chore: repo infrastructure — README, CI, npm publish, dependabot, community files, examples

- Root README with badges, quick start, hook reference
- CI workflow (bun, checks out agent sibling)
- Combined release-please + npm publish with provenance and file pointer swap
- Dependabot for npm + github-actions
- Community files: LICENSE, CODE_OF_CONDUCT, CONTRIBUTING, SECURITY, issue/PR templates
- .npmrc (save-exact), renovate.json (11-day min release age)
- Basic example in examples/basic/
- Removed VadOptions re-export (VAD removed from SDK)

Author: lukeocodes

.github/CODEOWNERS

@@ -0,0 +1 @@
+* @lukeocodes

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,48 @@
+name: Bug Report
+description: Report a bug with @deepgram/react
+labels: ["bug"]
+body:
+  - type: textarea
+    id: summary
+    attributes:
+      label: What happened?
+      description: A clear description of the bug.
+    validations:
+      required: true
+
+  - type: textarea
+    id: steps
+    attributes:
+      label: Steps to reproduce
+      description: How can we reproduce the issue?
+      placeholder: |
+        1. Wrap component in AgentProvider
+        2. Call useAgentState()
+        3. ...
+
+  - type: textarea
+    id: expected
+    attributes:
+      label: Expected behavior
+      description: What did you expect to happen?
+
+  - type: dropdown
+    id: package
+    attributes:
+      label: Package
+      options:
+        - "@deepgram/react"
+    validations:
+      required: true
+
+  - type: input
+    id: browser
+    attributes:
+      label: Browser
+      placeholder: "e.g. Chrome 125, Safari 18"
+
+  - type: textarea
+    id: logs
+    attributes:
+      label: Relevant log output
+      render: shell

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,8 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Deepgram Discord
+    url: https://discord.gg/deepgram
+    about: Ask questions and get help from the community
+  - name: Deepgram Documentation
+    url: https://developers.deepgram.com
+    about: Official Deepgram documentation

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,23 @@
+name: Feature Request
+description: Suggest a new feature or improvement
+labels: ["enhancement"]
+body:
+  - type: textarea
+    id: proposal
+    attributes:
+      label: Proposed change
+      description: What would you like to see added or changed?
+    validations:
+      required: true
+
+  - type: textarea
+    id: context
+    attributes:
+      label: Context
+      description: Why is this needed? What problem does it solve?
+
+  - type: textarea
+    id: implementation
+    attributes:
+      label: Possible implementation
+      description: Any ideas on how this could be implemented?

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,21 @@
+## Proposed changes
+
+<!-- Describe the changes and link any related issues -->
+
+## Types of changes
+
+- [ ] Bugfix
+- [ ] New feature
+- [ ] Breaking change
+- [ ] Documentation / tests
+
+## Checklist
+
+- [ ] I have read the [CONTRIBUTING](../CONTRIBUTING.md) guide
+- [ ] Code builds cleanly (`bun run build`)
+- [ ] Tests pass (`bun run test`)
+- [ ] Documentation updated (if applicable)
+
+## Further comments
+
+<!-- Any additional context or screenshots -->

.github/SECURITY.md

@@ -0,0 +1,5 @@
+# Security
+
+If you discover a security vulnerability, please email security@deepgram.com instead of opening a public issue.
+
+We will respond within 48 hours and work with you to resolve the issue promptly.

.github/dependabot.yml

@@ -0,0 +1,13 @@
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    groups:
+      dependencies:
+        update-types: [patch, minor]
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"

.github/workflows/ci.yml

@@ -0,0 +1,29 @@
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  build-and-test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/checkout@v4
+        with:
+          repository: deepgram/agent
+          path: ../agent
+      - uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: "1.3.10"
+      - name: Build @deepgram/agent
+        run: cd ../agent && bun install && bun run --filter '@deepgram/agent' build
+      - run: bun install
+      - name: Typecheck
+        run: bun run typecheck
+      - name: Build
+        run: bun run build
+      - name: Test
+        run: bun run test

.github/workflows/npm-publish.yml

@@ -0,0 +1,62 @@
+name: npm Publish
+
+on:
+  push:
+    branches: [main]
+
+permissions:
+  contents: write
+  pull-requests: write
+  id-token: write
+
+jobs:
+  release-please:
+    runs-on: ubuntu-latest
+    outputs:
+      release_created: ${{ steps.release.outputs['packages/react--release_created'] }}
+      version: ${{ steps.release.outputs['packages/react--version'] }}
+    steps:
+      - uses: googleapis/release-please-action@v4
+        id: release
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          config-file: release-please-config.json
+          manifest-file: .release-please-manifest.json
+
+  publish:
+    needs: release-please
+    if: needs.release-please.outputs.release_created == 'true'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/checkout@v4
+        with:
+          repository: deepgram/agent
+          path: ../agent
+      - uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: "1.3.10"
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 22
+          registry-url: https://registry.npmjs.org
+      - name: Build @deepgram/agent
+        run: cd ../agent && bun install && bun run --filter '@deepgram/agent' build
+      - run: bun install
+      - run: bun run build
+      - name: Swap file pointers
+        run: |
+          SDK_VERSION=$(node -e "console.log(require('../agent/packages/sdk/package.json').version)")
+          node -e "
+            const fs = require('fs');
+            const pkg = JSON.parse(fs.readFileSync('packages/react/package.json', 'utf8'));
+            pkg.dependencies['@deepgram/agent'] = SDK_VERSION;
+            fs.writeFileSync('packages/react/package.json', JSON.stringify(pkg, null, 2) + '\n');
+          "
+      - run: npm publish --provenance --access public
+        working-directory: packages/react
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}