Add build-time complexity quality gate

Author: KSemenenko

.editorconfig

@@ -143,6 +143,7 @@ dotnet_diagnostic.CA1010.severity = none
 
 # Use collection expressions (C# 12+)
 dotnet_style_prefer_collection_expression = when_types_loosely_match:suggestion
+dotnet_diagnostic.CA1502.severity = warning
 
 # Code block preferences
 csharp_prefer_simple_default_expression = true:suggestion

AGENTS.md

@@ -138,6 +138,7 @@ For this app:
 - `LangVersion` is pinned to `latest` at the root
 - the repo-root lowercase `.editorconfig` is the source of truth for formatting, naming, style, and analyzer severity
 - local and CI build commands must pass `-warnaserror`; warnings are not an acceptable "green" build state in this repository
+- quality gates should prefer analyzer-backed build failures over separate one-off CI tools; for overloaded methods and maintainability drift, enable build-time analyzers such as `CA1502` instead of adding a formatting-only gate
 - `Directory.Build.props` owns the shared analyzer and warning policy for future projects
 - `Directory.Packages.props` owns centrally managed package versions
 - `global.json` pins the .NET SDK and Uno SDK version used by the app and tests

CodeMetricsConfig.txt

@@ -0,0 +1,3 @@
+# Tighten maintainability checks enough to catch genuinely overloaded methods
+# without turning the first pass into pure noise.
+CA1502(Method): 15

Directory.Build.props

@@ -19,4 +19,8 @@
     <NoWarn>$(NoWarn);NU1507;NETSDK1201;PRI257</NoWarn>
 
   </PropertyGroup>
+
+  <ItemGroup>
+    <AdditionalFiles Include="$(MSBuildThisFileDirectory)CodeMetricsConfig.txt" Link="CodeMetricsConfig.txt" />
+  </ItemGroup>
 </Project>

github-actions-yaml-review.plan.md

@@ -2,7 +2,7 @@
 
 ## Goal
 
-Review the current GitHub Actions validation and release workflows, record concrete risks with line-level evidence, and capture any durable CI policy that emerged from the user conversation, including mandatory `-warnaserror` enforcement for local and CI builds and keeping formatting as a local pre-push concern instead of a CI gate.
+Review the current GitHub Actions validation and release workflows, record concrete risks with line-level evidence, and capture any durable CI policy that emerged from the user conversation, including mandatory `-warnaserror` enforcement for local and CI builds, keeping formatting as a local pre-push concern instead of a CI gate, and preferring analyzer-backed quality gates for overloaded methods.
 
 ## Scope
 
@@ -11,7 +11,7 @@ Review the current GitHub Actions validation and release workflows, record concr
 - `.github/workflows/build-validation.yml`
 - `.github/workflows/release-publish.yml`
 - shared workflow assumptions from `.github/steps/install_dependencies/action.yml`
-- root governance updates needed to capture durable CI runner policy, mandatory `-warnaserror` build usage, and local-only formatting policy
+- root governance updates needed to capture durable CI runner policy, mandatory `-warnaserror` build usage, local-only formatting policy, and analyzer-backed maintainability gates
 
 ### Out Of Scope
 
@@ -68,9 +68,17 @@ Review the current GitHub Actions validation and release workflows, record concr
   - findings are ordered by severity
   Done when: the user can act on the review without needing another pass to discover the real problems.
 
-- [x] Step 6: Validate touched YAML/policy files.
+- [x] Step 6: Add analyzer-backed maintainability gating for overloaded methods.
+  Verification:
+  - enable `CA1502` in `.editorconfig`
+  - attach a repo-level `CodeMetricsConfig.txt` threshold through `Directory.Build.props`
+  - `dotnet build DotPilot.slnx -warnaserror` stays green
+  Done when: excessive method complexity is enforced by the normal build gate instead of a standalone CI helper step.
+
+- [x] Step 7: Validate touched YAML/policy files.
   Verification:
   - `dotnet build DotPilot.slnx -warnaserror`
+  - `dotnet test DotPilot.slnx`
   - `actionlint .github/workflows/build-validation.yml`
   - `actionlint .github/workflows/release-publish.yml`
   Done when: touched workflow files still parse cleanly.