feat: Install quality-rails for mechanical code quality enforcement

Quality Rails provides mechanical enforcement of code quality through
pre-commit hooks and CI/CD pipelines, preventing ~70% of common issues.

What's added:
- Pre-commit hooks via husky (formatting enforcement enabled)
- Enhanced ESLint rules (no-explicit-any, security plugin, etc.)
- lint-staged configuration (currently formatting-only mode)
- Woodpecker CI pipeline template (.woodpecker.yml)
- eslint-plugin-security for vulnerability detection
- Documentation (docs/quality-rails-status.md)

Current status:
- Strict enforcement DISABLED until existing violations are fixed
- Found 1,226 violations (1,121 errors, 105 warnings)
- Priority: Fix explicit 'any' types first
- Pre-commit currently only enforces Prettier formatting

Next steps:
1. Fix existing lint violations
2. Enable strict pre-commit enforcement
3. Configure CI/CD pipeline

Based on quality-rails from ~/src/quality-rails (monorepo template)
See docs/quality-rails-status.md for detailed roadmap.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

package.json

@@ -26,7 +26,8 @@
     "docker:logs": "docker compose logs -f",
     "docker:ps": "docker compose ps",
     "docker:build": "docker compose build",
-    "docker:restart": "docker compose restart"
+    "docker:restart": "docker compose restart",
+    "prepare": "husky install"
   },
   "devDependencies": {
     "@typescript-eslint/eslint-plugin": "^8.26.0",
@@ -35,6 +36,9 @@
     "eslint": "^9.21.0",
     "eslint-config-prettier": "^10.1.0",
     "eslint-plugin-prettier": "^5.2.3",
+    "eslint-plugin-security": "^3.0.1",
+    "husky": "^9.1.7",
+    "lint-staged": "^16.2.7",
     "prettier": "^3.5.3",
     "turbo": "^2.8.0",
     "typescript": "^5.8.2",