asmotim · asmotim · Apr 19, 2026 · Apr 19, 2026
@@ -0,0 +1,61 @@
+name: Bug report
+description: Report a defect in plugin behavior.
+title: "bug: "
+labels:
+  - bug
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for reporting a bug. Please sanitize logs and never include tokens or private note content.
+  - type: input
+    id: obsidian_version
+    attributes:
+      label: Obsidian version
+      placeholder: e.g. 1.8.10
+    validations:
+      required: true
+  - type: input
+    id: plugin_version
+    attributes:
+      label: Plugin version / commit
+      placeholder: e.g. 1.0.5 or commit SHA
+    validations:
+      required: true
+  - type: dropdown
+    id: platform
+    attributes:
+      label: Platform
+      options:
+        - macOS desktop
+        - Windows desktop
+        - Linux desktop
+        - iOS
+        - Android
+        - Other
+    validations:
+      required: true
+  - type: textarea
+    id: steps
+    attributes:
+      label: Steps to reproduce
+      placeholder: Clear step-by-step reproduction.
+    validations:
+      required: true
+  - type: textarea
+    id: expected
+    attributes:
+      label: Expected behavior
+    validations:
+      required: true
+  - type: textarea
+    id: actual
+    attributes:
+      label: Actual behavior
+    validations:
+      required: true
+  - type: textarea
+    id: logs
+    attributes:
+      label: Sanitized logs or screenshots
+      description: Remove tokens, repository names, and private note content as needed.
@@ -0,0 +1,5 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Security issue
+    url: https://github.com/asmotim/obsidian-github-api-sync/security/policy
+    about: Please do not report security vulnerabilities publicly.
@@ -0,0 +1,35 @@
+name: Feature proposal
+description: Propose a bounded feature or improvement.
+title: "feat: "
+labels:
+  - enhancement
+body:
+  - type: textarea
+    id: problem
+    attributes:
+      label: Problem statement
+      placeholder: What problem are you trying to solve?
+    validations:
+      required: true
+  - type: textarea
+    id: proposal
+    attributes:
+      label: Proposed change
+      placeholder: Describe the desired behavior.
+    validations:
+      required: true
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Existing alternatives / build-vs-integrate notes
+      placeholder: What platform or GitHub capability did you consider instead?
+  - type: checkboxes
+    id: impact
+    attributes:
+      label: Likely impact
+      options:
+        - label: touches auth or token handling
+        - label: touches conflict semantics
+        - label: touches release or packaging policy
+        - label: touches mobile/runtime compatibility
+        - label: likely needs an ADR
@@ -0,0 +1,60 @@
+name: Sync regression
+description: Report a sync planner, conflict, or remote/local divergence issue.
+title: "sync: "
+labels:
+  - bug
+  - sync
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this template for planner, engine, rename, delete, or conflict regressions. Do not include tokens.
+  - type: input
+    id: plugin_version
+    attributes:
+      label: Plugin version / commit
+    validations:
+      required: true
+  - type: input
+    id: branch
+    attributes:
+      label: GitHub branch
+      placeholder: e.g. main
+    validations:
+      required: true
+  - type: dropdown
+    id: conflict_policy
+    attributes:
+      label: Conflict policy
+      options:
+        - manual
+        - keepBoth
+        - preferLocal
+        - preferRemote
+        - unknown
+    validations:
+      required: true
+  - type: textarea
+    id: scenario
+    attributes:
+      label: Scenario
+      placeholder: Which files changed where, in what order, on which devices?
+    validations:
+      required: true
+  - type: textarea
+    id: expected
+    attributes:
+      label: Expected sync result
+    validations:
+      required: true
+  - type: textarea
+    id: actual
+    attributes:
+      label: Actual sync result
+    validations:
+      required: true
+  - type: textarea
+    id: evidence
+    attributes:
+      label: Sanitized evidence
+      description: Include logs, screenshots, or a minimal file tree if helpful.
@@ -0,0 +1,20 @@
+## Summary
+
+<!-- What changed and why? -->
+
+## Validation
+
+- [ ] `npm run validate`
+- [ ] `npm run typecheck`
+- [ ] `npm run lint`
+- [ ] `npm test`
+- [ ] `npm run build`
+- [ ] `npm run release:preflight`
+
+## Checklist
+
+- [ ] docs updated if behavior, security posture, or release process changed
+- [ ] tests added or updated for non-trivial logic changes
+- [ ] no real secrets or private note data included
+- [ ] plugin identity was not changed casually; ADR-0002 respected
+- [ ] README disclosures remain accurate
@@ -0,0 +1,12 @@
+version: 2
+updates:
+  - package-ecosystem: npm
+    directory: "/"
+    schedule:
+      interval: weekly
+    open-pull-requests-limit: 5
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: weekly
+    open-pull-requests-limit: 5
@@ -0,0 +1,57 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ci-${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  build-and-test:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: npm
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Validate manifest and governance
+        run: npm run governance:check
+
+      - name: Typecheck
+        run: npm run typecheck
+
+      - name: Lint
+        run: npm run lint
+
+      - name: Test
+        run: npm test
+
+      - name: Build
+        run: npm run build
+
+      - name: Release preflight
+        run: npm run release:preflight
+
+      - name: Upload dist artifact
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/
+          if-no-files-found: warn
@@ -0,0 +1,36 @@
+name: CodeQL
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+  schedule:
+    - cron: '19 4 * * 1'
+
+permissions:
+  actions: read
+  contents: read
+  security-events: write
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: javascript-typescript
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+
+      - name: Perform CodeQL analysis
+        uses: github/codeql-action/analyze@v3
@@ -0,0 +1,35 @@
+name: Governance audit
+
+on:
+  schedule:
+    - cron: '31 4 * * 3'
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  governance-audit:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: npm
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Governance checks
+        run: npm run governance:check
+
+      - name: Build
+        run: npm run build
+
+      - name: Release preflight
+        run: npm run release:preflight