Infrastructure

Source Control and Issue tracking

Github is used to host all the code and issue/bug tracking.

CI

Github Actions are used to run the CI.

Dependancy Updating

Dependabot is used to keep all dependencies upto date. It checks daily for updates to the Github Actions and NPM packages. This ensures the project stays on top of updates that cover security, bugs and enhancements.

Security

CodeQL runs on every push, PR and on a schedule of once a week. This checks for security vulnerabilities in any of the code.

Code Quality

Locally and in CI Biome is used to enforce standard code formatting. Biome is also used in place of eslint to lint the code. Finally all pushes and PR’s are scanned with Sonarqube.