## What to build Add automated checks that reduce dependency, container, and workflow supply-chain risk before code is merged or released. ## Acceptance criteria - [ ] CI includes dependency vulnerability scanning for Python dependencies. - [ ] CI includes Docker image vulnerability scanning. - [ ] CI includes Dockerfile linting. - [ ] CI includes GitHub Actions workflow linting. - [ ] CI includes dependency review or equivalent pull-request guard. - [ ] Documentation explains which checks are required and which are advisory. ## Blocked by Issue: Add CI workflow for linting, typing, tests, and build checks.
What to build
Add automated checks that reduce dependency, container, and workflow supply-chain risk before code is merged or released.
Acceptance criteria
Blocked by
Issue: Add CI workflow for linting, typing, tests, and build checks.