chore: seed org-default community health files + reusable workflows

.github/FUNDING.yml

@@ -0,0 +1,10 @@
+# Uncomment one or more lines below to enable funding links across Quirk Systems
+# repositories. See:
+# https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository
+#
+# github: [quirk-systems]
+# patreon: # Replace with a single Patreon username
+# open_collective: # Replace with a single Open Collective username
+# ko_fi: # Replace with a single Ko-fi username
+# tidelift: # Replace with a single Tidelift platform-name/package-name
+# custom: # Replace with up to 4 custom sponsorship URLs

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,75 @@
+name: Bug report
+description: Report something that isn't working as expected.
+title: "[Bug]: "
+labels: ["bug", "needs-triage"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to file a bug report. The more detail you can give, the faster we can fix it.
+  - type: input
+    id: summary
+    attributes:
+      label: Summary
+      description: One-sentence description of the bug.
+      placeholder: e.g. "Vitest fails to find setup file when running with --coverage"
+    validations:
+      required: true
+  - type: textarea
+    id: repro
+    attributes:
+      label: Reproduction steps
+      description: Minimal steps to reproduce. Numbered list preferred.
+      placeholder: |
+        1. Clone the repo
+        2. Run `bun install`
+        3. Run `bun run test:coverage`
+        4. Observe the error
+    validations:
+      required: true
+  - type: textarea
+    id: expected
+    attributes:
+      label: Expected behavior
+    validations:
+      required: true
+  - type: textarea
+    id: actual
+    attributes:
+      label: Actual behavior
+      description: Include error messages and stack traces if relevant. Use code blocks.
+    validations:
+      required: true
+  - type: input
+    id: repo
+    attributes:
+      label: Repository
+      description: Which Quirk Systems repo is affected?
+      placeholder: e.g. project-scaffold
+    validations:
+      required: true
+  - type: input
+    id: version
+    attributes:
+      label: Version / commit
+      description: Tag, version number, or commit SHA.
+    validations:
+      required: false
+  - type: textarea
+    id: env
+    attributes:
+      label: Environment
+      description: OS, runtime versions (Node, Bun), browser if relevant.
+      placeholder: |
+        - OS: macOS 14.5
+        - Bun: 1.1.30
+        - Node: 20.18.0
+    validations:
+      required: false
+  - type: textarea
+    id: logs
+    attributes:
+      label: Logs / screenshots
+      description: Paste relevant logs (use code blocks) or attach screenshots.
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Security vulnerability
+    url: https://github.com/quirk-systems/.github/security/policy
+    about: Please do not open a public issue for security vulnerabilities. See our security policy for private reporting instructions.

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,40 @@
+name: Feature request
+description: Propose a new feature or enhancement.
+title: "[Feature]: "
+labels: ["enhancement", "needs-triage"]
+body:
+  - type: textarea
+    id: problem
+    attributes:
+      label: Problem
+      description: What problem are you trying to solve? Who hits it and how often?
+    validations:
+      required: true
+  - type: textarea
+    id: solution
+    attributes:
+      label: Proposed solution
+      description: What would you like to see? Sketch the UX or API if possible.
+    validations:
+      required: true
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives considered
+      description: Other approaches you thought about and why you ruled them out.
+    validations:
+      required: false
+  - type: input
+    id: repo
+    attributes:
+      label: Repository
+      description: Which Quirk Systems repo would this land in?
+    validations:
+      required: true
+  - type: textarea
+    id: context
+    attributes:
+      label: Additional context
+      description: Mockups, links to related issues, prior art, etc.
+    validations:
+      required: false

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,22 @@
+## Summary
+
+<!-- 1-3 bullets explaining what changed and why. -->
+
+-
+
+## Test plan
+
+<!-- How did you verify this works? Commands, screenshots, links. -->
+
+- [ ]
+
+## Linked issues
+
+<!-- Closes #123, Refs #456, etc. Delete if none. -->
+
+## Checklist
+
+- [ ] Commits follow [Conventional Commits](https://www.conventionalcommits.org/)
+- [ ] Local validation passes (`bun run validate` or repo equivalent)
+- [ ] Tests added/updated where it makes sense
+- [ ] Docs updated where it makes sense

.github/workflows/reusable-pr-title-lint.yml

@@ -0,0 +1,16 @@
+name: Reusable PR title lint
+
+on:
+  workflow_call:
+
+permissions:
+  pull-requests: read
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Validate PR title against Conventional Commits
+        uses: amannn/action-semantic-pull-request@v5
+        env:
+          GITHUB_TOKEN: ${{ github.token }}

.github/workflows/reusable-validate.yml

@@ -0,0 +1,118 @@
+name: Reusable validate
+
+on:
+  workflow_call:
+    inputs:
+      package-manager:
+        description: "Package manager: bun | pnpm | yarn | npm"
+        required: false
+        type: string
+        default: bun
+      node-version:
+        description: "Node.js version"
+        required: false
+        type: string
+        default: "20"
+      bun-version:
+        description: "Bun version (used when package-manager = bun)"
+        required: false
+        type: string
+        default: latest
+      working-directory:
+        description: "Directory to run commands from"
+        required: false
+        type: string
+        default: "."
+      test-script:
+        description: "Script name for one-shot tests (e.g. test:run, test)"
+        required: false
+        type: string
+        default: "test:run"
+      run-build:
+        description: "Run the build step"
+        required: false
+        type: boolean
+        default: true
+      run-e2e:
+        description: "Run Playwright e2e tests"
+        required: false
+        type: boolean
+        default: false
+      e2e-script:
+        description: "Script name for e2e tests"
+        required: false
+        type: string
+        default: "test:e2e"
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    env:
+      # Quirk Systems repos use t3-env; allow the build to skip strict env
+      # validation when secrets aren't configured in CI.
+      SKIP_ENV_VALIDATION: "1"
+    defaults:
+      run:
+        working-directory: ${{ inputs.working-directory }}
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Bun
+        if: inputs.package-manager == 'bun'
+        uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: ${{ inputs.bun-version }}
+
+      - name: Setup pnpm
+        if: inputs.package-manager == 'pnpm'
+        uses: pnpm/action-setup@v4
+
+      - name: Setup Node.js (with cache)
+        if: inputs.package-manager != 'bun'
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ inputs.node-version }}
+          cache: ${{ inputs.package-manager }}
+
+      - name: Setup Node.js
+        if: inputs.package-manager == 'bun'
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ inputs.node-version }}
+
+      - name: Install dependencies
+        run: |
+          case "${{ inputs.package-manager }}" in
+            bun)   bun install --frozen-lockfile ;;
+            pnpm)  pnpm install --frozen-lockfile ;;
+            yarn)  yarn install --frozen-lockfile ;;
+            npm)   npm ci ;;
+            *) echo "Unknown package manager: ${{ inputs.package-manager }}" && exit 1 ;;
+          esac
+
+      - name: Lint
+        run: ${{ inputs.package-manager }} run lint
+
+      - name: Type-check
+        run: ${{ inputs.package-manager }} run type-check
+
+      - name: Test
+        run: ${{ inputs.package-manager }} run ${{ inputs.test-script }}
+
+      - name: Build
+        if: inputs.run-build
+        run: ${{ inputs.package-manager }} run build
+
+      - name: Install Playwright browsers
+        if: inputs.run-e2e
+        run: |
+          case "${{ inputs.package-manager }}" in
+            bun)   bunx playwright install --with-deps ;;
+            pnpm)  pnpm exec playwright install --with-deps ;;
+            yarn)  yarn playwright install --with-deps ;;
+            npm)   npx playwright install --with-deps ;;
+          esac
+
+      - name: E2E tests
+        if: inputs.run-e2e
+        run: ${{ inputs.package-manager }} run ${{ inputs.e2e-script }}