chore: Add GitHub hardening files (CODEOWNERS, SECURITY.md, dependabot)

Part of Phase 4 - GitHub structure hardening for Orcest AI ecosystem. Co-Authored-By: Danial Piterson <danial.samiei@gmail.com>
2026-05-24 09:58:23 +00:00 · 2026-02-18 20:49:49 +00:00 · 2026-02-18 20:49:49 +00:00 · 871c045ea2
commit 871c045ea2
parent d3163fe450
3 changed files with 42 additions and 0 deletions
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@ -0,0 +1,3 @@
+# Default code owners for all files
+* @danialsamiei
+
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,12 @@
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 5
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 5
--- a/SECURITY.md
+++ b/SECURITY.md
@ -0,0 +1,27 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported |
+|---------|-----------|
+| Latest  | Yes       |
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability, please report it responsibly:
+
+1. **Do NOT** open a public GitHub issue
+2. Use [GitHub Security Advisories](https://github.com/orcest-ai/Orcide/security/advisories/new) to report privately
+3. Or email: support@orcest.ai
+
+We will acknowledge receipt within 48 hours and provide a timeline for resolution.
+
+## Security Best Practices
+
+- All secrets must be stored in environment variables, never in code
+- All services require SSO authentication via login.orcest.ai
+- API keys must be rotated regularly
+- All traffic must use HTTPS/TLS
+
+Part of the [Orcest AI](https://orcest.ai) ecosystem.
+