build(deps-dev): bump ethers from 6.15.0 to 6.16.0 in /contracts

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,47 @@
+---
+name: Bug Report
+about: Create a report to help us improve
+title: '[BUG] '
+labels: bug
+assignees: ''
+---
+
+## Bug Description
+
+A clear and concise description of the bug.
+
+## Steps to Reproduce
+
+1. Go to '...'
+2. Click on '...'
+3. Scroll down to '...'
+4. See error
+
+## Expected Behavior
+
+A clear description of what you expected to happen.
+
+## Actual Behavior
+
+A clear description of what actually happens.
+
+## Screenshots
+
+If applicable, add screenshots to help explain your problem.
+
+## Environment
+
+- **Operating System**: [e.g. Windows 11, macOS 14, Ubuntu 22.04]
+- **Browser**: [e.g. Chrome 120, Firefox 121, Safari 17]
+- **Node.js Version**: [e.g. 18.17.0]
+- **Project Version**: [e.g. 1.0.0]
+
+## Additional Information
+
+Any other context about the problem.
+
+## Policy Verification
+
+- [ ] I have reviewed that this issue complies with [GitHub Acceptable Use Policies](https://docs.github.com/en/site-policy/acceptable-use-policies/github-acceptable-use-policies)
+- [ ] It does not contain sensitive or personal information
+- [ ] It does not promote illegal activities or inappropriate content

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,45 @@
+---
+name: Feature Request
+about: Suggest an idea for this project
+title: '[FEATURE] '
+labels: enhancement
+assignees: ''
+---
+
+## Is your feature request related to a problem?
+
+A clear and concise description of the problem. E.g. I'm frustrated when [...]
+
+## Describe the solution you'd like
+
+A clear and concise description of what you want to happen.
+
+## Describe alternatives you've considered
+
+A clear and concise description of any alternative solutions or features you've considered.
+
+## Use Cases
+
+Describe how this feature would be used:
+- Use case 1: ...
+- Use case 2: ...
+
+## Expected Impact
+
+- How would this improve the user experience?
+- How many users would benefit?
+- Is this a critical improvement or nice-to-have?
+
+## Mockups/Designs
+
+If you have mockups or designs, share them here.
+
+## Additional Information
+
+Any other context or screenshots about the feature request.
+
+## Policy Verification
+
+- [ ] I have reviewed that this request complies with [GitHub Acceptable Use Policies](https://docs.github.com/en/site-policy/acceptable-use-policies/github-acceptable-use-policies)
+- [ ] It does not contain inappropriate content or copyright violations
+- [ ] It is a legitimate and constructive request

.github/ISSUE_TEMPLATE/security.md

@@ -0,0 +1,42 @@
+---
+name: Security Report
+about: Report a security vulnerability (DO NOT use for public issues)
+title: '[SECURITY] '
+labels: security
+assignees: ''
+---
+
+## ⚠️ IMPORTANT: Do not publish vulnerabilities here
+
+**Please DO NOT report security vulnerabilities publicly.**
+
+Instead:
+1. Send an email to [INSERT SECURITY EMAIL]
+2. Or create a private [Security Advisory](https://github.com/vaiosx01/Gigstream/security/advisories/new)
+
+Read our [Security Policy](SECURITY.md) for more information.
+
+## Vulnerability Description
+
+[FOR INTERNAL USE ONLY - DO NOT complete in public issues]
+
+## Severity
+
+- [ ] Critical
+- [ ] High
+- [ ] Medium
+- [ ] Low
+
+## Steps to Reproduce
+
+1. ...
+2. ...
+3. ...
+
+## Impact
+
+Describe the potential impact of this vulnerability.
+
+## Proposed Solution
+
+If you have suggestions for fixing the issue.

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,61 @@
+## Description
+
+Briefly describe the changes in this PR.
+
+## Type of Change
+
+- [ ] Bug fix (change that fixes an issue)
+- [ ] New feature (change that adds functionality)
+- [ ] Breaking change (change that breaks compatibility)
+- [ ] Documentation (changes only in documentation)
+- [ ] Refactoring (code change that neither fixes a bug nor adds functionality)
+- [ ] Performance improvement
+- [ ] Test (add or fix tests)
+
+## Checklist
+
+- [ ] My code follows the project's style standards
+- [ ] I have performed a self-review of my code
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] I have made corresponding changes to the documentation
+- [ ] My changes generate no new warnings
+- [ ] I have added tests that prove my fix is effective or that my feature works
+- [ ] New and existing unit tests pass locally with my changes
+- [ ] Any dependent changes have been merged and published
+
+## GitHub Policies Verification
+
+- [ ] I have reviewed [GitHub Community Guidelines](https://docs.github.com/en/site-policy/github-terms/github-community-guidelines)
+- [ ] I have reviewed [GitHub Acceptable Use Policies](https://docs.github.com/en/site-policy/acceptable-use-policies/github-acceptable-use-policies)
+- [ ] **I have NOT** included sensitive information (API keys, passwords, private tokens)
+- [ ] **I have NOT** included content that violates copyright
+- [ ] **I have NOT** included malicious code or spam
+- [ ] My code complies with all GitHub policies
+
+## Additional Information
+
+Any additional information reviewers should know.
+
+## Screenshots (if applicable)
+
+If your changes affect the UI, include screenshots.
+
+## Tests
+
+Describe the tests you performed to verify your changes.
+
+## Security Checklist
+
+- [ ] No API keys, passwords, or tokens in code
+- [ ] No personal user information
+- [ ] Environment variables are correctly configured
+- [ ] Smart contracts have been security reviewed (if applicable)
+
+## Related Links
+
+- Related issue: #<number>
+- Related documentation: [link]
+
+---
+
+**Note**: This PR will be reviewed according to GitHub policies and project standards.

.github/dependabot.yml

@@ -0,0 +1,42 @@
+# Dependabot configuration to keep dependencies updated
+# Complies with GitHub security policies
+
+version: 2
+updates:
+  # Enable updates for npm/pnpm
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "09:00"
+    open-pull-requests-limit: 10
+    labels:
+      - "dependencies"
+      - "automated"
+    commit-message:
+      prefix: "chore"
+      include: "scope"
+    # Ignore major updates for critical dependencies
+    ignore:
+      - dependency-name: "next"
+        update-types: ["version-update:semver-major"]
+      - dependency-name: "react"
+        update-types: ["version-update:semver-major"]
+      - dependency-name: "react-dom"
+        update-types: ["version-update:semver-major"]
+      - dependency-name: "@somnia-chain/streams"
+        update-types: ["version-update:semver-major"]
+
+  # Updates for contracts (if there's a separate package.json)
+  - package-ecosystem: "npm"
+    directory: "/contracts"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "09:00"
+    open-pull-requests-limit: 5
+    labels:
+      - "dependencies"
+      - "contracts"
+      - "automated"

.github/workflows/compliance-check.yml

@@ -0,0 +1,105 @@
+# Workflow to verify compliance with GitHub policies
+# Runs automatic checks before merging PRs
+
+name: Compliance Verification
+
+on:
+  pull_request:
+    branches: [ main, develop ]
+  push:
+    branches: [ main, develop ]
+
+jobs:
+  security-check:
+    name: Security Verification
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Verify sensitive information
+        run: |
+          echo "Verifying no sensitive information in code..."
+          # Check for hardcoded API keys
+          if grep -r "api[_-]key" --include="*.ts" --include="*.tsx" --include="*.js" --include="*.jsx" src/ contracts/; then
+            echo "⚠️ WARNING: Possible API keys found in code"
+            echo "Please ensure you use environment variables"
+          fi
+
+          # Check for passwords
+          if grep -ri "password\s*=\s*['\"].*['\"]" --include="*.ts" --include="*.tsx" --include="*.js" --include="*.jsx" src/ contracts/; then
+            echo "❌ ERROR: Hardcoded passwords found"
+            exit 1
+          fi
+
+          # Check for private keys
+          if grep -ri "private[_-]key\s*=\s*['\"].*['\"]" --include="*.ts" --include="*.tsx" --include="*.js" --include="*.jsx" src/ contracts/; then
+            echo "❌ ERROR: Private keys found in code"
+            exit 1
+          fi
+
+          echo "✅ Security verification completed"
+
+      - name: Verify .env.local is not committed
+        run: |
+          if git ls-files | grep -q "\.env\.local"; then
+            echo "❌ ERROR: .env.local should not be in the repository"
+            exit 1
+          fi
+          echo "✅ .env.local is not in the repository"
+
+  code-quality:
+    name: Code Quality
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '18'
+          cache: 'pnpm'
+
+      - name: Install pnpm
+        uses: pnpm/action-setup@v2
+        with:
+          version: 8
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Run linter
+        run: pnpm run lint
+
+      - name: Verify types
+        run: pnpm run type-check
+
+  policy-compliance:
+    name: Policy Compliance
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Verify policy files
+        run: |
+          echo "Verifying required policy files exist..."
+          required_files=("CODE_OF_CONDUCT.md" "CONTRIBUTING.md" "SECURITY.md")
+          for file in "${required_files[@]}"; do
+            if [ ! -f "$file" ]; then
+              echo "❌ ERROR: Missing file $file"
+              exit 1
+            fi
+          done
+          echo "✅ All policy files are present"
+
+      - name: Verify README references policies
+        run: |
+          if ! grep -q "CODE_OF_CONDUCT\|CONTRIBUTING\|SECURITY" README.md; then
+            echo "⚠️ WARNING: README.md should reference policy files"
+          else
+            echo "✅ README.md references policies"
+          fi

.gitignore

@@ -25,10 +25,35 @@ npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
 
-# Local env files
+# Local env files (NEVER commit these!)
+# IMPORTANT: Complies with GitHub security policies
+# Do not commit files with sensitive information (API keys, passwords, tokens)
 .env*.local
 .env
-env.example
+.env.production
+.env.development
+.env.test
+
+# env.example SHOULD be versioned (it's a template)
+# Remove env.example from ignore if you want to track it
+# env.example
+
+# Files with sensitive information (GitHub Policies)
+*.key
+*.pem
+*.p12
+*.pfx
+*.jks
+*.keystore
+secrets/
+.secrets/
+*.secret
+*secret*
+private-keys/
+.private/
+credentials.json
+config.json
+secrets.json
 
 # Vercel
 .vercel