command: "npm run build" }
	];
	const steps = [
	{ name: "Step 1: Rebuild/reinstall", command: "npm ci" },
	{ name: "Step 2: Lint auto-fix", command: "npx eslint --fix ." },
	{ name: "Step 3: Format auto-fix", command: "npx prettier -w ." },
	{ name: "Step 4: Snapshot updates", command: "npx vitest run -u --passWithNoTests" },
	{ name: "Step 5: Type stubs", command: "npx typesync || true" },
	{ name: "Step 6: Dependency re-resolve", command: "npm update" },
	{ name: "Step 7: Static asset regeneration", command: "npm run build" }
	];

[gemini-code-assist]

By default, actions/checkout performs a shallow clone with fetch-depth: 1. If this script runs in a workflow with a shallow clone, git log will only see the single checked-out commit, and the computed velocity will almost always default to low-churn or dormant.

To ensure accurate telemetry, please make sure that the GitHub Actions workflow running this script configures actions/checkout with fetch-depth: 0 (or a sufficient depth).

[gemini-code-assist]

Running both npm run build and npx tsc --build is redundant because npm run build already compiles the TypeScript files as part of its build process. Removing the redundant step improves the efficiency of the health check.

Additionally, please note that the build script in package.json currently contains a typo (tsc -build instead of tsc --build or tsc -b), which will cause npm run build to fail. Please update package.json to fix this typo.

Suggested change

	run("npm run build");
	run("npx tsc --build");
	run("npm run build");