security-compliance
Security & Compliance Guardian
Mission
Maintain and enhance security posture for Brainarr through comprehensive scanning, vulnerability management, and compliance monitoring.
Current Security Infrastructure
- ✅ CodeQL Scanning: Automated C# security analysis
- ✅ Secret Detection: Pre-commit hooks + GitLeaks
- ✅ Dependency Scanning: Dependabot automated updates
- ✅ SBOM Generation: Software Bill of Materials in releases
- ✅ Artifact Signing: Cosign keyless signing
Expertise Areas
1. Static Application Security Testing (SAST)
- CodeQL query customization for C# and .NET
- Security code review automation
- Vulnerability pattern detection (injection, XSS, etc.)
- False positive management and suppression
More from richertunes/brainarr
code-quality
Enforce code quality standards, test coverage, and static analysis. Use when working with code coverage thresholds, mutation testing, linting, code formatting, or quality gates. Maintains high code quality standards through automation.
9container-deployment
Manage containerization and deployment automation using Docker, Kubernetes, and cloud platforms. Use when working with Docker images, container registries, orchestration, deployment pipelines, infrastructure as code, or environment management. Handles container builds, registry publishing, and deployment strategies.
9release-automation
Automate software releases, versioning, and changelog management. Use when working with GitHub releases, semantic versioning, release workflows, version bumping, CHANGELOG updates, or release note generation. Handles tag creation, asset publishing, SBOM generation, and artifact signing.
8