Merge branch 'main' into split/pr75-sync-foundation

Author: ndycode

.github/ISSUE_TEMPLATE/config.yml

@@ -1,11 +1,11 @@
 blank_issues_enabled: false
 contact_links:
+  - name: Getting Started and Troubleshooting
+    url: https://github.com/ndycode/oc-chatgpt-multi-auth/tree/main/docs
+    about: Read the setup, configuration, FAQ, and troubleshooting guides before opening a new issue
   - name: OpenAI Support
     url: https://help.openai.com/
     about: For ChatGPT account or subscription issues, contact OpenAI directly
   - name: OpenAI Terms of Service
     url: https://openai.com/policies/terms-of-use/
     about: Review OpenAI's Terms of Service for compliance questions
-  - name: Discussions
-    url: https://github.com/numman-ali/opencode-openai-codex-auth/discussions
-    about: Ask questions or discuss the plugin with the community

.github/pull_request_template.md

@@ -0,0 +1,24 @@
+<!-- Maintainer note: the anti-slop canary token is configured in .github/workflows/pr-quality.yml under blocked-terms. Keep the template and workflow in sync, and do not put the raw token in contributor-facing files. -->
+
+## Summary
+
+- What changed?
+- Why is this needed?
+
+## Testing
+
+- [ ] `npm run lint`
+- [ ] `npm run build`
+- [ ] `npm test`
+- [ ] Not applicable
+
+## Compliance Confirmation
+
+- [ ] This change stays within the repository scope and OpenAI Terms of Service expectations.
+- [ ] This change uses official authentication flows only and does not add bypass, scraping, or credential-sharing behavior.
+- [ ] I updated tests and documentation when the change affected users, maintainers, or repository behavior.
+
+## Notes
+
+- Linked issue:
+- Follow-up work or rollout notes:

.github/workflows/pr-quality.yml

@@ -0,0 +1,55 @@
+name: PR Quality
+
+permissions:
+  contents: read
+  issues: read
+  pull-requests: write
+
+on:
+  # Use pull_request_target so the action can comment on fork PRs without
+  # checking out or executing contributor code from the PR branch.
+  pull_request_target:
+    types:
+      - opened
+      - reopened
+      - synchronize
+      - edited
+      - ready_for_review
+      - labeled
+      - unlabeled
+
+jobs:
+  anti-slop:
+    runs-on: ubuntu-latest
+    concurrency:
+      group: pr-quality-${{ github.event.pull_request.number }}
+      cancel-in-progress: true
+    steps:
+      - name: Screen pull request quality
+        uses: peakoss/anti-slop@85daca1880e9e1af197fc06ea03349daf08f4202 # v0.2.1
+        with:
+          max-failures: 1
+          require-pr-template: true
+          # Keep this public canary aligned with the hidden template note below.
+          # It is best-effort only, so rotate it if it becomes noisy or stale.
+          blocked-terms: |
+            OBSIDIAN1455
+          # anti-slop documents exact file and folder entries here, so this
+          # list guards the canonical metadata files and PR screening surfaces.
+          blocked-paths: |
+            SECURITY.md
+            LICENSE
+            CODE_OF_CONDUCT.md
+            CODEOWNERS
+            .github/workflows/pr-quality.yml
+            .github/pull_request_template.md
+          exempt-label: exempt
+          exempt-draft-prs: true
+          close-pr: false
+          lock-pr: false
+          failure-pr-message: |
+            Thanks for the contribution. This repository automatically screens pull requests for incomplete, low-signal, or non-compliant submissions before maintainers spend review time.
+
+            Please review CONTRIBUTING.md, complete the PR template with concrete summary and testing details, and update the PR if anything important is missing.
+
+            If this looks like a false positive, a maintainer can override the workflow with the `exempt` label after review.

CHANGELOG.md

@@ -17,6 +17,7 @@ all notable changes to this project. dates are ISO format (YYYY-MM-DD).
 
 - **account storage schema**: V3 account metadata now includes optional `accountTags` and `accountNote`.
 - **docs refresh for operational flows**: README + docs portal/development guides updated to reflect beginner commands, safe mode, interactive picker behavior, and backup/import safeguards.
+- **repository presentation refresh**: rewrote the README as a landing page, added a public FAQ and code of conduct, refreshed package metadata, and removed stale CI/test claims from public docs surfaces.
 - **test matrix expansion**: coverage now includes beginner UI helpers, safe-fix diagnostics edge cases, tag/note command behavior, and timestamped backup/import preview utilities.
 
 ### fixed

CODE_OF_CONDUCT.md

@@ -0,0 +1,31 @@
+# Code of Conduct
+
+## Our Standard
+
+This project expects respectful, practical, and security-conscious collaboration.
+
+Examples of behavior that supports a productive environment:
+
+- being respectful in discussion, code review, and issue reports
+- focusing on reproducible problems and concrete improvements
+- being clear about limitations, risks, and compliance boundaries
+- helping other contributors use the project responsibly
+
+Examples of unacceptable behavior:
+
+- harassment, insults, or personal attacks
+- requests for help violating platform terms or bypassing safeguards
+- sharing credentials, tokens, or private account data
+- encouraging commercial misuse or multi-user abuse of personal subscriptions
+
+## Scope
+
+This code of conduct applies to issues, pull requests, discussions around the repository, and other project spaces where contributors represent the project.
+
+## Reporting
+
+For conduct concerns, contact the maintainer through GitHub or the security contact path in [SECURITY.md](SECURITY.md) when privacy is important.
+
+## Enforcement
+
+Project maintainers may remove, edit, or reject contributions and interactions that do not align with this code of conduct.

CONTRIBUTING.md

@@ -1,8 +1,8 @@
-# Contributing Guidelines
+# Contributing
 
-Thank you for your interest in contributing to oc-chatgpt-multi-auth!
+Thank you for contributing to `oc-chatgpt-multi-auth`.
 
-Before submitting contributions, please review these guidelines to ensure all changes maintain compliance with OpenAI's Terms of Service and the project's goals.
+This project accepts improvements that make the OpenCode plugin clearer, safer, easier to maintain, and more useful for personal development workflows.
 
 ## Compliance Requirements
 
@@ -33,13 +33,28 @@ All contributions MUST:
 - Credential sharing mechanisms
 - Features designed to violate OpenAI's terms
 
+## Scope and Compliance
+
+Contributions should stay within the project's intended scope:
+
+- personal development workflows in OpenCode
+- official OAuth authentication flows
+- reliable GPT-5/Codex model support
+- documentation, debugging, testing, and maintainability improvements
+
+The project does not accept work aimed at:
+
+- commercial resale or shared multi-user access
+- bypassing safeguards, scraping sessions, or avoiding platform controls
+- misleading documentation or exaggerated capability claims
+
 ## Code Standards
 
 - **TypeScript:** All code must be TypeScript with strict type checking
-- **Testing:** Include tests for new functionality (we maintain 200+ unit tests)
+- **Testing:** Include or update tests for behavioral changes
 - **Documentation:** Update README.md for user-facing changes
-- **Modular design:** Keep functions focused and under 40 lines
-- **No external dependencies:** Minimize dependencies (currently only @openauthjs/openauth)
+- **Modular design:** Keep functions focused and easy to review
+- **Dependencies:** Add new dependencies only when the benefit is clear
 
 ## Pull Request Process
 
@@ -48,8 +63,13 @@ All contributions MUST:
 3. **Include tests** for new functionality
 4. **Update documentation** (README.md, config examples, etc.)
 5. **Ensure compliance** with guidelines above
-6. **Test thoroughly** with actual ChatGPT Plus/Pro account
-7. **Submit PR** with clear description of changes
+6. **Test thoroughly** with the most appropriate validation for the change
+7. **Complete the pull request template** with summary, testing, and compliance details
+8. **Submit PR** with clear description of changes
+
+Pull requests are automatically screened for incomplete or suspicious submissions. Legitimate contributions are still welcome, but low-signal PRs may be flagged for maintainer review before they move forward.
+
+If a PR is flagged incorrectly, a maintainer can override the workflow with the `exempt` label after review.
 
 ## Reporting Issues
 
@@ -107,30 +127,18 @@ We will decline features that:
 
 ## Code of Conduct
 
-### Our Standards
-
-✅ **Encouraged:**
-- Respectful and constructive communication
-- Focus on legitimate use cases
-- Transparency about limitations and compliance
-- Helping other users with proper usage
-
-❌ **Not Acceptable:**
-- Requesting help with TOS violations
-- Promoting commercial misuse
-- Hostile or disrespectful behavior
-- Sharing credentials or tokens
+All contributors are expected to follow [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md).
 
 ## Questions?
 
 For questions about:
-- **Plugin usage:** Open a GitHub issue
-- **OpenAI's terms:** Contact OpenAI support
-- **Contributing:** Open a discussion thread
+- **Plugin usage:** open a GitHub issue
+- **OpenAI's terms:** contact OpenAI support
+- **Contributing:** open an issue describing the proposed change
 
 ## License
 
-By contributing, you agree that your contributions will be licensed under the MIT License with Usage Disclaimer (see LICENSE file).
+By contributing, you agree that your contributions will be licensed under the MIT License (see [LICENSE](LICENSE)).
 
 ---