feat: add code quality tools and security policy

- Configure Husky with pre-commit and pre-push hooks
- Add commitlint for conventional commit validation
- Create comprehensive security policy (SECURITY.md)
- Add GitHub Actions for security scanning and dependency review
- Create PR and issue templates for better collaboration
- Add Canny.io references for community feedback
- Fix path traversal vulnerability in /assets endpoint
- Create MySQL schema sync analysis tools

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,81 @@
+name: 🐛 Bug Report
+description: Report a bug or unexpected behavior
+title: "[BUG] "
+labels: ["bug", "needs-triage"]
+assignees: []
+
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this bug report! 
+        Please search existing issues before creating a new one.
+
+  - type: textarea
+    id: description
+    attributes:
+      label: 📋 Bug Description
+      description: A clear and concise description of what the bug is.
+      placeholder: Describe the bug...
+    validations:
+      required: true
+
+  - type: textarea
+    id: reproduction
+    attributes:
+      label: 🔄 Steps to Reproduce
+      description: Steps to reproduce the behavior
+      placeholder: |
+        1. Go to '...'
+        2. Click on '....'
+        3. Scroll down to '....'
+        4. See error
+    validations:
+      required: true
+
+  - type: textarea
+    id: expected
+    attributes:
+      label: ✅ Expected Behavior
+      description: A clear and concise description of what you expected to happen.
+      placeholder: What should happen?
+    validations:
+      required: true
+
+  - type: textarea
+    id: actual
+    attributes:
+      label: ❌ Actual Behavior
+      description: A clear and concise description of what actually happened.
+      placeholder: What actually happened?
+    validations:
+      required: true
+
+  - type: textarea
+    id: environment
+    attributes:
+      label: 🌍 Environment
+      description: Please provide information about your environment
+      value: |
+        - OS: [e.g. Ubuntu 20.04, Windows 10, macOS 12.0]
+        - Node.js version: [e.g. 18.17.0]
+        - Evolution API version: [e.g. 2.3.3]
+        - Database: [e.g. PostgreSQL 14, MySQL 8.0]
+        - Connection type: [e.g. Baileys, WhatsApp Business API]
+    validations:
+      required: true
+
+  - type: textarea
+    id: logs
+    attributes:
+      label: 📋 Logs
+      description: If applicable, add logs to help explain your problem.
+      placeholder: Paste relevant logs here...
+      render: shell
+
+  - type: textarea
+    id: additional
+    attributes:
+      label: 📝 Additional Context
+      description: Add any other context about the problem here.
+      placeholder: Any additional information...

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,85 @@
+name: ✨ Feature Request
+description: Suggest a new feature or enhancement
+title: "[FEATURE] "
+labels: ["enhancement", "needs-triage"]
+assignees: []
+
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for suggesting a new feature! 
+        Please check our [Feature Requests on Canny](https://evolutionapi.canny.io/feature-requests) first.
+
+  - type: textarea
+    id: problem
+    attributes:
+      label: 🎯 Problem Statement
+      description: Is your feature request related to a problem? Please describe.
+      placeholder: A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+    validations:
+      required: true
+
+  - type: textarea
+    id: solution
+    attributes:
+      label: 💡 Proposed Solution
+      description: Describe the solution you'd like
+      placeholder: A clear and concise description of what you want to happen.
+    validations:
+      required: true
+
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: 🔄 Alternatives Considered
+      description: Describe alternatives you've considered
+      placeholder: A clear and concise description of any alternative solutions or features you've considered.
+
+  - type: dropdown
+    id: priority
+    attributes:
+      label: 📊 Priority
+      description: How important is this feature to you?
+      options:
+        - Low - Nice to have
+        - Medium - Would be helpful
+        - High - Important for my use case
+        - Critical - Blocking my work
+    validations:
+      required: true
+
+  - type: dropdown
+    id: component
+    attributes:
+      label: 🧩 Component
+      description: Which component does this feature relate to?
+      options:
+        - WhatsApp Integration (Baileys)
+        - WhatsApp Business API
+        - Chatwoot Integration
+        - Typebot Integration
+        - OpenAI Integration
+        - Dify Integration
+        - API Endpoints
+        - Database
+        - Authentication
+        - Webhooks
+        - File Storage
+        - Other
+
+  - type: textarea
+    id: use_case
+    attributes:
+      label: 🎯 Use Case
+      description: Describe your specific use case for this feature
+      placeholder: How would you use this feature? What problem does it solve for you?
+    validations:
+      required: true
+
+  - type: textarea
+    id: additional
+    attributes:
+      label: 📝 Additional Context
+      description: Add any other context, screenshots, or examples about the feature request here.
+      placeholder: Any additional information, mockups, or examples...

.github/dependabot.yml

@@ -0,0 +1,38 @@
+version: 2
+updates:
+  # Enable version updates for npm
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "09:00"
+    open-pull-requests-limit: 10
+    commit-message:
+      prefix: "chore"
+      prefix-development: "chore"
+      include: "scope"
+
+  # Enable version updates for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "09:00"
+    open-pull-requests-limit: 5
+    commit-message:
+      prefix: "ci"
+      include: "scope"
+
+  # Enable version updates for Docker
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "09:00"
+    open-pull-requests-limit: 5
+    commit-message:
+      prefix: "chore"
+      include: "scope"

.github/pull_request_template.md

@@ -0,0 +1,41 @@
+## 📋 Description
+<!-- Describe your changes in detail -->
+
+## 🔗 Related Issue
+<!-- Link to the issue this PR addresses -->
+Closes #(issue_number)
+
+## 🧪 Type of Change
+<!-- Mark with an `x` all the checkboxes that apply -->
+- [ ] 🐛 Bug fix (non-breaking change which fixes an issue)
+- [ ] ✨ New feature (non-breaking change which adds functionality)
+- [ ] 💥 Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- [ ] 📚 Documentation update
+- [ ] 🔧 Refactoring (no functional changes)
+- [ ] ⚡ Performance improvement
+- [ ] 🧹 Code cleanup
+- [ ] 🔒 Security fix
+
+## 🧪 Testing
+<!-- Describe the testing you performed to verify your changes -->
+- [ ] Manual testing completed
+- [ ] Functionality verified in development environment
+- [ ] No breaking changes introduced
+- [ ] Tested with different connection types (if applicable)
+
+## 📸 Screenshots (if applicable)
+<!-- Add screenshots to help explain your changes -->
+
+## ✅ Checklist
+<!-- Mark with an `x` all the checkboxes that apply -->
+- [ ] My code follows the project's style guidelines
+- [ ] I have performed a self-review of my code
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] I have made corresponding changes to the documentation
+- [ ] My changes generate no new warnings
+- [ ] I have manually tested my changes thoroughly
+- [ ] I have verified the changes work with different scenarios
+- [ ] Any dependent changes have been merged and published
+
+## 📝 Additional Notes
+<!-- Any additional information, concerns, or questions -->

.github/workflows/check_code_quality.yml

@@ -1,6 +1,10 @@
 name: Check Code Quality
 
-on: [pull_request]
+on: 
+  pull_request:
+    branches: [ main, develop ]
+  push:
+    branches: [ main, develop ]
 
 jobs:
   check-lint-and-build:

.github/workflows/security.yml

@@ -0,0 +1,51 @@
+name: Security Scan
+
+on:
+  push:
+    branches: [ main, develop ]
+  pull_request:
+    branches: [ main, develop ]
+  schedule:
+    - cron: '0 0 * * 1' # Weekly on Mondays
+
+jobs:
+  codeql:
+    name: CodeQL Analysis
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v3
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3
+      with:
+        category: "/language:${{matrix.language}}"
+
+  dependency-review:
+    name: Dependency Review
+    runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+      - name: Dependency Review
+        uses: actions/dependency-review-action@v4