leadtech-bmad-mcp: close lot 3 rollout and gates config

mcp/leadtech_bmad_mcp/config/gates.yaml

@@ -0,0 +1,83 @@
+labels:
+  - "Contracts-First / Zod-Infer / No-DTO"
+  - "Format erreur API: { error: { code, message, requestId } }"
+  - "Sessions: expiresAt obligatoire et filtre en query"
+  - "Navigation reactive useEffect"
+  - "NestJS guards: AuthGuard en premier"
+
+validate_plan:
+  - id: backend_contracts
+    domains: [backend]
+    required_any:
+      - "zod|z\\.object|contracts?[-_]first|shared[-_]contract"
+    actions:
+      - target: must_do
+        message: "Ajouter explicitement la strategie contracts-first / Zod."
+      - target: blocking_issues
+        message: "Plan backend sans reference aux contrats partages."
+        strict_only: true
+
+  - id: backend_request_id
+    domains: [backend]
+    if_any:
+      - "\\berrors?\\b|\\berreurs?\\b|\\bexceptions?\\b"
+    required_any:
+      - "request[_-]?id"
+    actions:
+      - target: should_do
+        message: "Ajouter la normalisation d'erreur API avec requestId."
+
+  - id: test_strategy
+    required_any:
+      - "test|spec"
+    actions:
+      - target: must_do
+        message: "Ajouter une strategie de test (unit/integration/e2e)."
+
+  - id: parallel_dependencies
+    if_any:
+      - "parallel"
+    required_any:
+      - "depends[-_]on|can[-_]run[-_]with"
+    actions:
+      - target: red_flags
+        message: "Parallel mentionne sans clarifier Depends-on/Can-run-with."
+
+validate_patch:
+  - id: backend_session_expires_at
+    domains: [backend]
+    if_any:
+      - "sessions?"
+    required_any:
+      - "expires[_-]?at"
+    actions:
+      - target: blocking_issues
+        message: "Session modifiee sans expiresAt visible dans le diff."
+
+  - id: backend_request_id
+    domains: [backend]
+    if_any:
+      - "\\berrors?\\b|\\berreurs?\\b|\\bexceptions?\\b"
+    required_any:
+      - "request[_-]?id"
+    actions:
+      - target: must_do
+        message: "Verifier le format erreur API standard avec requestId."
+
+  - id: backend_auth_guard
+    domains: [backend]
+    if_any:
+      - "guard"
+    required_any:
+      - "auth[_\\s-]?guard|jwtauthguard"
+    actions:
+      - target: red_flags
+        message: "Usage de guard sans trace explicite d'ordre AuthGuard en premier."
+
+  - id: tests_visible_in_diff
+    required_any:
+      - "test|spec|describe\\s*\\(|it\\s*\\(|expect\\s*\\("
+    actions:
+      - target: should_do
+        message: "Aucun test visible dans le diff: verifier couverture manuelle."
+        strict_only: true