Add governance, contributor guidelines, and enhance workflows

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,43 @@
+---
+name: Bug report
+about: Report a reproducible problem with the CLI or its documented workflows.
+title: "bug: "
+labels: bug
+---
+
+## Summary
+
+Describe the problem clearly and concisely.
+
+## Environment
+
+- CLI version:
+- Bun version:
+- OS:
+- Plane host type: cloud or self-hosted
+
+## Command Or Workflow
+
+```bash
+# Paste the command or sequence here
+```
+
+## Expected Behavior
+
+Describe what you expected to happen.
+
+## Actual Behavior
+
+Describe what happened instead. Include exact output when relevant.
+
+## Reproduction Steps
+
+1. 
+2. 
+3. 
+
+## Additional Context
+
+- Relevant logs or screenshots
+- Related Plane API behavior
+- Whether the issue affects `--json` or `--xml` output

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,11 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Security policy
+    url: https://github.com/backslash-ux/plane-cli/blob/main/SECURITY.md
+    about: Report suspected vulnerabilities privately instead of opening a public issue.
+  - name: Contributing guide
+    url: https://github.com/backslash-ux/plane-cli/blob/main/CONTRIBUTING.md
+    about: Review contribution expectations, quality gates, and documentation requirements first.
+  - name: Existing issues
+    url: https://github.com/backslash-ux/plane-cli/issues
+    about: Check open issues and feature requests before filing a new one.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,36 @@
+---
+name: Feature request
+about: Propose a new CLI workflow, resource, or usability improvement.
+title: "feat: "
+labels: enhancement
+---
+
+## Summary
+
+Describe the feature or workflow you want to add.
+
+## Problem To Solve
+
+Explain the current limitation, friction, or missing capability.
+
+## Proposed CLI Experience
+
+```bash
+# Example command shape, help text, or output
+```
+
+## Why It Matters
+
+- Human workflow benefit:
+- AI-agent workflow benefit:
+- Related Plane resource or API area:
+
+## Alternatives Considered
+
+Describe any workarounds or alternative approaches you considered.
+
+## Additional Context
+
+- Links to Plane docs or API endpoints
+- Related issues or pull requests
+- Whether this should be tracked as a new GitHub issue or grouped with an existing one

.github/pull_request_template.md

@@ -0,0 +1,27 @@
+## Summary
+
+Describe the change and the user-facing outcome.
+
+## Related Issue
+
+Link the relevant GitHub issue, discussion, or explain why no public tracking item was needed.
+
+## Changes
+
+- 
+
+## Validation
+
+- [ ] `bun run typecheck`
+- [ ] relevant `bun test` coverage for the touched area
+- [ ] `bun run check:all` if shared command behavior, schemas, or output changed
+
+## Docs
+
+- [ ] `README.md` updated if CLI usage changed
+- [ ] `SKILL.md` updated if AI-agent usage changed
+- [ ] `CHANGELOG.md` updated if there is a notable user-facing change
+
+## Risks Or Follow-Ups
+
+- 

.github/workflows/ci.yml

@@ -11,6 +11,18 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
+  quality:
+    name: Repo Quality
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: oven-sh/setup-bun@v1
+        with:
+          bun-version: latest
+      - run: bun install --frozen-lockfile
+      - run: bun run format:check
+      - run: bun scripts/check-file-size.ts
+
   typecheck:
     name: TypeScript Check
     runs-on: ubuntu-latest
@@ -23,14 +35,13 @@ jobs:
       - run: bun run typecheck
 
   test:
-    name: Tests
+    name: Tests And Coverage
     runs-on: ubuntu-latest
-    needs: [typecheck]
+    needs: [quality, typecheck]
     steps:
       - uses: actions/checkout@v4
       - uses: oven-sh/setup-bun@v1
         with:
           bun-version: latest
       - run: bun install --frozen-lockfile
-      - run: bun run test:coverage
       - run: bun run test:coverage:check

.github/workflows/publish.yml

@@ -1,3 +1,4 @@
+# yaml-language-server: disable
 name: Publish
 
 on:
@@ -21,12 +22,12 @@ jobs:
       - run: bun install --frozen-lockfile
 
       - name: Run checks
-        run: bun run typecheck && bun run test:coverage:check
+        run: bun run check:all
 
       - name: Publish to npm
         run: bun publish --access public
         env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NPM_CONFIG_TOKEN: ${{ secrets.NPM_CONFIG_TOKEN }}
 
       - name: Create GitHub release
         uses: softprops/action-gh-release@v1

.gitignore

@@ -3,3 +3,10 @@ dist/
 .env
 *.env
 
+# Local AI/editor customization files
+.github/copilot-instructions.md
+.github/instructions/
+.github/prompts/
+.github/agents/
+.vscode/docs/
+

AGENTS.md

@@ -0,0 +1,54 @@
+# AGENTS.md
+
+This file provides baseline context for AI coding agents contributing to this repository. It is public, versioned, and intended to be shared across contributors and tools.
+
+## Project Goal
+
+This repository builds an agent-friendly CLI for Plane, especially for project-defined and spec-driven workflows. Changes should improve predictability, discoverability, and structured automation instead of adding one-off behaviors that are hard for humans or agents to compose.
+
+## Start Here
+
+Before making non-trivial changes:
+
+1. Read [README.md](./README.md) for installation and user-facing command expectations.
+2. Read [CONTRIBUTING.md](./CONTRIBUTING.md) for workflow and quality gates.
+3. Read [docs/ARCHITECTURE.md](./docs/ARCHITECTURE.md) for code boundaries.
+4. Check GitHub issues and pull requests for related work before starting a non-trivial change.
+
+## Workflow Expectations
+
+- Keep changes scoped to one useful vertical slice when practical.
+- Treat GitHub issues and pull requests as the public work-tracking system for this repository.
+- When command behavior changes, keep user-facing docs aligned: [README.md](./README.md), [SKILL.md](./SKILL.md), and any relevant plan or release notes.
+- Prefer public repository guidance over local-only editor customizations. Maintainers may keep private planning notes in `.vscode/docs/`, but those are not the source of truth for contributors.
+
+## Technical Boundaries
+
+- CLI entry flow: `bin/plane` -> `src/bin.ts` -> `src/app.ts`.
+- Command behavior belongs in `src/commands/*.ts`.
+- Route HTTP through `src/api.ts`.
+- Validate API responses with `decodeOrFail` and schemas from `src/config.ts`.
+- Reuse `src/resolve.ts` for project, issue, member, state, and label lookup flows.
+- Keep human-readable formatting in `src/format.ts` and shared machine-readable output behavior in `src/output.ts`.
+
+## Design Principles
+
+- Prefer discoverable workflows. If a command depends on UUIDs or join IDs, the CLI should expose a list or get path that helps agents obtain them.
+- Preserve shared `--json` and `--xml` behavior instead of inventing per-command machine formats.
+- Keep Plane concepts explicit and close to the underlying API domain.
+- Fix root causes instead of layering on ad hoc patches when practical.
+
+## Testing And Validation
+
+- Use Bun for local work.
+- Run the narrowest relevant tests plus `bun run typecheck`.
+- Use `bun run check:all` when shared command behavior, schemas, output formatting, or repo-wide quality gates are affected.
+- Tests use Bun plus MSW. Prefer mocked HTTP responses over real Plane endpoints.
+- Clear `_clearProjectCache()` in tests when cached project resolution could affect results.
+
+## Open Source Hygiene
+
+- Keep public documentation presentable and accurate.
+- Use [CHANGELOG.md](./CHANGELOG.md) for notable user-facing changes.
+- Follow [docs/RELEASING.md](./docs/RELEASING.md) for release workflow expectations.
+- Respect [CODE_OF_CONDUCT.md](./CODE_OF_CONDUCT.md) and [SECURITY.md](./SECURITY.md).

CHANGELOG.md

@@ -0,0 +1,17 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+This project aims to follow [Keep a Changelog](https://keepachangelog.com/en/1.1.0/) and [Semantic Versioning](https://semver.org/).
+
+Earlier project history may predate this file.
+
+## [Unreleased]
+
+### Added
+
+- Public open-source repository baseline with contributor, governance, security, architecture, and release documentation.
+- GitHub issue and pull request templates plus issue intake routing.
+- Stricter repository quality gates covering formatting, file-size limits, and coverage thresholds.
+- Fork-specific package identity and public metadata alignment under `@backslash-ux/plane`.
+- A versioned root `AGENTS.md` file that provides baseline context for AI coding agents contributing to the repository.

CODE_OF_CONDUCT.md

@@ -0,0 +1,37 @@
+# Code of Conduct
+
+## Purpose
+
+This project aims to be a constructive, respectful place for collaboration. The goal is clear technical discussion, useful feedback, and a working environment where contributors can participate without harassment or hostility.
+
+## Expected Behavior
+
+- Be respectful in technical disagreement.
+- Assume good intent while still being clear and direct.
+- Focus criticism on ideas, code, and decisions rather than people.
+- Share context, evidence, and reproduction steps when reporting issues.
+- Help keep discussions accessible to contributors with different levels of experience.
+
+## Unacceptable Behavior
+
+- Harassment, intimidation, threats, or discriminatory language.
+- Personal attacks, insults, or repeated bad-faith engagement.
+- Publishing private information without consent.
+- Spam, trolling, or intentionally disruptive behavior.
+- Sexualized language or unwelcome sexual attention.
+
+## Scope
+
+This policy applies to repository discussions, issues, pull requests, code review, and other project spaces where contributors represent or participate in this project.
+
+## Reporting
+
+If you experience or witness behavior that violates this policy, contact the maintainers through the repository contact channels or security contact path listed in [SECURITY.md](./SECURITY.md) when appropriate. Include links, screenshots, or other context when possible.
+
+## Enforcement
+
+Maintainers may remove comments, close discussions, reject contributions, or temporarily or permanently restrict participation when necessary to protect the project and its contributors.
+
+## Project Standard
+
+The project values direct engineering discussion, but directness is not an excuse for abuse. Keep feedback factual, relevant, and professional.

CONTRIBUTING.md

@@ -0,0 +1,86 @@
+# Contributing
+
+## Overview
+
+This project is intended to be a clean, scriptable, open-source CLI for Plane, with a strong focus on AI-assisted and spec-driven development workflows. Contributions should preserve that bias toward discoverability, predictable output, and small end-to-end increments.
+
+Participation in this project is also governed by [CODE_OF_CONDUCT.md](./CODE_OF_CONDUCT.md). Security issues should be reported using the process in [SECURITY.md](./SECURITY.md), not filed as public bug reports.
+
+## Before You Start
+
+1. Read [README.md](./README.md) for setup and command usage.
+2. If you are using an AI coding agent, read [AGENTS.md](./AGENTS.md) for the repo baseline context.
+3. Read [docs/ARCHITECTURE.md](./docs/ARCHITECTURE.md) for the code layout and boundaries.
+4. Check existing GitHub issues and pull requests to understand whether the work is already proposed, in progress, or intentionally deferred.
+
+## Development Workflow
+
+1. Start from a GitHub issue or open one before beginning non-trivial work.
+2. Keep the change scoped to one useful vertical slice when practical.
+3. Update tests and user-facing docs together with code.
+4. Reference the related issue or discussion in your pull request.
+5. Record notable user-facing changes in [CHANGELOG.md](./CHANGELOG.md) when appropriate.
+
+## Local Setup
+
+```bash
+bun install
+bun run dev
+```
+
+Use Bun for all local work in this repository.
+
+## Quality Gates
+
+Run the narrowest relevant checks for the change:
+
+```bash
+bun test
+bun run typecheck
+```
+
+Run the full shared checks when command behavior, schemas, or output behavior changes:
+
+```bash
+bun run check:all
+```
+
+`bun run check:all` is the closest thing to the repository gate. It covers type checking, formatting, file-size enforcement, and coverage-threshold validation.
+
+## Code Conventions
+
+- Keep CLI behavior in `src/commands/*.ts`.
+- Route HTTP through `src/api.ts`.
+- Validate API responses with `decodeOrFail` and schemas from `src/config.ts`.
+- Reuse `src/resolve.ts` for project, issue, member, state, and label lookup logic.
+- Preserve shared machine-readable output behavior in `src/output.ts`.
+- Keep human-readable formatting in `src/format.ts`.
+- Match the existing TypeScript style in `src/`: tabs, semicolons, and small explicit payload interfaces.
+- Keep TypeScript files below the enforced 700-line limit.
+
+## Testing Conventions
+
+- Use Bun plus MSW for tests.
+- Mock HTTP responses instead of calling real Plane endpoints.
+- Set `PLANE_HOST`, `PLANE_WORKSPACE`, and `PLANE_API_TOKEN` in test setup.
+- Clear `_clearProjectCache()` in tests when project resolution caching could affect behavior.
+
+## Documentation Expectations
+
+When the CLI surface changes, update the relevant public docs together:
+
+- [README.md](./README.md) for installation and common usage.
+- [AGENTS.md](./AGENTS.md) for public AI-agent contribution context.
+- [CHANGELOG.md](./CHANGELOG.md) for notable user-facing changes.
+- [SKILL.md](./SKILL.md) for AI-agent usage of the CLI.
+
+## Release Notes
+
+Maintainers should keep [CHANGELOG.md](./CHANGELOG.md) and [docs/RELEASING.md](./docs/RELEASING.md) aligned with the actual release process and publish workflow.
+
+## Pull Request Checklist
+
+- The change links to a related GitHub issue, discussion, or clearly explains why one is not needed.
+- Tests or validation were run and recorded.
+- Public docs were updated if behavior changed.
+- No local-only AI/editor customization files were included in the diff.