docs(standards): org engineering standards + editorial README template

[WomB0ComB0]

Summary

Two requested pieces:

1. Engineering guidelines in the repo — docs/standards/

Materializes the ultraplan brief as the org's engineering constitution (the cloud session couldn't push it). Three-tier model + security overlay:

File	Tier	Scope
README.md	—	Index, the standard-stack table, the enforcement model
01-baseline.md	1	Required toolchain, hard rules, code shape — every repo
02-languages.md	2	Per-language tooling/idioms: TS, JS, Python, C#, Rust, C/C++, Shell, SQL, md/json/yaml
03-safety-overlay.md	3	JSF AV C++ / MISRA / NASA Power of Ten for device- & flight-adjacent code
04-security.md	—	OWASP/CERT, secrets, web headers/CSP, crypto/auth, incident response

• Linked from README.md ("What's in This Repo") and a new Engineering standards section in CONTRIBUTING.md.
• Enforcement model ties back to the live required check + repo-standards.yml from PR feat(standards): repo-conformance check + get.resq.software install #23.
• All 20 internal relative links verified to resolve.

2. Editorial README template restyle

The structured template is now editorial / centered (the recommended direction):

• One centered hero <div> — mark, title, tagline, a calm flat badge row (logos + the ResQ sky accent 0ea5e9), a single nav line, and a ◆ ◆ ◆ divider.
• New ## Stats section — Repobeats activity embed ({{REPOBEATS_HASH}} placeholder + generation note) and contrib.rocks contributor avatars — matching the Meshtastic-style stats panel you shared.
• TOC updated to 15 entries; all anchors verified against headers.

Also

• CONTRIBUTING.md onboarding collapsed to the single curl -fsSL https://get.resq.software | sh (verified install.sh does CLI + hooks), consistent with PR feat(standards): repo-conformance check + get.resq.software install #23.

Test plan

• All relative links in docs/standards/* resolve (20/20) + README/CONTRIBUTING links to docs/standards/
• Template: 15 TOC anchors map to headers; ResQ README Template marker preserved; <div> balanced (2/2); Repobeats + contrib.rocks placeholders present
• repo-standards / required-gate green on this PR
• Visual check of the rendered template hero + Stats once the branch renders on GitHub

Notes

• Guidelines structured as a docs/standards/ multi-file set (the recommended option). If you'd rather have a single STANDARDS.md, it flattens trivially — say the word.
• The docs/standards/ content is drawn directly from your ultraplan brief and adapted to the actual ResQ stack.

Summary by CodeRabbit

Release Notes

• Documentation
  • Streamlined onboarding with simplified single-command installation and automatic setup
  • Introduced comprehensive org-wide engineering standards framework covering baseline requirements, language-specific guidance, safety protocols for critical systems, and security best practices
  • Enhanced README with improved layout and activity stats section

[coderabbitai]

Warning

Review limit reached

@WomB0ComB0, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 48 minutes and 57 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more credits in the billing tab to continue.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d4599cfc-0563-4f07-9694-6b7836c73125

📥 Commits

Reviewing files that changed from the base of the PR and between 16ad039 and d4e10c4.

📒 Files selected for processing (4)

• CONTRIBUTING.md
• README.template.md
• docs/standards/02-languages.md
• docs/standards/04-security.md

📝 Walkthrough

Walkthrough

This PR establishes a comprehensive org-wide engineering standards framework with four tiers (baseline CI and hard rules, language-specific tooling, safety/critical systems overlay, and security overlay), documents each tier with actionable guidance, integrates the standards into contributor onboarding, and updates repository template presentation.

Changes

Engineering Standards Framework and Onboarding

Layer / File(s)	Summary
Standards framework index docs/standards/README.md	Foundational index explaining the four-tier model (baseline, language, safety, security), enforcement via CI and review, allowed deviations via AGENTS.md, and reference standards by area.
Tier 1 baseline standards docs/standards/01-baseline.md	Baseline CI requirements (formatter, linter, type checker, tests, security scan), hard rules for security/error handling/timeouts/retries, code shape and logging guidance, repository hygiene, and definition of done.
Tier 2 language enforcement docs/standards/02-languages.md	Language-specific standards for TypeScript (strict tsconfig, no any), JavaScript (ESLint, ESM), Python (Ruff, Pyright/mypy, pytest, Bandit), C# (nullable, conventions), Rust (fmt/clippy/audit/deny), C/C++ (clang-format/tidy, sanitizers), Shell (ShellCheck, strict options), SQL (SQLFluff, parameterized queries), and Markdown/JSON/YAML (Prettier, yamllint).
Tier 3 safety overlay docs/standards/03-safety-overlay.md	Critical systems standards for firmware, robotics, and Rust unsafe code: Power of Ten checklist, bounded loops, no post-init dynamic allocation, runtime checks, pointer restrictions, Rust unsafe block scoping and fuzz testing, operational discipline (retries, timeouts, validation, immutability), and verification expectations (static analysis, sanitizer builds, pinned toolchains).
Tier 4 security overlay docs/standards/04-security.md	Security pre-merge checklist, secret management guidance, reference standards (OWASP ASVS, CERT, Semgrep, CodeQL), web security (CSP, headers, SRI), cryptography/authentication best practices (vetted libraries, constant-time, scoped tokens), and incident response pointing to SECURITY.md.
Contributor onboarding and repo reference points CONTRIBUTING.md, README.md	Simplified installation via single get.resq.software command (SHA256-verified, cargo fallback, hook installation, local-pre-push scaffolding). New "Engineering standards" section in CONTRIBUTING describes the four-tier model and links to docs/standards/. README updated with docs/standards/ table entry.
Documentation template and presentation updates README.template.md	Hero section refactored to centered <div> layout with consolidated badges (flat style, ResQ color convention), old badge variants removed. Table of Contents extended with "Stats" entry. New Stats section embeds Repobeats activity graph and contributor avatars widget.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• resq-software/.github#1: Both PRs update onboarding/get-started documentation for installing the resq CLI (SHA-verified with cargo install --git fallback) and deploying canonical git hooks with a repo-aware local-pre-push scaffold.

Poem

🐰 Standards bunny hops,
Tiers of rules, no safety stops,
Four-fold wisdom, clean and bright,
Baseline, lang, safe, and security tight! 🌟

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly describes the main changes: documentation additions for org-wide engineering standards and README template editorial updates.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/engineering-standards-and-readme-style

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request introduces a comprehensive, three-tier engineering standards framework under docs/standards/ covering baseline requirements, language-specific guidelines, safety-critical overlays, and security practices. It also updates CONTRIBUTING.md and README.md to reference these standards, and modernizes README.template.md with a centered hero layout and a new stats section. The review feedback suggests minor improvements to the documentation files: correcting the image source in the README template to match its scaled-down size, removing a Rust source-level attribute from a command-line block in the language standards, and converting the security pre-merge checklist from plain text to a standard Markdown task list for interactive rendering.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@CONTRIBUTING.md`:
- Line 59: Update the wording that misstates the tier count: replace the string
"three-tier model:" in CONTRIBUTING.md (currently at the header line containing
"three-tier model:") with "four-tier model:" and optionally rename the Security
bullet to "Tier 4 — Security overlay" for consistency; also update the README
text that reads "the three-tier model (baseline, per-language, safety overlay) +
security overlay" to "the four-tier model (baseline, language, safety overlay,
security overlay)" so both docs align with the four-tier structure defined in
docs/standards and the PR objectives.
- Around line 56-71: The "Engineering standards" section currently calls this a
"three-tier model" but enumerates four items; update the descriptive text under
the "## Engineering standards" header to say "four-tier model" and optionally
change the "Security overlay" list item to "Tier 4 — Security overlay" to match
the naming pattern used for the other items (keep the existing item names: "Tier
1 — Baseline", "Tier 2 — Language enforcement", "Tier 3 — Safety overlay", and
change the last item to "Tier 4 — Security overlay").

In `@docs/standards/04-security.md`:
- Line 28: Update the markdown link in docs/standards/04-security.md that
currently references `security-scan.yml` but points to
`../../.github/workflows/README.md`; change the link target to the actual
workflow file `../../.github/workflows/security-scan.yml` so the visible text
and href match (verify the bracketed text `security-scan.yml` remains and only
the target path is replaced).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 7a2ff560-e8ba-4863-ae36-01b6e0841c73

📥 Commits

Reviewing files that changed from the base of the PR and between 0947449 and 16ad039.

📒 Files selected for processing (8)

• CONTRIBUTING.md
• README.md
• README.template.md
• docs/standards/01-baseline.md
• docs/standards/02-languages.md
• docs/standards/03-safety-overlay.md
• docs/standards/04-security.md
• docs/standards/README.md