feat(ci): tier-1 community-repo polish

[amacsmith]

Adds 7 standard OSS-community workflows. All free for public repos. No external service signups required.

Workflow	Purpose
stale	Auto-close inactive issues/PRs (60d/30d)
semantic-pr	Enforce Conventional Commits in PR titles
labeler	Auto-label PRs by changed paths
lychee	Weekly link checker for docs + Pages site
release-drafter	Auto-draft release notes from labeled PRs
scorecard	OpenSSF Scorecard, results published + badge
first-interaction	Welcome message for first-time contributors

Details

stale — actions/stale@v9.1.0. Issues stale at 60d, close at +15d. PRs stale at 30d, close at +15d. Exempts pinned, security, epic, anything with a milestone, draft PRs, and Dependabot PRs.

semantic-pr — amannn/action-semantic-pull-request@v5.5.3. Read-only check enforcing Conventional Commits in PR titles (allowed types: feat fix docs style refactor perf test chore ci build revert). Lowercase subject required.

labeler — actions/labeler@v5.0.0 + .github/labeler.yml. Path globs apply `area:*` labels.

lychee — lycheeverse/lychee-action@v2.8.0 + .lychee.toml. Weekly cron + on-PR for docs/README. Opens a tracking issue on scheduled failures, fails the PR job on PR failures.

release-drafter — release-drafter/release-drafter@v6.4.0 + .github/release.yml. Auto-drafts release notes from PR labels. `minor` for feat, `patch` for fix/docs/chore, `major` if any PR has `breaking-change`.

scorecard — ossf/scorecard-action@v2.4.3. Weekly + push-to-main. SARIF to Security tab. `publish_results: true`. README badge added.

first-interaction — actions/first-interaction@v3.1.0. One-time welcome message for first PR + first issue.

All actions are SHA-pinned with a `# pin: vX.Y.Z` comment for visibility. No existing CI is touched.

Verification

• All 7 new workflow YAMLs pass `yaml.safe_load`.
• README diff is the single Scorecard badge line added under the existing repo-health row.

[coderabbitai]

Warning

Rate limit exceeded

@amacsmith has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 56 minutes and 26 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: c6b21dca-9bd3-410d-a578-d8251fa4c5fe

📥 Commits

Reviewing files that changed from the base of the PR and between dddae7f and c79d009.

📒 Files selected for processing (11)

• .github/labeler.yml
• .github/release.yml
• .github/workflows/first-interaction.yml
• .github/workflows/labeler.yml
• .github/workflows/lychee.yml
• .github/workflows/release-drafter.yml
• .github/workflows/scorecard.yml
• .github/workflows/semantic-pr.yml
• .github/workflows/stale.yml
• .lychee.toml
• README.md

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch ci/tier1-community-polish

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

Adds a set of standard GitHub community/maintenance workflows to improve repo hygiene, contributor experience, release note automation, and security posture (Scorecard), along with the supporting config files and a README badge.

Changes:

• Added 7 GitHub Actions workflows: stale triage, semantic PR title enforcement, path labeler, lychee link checking, release-drafter, OpenSSF Scorecard, and first-time contributor messaging.
• Added workflow configuration files for lychee, labeler, and release-drafter.
• Added an OpenSSF Scorecard badge to the README.

Reviewed changes

Copilot reviewed 11 out of 11 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
README.md	Adds OpenSSF Scorecard badge.
.lychee.toml	Configures lychee link checker behavior, exclusions, and caching.
.github/workflows/stale.yml	Automates stale issue/PR marking and closure policy.
.github/workflows/semantic-pr.yml	Enforces Conventional Commits-style PR titles via status check.
.github/workflows/labeler.yml	Auto-applies area:* labels based on changed paths.
.github/workflows/lychee.yml	Runs link checking on schedule and on relevant PR changes; opens tracking issue on scheduled failures.
.github/workflows/release-drafter.yml	Updates a draft GitHub Release based on merged PR labels.
.github/workflows/scorecard.yml	Runs OpenSSF Scorecard and uploads SARIF; publishes results for badge.
.github/workflows/first-interaction.yml	Posts welcome messages for first-time issue/PR authors.
.github/release.yml	Release-drafter categorization and version resolution rules.
.github/labeler.yml	Path-to-area:* label mapping used by the labeler workflow.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.