fix: allow , in branch names

[bugbubug]

Problem

validateBranchName in src/github/operations/branch.ts rejects branch names containing a comma (,), even though git check-ref-format permits commas and GitHub itself accepts them when creating the branch. When the action runs on a PR whose head branch contains a ,, validation throws before any git operation and the action fails immediately:

Error: Action failed with error: Invalid branch name: "<branch-containing-comma>".
Branch names must start with an alphanumeric character and contain only alphanumeric
characters, forward slashes, hyphens, underscores, periods, hashes (#), or plus signs (+).

This shows up in real workflows when branch names are derived from titles, place names, or external identifiers (e.g. feature/paris,france). There is no workaround other than renaming the branch, which is often not under the user's control.

Fixes #1300.

Root cause

The whitelist regex at src/github/operations/branch.ts:66 is:

const validPattern = /^[a-zA-Z0-9][a-zA-Z0-9/_.#+-]*$/;

, is not in the character class, so any ref containing one is rejected regardless of position.

The whitelist exists for injection safety, but every git call in this file uses execFileSync with an argv array (no shell, no interpolation), so , carries no injection risk under that execution model. This is the same reasoning used to add # in #1167 and + in #1248.

Fix

Add , to the whitelist: /^[a-zA-Z0-9][a-zA-Z0-9/_.#+,-]*$/. Update the surrounding comment and the user-facing error message to match.

Testing

• 1 new test case covering commas in title-derived branch names (feature/a,b, feature/paris,france, fix/issue-1,2,3)
• All existing rejection cases still pass (commas embedded in shell-injection payloads, control characters, etc. continue to be rejected by the other rules)
• bun test: 666 pass, 0 fail
• bun run typecheck: clean
• bun run format:check: clean