feat(governance): issue fields v2 follow-up

[ashleyshaw]

---

name: "Pull Request"
about: "General changes, refactors, and maintenance"
title: "PR: {short summary}"
labels: ["status:needs-review"]

General Pull Request

This repository enforces changelog, release, and label automation for all PRs and issues.
See the organisation-wide Automation Governance & Release Strategy for contributor rules.

Linked issues

Closes #

Changelog

Added

Changed

Fixed

Removed

---

Risk Assessment

Risk Level:

Potential Impact:

Mitigation Steps:

---

How to Test

Prerequisites

Test Steps

1. Step 1:
2. Step 2:
3. Step 3:

Expected Results

Edge Cases to Verify

---

Checklist (Global DoD / PR)

• All AC met and demonstrated
• Tests added/updated (unit/E2E as appropriate)
• Accessibility checklist completed (where relevant):
  • Semantic HTML and heading order verified
  • Keyboard navigation and visible focus states verified
  • ARIA used only where needed
  • Contrast and non-colour cues reviewed (WCAG 2.2 AA)
• Docs/readme/changelog updated (if user-facing)
• Frontmatter updated where applicable (last_updated and version)
• I have reviewed and applied the downstream override policy (or linked an approved exception)
• Security checklist completed (where relevant):
  • Untrusted input validated and sanitised
  • Output escaped for its rendering context
  • Privileged actions enforce nonce and capability checks
  • No secrets/sensitive data introduced; OWASP risks reviewed
• Code/design reviews approved
• CI green; linked issues closed; release notes prepared (if shipping)
• Risk assessment completed above
• Testing instructions provided above

---

References

• Contribution Guidelines
• Branching Strategy
• Automation Governance
• PR Labels
• Saved Replies
• Labeler Config
• Labels
• Issue Types

---

[coderabbitai]

Warning

Review limit reached

@ashleyshaw, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 3 minutes and 4 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: b1daa374-ba42-4486-abd3-8dbc5f8a8d34

📥 Commits

Reviewing files that changed from the base of the PR and between 404de18 and ff25b18.

📒 Files selected for processing (3)

• .github/issue-fields.yml
• docs/ISSUE-FIELDS.md
• scripts/validation/validate-issue-fields.cjs

Note

.coderabbit.yml has unrecognized properties

CodeRabbit is using all valid settings from your configuration. Unrecognized properties (listed below) have been ignored and may indicate typos or deprecated fields that can be removed.

⚠️ Parsing warnings (1)

Validation error: Unrecognized keys: "auto_labels", "auto_assign", "auto_review"

⚙️ Configuration instructions

• Please see the configuration documentation for more information.
• You can also validate your configuration using the online YAML validator.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/issue-fields-governance-followup-2026-05-27

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🔍 Reviewer Summary for PR #435

CI Status: ✅ success
Files changed: 3

Recommendations

• Ready to proceed pending human review

[gemini-code-assist]

Code Review

This pull request updates the organization issue and project field configurations, introducing version 2 of the schema. It defines custom fields, policies, hidden fields, and iteration settings, while updating the documentation and the validation script to enforce these rules. The code review identified several opportunities to improve robustness and maintainability: moving migration guidelines to a central migration document, adding defensive checks in the validation script to prevent runtime crashes on null or undefined fields, and replacing a fragile array slice with an explicit list of expected types.

[gemini-code-assist]

According to the repository guidelines, migration maps and notes should be documented in a central /docs/MIGRATION.md file to ensure contributors can easily follow migration rules across the repository. Please consider moving these custom field migration and renaming guidelines to /docs/MIGRATION.md or adding a reference link to it.

References

1. Document migration maps and notes in a central /docs/MIGRATION.md file to ensure contributors can follow migration rules mentioned in README files across the repository.

[gemini-code-assist]

To prevent potential runtime TypeError crashes if any element in customFields is null or undefined, use optional chaining (f?.key) and filter out any falsy values.

    const keySet = new Set(customFields.map((f) => f?.key).filter(Boolean));

[gemini-code-assist]

If field is null or undefined, accessing field.key or field.type will throw a TypeError and crash the validation script. Add a safety check to ensure field is a valid object before accessing its properties, and use continue to skip invalid fields safely.

    for (const field of customFields) {
      if (!field || !field.key || typeof field.key !== 'string') {
        fail('Each custom field requires a string key');
        continue;
      }
      if (!field.type || !validTypes.has(field.type)) {
        fail('Custom field "' + field.key + '" has invalid type "' + field.type + '"');
      }

[gemini-code-assist]

Slicing the first 5 keys of fieldMappings.Type is fragile because any reordering or addition of keys in .github/issue-fields.yml could break the validation. Since type:task and type:chore are already checked via the defaults, you can explicitly list the remaining expected types (type:bug, type:feature, type:documentation) to make this check robust and self-documenting.

    'type:bug',
    'type:feature',
    'type:documentation',

[ashleyshaw]

Superseded note for history: this branch line is now considered superseded by the rollout-v2 line (codex/issue-fields-governance-rollout-v2) as the canonical continuation for issue-fields governance updates. Keeping this merged PR for traceability; no further follow-up is expected on this branch.