Dependency and Security Hygiene
- Pin major versions for core runtime dependencies.
- Schedule periodic dependency updates.
- Run security scans in CI where possible.
- Rotate credentials and never commit real secrets.
- Align with Security Baseline and Testing Strategy.