GitHub's license detection (licensee) only scans the repo root, so a LICENSE under .github/ leaves the repo showing no license. Move it back to root and repoint the .github doc links to ../LICENSE. README/SECURITY/CONTRIBUTING stay under .github/.
Standardize community-health files across the repo:
- Add a tailored SECURITY.md (private vulnerability reporting via GitHub PVR, response targets, per-repo threat model + scope).
- Add/replace CONTRIBUTING.md (real dev setup, test/CI commands, PR conventions).
- Move README + LICENSE under .github/ and rebase relative links so they still resolve.
- Fix inbound links that pointed at the old root paths.
Generated from a shared global template, adapted per repo.
Adds .github/dependabot.yml covering the two npm packages (opendia-mcp, opendia-extension) and the GitHub Actions used in CI. Weekly schedule with minor/patch grouping to keep PR noise low; this also surfaces the checkout/setup-node major bumps the CI currently warns about.
Co-authored-by: aaronjmars <aaronjmars@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Adds .github/workflows/ci.yml running on push to main and on PRs:
- MCP server: npm ci + node --check server.js
- Extension: npm ci, build chrome+firefox, validate builds,
structure tests, and web-ext lint on the Firefox build.
All steps verified locally against the current tree.
Co-authored-by: aaronjmars <aaronjmars@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>