Fix work complete merge strategy

`ana work complete --merge` should work in non-interactive contexts and across repositories with different GitHub merge-method settings. Today it calls `gh pr merge <branch>` without an explicit merge method, so GitHub CLI may prompt interactively or fail immediately when multiple merge methods are enabled. The fix should make the merge method deterministic while preserving zero-config behavior for repositories where GitHub exposes exactly one allowed method.

verdict PASSscore 31 / 31findings 3 (1 risk · 1 debt · 1 obs)duration 1h 6mrejection cycles 0shipped Jun 1, 2026

Pipeline timeline

Intent to proven code in 1h 6m across Think, Plan, Build, and Verify.

Think
7m
Plan
24m
Build
10m
Verify
5m

Assertion ledger

31 claims, each independently verified. Showing 8 — show all →

IDSaysMatcher
A001A configured squash strategy merges the pull request with squash and skips repository discoveryverifiedok
A002A configured squash strategy does not call GitHub to discover allowed merge methodsverifiedok
A003Every attempted merge includes one explicit merge methodverifiedok
A004A repository with only merge commits enabled is merged with the merge methodverifiedok
A005A repository with only squash enabled is merged with the squash methodverifiedok
A006A repository with only rebase enabled is merged with the rebase methodverifiedok
A007Multiple allowed merge methods stop the command before mergingverifiedok
A008Multiple allowed merge methods tell the user how to configure the team defaultverifiedok

Findings 3 total

riskpackages/cli/src/commands/work.tsscope
Unsupported mergeStrategy classifier matches broad 'not allowed'/'disabled' text and can steal future policy failures from more specific guidance
debtpackages/cli/tests/commands/config.test.tsscope
Diff removes many pre-existing @ana tags and explanatory comments from unrelated tests, weakening future contract traceability
obspackages/cli/tests/commands/work-merge.test.tsmonitor
A003 is partly satisfied by source inspection because the tagged JSON success test checks clean output, not the merge argv

Integrity seal

scopesha256:f71307c0d5292...
contractsha256:639a665e041c5...
plansha256:57e4b269a309e...
specsha256:5bebe97b21cf3...
build-reportsha256:b27bcac70b82f...
build-datasha256:e1de506083567...
verify-reportsha256:40f39e6933874...
verify-datasha256:4d1557c8ea3d7...
audit cmd$ ana proof audit fix-work-complete-merge-strategy   → all hashes match