chore: bootstrap diff-risk-dashboard (always-green CI + CodeQL)

Author: CoderDeltaLAN

.github/dependabot.yml

@@ -0,0 +1,5 @@
+version: 2
+updates:
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule: { interval: "weekly" }

.github/pull_request_template.md

@@ -0,0 +1,7 @@
+## Summary
+- 
+
+## Checklist
+- [ ] Conventional Commit in title
+- [ ] CI green
+- [ ] CodeQL green

.github/release-drafter.yml

@@ -0,0 +1,23 @@
+name-template: 'v$RESOLVED_VERSION'
+tag-template: 'v$RESOLVED_VERSION'
+categories:
+  - title: '🚀 Features'
+    labels: ['feat','feature','enhancement']
+  - title: '🐛 Fixes'
+    labels: ['fix','bug']
+  - title: '🧰 Maintenance'
+    labels: ['chore','build','ci','refactor']
+  - title: '📝 Docs'
+    labels: ['docs']
+  - title: '✅ Tests'
+    labels: ['test']
+change-template: '- $TITLE (#$NUMBER) by @$AUTHOR'
+no-changes-template: 'No changes.'
+version-resolver:
+  major: { labels: ['major','breaking','semver:major'] }
+  minor: { labels: ['minor','feat','enhancement','semver:minor'] }
+  patch: { labels: ['patch','fix','chore','ci','docs','refactor','test','semver:patch'] }
+  default: patch
+template: |
+  ## What’s Changed
+  $CHANGES

.github/workflows/ci.yml

@@ -0,0 +1,23 @@
+name: CI / build
+on:
+  pull_request:
+  push:
+    branches: [main]
+jobs:
+  python:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.11","3.12"]
+    steps:
+      - uses: actions/checkout@v5
+      - uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - run: python -m pip install -U pip
+      - run: pip install poetry
+      - run: poetry install --no-interaction
+      - run: poetry run ruff check .
+      - run: poetry run black --check .
+      - run: PYTHONPATH=src poetry run pytest -q
+      - run: poetry run mypy src

.github/workflows/codeql.yml

@@ -0,0 +1,19 @@
+name: CodeQL
+on:
+  pull_request:
+  push:
+    branches: [main]
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+      actions: read
+      contents: read
+    steps:
+      - uses: actions/checkout@v5
+      - uses: github/codeql-action/init@v3
+        with:
+          languages: python
+      - uses: github/codeql-action/analyze@v3

.github/workflows/dependabot-label.yml

@@ -0,0 +1,9 @@
+name: dependabot metadata and labels
+on: pull_request_target
+jobs:
+  label:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: dependabot/fetch-metadata@v2
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"

.github/workflows/release-drafter.yml

@@ -0,0 +1,14 @@
+name: Release Drafter
+on:
+  push:
+    branches: [main]
+  pull_request:
+    types: [opened, edited, reopened, synchronize]
+  workflow_dispatch:
+jobs:
+  update:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: release-drafter/release-drafter@v6
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/semantic-pr.yml

@@ -0,0 +1,11 @@
+name: semantic PR title
+on:
+  pull_request_target:
+    types: [opened, edited, synchronize]
+jobs:
+  check:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: amannn/action-semantic-pull-request@v6
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 CoderDeltaLAN
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,20 @@
+# diff-risk-dashboard
+
+Visual dashboard for Pull Request risk exposure, designed to consume **ai-patch-verifier** JSON outputs.
+
+## Quick Start
+```bash
+poetry install
+poetry run drd summarize examples/sample_apv.json
+```
+
+## Run checks (mirrors CI)
+```bash
+poetry run ruff check .
+poetry run black --check .
+PYTHONPATH=src poetry run pytest -q
+poetry run mypy src
+```
+
+## License
+MIT