v1.4.0 — post-release audit pass

Post-release audit pass. Three parallel review tracks (content correctness, repo hygiene, ecosystem alignment) produced 30+ findings; this release folds the top 8 high-impact / low-effort items in. Backward-compatible with v1.3.0 — v=1 blocks unchanged; legacy v=0 blocks still upgrade in place.

Highlights

• Algorithm hardened. ## Managed Block Algorithm now spells out the byte-level rules (BOM preservation, CRLF vs LF detection, trailing-newline preservation, malformed-input abort) and folds the placement rule into the zero-blocks-found branch.
• Detection regex hardened. Portable across GNU grep, BSD grep, and ripgrep; tolerant of whitespace variants, CRLF, and the v=N attribute.
• Ecosystem accuracy pass. Cursor wording softened (CLI-vs-IDE split was unverified); CLAUDE.md clarified as community convention; Gemini CLI/Antigravity global-config sharing noted.
• agents.md citation. Names the standard, links the spec, frames yorient as layering atop it.
• Community scaffolding. CONTRIBUTING.md, CODE_OF_CONDUCT.md (Contributor Covenant 2.1), SECURITY.md, issue + PR templates.
• Dogfood. This repo now demonstrates yorient on itself — root YORIENT.md, AGENTS.md, CLAUDE.md, and a managed README block.
• CI safety net. markdownlint-cli2 + lychee link checks on every push and PR (internal hard-fail, external warn-only).
• Hygiene. .gitattributes, branch protection (linear history required), README badge row, sharper opening.

Full changelog

See CHANGELOG.md.