chore: adopt trunk-based development

Closes #27.

PROJECT.md
- Git section: TBD as the convention. Commit to main, one logical
  change per commit, `task check` locally before push, CI is the
  quality gate. PRs only for the parallel-agent exception.
- Agent rule 6: rewritten to match.

.gitea/workflows/cd.yml
- Drop the pull_request trigger — vestigial under TBD.
- Drop the `if: github.event_name != 'pull_request'` guard on the
  build job (now always true since pull_request no longer fires).
  Tag pushes still build (no version gating regression).
- Deploy `if` left alone — already correctly limits deploy to
  main pushes, skipping tag-push builds.

.githooks/pre-push (new)
- Runs `task check` before every push. Set up via `task setup:hooks`,
  which sets core.hooksPath to the in-repo .githooks dir.

Taskfile.yml
- New `setup:hooks` task to install the pre-push hook on a fresh
  clone.

README.md
- Quickstart section showing `task setup:hooks` + the TBD policy.

Derived adapters regenerated via `task context:sync` and committed
in the same commit (single-commit invariant).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

.aider.conventions.md

@@ -224,9 +224,11 @@ Key skills:
 
 ### Git
 - Conventional commits: `feat:`, `fix:`, `chore:`, `docs:`, `refactor:`
-- Branch naming: `feat/short-description`, `fix/short-description`
+- **Trunk-Based Development:** commit directly to main. One logical change per commit.
-- PRs: one concern per PR, description explains *why* not *what*
+- Run `task check` locally before every push. CI is the quality gate, not branch protection.
-- **Branch protection:** always work on a feature branch, open a PR, never push directly to main
+- No feature branches, no PRs for solo/agent work.
+- Exception: if a parallel agent session is active on this repo, use a short-lived
+  `agent/<description>` branch and merge within the same session.
 
 ### Security
 - No secrets in code, ever — use env vars or SOPS-encrypted files
@@ -264,7 +266,8 @@ When acting as a coding agent on this project:
 3. If unsure about a convention, check `DECISIONS.md` or ask
 4. Never modify files outside the project root without explicit permission
 5. When adding a dependency, explain why in the commit message
-6. Always work on a feature branch and open a PR — never push directly to main
+6. Commit directly to main. Run `task check` before every push. Never create
+   feature branches unless a parallel agent is simultaneously active on this repo.
 7. For client projects: never send code or context to cloud APIs — use local models via LiteLLM
 
 ## Current state — v0.2.5 (2026-05-17)

.context/PROJECT.md

@@ -37,9 +37,11 @@
 
 ### Git
 - Conventional commits: `feat:`, `fix:`, `chore:`, `docs:`, `refactor:`
-- Branch naming: `feat/short-description`, `fix/short-description`
+- **Trunk-Based Development:** commit directly to main. One logical change per commit.
-- PRs: one concern per PR, description explains *why* not *what*
+- Run `task check` locally before every push. CI is the quality gate, not branch protection.
-- **Branch protection:** always work on a feature branch, open a PR, never push directly to main
+- No feature branches, no PRs for solo/agent work.
+- Exception: if a parallel agent session is active on this repo, use a short-lived
+  `agent/<description>` branch and merge within the same session.
 
 ### Security
 - No secrets in code, ever — use env vars or SOPS-encrypted files
@@ -77,7 +79,8 @@ When acting as a coding agent on this project:
 3. If unsure about a convention, check `DECISIONS.md` or ask
 4. Never modify files outside the project root without explicit permission
 5. When adding a dependency, explain why in the commit message
-6. Always work on a feature branch and open a PR — never push directly to main
+6. Commit directly to main. Run `task check` before every push. Never create
+   feature branches unless a parallel agent is simultaneously active on this repo.
 7. For client projects: never send code or context to cloud APIs — use local models via LiteLLM
 
 ## Current state — v0.2.5 (2026-05-17)

.context/system-prompt.txt

@@ -229,9 +229,11 @@ Key skills:
 
 ### Git
 - Conventional commits: `feat:`, `fix:`, `chore:`, `docs:`, `refactor:`
-- Branch naming: `feat/short-description`, `fix/short-description`
+- **Trunk-Based Development:** commit directly to main. One logical change per commit.
-- PRs: one concern per PR, description explains *why* not *what*
+- Run `task check` locally before every push. CI is the quality gate, not branch protection.
-- **Branch protection:** always work on a feature branch, open a PR, never push directly to main
+- No feature branches, no PRs for solo/agent work.
+- Exception: if a parallel agent session is active on this repo, use a short-lived
+  `agent/<description>` branch and merge within the same session.
 
 ### Security
 - No secrets in code, ever — use env vars or SOPS-encrypted files
@@ -269,7 +271,8 @@ When acting as a coding agent on this project:
 3. If unsure about a convention, check `DECISIONS.md` or ask
 4. Never modify files outside the project root without explicit permission
 5. When adding a dependency, explain why in the commit message
-6. Always work on a feature branch and open a PR — never push directly to main
+6. Commit directly to main. Run `task check` before every push. Never create
+   feature branches unless a parallel agent is simultaneously active on this repo.
 7. For client projects: never send code or context to cloud APIs — use local models via LiteLLM
 
 ## Current state — v0.2.5 (2026-05-17)

.cursorrules

@@ -227,9 +227,11 @@ Key skills:
 
 ### Git
 - Conventional commits: `feat:`, `fix:`, `chore:`, `docs:`, `refactor:`
-- Branch naming: `feat/short-description`, `fix/short-description`
+- **Trunk-Based Development:** commit directly to main. One logical change per commit.
-- PRs: one concern per PR, description explains *why* not *what*
+- Run `task check` locally before every push. CI is the quality gate, not branch protection.
-- **Branch protection:** always work on a feature branch, open a PR, never push directly to main
+- No feature branches, no PRs for solo/agent work.
+- Exception: if a parallel agent session is active on this repo, use a short-lived
+  `agent/<description>` branch and merge within the same session.
 
 ### Security
 - No secrets in code, ever — use env vars or SOPS-encrypted files
@@ -267,7 +269,8 @@ When acting as a coding agent on this project:
 3. If unsure about a convention, check `DECISIONS.md` or ask
 4. Never modify files outside the project root without explicit permission
 5. When adding a dependency, explain why in the commit message
-6. Always work on a feature branch and open a PR — never push directly to main
+6. Commit directly to main. Run `task check` before every push. Never create
+   feature branches unless a parallel agent is simultaneously active on this repo.
 7. For client projects: never send code or context to cloud APIs — use local models via LiteLLM
 
 ## Current state — v0.2.5 (2026-05-17)

.gitea/workflows/cd.yml

@@ -4,8 +4,6 @@ on:
   push:
     branches: [main]
     tags: ["v*"]
-  pull_request:
-    branches: [main]
 
 env:
   IMAGE: gitea-mcp
@@ -43,7 +41,6 @@ jobs:
     name: Build & Import
     needs: check
     runs-on: self-hosted
-    if: github.event_name != 'pull_request'
     outputs:
       image-tag: ${{ steps.meta.outputs.sha-tag }}
     steps:

.githooks/pre-push

@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+set -euo pipefail
+echo "→ Running task check before push..."
+task check
+echo "✓ pre-push check passed"

AGENTS.md

@@ -224,9 +224,11 @@ Key skills:
 
 ### Git
 - Conventional commits: `feat:`, `fix:`, `chore:`, `docs:`, `refactor:`
-- Branch naming: `feat/short-description`, `fix/short-description`
+- **Trunk-Based Development:** commit directly to main. One logical change per commit.
-- PRs: one concern per PR, description explains *why* not *what*
+- Run `task check` locally before every push. CI is the quality gate, not branch protection.
-- **Branch protection:** always work on a feature branch, open a PR, never push directly to main
+- No feature branches, no PRs for solo/agent work.
+- Exception: if a parallel agent session is active on this repo, use a short-lived
+  `agent/<description>` branch and merge within the same session.
 
 ### Security
 - No secrets in code, ever — use env vars or SOPS-encrypted files
@@ -264,7 +266,8 @@ When acting as a coding agent on this project:
 3. If unsure about a convention, check `DECISIONS.md` or ask
 4. Never modify files outside the project root without explicit permission
 5. When adding a dependency, explain why in the commit message
-6. Always work on a feature branch and open a PR — never push directly to main
+6. Commit directly to main. Run `task check` before every push. Never create
+   feature branches unless a parallel agent is simultaneously active on this repo.
 7. For client projects: never send code or context to cloud APIs — use local models via LiteLLM
 
 ## Current state — v0.2.5 (2026-05-17)

CLAUDE.md

@@ -37,9 +37,11 @@
 
 ### Git
 - Conventional commits: `feat:`, `fix:`, `chore:`, `docs:`, `refactor:`
-- Branch naming: `feat/short-description`, `fix/short-description`
+- **Trunk-Based Development:** commit directly to main. One logical change per commit.
-- PRs: one concern per PR, description explains *why* not *what*
+- Run `task check` locally before every push. CI is the quality gate, not branch protection.
-- **Branch protection:** always work on a feature branch, open a PR, never push directly to main
+- No feature branches, no PRs for solo/agent work.
+- Exception: if a parallel agent session is active on this repo, use a short-lived
+  `agent/<description>` branch and merge within the same session.
 
 ### Security
 - No secrets in code, ever — use env vars or SOPS-encrypted files
@@ -77,7 +79,8 @@ When acting as a coding agent on this project:
 3. If unsure about a convention, check `DECISIONS.md` or ask
 4. Never modify files outside the project root without explicit permission
 5. When adding a dependency, explain why in the commit message
-6. Always work on a feature branch and open a PR — never push directly to main
+6. Commit directly to main. Run `task check` before every push. Never create
+   feature branches unless a parallel agent is simultaneously active on this repo.
 7. For client projects: never send code or context to cloud APIs — use local models via LiteLLM
 
 ## Current state — v0.2.5 (2026-05-17)

README.md

@@ -2,3 +2,14 @@
 
 Streamable HTTP MCP service exposing Gitea repo operations to Claude apps.
 See `~/dev/AI/infra/docs/superpowers/specs/2026-05-04-gitea-mcp-gitops-workflow-design.md`.
+
+## Quickstart
+
+```bash
+task setup:hooks   # installs .githooks/pre-push — runs task check before every push
+task check         # context sync + lint + test + vet
+task build         # produces bin/gitea-mcp
+```
+
+This repo uses Trunk-Based Development. Commit directly to `main`. The pre-push
+hook enforces the quality gate locally; CI re-runs `task check` on every push.

Taskfile.yml

@@ -47,6 +47,13 @@ tasks:
     cmds:
       - bash scripts/context-sync.sh
 
+  setup:hooks:
+    desc: Install git hooks (.githooks/pre-push)
+    cmds:
+      - git config core.hooksPath .githooks
+      - chmod +x .githooks/pre-push
+      - echo "✓ git hooks installed (pre-push runs task check)"
+
   context:sync:claude:
     cmds: [bash scripts/context-sync.sh claude]
   context:sync:agents: