redesign: replace -SetupGitHubSsh with -SetupGit (repo-level git scaffolding, not SSH/protocol)

[MarkMichaelis]

Background

Today Pull-SDLC.ai.ps1 exposes a -SetupGitHubSsh switch (added in #164) that:

1. Generates an ed25519 SSH keypair and configures ssh-agent.
2. Writes three global url.insteadOf rewrites so all GitHub traffic is silently forced through ssh.github.com:443.
3. Sets gh config git_protocol = ssh.
4. Uploads the public key to GitHub.

Per follow-up discussion to #169, this is wrong on two axes:

• The protocol is not the script's business. Whether a developer uses HTTPS, SSH-22, or SSH-443 is a per-machine / per-user choice and should not be touched by an instructions-sync script.
• GitHub-specific framing is too narrow. The pieces a fresh repo actually wants pre-configured are .gitignore and .gitattributes -- git configuration, not GitHub configuration.

Proposed direction

Replace -SetupGitHubSsh with -SetupGit (or similar). Scope:

• Configure .gitignore (already partially handled via the first-sync scaffolding -- decide whether -SetupGit re-runs that on demand or duplicates).
• Configure .gitattributes (recently removed in commit f7d1f13 -- decide whether it returns under this switch, and if so what content).
• Do not touch SSH keys, ssh-agent, url.insteadOf, or gh git_protocol.

Open design questions

1. Naming: -SetupGit vs. -Init vs. -Bootstrap vs. another.
2. .gitattributes reintroduction: should this switch re-create it? Under what name (.gitattributes directly, or .gitattributes.template like before)? With what content?
3. .gitignore overlap: today the script scaffolds .gitignore on first sync via union-merge from upstream. Does -SetupGit re-run that, or is it strictly for additional config not handled by the existing first-sync flow?
4. Removal of -SetupGitHubSsh: delete outright (breaking), or keep as a deprecated alias for one release that prints a deprecation warning before doing nothing?
5. Idempotency contract: same [skip]/[add]/[del] line format as today?

Acceptance criteria (placeholder until design questions resolve)

• -SetupGit configures repo-level git scaffolding only -- no SSH, no global git config, no gh config mutations.
• -SetupGitHubSsh is removed or deprecated per decision on Q4.
• Invoke-SetupGitHubSsh and supporting helpers (Get-GitHubSshKeyPath, Test-GitHubSshAgentRunning, Get-GhGitProtocol, etc.) are removed unless still referenced.
• Tests updated to match.

Related

• feat(Pull-SDLC): bake GitHub SSH-on-443 setup into Pull-SDLC with -SetupGitHubSsh switch + drift nudge #164 -- introduced -SetupGitHubSsh and the drift nudge.
• fix(Pull-SDLC): remove unsolicited SSH-on-443 drift nudge from post-sync output #169 / fix(Pull-SDLC): remove unsolicited SSH-on-443 drift nudge #170 -- removed the unsolicited drift nudge (the immediate user-visible noise). This issue tracks the deeper redesign.

[MarkMichaelis]

Closing as superseded by #160 / PR #161, which was opened earlier the same day and tackles the same scope with a substantially more complete design (language-aware composition, pinned community templates, bundled offline snapshots, gibo integration).

This issue was filed in a session that didn't know about #160. The implementation work in PR #172 is being closed as duplicate.

The orthogonal "remove unsolicited drift nudge" fix that motivated the original discussion is preserved in #169 / PR #170.