ci: add dependabot, security policy, enable delete-branch-on-merge

nikolasdehor · nikolasdehor · commit 9a818f64d04e · 2026-03-29T03:43:19.000-03:00
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,16 @@
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 5
+    labels:
+      - "dependencies"
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 5
+    labels:
+      - "ci"
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,7 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability, please report it responsibly by emailing nikolasdehor79@gmail.com.
+
+Do not open a public issue for security vulnerabilities.
