feat: improve catalog submission templates and CODEOWNERS

[mnriem]

Summary

Simplifies the community catalog submission flow to use issue templates with manual maintainer review.

Changes

Auto-assign workflow (.github/workflows/catalog-assign.yml):

• Assigns @mnriem to new extension and preset submission issues
• Posts a comment mentioning @github/spec-kit-maintainers to notify the team

CODEOWNERS:

• Add explicit entries for catalog JSON files for when global ownership expands

Extension Publishing Guide:

• Replace the fork/PR submission instructions with issue-template-based flow
• Simplify the Verification Process section to match actual review scope (catalog entry completeness only — no code review or security audit)
• Document the update flow for existing extensions

Extension README & Development Guide:

• Update submission instructions to reference issue template instead of fork/PR

Disclaimer updates (across README.md, extensions/README.md, docs/community/presets.md, presets/README.md):

• Clarify that maintainers only verify catalog entries are complete and correctly formatted

Preset submission template:

• Add "Required Extensions (optional)" field
• Make "Templates Provided (optional)" for command-only presets
• Add "Number of Scripts (optional)" field

How it works

1. Contributor fills out the extension or preset issue template with all required metadata
2. Workflow assigns @mnriem and notifies @github/spec-kit-maintainers via comment
3. Maintainer verifies the catalog entry is complete and correctly formatted, then manually updates the catalog JSON

Closes #2400

[Copilot]

Pull request overview

Automates community extension/preset catalog submissions by validating issue-form metadata and generating follow-up PRs, and updates docs to reflect the new submission flow.

Changes:

• Added GitHub Actions workflows to validate submission issues and create catalog-update PRs.
• Added Python scripts to parse issue bodies, validate fields/URLs, update catalog JSON, and generate markdown tables.
• Updated extension/preset publishing docs to instruct users to submit via issue templates (not manual PRs).

Show a summary per file

File	Description
presets/PUBLISHING.md	Updates preset publishing instructions to the new issue-based automation flow.
presets/DEVELOPING.md	New guide for preset structure, validation, testing, and releases.
integrations/CONTRIBUTING.md	Notes that automated submission is planned (integrations still manual).
extensions/README.md	Updates extension submission steps to issue-based automation.
extensions/EXTENSION-USER-GUIDE.md	Updates safety guidance to reflect metadata-only validation.
extensions/EXTENSION-PUBLISHING-GUIDE.md	Rewrites publishing steps around issue submission + bot-generated PRs.
extensions/EXTENSION-DEVELOPMENT-GUIDE.md	Simplifies community catalog submission section; adds maintenance guidance.
.github/workflows/catalog-validate.yml	New workflow to validate extension/preset submission issues and label/comment results.
.github/workflows/catalog-pr.yml	New workflow to create/update PRs when an issue is labeled validated.
.github/scripts/catalog-validate.py	New validator/parser + catalog entry builder for submissions.
.github/scripts/catalog-pr.py	New catalog updater + optional docs table regeneration hook.
.github/scripts/catalog-generate-table.py	New script to generate/update markdown tables from catalogs.
.github/CODEOWNERS	Adds maintainership requirements for catalog JSON files.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comments suppressed due to low confidence (1)

.github/workflows/catalog-pr.yml:203

• Same as the extension job: git commit will fail if the catalog/table regeneration produces no changes (common on reruns). Add an explicit no-op guard before committing/pushing so the workflow exits cleanly when there's nothing to update.

          git add presets/catalog.community.json docs/community/presets.md
          git commit -m "${ACTION} community preset: ${ITEM_ID}

          Automated from issue #${ISSUE_NUMBER}.

          Co-authored-by: ${ISSUE_AUTHOR} <${ISSUE_AUTHOR}@users.noreply.github.com>"

          git push -u origin "$BRANCH" --force-with-lease

• Files reviewed: 13/13 changed files
• Comments generated: 8

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 13/13 changed files
• Comments generated: 7

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comments suppressed due to low confidence (1)

.github/workflows/catalog-validate.yml:122

• Same issue as the extension validation job: actions/checkout requires contents: read, but this job only grants issues: write, so checkout will fail under the default GITHUB_TOKEN permissions model. Add contents: read here as well.

    if: contains(github.event.issue.labels.*.name, 'preset-submission')
    runs-on: ubuntu-latest
    permissions:
      issues: write
    steps:
      - uses: actions/checkout@v4

• Files reviewed: 14/14 changed files
• Comments generated: 6

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 15/15 changed files
• Comments generated: 10

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comments suppressed due to low confidence (1)

.github/workflows/catalog-validate.yml:161

• Same issue in the preset validation job: the comment-update logic filters on c.user.type === 'Bot' but uses secrets.RELEASE_PAT for authentication, so it will usually never match the previous comment and will keep posting new ones. Prefer matching on the marker (and optionally user.login) rather than user.type.

            const marker = '<!-- catalog-submission-bot -->';
            const botComment = allComments.find(c =>
              c.user.type === 'Bot' && c.body.includes(marker)
            );

• Files reviewed: 15/15 changed files
• Comments generated: 3

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comments suppressed due to low confidence (1)

.github/scripts/catalog-validate.py:371

• validate_tags() currently requires 2–5 tags. The existing catalogs include entries with 1 tag (e.g., confluence) and many with >5 tags (e.g., docguard, several presets), so the update path described in the docs/workflows won’t work for those without forcing tag changes. To keep updates compatible, consider allowing a wider range (or making the upper bound warn-only on updates).

def validate_tags(value: str) -> tuple[bool, str]:
    if not _present(value):
        return False, "Tags are required."
    raw_tags = [t.strip().lower() for t in value.split(",") if t.strip()]
    if len(raw_tags) < 2:
        return False, "Please provide at least 2 tags."
    if len(raw_tags) > 5:
        return False, f"Too many tags ({len(raw_tags)}). Please provide 2-5 tags."
    bad = [t for t in raw_tags if not re.match(r"^[a-z0-9-]+$", t)]
    if bad:
        return False, (
            f"Tags must be lowercase alphanumeric with hyphens: {', '.join(bad)}"
        )
    return True, f"Tags: {', '.join(raw_tags)}."

• Files reviewed: 16/16 changed files
• Comments generated: 5

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comments suppressed due to low confidence (1)

.github/workflows/catalog-pr.yml:187

• Same issue in the preset PR job: when the branch already exists, this step re-runs catalog-validate.py without ISSUE_BODY/ISSUE_NUMBER/GITHUB_TOKEN env vars, so reruns after edits will fail. Add those env vars to this step (or skip re-running the validator here and reuse the /tmp outputs from the earlier step).

          # Check if branch already exists (from a previous run)
          if git ls-remote --exit-code --heads origin "$BRANCH" >/dev/null 2>&1; then
            git fetch origin "$BRANCH"
            git checkout "$BRANCH"
            git reset --hard origin/main
            # Re-run on the fresh branch
            python .github/scripts/catalog-validate.py \
              --catalog presets/catalog.community.json \
              --type preset
            python .github/scripts/catalog-pr.py \

• Files reviewed: 16/16 changed files
• Comments generated: 2

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 16/16 changed files
• Comments generated: 4

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 17/17 changed files
• Comments generated: 7

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 9/9 changed files
• Comments generated: 3

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 9/9 changed files
• Comments generated: 2

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 9/9 changed files
• Comments generated: 3

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 9/9 changed files
• Comments generated: 2

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comments suppressed due to low confidence (1)

.github/workflows/catalog-assign.yml:31

• addAssignees will fail the job if mnriem can’t be assigned (e.g., user renamed/left org, insufficient permissions). To avoid breaking all submissions, wrap the assignment/comment calls in try/catch and post a fallback comment (or just skip assignment) when the API returns a 4xx.

          script: |
            // Assign default maintainer and notify the team
            await github.rest.issues.addAssignees({
              owner: context.repo.owner,
              repo: context.repo.repo,
              issue_number: context.issue.number,
              assignees: ['mnriem'],
            });

            await github.rest.issues.createComment({
              owner: context.repo.owner,
              repo: context.repo.repo,
              issue_number: context.issue.number,
              body: 'cc @github/spec-kit-maintainers — new catalog submission for review.',

• Files reviewed: 9/9 changed files
• Comments generated: 3

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 9/9 changed files
• Comments generated: 5

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comments suppressed due to low confidence (1)

.github/ISSUE_TEMPLATE/preset_submission.yml:115

• templates-provided is marked required: true, but the PR description indicates this should be optional for command-only presets. Either make this field optional (and rely on the “enter None” guidance) or update the PR/docs to match the required behavior.

        - spec-template.md — adds compliance section
        - plan-template.md — includes audit checkpoints
        - checklist-template.md — HIPAA compliance checklist
    validations:
      required: true

• Files reviewed: 9/9 changed files
• Comments generated: 1

[Copilot]

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comments suppressed due to low confidence (1)

.github/ISSUE_TEMPLATE/preset_submission.yml:116

• PR description says the preset submission template makes “Templates Provided” optional for command-only presets, but the field is still marked required (validations.required: true). If the intent is to allow command-only presets without templates, consider making this field optional (and/or updating the label to explicitly say optional) so the template matches the documented flow.

  - type: textarea
    id: templates-provided
    attributes:
      label: Templates Provided
      description: List the template overrides your preset provides (enter "None" if command-only)
      placeholder: |
        - spec-template.md — adds compliance section
        - plan-template.md — includes audit checkpoints
        - checklist-template.md — HIPAA compliance checklist
    validations:
      required: true

• Files reviewed: 9/9 changed files
• Comments generated: 0 new