[codex] Extend merge revalidation and WordPress semantic guards

[adamziel]

What it does

Extends the merge reliability follow-up after #311 with guarded revalidation, UI-routing hardening, crash consistency coverage, and additional WordPress/plugin semantic tests that are still best reviewed as one draft lane.

Rationale

ForkPress merge correctness depends on more than row-level conflict detection. WordPress stores object links in postmeta, options, plugin tables, upload metadata, and generated schema objects, so automatic merge resolution must re-check current source/target state before applying anything destructive.

Implementation

• Applies current source DB payloads after explicit revalidation only when the live source still matches the latest reviewed payload.
• Extends schema after-revalidate support to table restores, indexes, views, triggers, table rebuild target drift, and compatible table rebuild source drift.
• Rebuilds compatible table-drift sources with guarded dependency replacement: source-applied indexes/triggers may be replaced by current source dependencies, while unrelated target dependency changes still block automatic resolution.
• Adds compatible target-drift filtering for table rebuild and source-dropped index schema conflicts.
• Applies filesystem source drift only when the live source file still matches the latest revalidation payload.
• Keeps target-referenced WordPress owner children reviewable instead of deleting objects still referenced by target-side metadata/options/content.
• Protects WordPress upload files still referenced by merged attachment metadata so source-side deletes become file conflicts instead of removing referenced originals/thumbnails.
• Adds browser-like non-async/admin-page branch merge routing tests so branch UI actions return ForkPress JSON instead of falling through to WordPress HTML.
• Extends plugin-validator coverage for WooCommerce HPOS order graphs, WooCommerce product references, Gravity Forms fields, ACF fields, Yoast SEO indexables, and The Events Calendar scalar _EventVenueID references.
• Extends semantic smoke coverage for nav_menu term counts so unrelated/draft relationships do not inflate published menu counts.
• Covers exhausted branch ID bands so branch-birth allocation reserves a fresh band after an explicit in-band import reaches the prior band end.
• Adds a storage failpoint test for reset birth metadata: failure after metadata finalization but before branch publication rolls back metadata/base artifacts and a retry publishes cleanly.
• Updates merge reliability, crash consistency, stale-audit, and plugin-validator docs for these guarded paths.

Testing instructions

Latest grouped verification passed locally:

umask 0022 && scripts/dev/cow-changed-test-plan.sh --base origin/trunk

That planner covered diff checks, PHP syntax, merge_smoke, filesystem, id_bands, explicit_ids, media_validator, plugin_validator, schema_review, stale_audit, wp_semantic_validator, full merge.php, and branch UI tests.

Focused gates also passed directly while developing the latest slices:

umask 0022 && cargo test -p forkpress-storage
umask 0022 && cargo test -p forkpress-storage reset_birth_metadata_failpoint_rolls_back_artifacts_before_publish
umask 0022 && php tests/cow/plugin_validator.php
umask 0022 && make test-cow-merge-smoke
umask 0022 && make test-cow-schema-review
umask 0022 && php tests/cow/wp_semantic_validator.php
umask 0022 && php tests/cow/explicit_ids.php

Still draft because

• Remote CI for the latest head is still running.
• This is the next review batch after [codex] Extend merge reliability guards and stale review flow #311, not a release tag by itself.
• Remaining roadmap items still include more real plugin validators/drivers, broader schema reorderings, upload regeneration policy, and platform kill/recovery harnessing.