Milestone 1: Branch setup + REVIEW.md with upgrade checkpoint definitions

[devin-ai-integration]

Summary

Creates the long-lived java-25-target branch and establishes the roadmap for incrementally upgrading from Java 11 + Spring Boot 2.6.3 to Java 25 + Spring Boot 3.5+.

Files added:

• REVIEW.md — Defines 10 milestones with explicit scope, affected files, and review-criteria checklists for each step of the upgrade (Spring Boot 2.7, Joda-Time removal, javax to jakarta, Spring Boot 3 + Java 17, dependency bumps, JJWT migration, Java 25, modern idioms, final audit).
• AGENTS.md — Agent guidelines for future Devin sessions: branch strategy, milestone execution rules, verification commands, architecture overview, dependency notes, and common pitfalls.
• .devin/skills/java25-upgrade-milestone.md — Reusable step-by-step skill for executing any single milestone (read spec, branch, implement, verify, PR).

No functional code changes. This is purely planning and scaffolding for the upgrade work ahead.

Follow-up fix: Clarified Milestone 4 scope to explicitly exclude javax.crypto from the jakarta migration (it's in java.base, not Jakarta EE), resolving a contradiction between the scope description and review criteria.

Link to Devin session: https://partner-workshops.devinenterprise.com/sessions/788cb040e148433782ecbf169178c389
Requested by: @bsmitches

---

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment, CI, and merge conflict monitoring