merge: integrate doc reorg from origin/main

Origin moved the spec/progress/sec-review docs and per-milestone
files under doc/development/. Trivial merge — no overlapping edits.
A follow-up commit fixes the now-stale ./SPEC.md links in the new
top-level CHANGELOG.md.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

README.md

@@ -9,8 +9,8 @@ For who: ops engineers who run their own infra, want a single place to
 collect abuse signal across hosts, and need consumer-shaped output (one
 firewall = one tailored list).
 
-The full design is in [`SPEC.md`](./SPEC.md). Per-milestone progress is in
-[`PROGRESS.md`](./PROGRESS.md). Documentation for operators and future
+The full design is in [`SPEC.md`](doc/development/SPEC.md). Per-milestone progress is in
+[`PROGRESS.md`](doc/development/PROGRESS.md). Documentation for operators and future
 frontend authors lives in [`doc/`](./doc/).
 
 ---

doc/admin-manual.md

@@ -506,7 +506,7 @@ docker compose up --build -d        # rebuild picks up the new lock file
 ```
 
 Review the changelog of any updated package before deploying. The
-[`doc/SEC_REVIEW.md`](./SEC_REVIEW.md) document tracks security
+[`doc/SEC_REVIEW.md`](development/SEC_REVIEW.md) document tracks security
 findings + their fixes per commit; `git log --grep SEC_REVIEW`
 surfaces the pattern.
 
@@ -564,6 +564,6 @@ docker run --rm -u 0 -v irdb_irdb-data:/data alpine chown -R 1000:1000 /data
 - [`user-manual.md`](./user-manual.md) — UI walkthrough, screen-by-screen.
 - [`architecture.md`](./architecture.md) — system design, container topology, where state lives.
 - [`security.md`](./security.md) — threat model, hardening choices.
-- [`SEC_REVIEW.md`](./SEC_REVIEW.md) — security findings log.
+- [`SEC_REVIEW.md`](development/SEC_REVIEW.md) — security findings log.
 - [`auth-flows.md`](./auth-flows.md) — local admin, OIDC, token kinds.
 - [`api-overview.md`](./api-overview.md) — REST surface, common conventions.