Overall assessment

✅ Looks good

No unmitigated P0/P1 findings. This PR is metadata-only: it does not change any estimator, weighting, variance/SE logic, identification assumptions, or defaults, so the Methodology Registry is not implicated. I found two P3 informational items worth tightening.

Executive summary

• No affected methods. The diff only adds community-standard files and deletes a stray note, so there is no methodology change to cross-check against docs/methodology/REGISTRY.md.
• The new bug-template commands are valid against the public package surface: diff_diff.__version__ and diff_diff.HAS_RUST_BACKEND are exported from diff_diff/__init__.py:L23-L30, diff_diff/__init__.py:L290, diff_diff/__init__.py:L451.
• Both new issue-form YAML files are structurally valid; yaml.safe_load succeeds on each.
• BRIEFING.md deletion appears safe; repo search found no remaining references.
• SECURITY.md has a minor clarity issue: “latest minor only” conflicts with the table wording current 3.x, which can be read more broadly than intended. SECURITY.md:L5-L10
• The PR removes the stray BRIEFING.md but does not add the ignore/local-only mechanism the deleted file itself recommended, so the same accidental-commit path can recur. BRIEFING.md:L74-L80 (deleted in this PR), .gitignore:L71-L100

Methodology

• No findings. Affected methods: none. No estimator/math/SE/assumption/default behavior changed, so no Registry entry or methodology note/deviation is required.

Code Quality

• No findings. The only repo-context-sensitive instructions added in the issue templates point to real public API symbols. .github/ISSUE_TEMPLATE/bug_report.yml:L61-L80, diff_diff/__init__.py:L23-L30, diff_diff/__init__.py:L290, diff_diff/__init__.py:L451

Performance

• No findings. No runtime code paths changed.

Maintainability

• P3 Impact: The PR removes the accidentally committed BRIEFING.md, but it does not implement the preventive ignore/local-only storage path the deleted file called for. That leaves the same accidental-commit failure mode open for future worktree notes. BRIEFING.md:L74-L80 (deleted in this PR), .gitignore:L71-L100 Concrete fix: add BRIEFING.md or a dedicated local briefings/ directory to ignores, or document a gitignored location for ephemeral worktree briefings.

Tech Debt

• No additional findings beyond the maintainability item above.

Security

• P3 Impact: SECURITY.md says only the latest minor release is supported, then labels the supported row as Latest minor (current 3.x). 3.x can be read as the entire major line rather than one supported minor, which makes the support contract ambiguous for users/reporters. SECURITY.md:L5-L10 Concrete fix: replace the row with unambiguous wording such as Latest release only, or spell out the exact supported line (for example 3.3.x) and update it on release.
• No other findings. I did not see any secrets, unsafe disclosure patterns, or public vulnerability-reporting regressions in the changed files.

Documentation/Tests

• No findings. The issue forms are valid YAML and the bug-template environment commands align with the package’s public exports. .github/ISSUE_TEMPLATE/bug_report.yml:L58-L86, .github/ISSUE_TEMPLATE/feature_request.yml:L37-L49

/ai-review

🔁 AI review rerun (requested by @igerber)

Head SHA: a450f499c48a8e9d2629b024ebbe9eb143f53227

Overall assessment

✅ Looks good

No unmitigated P0/P1 findings. This remains a metadata-only PR: it does not change any estimator, weighting, variance/SE logic, identification assumptions, or defaults covered by the Methodology Registry. The two prior re-review items are addressed in .gitignore:L102-L104 and SECURITY.md:L5-L11. I found one new P3 documentation issue in the bug-report template.

Executive summary

• No affected methods. Cross-checking the diff against docs/methodology/REGISTRY.md:L1-L80 shows no estimator/math/SE/assumption/default surface changed.
• Re-review: the prior maintainability item is resolved by ignoring BRIEFING.md and briefings/ in .gitignore:L102-L104.
• Re-review: the prior SECURITY wording ambiguity is resolved; SECURITY.md:L5-L11 now clearly scopes support to the latest release only.
• BRIEFING.md deletion appears safe; repo search found no remaining BRIEFING references.
• The issue forms are structurally valid YAML, and the bug template’s version/backend prompts reference real exports (diff_diff.__version__, HAS_RUST_BACKEND) in diff_diff/__init__.py:L24-L30, diff_diff/__init__.py:L290, diff_diff/__init__.py:L451.
• Newly identified P3: the bug-report reproducer placeholder uses print(est.coef), which does not match the documented DifferenceInDifferences public surface. .github/ISSUE_TEMPLATE/bug_report.yml:L29-L37, diff_diff/estimators.py:L113-L119, diff_diff/results.py:L79-L116

Methodology

No findings. Affected methods: none. The changed files are repository/community metadata only, so no Registry note or paper cross-check was required beyond confirming the diff does not touch methodology surfaces. docs/methodology/REGISTRY.md:L1-L80

Code Quality

No findings.

Performance

No findings.

Maintainability

No findings. The previous re-review item about preventing future stray briefing commits is addressed by .gitignore:L102-L104.

Tech Debt

No findings. This PR does not add new deferred work or interact with existing TODO.md review-debt items.

Security

No findings. The previous ambiguity in supported-version wording is resolved by SECURITY.md:L5-L11, which now unambiguously states Latest release vs All older releases.

Documentation/Tests

• Severity: P3. Impact: The bug-report template’s placeholder ends with print(est.coef), but DifferenceInDifferences.fit() is documented to return a DiDResults object and the results surface exposes att / coefficients, not est.coef. That can mislead reporters into pasting a nonexistent API into repros, lowering issue quality. Concrete fix: change the placeholder to a real public surface such as results = est.fit(...); print(results.att) or print(results.coefficients). .github/ISSUE_TEMPLATE/bug_report.yml:L29-L37, diff_diff/estimators.py:L113-L119, diff_diff/results.py:L79-L116

/ai-review

🔁 AI review rerun (requested by @igerber)

Head SHA: 9dc655c14e3c5125155f49d4d991da69077bd9a3

Overall assessment

✅ Looks good

No unmitigated P0/P1 findings. This re-review remains a metadata-only PR: it adds community standards files, removes the stray briefing note, and does not touch any estimator, weighting, variance/SE, identification, or default-behavior surface covered by the Methodology Registry. docs/methodology/REGISTRY.md:L1-L37, .github/ISSUE_TEMPLATE/bug_report.yml:L1-L106, .github/ISSUE_TEMPLATE/feature_request.yml:L1-L64, .gitignore:L102-L104, CODE_OF_CONDUCT.md:L1-L83, SECURITY.md:L1-L57

Executive summary

• No affected methods. Registry cross-check confirms the PR does not modify methodology surfaces. docs/methodology/REGISTRY.md:L1-L37
• Re-review: the prior bug-template API mismatch is fixed; the reproducer now uses results.att, which matches DifferenceInDifferences.fit() and DiDResults. .github/ISSUE_TEMPLATE/bug_report.yml:L29-L37, diff_diff/estimators.py:L113-L119, diff_diff/results.py:L80-L116
• Re-review: the prior stray-briefing cleanup remains addressed via .gitignore entries for BRIEFING.md and briefings/; I found no remaining repo references. .gitignore:L102-L104
• Re-review: the prior SECURITY wording issue remains resolved; supported-version policy is explicit and unambiguous. SECURITY.md:L5-L11
• The feature-request form now explicitly asks for methodology references / existing implementations, which is aligned with the project’s registry-first review standard. .github/ISSUE_TEMPLATE/feature_request.yml:L37-L49
• Both issue forms are valid YAML, and the bug template’s environment prompts reference real exports: diff_diff.__version__ and HAS_RUST_BACKEND. .github/ISSUE_TEMPLATE/bug_report.yml:L58-L86, diff_diff/__init__.py:L23-L30, diff_diff/__init__.py:L290-L293, diff_diff/__init__.py:L446-L451

Methodology

No findings. Affected methods: none. The diff is confined to repo/community metadata and does not alter any estimator implementation, math, weighting, variance/SE, identification assumption, or default behavior covered by the registry, so no paper-level deviation check was triggered. docs/methodology/REGISTRY.md:L1-L37

Code Quality

No findings. The only substantive content mismatch from the prior review was the bug-template example, and it now matches the documented public API. .github/ISSUE_TEMPLATE/bug_report.yml:L29-L37, diff_diff/estimators.py:L113-L119, diff_diff/results.py:L80-L116

Performance

No findings. The changed files are markdown, YAML, and .gitignore, with no runtime or algorithmic path changes. .github/ISSUE_TEMPLATE/bug_report.yml:L1-L106, .github/ISSUE_TEMPLATE/feature_request.yml:L1-L64, .gitignore:L102-L104, CODE_OF_CONDUCT.md:L1-L83, SECURITY.md:L1-L57

Maintainability

No findings. Deleting the accidentally committed BRIEFING.md and ignoring future briefing artifacts reduces repeat-commit risk rather than adding debt. .gitignore:L102-L104

Tech Debt

No findings. This PR does not add new deferred work and does not intersect the tracked review-debt items in TODO.md. TODO.md:L51-L53

Security

No findings. SECURITY.md clearly states that only the latest published release is supported, defines a private reporting channel, and the new community files do not expose a personal email address. SECURITY.md:L5-L40, CODE_OF_CONDUCT.md:L37-L41

Documentation/Tests

No findings. Both issue templates parse cleanly as YAML, and the bug form references valid package API for version/backend collection and a real results attribute for the reproducer. .github/ISSUE_TEMPLATE/bug_report.yml:L29-L37, .github/ISSUE_TEMPLATE/bug_report.yml:L58-L86, .github/ISSUE_TEMPLATE/feature_request.yml:L1-L64, diff_diff/__init__.py:L23-L30, diff_diff/__init__.py:L290-L293, diff_diff/__init__.py:L446-L451