From c70f164e4f8a08fc95e12740d31ac09c5b688fb7 Mon Sep 17 00:00:00 2001
From: Anand Pant <anand@testcompare.ai>
Date: Wed, 25 Feb 2026 23:47:56 -0600
Subject: [PATCH 1/2] ci: emit verify check and support deployment-status
 gating

---
 .github/workflows/org-required-checks.yml | 53 ++++++++++++++++++-----
 1 file changed, 43 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/org-required-checks.yml b/.github/workflows/org-required-checks.yml
index d9ccea7..98adbbc 100644
--- a/.github/workflows/org-required-checks.yml
+++ b/.github/workflows/org-required-checks.yml
@@ -8,9 +8,14 @@ on:
       - synchronize
       - edited
       - ready_for_review
+  deployment_status:
 
 jobs:
-  Check:
+  verify:
+    name: verify
+    if: |
+      github.event_name == 'pull_request' ||
+      (github.event_name == 'deployment_status' && github.event.deployment_status.state == 'success')
     runs-on: ubuntu-latest
     permissions:
       checks: read
@@ -24,14 +29,36 @@ jobs:
           script: |
             const owner = context.repo.owner;
             const repo = context.repo.repo;
-            const pr = context.payload.pull_request;
-            if (!pr) {
-              core.info("No pull request context. Passing check.");
-              return;
-            }
+            let pr = context.payload.pull_request;
+            let pull_number;
+            let headSha;
+
+            if (pr) {
+              pull_number = pr.number;
+              headSha = pr.head.sha;
+            } else {
+              const deploymentStatus = context.payload.deployment_status;
+              const deploymentSha = deploymentStatus?.deployment?.sha;
+              if (!deploymentSha) {
+                core.info("No pull request or deployment SHA context. Passing check.");
+                return;
+              }
 
-            const pull_number = pr.number;
-            const headSha = pr.head.sha;
+              headSha = deploymentSha;
+              const associatedPrs = await github.rest.repos.listPullRequestsAssociatedWithCommit({
+                owner,
+                repo,
+                commit_sha: headSha,
+              });
+
+              pr =
+                associatedPrs.data.find((candidate) => candidate.state === "open") ?? null;
+              if (!pr) {
+                core.info(`No open pull request associated with SHA ${headSha}. Passing check.`);
+                return;
+              }
+              pull_number = pr.number;
+            }
 
             const files = await github.paginate(github.rest.pulls.listFiles, {
               owner,
@@ -51,13 +78,19 @@ jobs:
               return !ciIgnoredPatterns.some((pattern) => pattern.test(file.filename));
             });
 
+            const isReleaseVersionBumpPr =
+              /^chore\/bump-version-/.test(pr.head.ref) &&
+              (pr.user?.login === "github-actions[bot]" || pr.user?.login === "app/github-actions");
+
             const requiredContexts = ["Vercel"];
-            if (hasCiRelevantChange) {
+            if (hasCiRelevantChange && !isReleaseVersionBumpPr) {
               requiredContexts.push("checks", "Preview validation (seed + runtime QA)");
+            } else if (hasCiRelevantChange) {
+              requiredContexts.push("Preview validation (seed + runtime QA)");
             }
 
             core.info(
-              `Required contexts: ${requiredContexts.join(", ")} (ciRelevant=${hasCiRelevantChange})`,
+              `Required contexts: ${requiredContexts.join(", ")} (ciRelevant=${hasCiRelevantChange}, releaseBump=${isReleaseVersionBumpPr})`,
             );
 
             const deadline = Date.now() + 20 * 60 * 1000;

From de8d52d72f270c8bed88198a2c2aae50b6824793 Mon Sep 17 00:00:00 2001
From: Anand Pant <anand@testcompare.ai>
Date: Wed, 25 Feb 2026 23:49:39 -0600
Subject: [PATCH 2/2] ci: scope title validation to pull_request events

---
 .github/workflows/org-required-checks.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/org-required-checks.yml b/.github/workflows/org-required-checks.yml
index 98adbbc..dbbb012 100644
--- a/.github/workflows/org-required-checks.yml
+++ b/.github/workflows/org-required-checks.yml
@@ -196,7 +196,7 @@ jobs:
 
   ValidatePrTitle:
     runs-on: ubuntu-latest
-    if: github.event.pull_request.draft == false
+    if: github.event_name == 'pull_request' && github.event.pull_request.draft == false
     steps:
       - name: Validate PR title
         env: