docs: compact root governance files into docs/ with root stubs - Move CHANGELOG.md, CONTRIBUTING.md, CODE_OF_CONDUCT.md, SECURITY.md → docs/ - Create lightweight redirect stubs in root (for easy access and GitHub compatibility) - Update all internal links in README.md and documentation - Verified: no broken references, regex scan clean - Build + dotnet publish (MSIX) successful Part of root cleanup initiative (Phase 2)

Author: PrimeBuild-pc

CHANGELOG.md

@@ -1,24 +1,3 @@
-# Changelog
+# CHANGELOG
 
-All notable changes to this project are documented in this file.
-
-The format is based on Keep a Changelog, and this project follows Semantic Versioning.
-
-## [1.1.0] - 2026-04-12
-### Added
-- Enterprise release hardening baseline for repository governance, CI/CD, and security policy.
-- Dedicated GitHub contribution and security disclosure templates.
-- Analyzer and formatting foundation for consistent code quality enforcement.
-
-### Changed
-- README updated to align with v1.1.0 messaging and release workflow.
-- CI workflow expanded with formatting, analyzer, and dependency vulnerability checks.
-
-### Security
-- Added centralized vulnerability disclosure policy and reporting process.
-- Started hardening process/power-plan command validation paths.
-
-## [1.0.0] - 2025-12-21
-### Added
-- Initial public release with process management, CPU affinity, and power plan automation.
-- MVVM architecture with dependency injection and performance-focused process workflows.
+Questo file è stato spostato in [docs/CHANGELOG](docs/CHANGELOG.md).

CODE_OF_CONDUCT.md

@@ -1,33 +1,3 @@
-# Contributor Covenant Code of Conduct
+# CODE_OF_CONDUCT
 
-## Our Pledge
-We pledge to make participation in our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
-
-## Our Standards
-Examples of behavior that contributes to a positive environment include:
-- Demonstrating empathy and kindness.
-- Being respectful of differing opinions and experiences.
-- Giving and gracefully accepting constructive feedback.
-- Taking responsibility and apologizing to those affected by our mistakes.
-- Focusing on what is best for the community.
-
-Examples of unacceptable behavior include:
-- The use of sexualized language or imagery, and sexual attention or advances.
-- Trolling, insulting or derogatory comments, and personal or political attacks.
-- Public or private harassment.
-- Publishing others private information without explicit permission.
-- Other conduct that could reasonably be considered inappropriate in a professional setting.
-
-## Enforcement Responsibilities
-Project maintainers are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior they deem inappropriate, threatening, offensive, or harmful.
-
-## Scope
-This Code of Conduct applies within all community spaces and applies when an individual is officially representing the project in public spaces.
-
-## Enforcement
-Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the maintainers by opening a confidential report through repository security reporting channels listed in SECURITY.md.
-
-All complaints will be reviewed and investigated promptly and fairly.
-
-## Attribution
-This Code of Conduct is adapted from the Contributor Covenant, version 2.1.
+Questo file è stato spostato in [docs/CODE_OF_CONDUCT](docs/CODE_OF_CONDUCT.md).

CONTRIBUTING.md

@@ -1,40 +1,3 @@
-# Contributing to ThreadPilot
+# CONTRIBUTING
 
-Thanks for helping improve ThreadPilot.
-
-## Before You Start
-- Search existing issues before opening a new one.
-- Keep pull requests scoped to a single concern.
-- For security issues, do not open a public issue. Follow the process in SECURITY.md.
-
-## Development Setup
-1. Install .NET 8 SDK.
-2. Clone the repository.
-3. Restore and build:
-   - dotnet restore ThreadPilot_1.sln
-   - dotnet build ThreadPilot_1.sln --configuration Release
-4. Run application:
-   - dotnet run --project ThreadPilot.csproj --configuration Release
-
-## Branch and Commit Guidelines
-- Use short-lived feature branches.
-- Use clear commit messages in imperative mood.
-- Keep history clean and avoid unrelated formatting churn.
-
-## Pull Request Checklist
-- I built the solution successfully in Debug and Release.
-- I ran tests and validated impacted features.
-- I updated documentation for any user-facing or architectural changes.
-- I validated no credentials or secrets were introduced.
-- I included risk notes for any changes touching elevation, process control, or power plans.
-
-## Coding Standards
-- Follow existing MVVM and DI patterns.
-- Prefer async APIs and avoid blocking calls on UI paths.
-- Add XML documentation comments for public APIs.
-- Keep classes cohesive and avoid mixing UI logic with system logic.
-
-## Testing Expectations
-- Add unit tests for new logic when feasible.
-- Add or update integration checks for process and power plan workflows.
-- Validate behavior on Windows 11; Windows 10 is best effort.
+Questo file è stato spostato in [docs/CONTRIBUTING](docs/CONTRIBUTING.md).

README.md

@@ -92,8 +92,8 @@ Build release artifacts via script:
 ## Quality and Security
 
 - CI validates build, formatting, analyzers, vulnerability checks, and secret scanning.
-- Security disclosures are handled through private GitHub advisories. See SECURITY.md.
-- Change history is tracked in CHANGELOG.md.
+- Security disclosures are handled through private GitHub advisories. See docs/SECURITY.md.
+- Change history is tracked in docs/CHANGELOG.md.
 
 ## Repository Docs
 
@@ -108,7 +108,7 @@ Build release artifacts via script:
 
 ## Contributing
 
-See CONTRIBUTING.md and CODE_OF_CONDUCT.md before opening pull requests.
+See docs/CONTRIBUTING.md and docs/CODE_OF_CONDUCT.md before opening pull requests.
 
 ## 🛠️ Roadmap
 

SECURITY.md

@@ -1,35 +1,3 @@
-# Security Policy
+# SECURITY
 
-## Supported Versions
-| Version | Supported |
-| --- | --- |
-| 1.1.x | Yes |
-| 1.0.x | Best effort |
-| < 1.0 | No |
-
-## Reporting a Vulnerability
-If you discover a security issue, do not disclose it publicly before a fix is available.
-
-1. Open a private security advisory in GitHub Security tab.
-2. Include reproduction steps, impact assessment, and affected versions.
-3. If possible, include logs, stack traces, and a minimal proof of concept.
-
-## Response Targets
-- Initial acknowledgment: within 72 hours.
-- Triage decision: within 7 days.
-- Fix timeline: based on severity and exploitability.
-
-## Scope Notes
-ThreadPilot includes privileged operations for process and power management.
-Please prioritize reports involving:
-- elevation and privilege boundaries,
-- process manipulation safety,
-- command execution and input validation,
-- configuration parsing and path handling.
-
-## Disclosure Process
-We follow coordinated disclosure:
-- confirm report,
-- reproduce and triage,
-- fix and validate,
-- publish release notes and mitigation guidance.
+Questo file è stato spostato in [docs/SECURITY](docs/SECURITY.md).

docs/CHANGELOG.md

@@ -0,0 +1,24 @@
+# Changelog
+
+All notable changes to this project are documented in this file.
+
+The format is based on Keep a Changelog, and this project follows Semantic Versioning.
+
+## [1.1.0] - 2026-04-12
+### Added
+- Enterprise release hardening baseline for repository governance, CI/CD, and security policy.
+- Dedicated GitHub contribution and security disclosure templates.
+- Analyzer and formatting foundation for consistent code quality enforcement.
+
+### Changed
+- README updated to align with v1.1.0 messaging and release workflow.
+- CI workflow expanded with formatting, analyzer, and dependency vulnerability checks.
+
+### Security
+- Added centralized vulnerability disclosure policy and reporting process.
+- Started hardening process/power-plan command validation paths.
+
+## [1.0.0] - 2025-12-21
+### Added
+- Initial public release with process management, CPU affinity, and power plan automation.
+- MVVM architecture with dependency injection and performance-focused process workflows.

docs/CODE_OF_CONDUCT.md

@@ -0,0 +1,33 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+We pledge to make participation in our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+Examples of behavior that contributes to a positive environment include:
+- Demonstrating empathy and kindness.
+- Being respectful of differing opinions and experiences.
+- Giving and gracefully accepting constructive feedback.
+- Taking responsibility and apologizing to those affected by our mistakes.
+- Focusing on what is best for the community.
+
+Examples of unacceptable behavior include:
+- The use of sexualized language or imagery, and sexual attention or advances.
+- Trolling, insulting or derogatory comments, and personal or political attacks.
+- Public or private harassment.
+- Publishing others private information without explicit permission.
+- Other conduct that could reasonably be considered inappropriate in a professional setting.
+
+## Enforcement Responsibilities
+Project maintainers are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior they deem inappropriate, threatening, offensive, or harmful.
+
+## Scope
+This Code of Conduct applies within all community spaces and applies when an individual is officially representing the project in public spaces.
+
+## Enforcement
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the maintainers by opening a confidential report through repository security reporting channels listed in [SECURITY.md](SECURITY.md).
+
+All complaints will be reviewed and investigated promptly and fairly.
+
+## Attribution
+This Code of Conduct is adapted from the Contributor Covenant, version 2.1.

docs/CONTRIBUTING.md

@@ -0,0 +1,40 @@
+# Contributing to ThreadPilot
+
+Thanks for helping improve ThreadPilot.
+
+## Before You Start
+- Search existing issues before opening a new one.
+- Keep pull requests scoped to a single concern.
+- For security issues, do not open a public issue. Follow the process in [SECURITY.md](SECURITY.md).
+
+## Development Setup
+1. Install .NET 8 SDK.
+2. Clone the repository.
+3. Restore and build:
+   - dotnet restore ThreadPilot_1.sln
+   - dotnet build ThreadPilot_1.sln --configuration Release
+4. Run application:
+   - dotnet run --project ThreadPilot.csproj --configuration Release
+
+## Branch and Commit Guidelines
+- Use short-lived feature branches.
+- Use clear commit messages in imperative mood.
+- Keep history clean and avoid unrelated formatting churn.
+
+## Pull Request Checklist
+- I built the solution successfully in Debug and Release.
+- I ran tests and validated impacted features.
+- I updated documentation for any user-facing or architectural changes.
+- I validated no credentials or secrets were introduced.
+- I included risk notes for any changes touching elevation, process control, or power plans.
+
+## Coding Standards
+- Follow existing MVVM and DI patterns.
+- Prefer async APIs and avoid blocking calls on UI paths.
+- Add XML documentation comments for public APIs.
+- Keep classes cohesive and avoid mixing UI logic with system logic.
+
+## Testing Expectations
+- Add unit tests for new logic when feasible.
+- Add or update integration checks for process and power plan workflows.
+- Validate behavior on Windows 11; Windows 10 is best effort.

docs/README.md

@@ -13,10 +13,10 @@ This folder contains release and engineering documentation for ThreadPilot.
 - Packaging guide: release/PACKAGING.md
 
 ## Release and Governance
-- Security policy: ../SECURITY.md
-- Contributing: ../CONTRIBUTING.md
-- Code of Conduct: ../CODE_OF_CONDUCT.md
-- Changelog: ../CHANGELOG.md
+- Security policy: SECURITY.md
+- Contributing: CONTRIBUTING.md
+- Code of Conduct: CODE_OF_CONDUCT.md
+- Changelog: CHANGELOG.md
 - Trademark policy: legal/TRADEMARK.md
 - Compliance audit: audits/COMPLIANCE_AUDIT.md
 

docs/SECURITY.md

@@ -0,0 +1,35 @@
+# Security Policy
+
+## Supported Versions
+| Version | Supported |
+| --- | --- |
+| 1.1.x | Yes |
+| 1.0.x | Best effort |
+| < 1.0 | No |
+
+## Reporting a Vulnerability
+If you discover a security issue, do not disclose it publicly before a fix is available.
+
+1. Open a private security advisory in GitHub Security tab.
+2. Include reproduction steps, impact assessment, and affected versions.
+3. If possible, include logs, stack traces, and a minimal proof of concept.
+
+## Response Targets
+- Initial acknowledgment: within 72 hours.
+- Triage decision: within 7 days.
+- Fix timeline: based on severity and exploitability.
+
+## Scope Notes
+ThreadPilot includes privileged operations for process and power management.
+Please prioritize reports involving:
+- elevation and privilege boundaries,
+- process manipulation safety,
+- command execution and input validation,
+- configuration parsing and path handling.
+
+## Disclosure Process
+We follow coordinated disclosure:
+- confirm report,
+- reproduce and triage,
+- fix and validate,
+- publish release notes and mitigation guidance.