- Update all GitHub Actions to v3 for Gitea compatibility
- Fix artifact upload/download actions (v4 -> v3)
- Remove GitHub-specific features (GITHUB_STEP_SUMMARY)
- Add complete Docker Compose configuration with PostgreSQL and Redis
- Add environment secrets support for all workflows
- Add debug workflow for secrets verification
- Add comprehensive documentation for secrets setup
- Improve container networking and health checks
- Update security scan workflow to utilize a dedicated script for checking secrets, improving detection accuracy.
- Modify database connection setup in multiple scripts to use an environment variable fallback for DATABASE_URL, enhancing flexibility in different environments.
- Update CI/CD workflow to use specific Trivy version and change output format for vulnerability results.
- Add fallback npm audit step in case Trivy scan fails.
- Create a new security scan workflow that runs on push and pull request events, including scheduled scans.
- Introduce a security scan script to perform npm audit, Trivy scans, and check for potential secrets in the codebase.
- Ensure results are uploaded as artifacts for review and maintain retention policies for scan results.
- Change Docker image in docker-compose.prod.yml to use 'portfolio-app:latest'.
- Add new scripts for Gitea deployment and setup of Gitea runner.
- Introduce CI/CD workflows for automated testing, security scanning, and deployment in Gitea.
- Enhance package.json with new deployment scripts for Gitea integration.
