fix: update vulnerable dependencies #104

	name: Security Scan

	on:
	pull_request:
	push:
	branches:
	- main
	- codex/**
	schedule:
	- cron: '0 3 * * 1'

	permissions:
	contents: read

	concurrency:
	group: security-scan-${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	jobs:
	backend-security:
	runs-on: ubuntu-latest
	timeout-minutes: 15
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Set up Go
	uses: actions/setup-go@v5
	with:
	go-version-file: go.mod

	- name: Create frontend dist placeholder
	run: mkdir -p frontend/dist && touch frontend/dist/placeholder

	- name: Run govulncheck
	run: \|
	go install golang.org/x/vuln/cmd/govulncheck@latest
	govulncheck ./...

	frontend-security:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Set up Node.js
	uses: actions/setup-node@v4
	with:
	node-version: 22
	cache: npm
	cache-dependency-path: frontend/package-lock.json

	- name: Install frontend dependencies
	working-directory: frontend
	run: npm ci

	- name: Run npm audit
	working-directory: frontend
	run: npm audit --omit=dev --audit-level=high

Provide feedback