Alexander Whitestone
|
c9c3fc94f8
|
feat(security): add pre-merge security guards and quality gates
Docker Build and Publish / build-and-push (pull_request) Failing after 18s
Secret Scan / Scan for secrets (pull_request) Failing after 3s
Supply Chain Audit / Scan PR for supply chain risks (pull_request) Failing after 4s
Tests / test (pull_request) Failing after 6s
- Add secret-leak detection CI workflow (secret-scan.yml)
- Add dependency vulnerability scanning via pip-audit (dependency-audit.yml)
- Add CODEOWNERS for critical paths (gateway/, tools/, agent/, config/)
- Add security PR checklist issue template
- Add quarterly security audit scheduled workflow
- Add pre-commit config with gitleaks and private key detection
Refs #149
|
2026-04-06 21:51:58 -04:00 |
|