feat: add unified CI/CD pipeline with consolidated workflow jobs

- Consolidates all 8 workflows into single main.yml with 6 major jobs
- Implements smart conditionals for different trigger scenarios
- Adds composite action for Node.js setup with intelligent caching
- Uses matrix strategy for accessibility tests with unique ports
- Combines security scanning into comprehensive single job
- Integrates federal compliance as conditional scheduled job
- Dynamic port allocation prevents conflicts (3000-3204 range)
- Build and deploy jobs with proper environment conditions
- Comprehensive pipeline summary with detailed reporting

Benefits:
- Reduces workflow files from 8 to 1 (~1500 lines vs 5000)
- Eliminates redundant setup and dependency installation
- Provides unified execution flow and clear dependencies
- Optimized parallel execution with shared caching
- Better GitHub Actions UI experience with single pipeline view

Job Structure:
- core-setup: Dynamic condition evaluation and change detection
- unit-tests: Matrix-based backend/frontend testing
- lint-and-format: Code quality with conditional execution
- security-scan: Comprehensive DAST/SAST with OWASP ZAP
- accessibility-tests: 5-tool matrix (lighthouse, axe, wave, contrast, keyboard)
- federal-compliance: FIPS, SBOM, Semgrep, PII detection
- build-and-deploy: Conditional staging/production deployment
- pipeline-summary: Consolidated reporting and artifact management

Ready for testing with workflow_dispatch manual triggers.

Author: arunsanna

.github/actions/setup-node-and-deps/README.md

@@ -0,0 +1,63 @@
+# Setup Node.js and Dependencies Action
+
+A composite action that provides common Node.js and npm setup functionality with intelligent caching.
+
+## Usage
+
+```yaml
+- name: Setup Node.js and dependencies
+  uses: ./.github/actions/setup-node-and-deps
+  with:
+    node-version: "18"
+    install-root: "true"
+    install-backend: "true"
+    install-frontend: "true"
+    cache-key-suffix: "security-scan"
+```
+
+## Inputs
+
+| Input              | Description                     | Required | Default |
+| ------------------ | ------------------------------- | -------- | ------- |
+| `node-version`     | Node.js version to use          | No       | `18`    |
+| `install-root`     | Install root dependencies       | No       | `true`  |
+| `install-backend`  | Install backend dependencies    | No       | `false` |
+| `install-frontend` | Install frontend dependencies   | No       | `false` |
+| `cache-key-suffix` | Additional suffix for cache key | No       | `''`    |
+
+## Features
+
+- ✅ Automatic Node.js setup with specified version
+- ✅ Intelligent npm cache management
+- ✅ Selective dependency installation (root, backend, frontend)
+- ✅ Enhanced caching with custom suffixes for different job types
+- ✅ Optimized cache keys based on package-lock.json hashes
+
+## Examples
+
+### Basic setup (root only)
+
+```yaml
+- uses: ./.github/actions/setup-node-and-deps
+```
+
+### Full stack setup
+
+```yaml
+- uses: ./.github/actions/setup-node-and-deps
+  with:
+    install-backend: "true"
+    install-frontend: "true"
+```
+
+### Security scanning setup with custom cache
+
+```yaml
+- uses: ./.github/actions/setup-node-and-deps
+  with:
+    install-backend: "true"
+    install-frontend: "true"
+    cache-key-suffix: "security-tools"
+```
+
+This composite action reduces duplication across workflow jobs and provides consistent, optimized dependency management.

.github/actions/setup-node-and-deps/action.yml

@@ -0,0 +1,67 @@
+name: "Setup Node.js and Dependencies"
+description: "Common setup for Node.js and npm dependencies with caching"
+inputs:
+  node-version:
+    description: "Node.js version to use"
+    required: false
+    default: "18"
+  install-root:
+    description: "Install root dependencies"
+    required: false
+    default: "true"
+  install-backend:
+    description: "Install backend dependencies"
+    required: false
+    default: "false"
+  install-frontend:
+    description: "Install frontend dependencies"
+    required: false
+    default: "false"
+  cache-key-suffix:
+    description: "Additional suffix for cache key"
+    required: false
+    default: ""
+
+runs:
+  using: "composite"
+  steps:
+    - name: Setup Node.js
+      uses: actions/setup-node@v4
+      with:
+        node-version: ${{ inputs.node-version }}
+        cache: "npm"
+        cache-dependency-path: |
+          package-lock.json
+          ${{ inputs.install-backend == 'true' && 'backend/package-lock.json' || '' }}
+          ${{ inputs.install-frontend == 'true' && 'frontend/package-lock.json' || '' }}
+
+    - name: Install root dependencies
+      if: inputs.install-root == 'true'
+      shell: bash
+      run: npm ci
+
+    - name: Install backend dependencies
+      if: inputs.install-backend == 'true'
+      shell: bash
+      working-directory: ./backend
+      run: npm ci
+
+    - name: Install frontend dependencies
+      if: inputs.install-frontend == 'true'
+      shell: bash
+      working-directory: ./frontend
+      run: npm ci
+
+    - name: Cache additional dependencies
+      if: inputs.cache-key-suffix != ''
+      uses: actions/cache@v4
+      with:
+        path: |
+          ~/.npm
+          node_modules
+          backend/node_modules
+          frontend/node_modules
+        key: node-deps-${{ runner.os }}-${{ hashFiles('**/package-lock.json') }}-${{ inputs.cache-key-suffix }}
+        restore-keys: |
+          node-deps-${{ runner.os }}-${{ hashFiles('**/package-lock.json') }}-
+          node-deps-${{ runner.os }}-