You commit to the signature in the
scriptCode, which itself needs to commit to thescriptCode.
No, a signature does not need to commit to the scriptCode as one can use OP_CODESEPARATOR to spend pre-segwit script.
If you have a data push of the signature, then let the signature on the stack, then you have an OP_CODESEPARATOR, and then you have the OP_CHECKSIG. In that case shouldn’t the pbegincodehash making the scriptCode be only the OP_CHECKSIG itself, i.e a fixed-point ? The OP_CHECKSIG bitcoin core code is popping up the signature and pubkey from the stack, and OP_CODESEPARATOR is a null-op on the script stack.