Introduces Coding Standards and Contribution Guidelines (#341)

Signed-off-by: Pierre 'McFly' Marty <pmarty@linagora.com>

Author: pm-McFly

.eslintrc.cjs

@@ -0,0 +1,96 @@
+name: Bug report
+description: Something does not behave as expected.
+labels: ["bug"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Before filing: search open and closed issues to avoid duplicates.
+        Fill every required field — incomplete reports will be closed.
+
+  - type: dropdown
+    id: package
+    attributes:
+      label: Package
+      description: Which package is affected?
+      options:
+        - amqp-connector
+        - common-settings-bridge
+        - config-parser
+        - crypto
+        - db
+        - federated-identity-service
+        - logger
+        - matrix-identity-server
+        - matrix-resolve
+        - tom-server
+        - utils
+        - "Not sure / multiple"
+    validations:
+      required: true
+
+  - type: input
+    id: version
+    attributes:
+      label: Version
+      description: Output of `npm list` or the package version from `package.json`.
+      placeholder: "e.g. 1.4.2"
+    validations:
+      required: true
+
+  - type: textarea
+    id: description
+    attributes:
+      label: Description
+      description: A clear summary of what is wrong.
+    validations:
+      required: true
+
+  - type: textarea
+    id: steps
+    attributes:
+      label: Steps to reproduce
+      description: Exact steps that reliably trigger the bug.
+      placeholder: |
+        1. Start the server with config ...
+        2. Send request POST /...
+        3. Observe ...
+    validations:
+      required: true
+
+  - type: textarea
+    id: expected
+    attributes:
+      label: Expected behaviour
+      description: What should have happened?
+    validations:
+      required: true
+
+  - type: textarea
+    id: actual
+    attributes:
+      label: Actual behaviour
+      description: What happened instead? Include error messages, stack traces, or logs.
+    validations:
+      required: true
+
+  - type: dropdown
+    id: severity
+    attributes:
+      label: Severity
+      options:
+        - "severity::critical — entire project cannot be used"
+        - "severity::major — some important parts cannot be used"
+        - "severity::moderate — some parts cannot be used"
+        - "severity::minor — some parts are inconvenient to use"
+        - "severity::cosmetic — usage is not impacted"
+    validations:
+      required: true
+
+  - type: textarea
+    id: context
+    attributes:
+      label: Additional context
+      description: Node.js version, OS, relevant config, links to related issues, etc.
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,67 @@
+name: Feature request
+description: Propose a new feature or use case.
+labels: ["feature"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Before filing: search open and closed issues to avoid duplicates.
+        Describe the use case first — proposed solutions without a use case will be closed.
+
+  - type: dropdown
+    id: package
+    attributes:
+      label: Package
+      description: Which package would this affect?
+      options:
+        - amqp-connector
+        - common-settings-bridge
+        - config-parser
+        - crypto
+        - db
+        - federated-identity-service
+        - logger
+        - matrix-identity-server
+        - matrix-resolve
+        - tom-server
+        - utils
+        - "Not sure / multiple"
+    validations:
+      required: true
+
+  - type: textarea
+    id: use_case
+    attributes:
+      label: Use case
+      description: |
+        What are you trying to do and why can't you do it today?
+        Start with the problem, not the solution.
+      placeholder: "As a ... I need to ... because ..."
+    validations:
+      required: true
+
+  - type: textarea
+    id: proposal
+    attributes:
+      label: Proposed solution
+      description: |
+        How do you think this should be solved? API shape, config options, behaviour details.
+        If you're not sure, leave this blank and let the discussion shape it.
+    validations:
+      required: false
+
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives considered
+      description: What other approaches did you consider, and why did you rule them out?
+    validations:
+      required: false
+
+  - type: textarea
+    id: context
+    attributes:
+      label: Additional context
+      description: Links to related issues, prior art, external specs, etc.
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,27 @@
+name: Build
+description: Build packages and upload artifacts
+
+inputs:
+  skip-nx-cache:
+    description: "Skip nx cache when building"
+    required: false
+    default: "false"
+  upload-artifacts:
+    description: Whether to upload dist artifacts
+    default: "false"
+
+runs:
+  using: composite
+  steps:
+    - name: Build all packages
+      run: npx nx affected -t build ${{ inputs.skip-nx-cache == 'true' && '--skip-nx-cache' || '' }}
+      shell: bash
+
+    - name: Upload dist artifacts
+      if: inputs.upload-artifacts == 'true'
+      uses: actions/upload-artifact@v4
+      with:
+        name: dist-artifacts-${{ github.run_id }}
+        path: |
+          packages/*/dist
+        retention-days: 1

.github/actions/build-affected/action.yml

@@ -2,22 +2,26 @@ name: Build
 description: Build packages and upload artifacts
 
 inputs:
+  skip-nx-cache:
+    description: "Skip nx cache when building"
+    required: false
+    default: "false"
   upload-artifacts:
     description: Whether to upload dist artifacts
-    default: 'false'
+    default: "false"
 
 runs:
   using: composite
   steps:
     - name: Build all packages
-      run: npm run build
+      run: npx nx run-many -t build ${{ inputs.skip-nx-cache == 'true' && '--skip-nx-cache' || '' }}
       shell: bash
 
     - name: Upload dist artifacts
       if: inputs.upload-artifacts == 'true'
       uses: actions/upload-artifact@v4
       with:
-        name: dist-artifacts
+        name: dist-artifacts-${{ github.run_id }}
         path: |
           packages/*/dist
         retention-days: 1

.github/actions/build/action.yml

@@ -0,0 +1,45 @@
+## What
+
+<!-- A concise description of what this PR changes. One paragraph is enough. -->
+
+## Why
+
+<!-- Why is this change needed? Link the issue it addresses. -->
+
+Closes #
+
+## How
+
+<!-- Non-obvious implementation decisions, trade-offs, or anything a reviewer should know before reading the diff. Skip if the why + diff are self-explanatory. -->
+
+## Checklist
+
+### Code
+
+- [ ] Tests pass (`npm test`)
+- [ ] Linter is clean (`npm run check`)
+- [ ] No new `any` introduced
+- [ ] No dead code or commented-out blocks
+- [ ] All other style rules per [CODING_STYLE.md](../CODING_STYLE.md)
+
+### Scope
+
+- [ ] This PR addresses one concern (not a mix of bug fixes, refactors, and features)
+- [ ] Cross-module changes are documented in the description
+
+### Documentation
+
+- [ ] Inline comments explain _why_, not _what_
+- [ ] Relevant docs updated if behaviour changed
+
+### Tests
+
+- [ ] New behaviour is covered by tests
+- [ ] If a new endpoint was added: handler integration test included
+- [ ] If a new service method was added: unit test with stubbed repo included
+
+### Git
+
+- [ ] Commits follow [convco / Conventional Commits](https://convco.github.io/)
+- [ ] Commits are signed (strongly encouraged — see [CONTRIBUTING.md §6](../CONTRIBUTING.md#6-commits--branches))
+- [ ] Branch name follows `<type>/<scope>/<description>` convention

.github/pull_request_template.md

@@ -4,26 +4,28 @@
 # .github/workflows/
 
 ## Purpose
+
 GitHub Actions CI/CD workflow definitions. Uses a reusable workflow pattern where `ci.yml` orchestrates calls to specialized reusable workflows (prefixed with `_`). Covers build validation, testing, linting, security scanning, Docker publishing, documentation deployment, and releases.
 
 ## Key Files
 
-| File | Description |
-|------|-------------|
-| `ci.yml` | Main CI orchestrator — triggers on PR and push, calls reusable workflows |
-| `release.yml` | Release workflow — publishes npm packages and Docker images on tags |
-| `security-scheduled.yml` | Scheduled security scan (runs on cron schedule) |
-| `_build.yml` | Reusable: runs `npm build` and validates compilation |
-| `_test.yml` | Reusable: runs `npm test` with coverage |
-| `_test-ci.yml` | Reusable: CI-optimized test run (with caching) |
-| `_lint.yml` | Reusable: runs ESLint and Prettier checks |
-| `_security.yml` | Reusable: njsscan + dependency audit |
-| `_docker-publish.yml` | Reusable: builds and pushes Docker image to registry |
-| `_docs.yml` | Reusable: deploys Swagger docs to GitHub Pages |
+| File                     | Description                                                              |
+| ------------------------ | ------------------------------------------------------------------------ |
+| `ci.yml`                 | Main CI orchestrator — triggers on PR and push, calls reusable workflows |
+| `release.yml`            | Release workflow — publishes npm packages and Docker images on tags      |
+| `security-scheduled.yml` | Scheduled security scan (runs on cron schedule)                          |
+| `_build.yml`             | Reusable: runs `npm build` and validates compilation                     |
+| `_test.yml`              | Reusable: runs `npm test` with coverage                                  |
+| `_test-ci.yml`           | Reusable: CI-optimized test run (with caching)                           |
+| `_lint.yml`              | Reusable: runs Biome checks                                              |
+| `_security.yml`          | Reusable: njsscan + dependency audit                                     |
+| `_docker-publish.yml`    | Reusable: builds and pushes Docker image to registry                     |
+| `_docs.yml`              | Reusable: deploys Swagger docs to GitHub Pages                           |
 
 ## For AI Agents
 
 ### Working In This Directory
+
 - All reusable workflows start with `_` — call them from `ci.yml` via `uses: ./.github/workflows/_xxx.yml`
 - Secrets referenced: `NPM_TOKEN`, `DOCKER_USERNAME`, `DOCKER_PASSWORD`, `GITHUB_TOKEN`
 - Node.js version is pinned via `.node-version` file at the repo root

.github/workflows/AGENTS.md

@@ -0,0 +1,44 @@
+name: Build
+
+on:
+  workflow_call:
+    inputs:
+      skip-nx-cache:
+        description: "Skip nx cache when building"
+        required: false
+        type: boolean
+        default: false
+      upload-artifacts:
+        type: boolean
+        default: false
+    secrets:
+      NX_CLOUD_ACCESS_TOKEN:
+        required: false
+
+permissions:
+  actions: read
+  contents: read
+
+jobs:
+  build:
+    name: Build Affected Packages
+    runs-on: ubuntu-latest
+    env:
+      NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+
+      - name: Setup Nx SHAs
+        uses: nrwl/nx-set-shas@v4
+
+      - name: Build
+        uses: ./.github/actions/build-affected
+        with:
+          skip-nx-cache: ${{ inputs.skip-nx-cache }}
+          upload-artifacts: ${{ inputs.upload-artifacts }}