chore: production repo setup — templates, security, contributing, automated changelog

Added:
- CONTRIBUTING.md — dev setup, commit conventions, code style
- SECURITY.md — vulnerability reporting, attack surface documentation
- .github/ISSUE_TEMPLATE/bug_report.yml — structured bug reports
- .github/ISSUE_TEMPLATE/feature_request.yml — structured feature requests
- .github/PULL_REQUEST_TEMPLATE.md — PR checklist
- .github/FUNDING.yml — GitHub Sponsors
- .github/release-drafter.yml — auto-generates release notes from PR labels
- .github/workflows/release-drafter.yml — runs on push to main and PR events

Changed:
- Cargo.toml — added keywords, categories, homepage, readme, rust-version
- .gitignore — organized by section, added .claude/ exclusion

Author: santoshkumarradha

.github/FUNDING.yml

@@ -0,0 +1 @@
+github: [Agent-Field]

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,46 @@
+name: Bug Report
+description: Something isn't working as expected
+labels: ["bug"]
+body:
+  - type: textarea
+    id: description
+    attributes:
+      label: What happened?
+      description: Clear description of the bug.
+    validations:
+      required: true
+  - type: textarea
+    id: reproduce
+    attributes:
+      label: Steps to reproduce
+      description: Minimal commands to reproduce the issue.
+      placeholder: |
+        plandb init "test"
+        plandb add "Task A" --as a
+        plandb add "Task B" --dep t-a
+        # expected: ...
+        # actual: ...
+    validations:
+      required: true
+  - type: input
+    id: version
+    attributes:
+      label: PlanDB version
+      description: Output of `plandb --version`
+    validations:
+      required: true
+  - type: dropdown
+    id: interface
+    attributes:
+      label: Interface
+      options:
+        - CLI
+        - MCP
+        - HTTP
+    validations:
+      required: true
+  - type: input
+    id: os
+    attributes:
+      label: OS
+      placeholder: macOS 15.2 / Ubuntu 24.04 / Windows 11

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,28 @@
+name: Feature Request
+description: Suggest a new capability
+labels: ["enhancement"]
+body:
+  - type: textarea
+    id: problem
+    attributes:
+      label: What problem does this solve?
+      description: Describe the use case. What are you trying to do that PlanDB doesn't support?
+    validations:
+      required: true
+  - type: textarea
+    id: solution
+    attributes:
+      label: Proposed solution
+      description: How should this work? Include example commands if possible.
+      placeholder: |
+        plandb <new-command> --flag value
+        # expected behavior: ...
+  - type: dropdown
+    id: interface
+    attributes:
+      label: Which interface?
+      options:
+        - CLI
+        - MCP
+        - HTTP
+        - All

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,13 @@
+## Summary
+
+<!-- What does this PR do? 1-3 bullet points. -->
+
+## Test plan
+
+- [ ] `cargo test` passes
+- [ ] `bash tests/functional_test.sh` passes
+- [ ] Tested manually with `plandb` CLI
+
+<!-- For new features: -->
+<!-- - [ ] Added to CHANGELOG.md -->
+<!-- - [ ] Prompts updated (CLI, MCP, HTTP) if user-facing -->

.github/release-drafter.yml

@@ -0,0 +1,61 @@
+name-template: 'PlanDB v$RESOLVED_VERSION'
+tag-template: 'v$RESOLVED_VERSION'
+template: |
+  ## What's Changed
+
+  $CHANGES
+
+  **Full Changelog**: https://github.com/Agent-Field/plandb/compare/$PREVIOUS_TAG...v$RESOLVED_VERSION
+categories:
+  - title: New Features
+    labels:
+      - feat
+      - enhancement
+  - title: Bug Fixes
+    labels:
+      - bug
+      - fix
+  - title: Improvements
+    labels:
+      - refactor
+      - perf
+  - title: Documentation
+    labels:
+      - docs
+      - documentation
+  - title: CI/CD
+    labels:
+      - ci
+      - chore
+version-resolver:
+  major:
+    labels:
+      - breaking
+  minor:
+    labels:
+      - feat
+      - enhancement
+  patch:
+    labels:
+      - bug
+      - fix
+      - refactor
+      - docs
+  default: patch
+autolabeler:
+  - label: feat
+    title:
+      - '/^feat/i'
+  - label: fix
+    title:
+      - '/^fix/i'
+  - label: docs
+    title:
+      - '/^docs/i'
+  - label: refactor
+    title:
+      - '/^refactor/i'
+  - label: ci
+    title:
+      - '/^ci/i'
+      - '/^chore/i'

.github/workflows/release-drafter.yml

@@ -0,0 +1,21 @@
+name: Release Drafter
+
+on:
+  push:
+    branches: [main]
+  pull_request_target:
+    types: [opened, reopened, synchronize]
+
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  update-release-draft:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: release-drafter/release-drafter@v6
+        with:
+          config-name: release-drafter.yml
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -1,13 +1,20 @@
 /target/
+**/target/
+
+# SQLite databases (local state)
 *.db
 *.db-wal
 *.db-shm
+
+# OS
 .DS_Store
-experiments/*/plandb.db
-experiments/*/.venv/
-experiments/*/__pycache__/
+
+# Python
 **/__pycache__/
 *.pyc
-docs/plans/
+experiments/*/.venv/
+
+# Local / editor
+.claude/
 .worktrees/
-**/target/
+docs/plans/

CONTRIBUTING.md

@@ -0,0 +1,54 @@
+# Contributing to PlanDB
+
+Thanks for your interest in contributing. Here's how to get started.
+
+## Development Setup
+
+```bash
+git clone https://github.com/Agent-Field/plandb.git
+cd plandb
+cargo build
+cargo test
+bash tests/functional_test.sh
+```
+
+Requires Rust 1.75+. No other dependencies — SQLite is bundled.
+
+## Making Changes
+
+1. Fork the repo and create a branch from `main`
+2. Make your changes
+3. Run `cargo test` and `bash tests/functional_test.sh`
+4. Open a PR against `main`
+
+CI must pass before merge. Branch protection requires the `test` status check.
+
+## Commit Messages
+
+Follow [Conventional Commits](https://www.conventionalcommits.org/):
+
+```
+feat: add new command
+fix: handle edge case in batch import
+refactor: simplify context store lookup
+docs: update README
+ci: add clippy check
+test: add functional test for hooks
+```
+
+## What to Work On
+
+- Issues labeled `good first issue` are a great starting point
+- Check the [CHANGELOG](CHANGELOG.md) for context on recent changes
+- Run `plandb --help` to understand the full command surface
+
+## Code Style
+
+- `cargo fmt` for formatting
+- `cargo clippy` for lints
+- Keep functions under 50 lines where possible
+- Prefer explicit error handling over `.unwrap()`
+
+## License
+
+By contributing, you agree that your contributions will be licensed under the Apache License 2.0.

Cargo.toml

@@ -2,9 +2,14 @@
 name = "plandb"
 version = "0.1.0"
 edition = "2021"
+rust-version = "1.75"
 description = "The issue tracker your AI agents are missing"
 license = "Apache-2.0"
 repository = "https://github.com/Agent-Field/plandb"
+homepage = "https://agentfield.ai"
+readme = "README.md"
+keywords = ["ai-agents", "task-graph", "orchestration", "mcp", "planning"]
+categories = ["command-line-utilities", "database"]
 
 [dependencies]
 # CLI

SECURITY.md

@@ -0,0 +1,28 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability in PlanDB, please report it responsibly.
+
+**Email:** security@agentfield.ai
+
+Please include:
+- Description of the vulnerability
+- Steps to reproduce
+- Impact assessment
+
+We will acknowledge reports within 48 hours and aim to release a fix within 7 days for critical issues.
+
+## Scope
+
+PlanDB runs as a local binary with a SQLite database. The primary attack surfaces are:
+
+- **HTTP server mode** (`plandb serve`) — exposed network endpoints
+- **MCP server mode** (`plandb mcp`) — tool call handling
+- **Shell hooks** (`--pre-hook`, `--post-hook`) — arbitrary command execution by design
+- **YAML import** (`plandb import`) — deserialization of untrusted input
+- **Template URLs** — fetching and parsing remote YAML files
+
+## Supported Versions
+
+Only the latest release receives security updates.