[codex] Apply devkit repo conventions

[michaelmwu]

Summary

• Apply the useful 508-devkit repository conventions that fit this Python scraper package.
• Add editor defaults, security and supply-chain docs, issue templates, a focused PR template, and local check/test scripts.
• Tighten CI with workflow dispatch, concurrency, least-privilege permissions, uv caching, and the shared test script.
• Remove the placeholder FUNDING.yml that still pointed at the devkit sponsor account.

Validation

• ./scripts/check-all.sh
• git diff --check
• pre-commit hooks during commit: ruff, mypy

Risk

Low. This is repo hygiene, documentation, CI, and metadata only. No scraper runtime behavior changes.

[coderabbitai]

Warning

Review limit reached

@michaelmwu, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 59 minutes and 27 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 7f4927cd-6b29-4744-9fe3-32c11a56f79a

📥 Commits

Reviewing files that changed from the base of the PR and between 11166c1 and d5f90b3.

📒 Files selected for processing (13)

• .editorconfig
• .github/FUNDING.yml
• .github/ISSUE_TEMPLATE/docs_request.yml
• .github/ISSUE_TEMPLATE/feature_request.yml
• .github/PULL_REQUEST_TEMPLATE.md
• .github/workflows/ci.yml
• CONTRIBUTING.md
• README.md
• SECURITY.md
• docs/supply-chain.md
• pyproject.toml
• scripts/check-all.sh
• scripts/test.sh

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch michaelmwu/508-devkit-conventions

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR applies a set of repository “devkit” conventions to the gmaps-scraper Python package, focusing on repo hygiene: documentation, contributor workflows, and CI hardening rather than scraper runtime behavior.

Changes:

• Added security and supply-chain policy docs, plus new issue/PR templates.
• Introduced shared local gate scripts (scripts/test.sh, scripts/check-all.sh) and wired CI to use them (with concurrency, least-privilege permissions, and uv caching).
• Added editor defaults via .editorconfig and removed the placeholder .github/FUNDING.yml.

Reviewed changes

Copilot reviewed 13 out of 13 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
SECURITY.md	Adds vulnerability reporting guidance, secret handling, and dependency policy expectations.
docs/supply-chain.md	Documents uv lockfile/cooldown policy and rules for local artifacts.
pyproject.toml	Extends uv cooldown config and tightens Ruff config to include src/tests.
scripts/test.sh	Centralizes unit test invocation behind a shared script.
scripts/check-all.sh	Adds a one-command local gate (lint/typecheck/tests).
README.md	Links new policy docs and updates dev commands to use the test script + full gate script.
CONTRIBUTING.md	Updates contributor workflow to use the new scripts and references the supply-chain policy.
.github/workflows/ci.yml	Adds workflow dispatch, concurrency, least-privilege permissions, uv caching, and uses the shared test script.
.github/PULL_REQUEST_TEMPLATE.md	Replaces generic template with a scraper-impact and validation-oriented checklist.
.github/ISSUE_TEMPLATE/feature_request.yml	Adds a structured feature request template oriented around scraper/output-contract impacts.
.github/ISSUE_TEMPLATE/docs_request.yml	Adds a structured documentation request template.
.github/FUNDING.yml	Removes placeholder funding configuration pointing to an unrelated sponsor.
.editorconfig	Adds editor defaults (indentation, newline, charset) consistent with Python formatting norms.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated 4 comments.