Writing · 2026-07-03Tokyo · Incoming Cambridge HSPS

a merged pr is not a ship

Green CI proves the code matched expectations; live verification is the receipt that shows it actually worked.

a merged pr can look finished while the real work is still ahead. i keep seeing the same moment: the ticket gets closed the second CI goes green, and everybody acts as if the job is done. green tests matter. they tell you the code did what you asked inside the boundaries of the test suite. they do not tell you whether the change survives contact with production. that gap is the whole story. a merge is a claim. a live check is the receipt.

that distinction is easy to miss when you are moving fast. the status page turns green, the pull request is merged, and the brain wants to mark the task complete. i understand the pressure behind that reflex. a passing build feels concrete. it is visible, it is measurable, and it rewards the exact kind of discipline we are supposed to care about. the problem is that the thing you can point to in CI is only one part of the system. it shows that the code satisfied the conditions you defined. it says nothing about whether the real environment accepts the change in the same way.

this is why i started treating live verification as part of the finish line. one line now sits in my definition of done: it ran live, and i watched it work. that line changes the emotional shape of the task. merging a commit stops being the finish and becomes the point where the claim is ready to be checked. the test suite can still be green. the review can still be clean. the ticket can still move forward. the change only earns closure after it has been seen working where it matters.

the mechanism is simple. CI is a controlled proof. live verification is contact with the real system. controlled proof is useful because it reduces uncertainty and catches mistakes early. contact with the real system matters because reality has more moving pieces than a test suite can model. a passing test means the code behaved inside the expectations you wrote down. a live check shows whether those expectations were enough. that is the difference between confidence and confirmation. both matter. they answer different questions. one tells you the code met the promise. the other tells you the promise held up.

i like the language here because it keeps the relationship honest. the commit is a claim. that is all it is. it is an assertion about what should happen. the live verification is the receipt. a receipt is proof that the thing happened in the world, after the handoff, in the place where consequences are real. once i started using that framing, the process got clearer. i stopped letting merge status stand in for evidence. i stopped treating green CI as the end of the conversation. the conversation ends when the live check has happened and i have watched it work.

for anyone building software solo with AI agents, this rule is practical because it keeps the machine and the reality test in separate boxes. agents can help produce code quickly. they can help narrow bugs. they can help get a branch to green. none of that replaces the moment where you verify the result in the live environment. if you want a simple rule to carry forward, use this one: every merged change still needs a live check before you call it done. that habit protects you from false confidence and makes your shipping process more honest.

the larger lesson is that status is cheap and evidence is earned. a green build is useful, but it is only one receipt in the chain. the work is finished when the claim has been tested in the place it will actually live. if you build software for real users, keep that line in your definition of done. it is small, easy to remember, and hard to fake. that is exactly why it works.

More writing