news-translate: fix invalid YAML description and make Pass 2 validator-first to cut effective-token usage

[Copilot]

Recent news-translate runs failed with CAPIError: 429 Maximum effective tokens exceeded (~7.6M effective tokens at MAX_BRIEFS=2) — a cumulative token-cap abort, not a timeout. The dominant token sink was Pass 2 reading every translation back in full (~13 docs/source) into model context, duplicating the bash validator that already performs the same structural checks at near-zero model-token cost. A prior commit also broke compilation by writing CAPIError: 429 (colon-space) into the unquoted YAML description: scalar.

Changes (.github/workflows/news-translate.md → recompiled .lock.yml)

• YAML fix — quoted the description: scalar and removed the colon-space token so gh aw compile news-translate succeeds again.
• Pass 1 — read source once; apply tone register and RTL marker at write time; explicit instruction not to read freshly written translations back into context.
• Pass 2 (validator-first) — run scripts/validate-executive-brief-translations.ts for structural parity (headings, table rows, fences, Mermaid, dok_id/URL set equality, banned-English, RTL marker, source-sha); read back only validator-flagged files instead of all passing translations.
• Sub-step 4 wording — title date-suffix stripping now attributed to Pass 1 writes (Pass 2 no longer rewrites titles).
• Docs — updated batch-size / throughput-cost rationale tables to record the per-source token sink and name validator-first as the primary token lever; max_briefs default kept at 1 with a note that operators can raise it once the new footprint is measured below the cap.

The compiled news-translate.lock.yml is regenerated (gh-aw v0.77.1) and no longer contains the invalid token; safe_outputs fetch-depth: 0 remains native (no patch step).

Compile-workflow cleanup (.github/workflows/compile-agentic-workflows.yml)

• Removed the obsolete safe_outputs fetch-depth patch workaround — deleted the stale comment block documenting a post-compile patch step that no longer exists (fetch-depth: 0 is native via each news-*.md checkout: { fetch-depth: 0 } frontmatter since gh-aw v0.76.0+), and removed the now-redundant regression test tests/safeoutputs-fetch-depth.test.ts that referenced the deleted patch-safeoutputs-fetch-depth.mjs script.
• Verified the source .md workflows are correct rather than editing lock files — gh aw compile (v0.77.1) compiles all 14 news workflows with 0 errors and produces no .lock.yml drift; scripts/check-pat-fallback-coverage.mjs and the remaining check-pat-fallback-coverage.test.ts pass. The legitimate enforcement steps (gh aw fix, --purge compile, PAT-fallback coverage, prompt-module architecture caps, banned-string guards) are retained.

[github-actions]

🏷️ Automatic Labeling Summary

This PR has been automatically labeled based on the files changed and PR metadata.

Applied Labels: size-xs

Label Categories

• 🗳️ Content: news, dashboard, visualization, intelligence
• 💻 Technology: html-css, javascript, workflow, security
• 📊 Data: cia-data, riksdag-data, data-pipeline, schema
• 🌍 I18n: i18n, translation, rtl
• 🔒 ISMS: isms, iso-27001, nist-csf, cis-controls
• 🏗️ Infrastructure: ci-cd, deployment, performance, monitoring
• 🔄 Quality: testing, accessibility, documentation, refactor
• 🤖 AI: agent, skill, agentic-workflow

For more information, see .github/labeler.yml.

[github-actions]

🔍 Lighthouse Performance Audit

Category	Score	Status
Performance	85/100	🟡
Accessibility	95/100	🟢
Best Practices	90/100	🟢
SEO	95/100	🟢

📥 Download full Lighthouse report

Budget Compliance: Performance budgets enforced via budget.json

[github-actions]

🔍 Lighthouse Performance Audit

Category	Score	Status
Performance	85/100	🟡
Accessibility	95/100	🟢
Best Practices	90/100	🟢
SEO	95/100	🟢

📥 Download full Lighthouse report

Budget Compliance: Performance budgets enforced via budget.json

[github-actions]

🔍 Lighthouse Performance Audit

Category	Score	Status
Performance	85/100	🟡
Accessibility	95/100	🟢
Best Practices	90/100	🟢
SEO	95/100	🟢

📥 Download full Lighthouse report

Budget Compliance: Performance budgets enforced via budget.json

[Copilot]

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated no new comments.

[pethers]

@copilot also make .github/workflows/compile-agentic-workflows.yml simpler, remove all work arounds not needed anymore and old related code and test. Make sure all original agentic workflows are correct instead of modify lock files. See gh-aw skills

[Copilot]

@copilot also make .github/workflows/compile-agentic-workflows.yml simpler, remove all work arounds not needed anymore and old related code and test. Make sure all original agentic w...

Done. Removed the obsolete safe_outputs fetch-depth patch workaround: deleted the dead comment block in .github/workflows/compile-agentic-workflows.yml and the related test tests/safeoutputs-fetch-depth.test.ts (fetch-depth: 0 is native via checkout: { fetch-depth: 0 } frontmatter since gh-aw v0.76.0+, so no post-compile patching is needed).

I kept the lock files untouched as generated artifacts and instead verified the source .md workflows are correct: gh aw compile (v0.77.1) compiles all 14 news workflows with 0 errors and produces no .lock.yml drift, and node scripts/check-pat-fallback-coverage.mjs passes.

[github-actions]

🔍 Lighthouse Performance Audit

Category	Score	Status
Performance	85/100	🟡
Accessibility	95/100	🟢
Best Practices	90/100	🟢
SEO	95/100	🟢

📥 Download full Lighthouse report

Budget Compliance: Performance budgets enforced via budget.json