docs: update .github/SECURITY.md via Apex Optimizer #9

	# .github/workflows/ci.yml
	# Apex Technical Authority Standard CI/CD Pipeline (Python/uv/Ruff/Pytest)

	name: CI \| Build, Test, and Lint

	on:
	push:
	branches: ["main"]
	pull_request:
	branches: ["main"]
	workflow_dispatch:

	concurrency:
	group: ${{ github.workflow }}-${{ github.event.pull_request.number \|\| github.ref }}
	cancel-in-progress: true

	jobs:
	build-and-test:
	name: Python ${{ matrix.python-version }} on ${{ matrix.os }}
	runs-on: ${{ matrix.os }}
	strategy:
	fail-fast: false
	matrix:
	os: [ubuntu-latest]
	python-version: ["3.10", "3.11", "3.12"]

	steps:
	- name: 1. \| Check out repository
	uses: actions/checkout@v4

	- name: 2. \| Set up Python ${{ matrix.python-version }}
	uses: actions/setup-python@v5
	with:
	python-version: ${{ matrix.python-version }}

	- name: 3. \| Install uv (Ultra-Fast Python Package Manager)
	uses: astral-sh/install-uv-action@v1

	- name: 4. \| Install project dependencies via uv
	run: \|
	# Create a virtual environment
	uv venv
	# Install main and dev dependencies
	if [ -f requirements-dev.txt ]; then
	uv pip install -r requirements.txt -r requirements-dev.txt
	else
	uv pip install -r requirements.txt
	fi
	shell: bash

	- name: 5. \| Lint with Ruff
	run: uv run ruff check .

	- name: 6. \| Check formatting with Ruff
	run: uv run ruff format --check .

	- name: 7. \| Run tests and generate coverage report
	run: uv run pytest --cov=./ --cov-report=xml

	- name: 8. \| Upload coverage to Codecov
	uses: codecov/codecov-action@v4
	with:
	token: ${{ secrets.CODECOV_TOKEN }}
	fail_ci_if_error: true
	verbose: true

Provide feedback