lippytm · Copilot · Jan 20, 2026 · Jan 20, 2026 · Jan 20, 2026 · Jan 20, 2026
diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md
@@ -0,0 +1,58 @@
+---
+name: Issue Report
+about: Create a report to help us improve
+title: ''
+labels: ''
+assignees: ''
+---
+
+## Description
+
+A clear and concise description of the issue.
+
+## Type of Issue
+
+- [ ] Bug report
+- [ ] Feature request
+- [ ] Documentation improvement
+- [ ] Question
+- [ ] Other
+
+## Current Behavior
+
+What is currently happening?
+
+## Expected Behavior
+
+What should be happening?
+
+## Steps to Reproduce
+
+For bug reports, provide steps to reproduce the behavior:
+
+1. Go to '...'
+2. Run command '...'
+3. See error
+
+## Environment
+
+- OS: [e.g., Ubuntu 22.04, macOS 13, Windows 11]
+- Node.js version (if applicable): [e.g., 18.17.0]
+- Python version (if applicable): [e.g., 3.11.0]
+- Package manager: [e.g., npm, yarn, pip]
+- Project version/commit: [e.g., v1.0.0, commit abc123]
+
+## Additional Context
+
+Add any other context about the problem here. Include:
+
+- Error messages or logs
+- Screenshots (if applicable)
+- Related issues or PRs
+- Possible solutions you've considered
+
+## Checklist
+
+- [ ] I have searched for existing issues
+- [ ] I have provided all requested information
+- [ ] I have included error messages/logs if applicable
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,89 @@
+## Description
+
+<!-- Provide a brief description of the changes in this PR -->
+
+## Related Issue
+
+<!-- Link to the issue this PR addresses (e.g., Fixes #123, Closes #456) -->
+
+Fixes #
+
+## Type of Change
+
+<!-- Mark the relevant option with an 'x' -->
+
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- [ ] Documentation update
+- [ ] Code refactoring
+- [ ] Performance improvement
+- [ ] Dependency update
+- [ ] CI/CD update
+- [ ] Other (please describe):
+
+## Changes Made
+
+<!-- List the specific changes made in this PR -->
+
+- 
+- 
+- 
+
+## Testing
+
+<!-- Describe the tests you ran and their results -->
+
+- [ ] All existing tests pass
+- [ ] Added new tests for changes
+- [ ] Manual testing completed
+- [ ] No tests required (documentation, comments, etc.)
+
+### Test Details
+
+<!-- Provide details about testing -->
+
+```
+# Commands run for testing
+npm test
+# or
+pytest
+```
+
+## Checklist
+
+<!-- Ensure all items are completed before submitting -->
+
+- [ ] My code follows the project's coding standards
+- [ ] I have performed a self-review of my own code
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] I have made corresponding changes to the documentation
+- [ ] My changes generate no new warnings
+- [ ] I have added tests that prove my fix is effective or that my feature works
+- [ ] New and existing unit tests pass locally with my changes
+- [ ] Any dependent changes have been merged and published
+- [ ] I have checked my code and corrected any misspellings
+- [ ] No secrets or credentials are committed
+- [ ] Branch is up to date with base branch
+
+## Screenshots (if applicable)
+
+<!-- Add screenshots to help explain your changes -->
+
+## Additional Notes
+
+<!-- Add any additional notes or context about the PR here -->
+
+## Reviewer Notes
+
+<!-- Any specific areas you'd like reviewers to focus on? -->
+
+---
+
+**For Reviewers:**
+
+- [ ] Code review completed
+- [ ] Tests verified
+- [ ] Documentation reviewed
+- [ ] No security concerns
+- [ ] Ready to merge
diff --git a/.github/workflows/blank.yml b/.github/workflows/blank.yml
@@ -3,12 +3,12 @@
 name: CI
 
 # Controls when the action will run. Triggers the workflow on push or pull request
-# events but only for the master branch
+# events but only for the master or main branch
 on:
   push:
-    branches: [ master ]
+    branches: [ master, main ]
   pull_request:
-    branches: [ master ]
+    branches: [ master, main ]
 
 # A workflow run is made up of one or more jobs that can run sequentially or in parallel
 jobs:
@@ -20,7 +20,7 @@ jobs:
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       # Runs a single command using the runners shell
       - name: Run a one-line script

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -0,0 +1,56 @@
+name: "CodeQL Analysis"
+
+on:
+  push:
+    branches: [master, main]
+  pull_request:
+    branches: [master, main]
+  schedule:
+    # Run at 6:00 UTC every Monday
+    - cron: '0 6 * * 1'
+  workflow_dispatch:
+
+permissions:
+  actions: read
+  contents: read
+  security-events: write
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    timeout-minutes: 360
+
+    strategy:
+      fail-fast: false
+      matrix:
+        # CodeQL supports: 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift'
+        # Auto-detect languages in the repository
+        # Override this matrix if you want to analyze specific languages
+        language: [javascript, python]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+          # queries: security-extended,security-and-quality
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+        # If autobuild fails, you can replace it with custom build steps:
+        # - name: Build
+        #   run: |
+        #     make bootstrap
+        #     make release
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -0,0 +1,29 @@
+name: "Dependency Review"
+
+on:
+  pull_request:
+    branches: [master, main]
+
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  dependency-review:
+    name: Dependency Review
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Dependency Review
+        uses: actions/dependency-review-action@v4
+        with:
+          # Fail the action if there are vulnerabilities
+          fail-on-severity: moderate
+          # Comment on the PR with the results
+          comment-summary-in-pr: true
+          # Allow licenses (customize based on your policy)
+          allow-licenses: MIT, Apache-2.0, BSD-2-Clause, BSD-3-Clause, ISC, 0BSD
+          # Deny licenses (customize based on your policy)
+          deny-licenses: GPL-3.0, AGPL-3.0