chore: streamline CodeRabbit config to only non-default values (#142)

Reduced configuration from 240 to 156 lines by removing all default
values. Config now only specifies deviations from schema defaults,
making it clearer what's actually customized.

Changes:
- Removed redundant default values (language: en-US, profile: chill, etc.)
- Kept only 7 customizations: poem off, request changes on, tool
  disables, path instructions, path filters, knowledge base, tone
- Validated against schema.v2.json to ensure accuracy

Benefits:
- Easier to understand what's actually configured
- Less maintenance when schema updates
- Clearer signal-to-noise intent

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude <noreply@anthropic.com>

Author: jeremyeder

.coderabbit.yaml

@@ -1,99 +1,31 @@
 # CodeRabbit Configuration for AgentReady
-# Goal: Extremely high signal-to-noise ratio for AI code reviews
-# Last Updated: 2025-11-25
+# Only non-default values specified for maximum clarity
+# Full schema: https://coderabbit.ai/integrations/schema.v2.json
 
-# Language and tone settings
-language: en-US
-early_access: false
-enable_free_tier: true
-
-# Review behavior - optimized for signal
+# Disable poems (default: true)
 reviews:
-  # Use "chill" profile to reduce noise
-  profile: "chill"
-
-  # Request changes only for critical issues
-  request_changes_workflow: true
-
-  # High-level overview without verbose walkthrough
-  high_level_summary: true
-  high_level_summary_placeholder: "<!-- CODERABBIT SUMMARY -->"
-
-  # Disable poem (pure noise)
   poem: false
 
-  # Collapse walkthrough to reduce visual clutter
-  collapse_walkthrough: true
-
-  # Review status at top of PR for quick scanning
-  review_status: true
-
-  # Auto-review configuration
-  auto_review:
-    enabled: true
-    drafts: false  # Don't waste cycles on WIP
-    base_branches:
-      - main
+  # Request changes for critical issues (default: false)
+  request_changes_workflow: true
 
-  # Tools configuration - only high-signal checks
+  # Disable tools we run locally to reduce noise
   tools:
-    # Linting tools (we already run these locally, skip duplicates)
+    # Python formatting/linting (we run locally before push)
     ruff:
-      enabled: false  # We run ruff locally before push
-    black:
-      enabled: false  # We run black locally before push
-    isort:
-      enabled: false  # We run isort locally before push
-
-    # GitHub Actions analysis (useful for CI/CD changes)
-    actionlint:
-      enabled: true
-
-    # Shellcheck for bash scripts
-    shellcheck:
-      enabled: true
+      enabled: false  # default: true
+    flake8:
+      enabled: false  # default: true
+    pylint:
+      enabled: false  # default: true
 
-    # Markdownlint (we run locally but good backup)
-    markdownlint:
-      enabled: true
-
-    # Gitleaks for secret detection (high signal)
-    gitleaks:
-      enabled: true
-
-    # Biome (JavaScript/TypeScript - not applicable but harmless)
+    # We don't use these technologies
     biome:
-      enabled: false
-
-    # Hadolint for Dockerfiles (future use)
-    hadolint:
-      enabled: true
-
-  # What to focus on (HIGH SIGNAL ONLY)
-  focus:
-    - security_vulnerabilities      # Critical: SQL injection, XSS, etc.
-    - bug_risks                     # High: Logic errors, race conditions
-    - error_handling                # High: Uncaught exceptions, poor error messages
-    - breaking_changes              # High: API compatibility
-    - performance_issues            # Medium: Only significant issues (O(n²) → O(n))
-    - test_coverage_gaps            # Medium: Missing critical test cases
-    - documentation_gaps            # Low: Only for public APIs and complex logic
-
-  # What to ignore (NOISE REDUCTION)
-  ignore:
-    - style_preferences             # Handled by black/isort/ruff locally
-    - naming_conventions            # Handled by ruff locally
-    - line_length                   # We explicitly don't enforce this
-    - minor_refactoring_suggestions # Only suggest if major impact
-    - subjective_improvements       # "This could be cleaner" noise
-    - trivial_optimizations         # Micro-optimizations with no real impact
-
-  # Severity thresholds - only comment on important issues
-  severity_threshold: "medium"  # Skip "low" severity comments
-
-  # Path-based rules
+      enabled: false  # default: true (JS/TS tool, not applicable)
+
+  # Path-specific review instructions
   path_instructions:
-    # Core library code - highest scrutiny
+    # Core assessors - enforce patterns
     - path: "src/agentready/assessors/**"
       instructions: |
         - Verify BaseAssessor pattern compliance
@@ -102,132 +34,113 @@ reviews:
         - Validate attribute_id matches research report
         - Check for graceful degradation when tools missing
 
+    # Data models - check for breaking changes
     - path: "src/agentready/models/**"
       instructions: |
         - Check for breaking changes to data models
         - Verify backwards compatibility
         - Ensure schema version bumps when needed
 
+    # Services - security and performance focus
     - path: "src/agentready/services/**"
       instructions: |
         - Check for proper error handling
         - Verify performance implications (file I/O, subprocess calls)
         - Look for security issues (path traversal, command injection)
 
-    # Tests - focus on coverage and correctness
+    # Tests - coverage and correctness only
     - path: "tests/**"
       instructions: |
         - Verify test actually tests the intended behavior
         - Check for missing edge cases
         - Flag overly brittle tests (mocking too much)
-        - Skip style comments entirely
+        - Skip all style comments
 
-    # CLI - focus on UX and error messages
+    # CLI - UX and error messages
     - path: "src/agentready/cli/**"
       instructions: |
         - Check for clear error messages
         - Verify help text is accurate
         - Look for missing error handling for user input
 
-    # GitHub workflows - focus on security and correctness
+    # GitHub Actions - security focus
     - path: ".github/workflows/**"
       instructions: |
         - Check for secret exposure risks
         - Verify proper permissions (least privilege)
         - Flag outdated action versions (security)
 
-    # Documentation - only flag critical issues
+    # Documentation - critical issues only
     - path: "**/*.md"
       instructions: |
         - Only comment on factual errors or broken links
         - Skip formatting/style suggestions
         - Flag outdated information (version mismatches, wrong commands)
 
-    # Scripts - focus on security and robustness
+    # Scripts - security and robustness
     - path: "scripts/**"
       instructions: |
         - Check for command injection vulnerabilities
         - Verify error handling for subprocess calls
         - Flag missing input validation
 
-# Path filters - completely skip reviewing these
-path_filters:
-  # Build artifacts and caches
-  - "!**/*.pyc"
-  - "!**/__pycache__/**"
-  - "!.venv/**"
-  - "!venv/**"
-  - "!htmlcov/**"
-  - "!.pytest_cache/**"
-  - "!.ruff_cache/**"
-  - "!*.egg-info/**"
-  - "!build/**"
-  - "!dist/**"
-
-  # Generated reports and data
-  - "!.agentready/**"
-  - "!.cache/**"
-  - "!*.log"
-  - "!*.tmp"
-
-  # Lock files (dependency updates are separate concern)
-  - "!uv.lock"
-  - "!poetry.lock"
-  - "!package-lock.json"
-
-  # Example outputs (reference only, not production code)
-  - "!examples/**/*.json"
-  - "!examples/**/*.html"
-  - "!examples/**/*.md"
-
-# Custom instructions - AgentReady-specific context
-chat:
-  auto_reply: true
-
-# Knowledge base - teach CodeRabbit about AgentReady patterns
+  # Skip reviewing these paths entirely
+  path_filters:
+    - "!**/*.pyc"
+    - "!**/__pycache__/**"
+    - "!.venv/**"
+    - "!venv/**"
+    - "!htmlcov/**"
+    - "!.pytest_cache/**"
+    - "!.ruff_cache/**"
+    - "!*.egg-info/**"
+    - "!build/**"
+    - "!dist/**"
+    - "!.agentready/**"
+    - "!.cache/**"
+    - "!*.log"
+    - "!*.tmp"
+    - "!uv.lock"
+    - "!poetry.lock"
+    - "!package-lock.json"
+    - "!examples/**/*.json"
+    - "!examples/**/*.html"
+    - "!examples/**/*.md"
+
+# Teach CodeRabbit about AgentReady-specific patterns
 knowledge_base:
-  - |
-    AgentReady is a tool that assesses repositories against 25 agent-ready best practices.
-    The research report (agent-ready-codebase-attributes.md) defines these attributes.
-    All assessors must inherit from BaseAssessor and implement attribute_id property and assess() method.
-
-  - |
-    We intentionally don't enforce line length limits (E501 ignored in ruff).
-    We use black for formatting with default settings.
-    We prefer explicit over clever, simple over complex.
-
-  - |
-    Error handling philosophy: Assessors should return Finding.create_skipped() when tools are missing,
-    not crash. Fail gracefully and provide actionable remediation guidance.
-
-  - |
-    This project follows conventional commits (feat:, fix:, chore:, docs:, test:, refactor:).
-    All commits should be squashed before merge.
-    All commits must be signed with git signature.
-
-  - |
-    Testing philosophy: We aim for >80% coverage on new code.
-    Tests should focus on behavior, not implementation details.
-    Mock external dependencies, but don't over-mock internal functions.
-
-  - |
-    Documentation: CLAUDE.md is the source of truth for development.
-    README.md is user-facing. Keep them in sync.
-    All new features must update CLAUDE.md before merging.
-
-# Review thresholds - only create review comments for actionable items
-review:
-  # Minimum confidence to comment (0.0 - 1.0)
-  # Higher = fewer but more accurate comments
-  confidence_threshold: 0.75
-
-  # Require at least this many similar patterns before suggesting refactoring
-  pattern_threshold: 3
-
-  # Only suggest performance improvements if >10% impact
-  performance_improvement_threshold: 0.10
-
-# Tone and style - professional and concise
+  code_guidelines:
+    # Custom guidelines (default has empty array)
+    learnings:
+      - |
+        AgentReady assesses repositories against 25 agent-ready best practices.
+        Research report (agent-ready-codebase-attributes.md) defines these attributes.
+        All assessors must inherit from BaseAssessor and implement attribute_id and assess().
+
+      - |
+        We intentionally don't enforce line length (E501 ignored in ruff).
+        We use black for formatting with defaults.
+        Prefer explicit over clever, simple over complex.
+
+      - |
+        Error handling: Assessors return Finding.create_skipped() when tools missing, not crash.
+        Fail gracefully and provide actionable remediation guidance.
+
+      - |
+        Conventional commits (feat:, fix:, chore:, docs:, test:, refactor:).
+        All commits squashed before merge and signed with git signature.
+
+      - |
+        Target >80% test coverage on new code.
+        Tests focus on behavior, not implementation.
+        Mock external dependencies, don't over-mock internals.
+
+      - |
+        CLAUDE.md is source of truth for development.
+        README.md is user-facing.
+        All new features must update CLAUDE.md before merging.
+
+# Professional, concise tone (default: "")
 tone_instructions: |
   - Be direct and concise - no fluff or pleasantries
   - Focus on "why" not just "what" (explain the impact)