feat(standards): repo-conformance check + get.resq.software install

[WomB0ComB0]

Summary

Two complementary changes — improving the org README template and adding a
GitHub-native way to enforce template/standards conformance across all
resq-software/* repos.

1. Enforce conformance — repo-standards.yml

A new reusable workflow that validates a repo against the org baseline:

• a detectable LICENSE/COPYING file (org standard: Apache-2.0)
• a non-stub README.md with a top-level title
• no unrendered {{PLACEHOLDER}} template tokens (threshold-based: ≥3
  distinct tokens, excluding the literal {{PLACEHOLDER}} meta-example, so
  docs that merely mention the syntax don't false-trip)
• no leftover ResQ README Template scaffold marker

It's wired into:

• required.yml → every consumer repo inherits it through the existing
  single required status check gated by org ruleset
  default-branch-baseline (id 15191038). No consumer-repo change needed.
• required-gate.yml → this repo dogfoods the check on its own PRs.

Warn-by-default, matching the org's audit→enforce pattern (harden-runner
audit, rulesets evaluate). Violations surface as ::warning annotations
without failing the build. Flip to hard enforcement per-repo with:

uses: resq-software/.github/.github/workflows/required.yml@main
with:
  lang: rust
  repo-standards-strict: true

2. get.resq.software install endpoint

• profile/README.md — collapse the two-curl onboarding into a single
  curl -fsSL https://get.resq.software | sh. Verified the served script
  (install.sh) does both the SHA256-verified resq binary install and the
  git-hook setup, so the second curl is redundant.
• README.template.md — add a "ResQ CLI" install block (one-liner +
  inspect-before-run variant).
• .github/workflows/README.md — document repo-standards.yml and the
  repo-standards-strict toggle.

Conformance audit (what warn-mode will surface, current public repos)

Repo	GitHub-detected license	Note
viz, vcpkg, pypi	Apache-2.0	ok
docs	MIT	divergent license
ardupilot	GPL-3.0	upstream fork — expected
landing, npm	NOASSERTION	LICENSE present but unclassified
programs, crates, dotnet-sdk, dev	NONE	no LICENSE detected — top fix candidates

repo-standards checks for a LICENSE file (more lenient than GitHub's SPDX
detector), so NOASSERTION repos pass; NONE repos are the real gaps.

Test plan

• actionlint clean on repo-standards.yml, required.yml, required-gate.yml (incl. shellcheck on run: blocks)
• Local sim of the check logic: this repo passes (LICENSE present, titled README, 0 distinct placeholder tokens after excluding the meta-example)
• Threshold logic verified: README.template.md → 32 distinct tokens (would flag); README.md → 0 (won't)
• CI green on this PR via required-gate (repo-standards runs in warn mode)
• After merge: confirm a consumer repo's next required.yml@main run shows the repo-standards job

Notes

• Backward-compatible: required.yml gains one optional input
  (repo-standards-strict, default false); existing callers are unaffected.
• Independent of the in-flight language-standards rollout (this is the
  template/repo-conformance layer, not language CI).

[coderabbitai]

Warning

Review limit reached

@WomB0ComB0, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 4 minutes and 19 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more credits in the billing tab to continue.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 210a0602-7cbe-4562-8f6c-47efda666ca1

📥 Commits

Reviewing files that changed from the base of the PR and between 73b9edb and 5cbffbc.

📒 Files selected for processing (6)

• .github/workflows/README.md
• .github/workflows/repo-standards.yml
• .github/workflows/required-gate.yml
• .github/workflows/required.yml
• README.template.md
• profile/README.md

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/repo-standards-and-template

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request simplifies the ResQ CLI installation instructions in both README.template.md and profile/README.md by replacing a multi-step setup with a single-line installation command, while also providing a safer alternative that downloads the script for inspection before execution. The reviewer's feedback correctly points out that using a generic filename like install.sh in the multi-step instructions risks overwriting existing files, and suggests using a more specific filename like install-resq.sh instead.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.