Align repo config with global development standards

- Add missing tsconfig strictness flags (noUncheckedIndexedAccess,
  exactOptionalPropertyTypes, noImplicitOverride,
  noPropertyAccessFromIndexSignature) and fix all resulting type errors
- Replace ESLint/Prettier with oxlint 1.48.0 and oxfmt 0.33.0
- Pin all frontend and backend dependencies to exact versions
- Pin GitHub Actions to SHA hashes with persist-credentials: false
- Fix CI Python version mismatch (3.12 -> 3.14) and ruff target-version
- Add vitest 4.0.18 with jsdom environment for frontend testing
- Add ty 0.0.17 for Python type checking (non-blocking in CI)
- Add actionlint and zizmor CI job for workflow linting and security audit
- Add Dependabot config for npm, pip, and github-actions
- Update CLAUDE.md and pre-commit hooks to reflect new tooling
- Ignore Claude Code sandbox artifacts in gitignore

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

.beans/nuzlocke-tracker-2zc9--add-zizmor-and-actionlint-to-ci.md

@@ -0,0 +1,17 @@
+---
+# nuzlocke-tracker-2zc9
+title: Add zizmor and actionlint to CI
+status: completed
+type: task
+priority: normal
+created_at: 2026-02-16T19:13:50Z
+updated_at: 2026-02-16T19:26:23Z
+parent: nuzlocke-tracker-a5es
+---
+
+Global standards require scanning GitHub Actions workflows with zizmor (security audit) and actionlint (linter).
+
+## Checklist
+- [ ] Add actionlint check to CI
+- [ ] Add zizmor scan to CI
+- [ ] Fix any issues found

.beans/nuzlocke-tracker-44ps--replace-eslintprettier-with-oxlintoxfmt.md

@@ -0,0 +1,24 @@
+---
+# nuzlocke-tracker-44ps
+title: Replace ESLint/Prettier with oxlint/oxfmt
+status: completed
+type: task
+priority: normal
+created_at: 2026-02-16T19:13:49Z
+updated_at: 2026-02-16T19:24:15Z
+parent: nuzlocke-tracker-a5es
+---
+
+Global standards require oxlint and oxfmt instead of ESLint and Prettier. This involves:
+
+## Checklist
+- [ ] Install oxlint as devDependency
+- [ ] Configure oxlint with typescript, import, unicorn plugins
+- [ ] Install oxfmt as devDependency (or use oxlint --fix for formatting)
+- [ ] Remove ESLint and all ESLint plugins/configs
+- [ ] Remove Prettier and eslint-config-prettier
+- [ ] Update package.json scripts
+- [ ] Update pre-commit hooks
+- [ ] Update CI workflow
+
+Note: oxfmt may not be stable yet — check current status before proceeding.

.beans/nuzlocke-tracker-9vny--add-dependabot-config.md

@@ -0,0 +1,18 @@
+---
+# nuzlocke-tracker-9vny
+title: Add Dependabot config
+status: completed
+type: task
+priority: normal
+created_at: 2026-02-16T19:13:50Z
+updated_at: 2026-02-16T19:24:15Z
+parent: nuzlocke-tracker-a5es
+---
+
+No .github/dependabot.yml exists. Global standards require Dependabot with 7-day cooldowns and grouped updates.
+
+## Checklist
+- [ ] Create .github/dependabot.yml
+- [ ] Configure for npm (frontend), pip (backend), and github-actions
+- [ ] Set 7-day schedule intervals
+- [ ] Group minor/patch updates

.beans/nuzlocke-tracker-a5es--align-repo-config-with-global-dev-standards.md

@@ -0,0 +1,11 @@
+---
+# nuzlocke-tracker-a5es
+title: Align repo config with global dev standards
+status: completed
+type: epic
+priority: normal
+created_at: 2026-02-16T19:13:24Z
+updated_at: 2026-02-16T19:26:23Z
+---
+
+Audit found multiple deviations from the global CLAUDE.md development standards. This epic tracks all the fixes needed.

.beans/nuzlocke-tracker-ecij--add-vitest-for-frontend-testing.md

@@ -0,0 +1,18 @@
+---
+# nuzlocke-tracker-ecij
+title: Add vitest for frontend testing
+status: completed
+type: task
+priority: normal
+created_at: 2026-02-16T19:13:50Z
+updated_at: 2026-02-16T19:26:23Z
+parent: nuzlocke-tracker-a5es
+---
+
+No frontend test runner is configured. Global standards require vitest.
+
+## Checklist
+- [ ] Install vitest as devDependency
+- [ ] Create vitest.config.ts
+- [ ] Add test script to package.json
+- [ ] Add test step to CI workflow

.beans/nuzlocke-tracker-mn8d--pin-github-actions-to-sha-hashes-and-add-persist-c.md

@@ -0,0 +1,18 @@
+---
+# nuzlocke-tracker-mn8d
+title: 'Pin GitHub Actions to SHA hashes and add persist-credentials: false'
+status: completed
+type: task
+priority: normal
+created_at: 2026-02-16T19:13:49Z
+updated_at: 2026-02-16T19:24:15Z
+parent: nuzlocke-tracker-a5es
+---
+
+All GitHub Actions use tag references (@v4, @v5) instead of SHA hashes with version comments. Also missing persist-credentials: false on checkout steps.
+
+## Checklist
+- [ ] Pin actions/checkout to SHA with version comment
+- [ ] Pin actions/setup-python to SHA with version comment
+- [ ] Pin actions/setup-node to SHA with version comment
+- [ ] Add persist-credentials: false to all checkout steps

.beans/nuzlocke-tracker-o1ek--fix-ci-python-version-mismatch-and-ruff-target-ver.md

@@ -0,0 +1,17 @@
+---
+# nuzlocke-tracker-o1ek
+title: Fix CI Python version mismatch and ruff target-version
+status: completed
+type: bug
+priority: normal
+created_at: 2026-02-16T19:13:49Z
+updated_at: 2026-02-16T19:24:15Z
+parent: nuzlocke-tracker-a5es
+---
+
+CI uses python-version 3.12 but .tool-versions and Docker use 3.14. Also, ruff target-version in pyproject.toml is py312 but should be py314.
+
+## Checklist
+- [ ] Update ci.yml python-version from 3.12 to 3.14
+- [ ] Update pyproject.toml ruff target-version from py312 to py314
+- [ ] Update requires-python to >=3.14

.beans/nuzlocke-tracker-sqb9--pin-frontend-dependencies-to-exact-versions.md

@@ -0,0 +1,14 @@
+---
+# nuzlocke-tracker-sqb9
+title: Pin frontend dependencies to exact versions
+status: completed
+type: task
+priority: normal
+created_at: 2026-02-16T19:13:49Z
+updated_at: 2026-02-16T19:24:15Z
+parent: nuzlocke-tracker-a5es
+---
+
+All frontend dependencies in package.json use ^ or ~ ranges. Global standards require exact pinning (no ^ or ~).
+
+Pin all dependencies and devDependencies to their currently installed exact versions.

.beans/nuzlocke-tracker-w5vu--pin-backend-python-dependencies-to-exact-versions.md

@@ -0,0 +1,14 @@
+---
+# nuzlocke-tracker-w5vu
+title: Pin backend Python dependencies to exact versions
+status: completed
+type: task
+priority: normal
+created_at: 2026-02-16T19:13:49Z
+updated_at: 2026-02-16T19:24:15Z
+parent: nuzlocke-tracker-a5es
+---
+
+All backend dependencies in pyproject.toml use >= ranges. Global standards require exact pins (== not >=).
+
+Pin all dependencies and dev dependencies to their currently installed exact versions.

.beans/nuzlocke-tracker-yyce--add-ty-for-python-type-checking.md

@@ -0,0 +1,18 @@
+---
+# nuzlocke-tracker-yyce
+title: Add ty for Python type checking
+status: completed
+type: task
+priority: normal
+created_at: 2026-02-16T19:13:50Z
+updated_at: 2026-02-16T19:26:23Z
+parent: nuzlocke-tracker-a5es
+---
+
+Global standards require ty check for static type analysis. Currently not configured.
+
+## Checklist
+- [ ] Add ty to dev dependencies
+- [ ] Configure ty rules in pyproject.toml
+- [ ] Add ty check step to CI workflow
+- [ ] Fix any type errors surfaced

.beans/nuzlocke-tracker-zom1--add-missing-tsconfig-strictness-flags.md

@@ -0,0 +1,19 @@
+---
+# nuzlocke-tracker-zom1
+title: Add missing tsconfig strictness flags
+status: completed
+type: task
+priority: normal
+created_at: 2026-02-16T19:13:49Z
+updated_at: 2026-02-16T19:24:15Z
+parent: nuzlocke-tracker-a5es
+---
+
+tsconfig.app.json is missing 4 required strict flags from the global standards:
+
+- noUncheckedIndexedAccess: true
+- exactOptionalPropertyTypes: true
+- noImplicitOverride: true
+- noPropertyAccessFromIndexSignature: true
+
+These need to be added and any resulting type errors fixed.