GitHub Actions
CI pipeline: build, lint, typecheck, unit tests, npm security audit, Playwright E2E, Lighthouse CI
Performance & accessibility budgets on every PR — accessibility ≥ 95 (blocking), performance ≥ 65 (warning)
Automated WCAG 2.2 AA audit on 6 routes — zero tolerance for critical violations
Dependabot
Weekly npm updates (8 groups), monthly Actions — next-intl/framer-motion majors require manual review
Weekly supply chain security scoring — branch protection, SAST, dependency pinning, signed commits