Canonical source: docs/release/github-project-production-backlog.md
Epic: Repository Governance, Review Automation, And OSS Housekeeping
- ID:
PROD-044
- Title:
Add repo security automation beyond Solidity-specific scanning
- Type:
security
- Priority:
P1
- Scope:
active
- Area:
security-automation
- Description: Complement the current Slither and protocol gates with repo-wide
security automation for JavaScript/TypeScript, workflow surfaces, and secret
exposure.
- Acceptance criteria:
- CodeQL or equivalent static analysis runs on the active JS/TS codebase
- dependency audit runs on a schedule
- secret scanning policy is documented and automated where practical
- Dependencies:
PROD-042, PROD-043
- Source docs:
production-readiness-audit-2026-03-29.md,
external benchmark: HyperscapeAI/hyperscape/.github/workflows/security.yml
- Suggested owner:
security
- Blocker class:
quality-blocking
Canonical source:
docs/release/github-project-production-backlog.mdEpic: Repository Governance, Review Automation, And OSS Housekeeping
PROD-044Add repo security automation beyond Solidity-specific scanningsecurityP1activesecurity-automationsecurity automation for JavaScript/TypeScript, workflow surfaces, and secret
exposure.
PROD-042,PROD-043production-readiness-audit-2026-03-29.md,external benchmark:
HyperscapeAI/hyperscape/.github/workflows/security.ymlsecurityquality-blocking