feat: complete ISO 42001 compliance requirements

- Add manifest schema validation
- Integrate Codecov coverage tracking
- Add CODEOWNERS and issue templates
- Update documentation structure
- Improve governance pipeline
- Add security documentation
- Remove package publishing workflow

Closes #ISO-42001-compliance

Author: robmesseng

.github/CODEOWNERS

@@ -0,0 +1,20 @@
+# Global code owners
+* @australmetrics/pascal-maintainers
+
+# Documentation owners
+/docs/ @australmetrics/pascal-docs
+/docs-private/ @australmetrics/pascal-docs
+
+# Core functionality
+/src/ @australmetrics/pascal-core
+/tests/ @australmetrics/pascal-core
+
+# Configuration and metadata
+*.toml @australmetrics/pascal-maintainers
+*.json @australmetrics/pascal-maintainers
+*.yml @australmetrics/pascal-maintainers
+
+# Compliance and security
+/docs/compliance/ @australmetrics/pascal-compliance
+/SECURITY.md @australmetrics/pascal-compliance
+/CODE_OF_CONDUCT.md @australmetrics/pascal-compliance

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,38 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: "[BUG] "
+labels: bug
+assignees: ''
+
+---
+
+**Description**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Input data used '...'
+2. Command executed '....'
+3. Parameters set '....'
+4. Error message or unexpected behavior
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Log Files**
+If applicable, add log files to help explain your problem.
+
+**Environment:**
+ - OS: [e.g. Windows 10]
+ - Python Version: [e.g. 3.9]
+ - Package Version: [e.g. 1.0.1]
+
+**ISO 42001 Impact Assessment**
+- [ ] Data integrity affected
+- [ ] Processing traceability compromised
+- [ ] Output validation issues
+- [ ] Log consistency problems
+
+**Additional context**
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,31 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: "[FEATURE] "
+labels: enhancement
+assignees: ''
+
+---
+
+**Problem Description**
+A clear and concise description of what the problem is.
+
+**Proposed Solution**
+A clear and concise description of what you want to happen.
+
+**ISO 42001 Compliance**
+- [ ] Maintains data traceability
+- [ ] Includes logging requirements
+- [ ] Preserves validation mechanisms
+- [ ] Documentation updates needed
+
+**Technical Requirements**
+- Input/Output specifications
+- Performance considerations
+- Dependencies affected
+
+**Alternative Solutions**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/pull_request_template.md

@@ -0,0 +1,34 @@
+---
+name: Pull Request
+about: Create a pull request to contribute to the project
+
+---
+
+**Related Issue**
+Fixes #(issue)
+
+**Changes Made**
+Description of the changes in this pull request.
+
+**ISO 42001 Compliance Checklist**
+- [ ] Traceability maintained in logs
+- [ ] Input validation preserved/enhanced
+- [ ] Output validation preserved/enhanced
+- [ ] Documentation updated
+- [ ] Tests cover new/modified functionality
+- [ ] Test coverage > 80%
+
+**Testing**
+- [ ] Unit tests added/updated
+- [ ] Integration tests added/updated
+- [ ] All tests passing
+- [ ] Coverage maintained/improved
+
+**Documentation**
+- [ ] Code comments updated
+- [ ] API documentation updated
+- [ ] User guide updated if needed
+- [ ] Changelog updated
+
+**Additional Notes**
+Any additional information that would be helpful for review.

.github/workflows/publish.yml

@@ -39,12 +39,18 @@ jobs:
 
       - name: Verificar tipos
         run: |
-          mypy src/ tests/
-
-      - name: Ejecutar tests con cobertura
+          mypy src/ tests/      - name: Ejecutar tests con cobertura
         run: |
           pytest tests/ --cov=src/ --cov-report=xml --cov-report=term-missing:skip-covered
 
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v4
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          file: ./coverage.xml
+          fail_ci_if_error: true
+          verbose: true
+
       - name: Verificar documentación
         run: |
           pydocstyle src/

.github/workflows/test.yml

@@ -0,0 +1,23 @@
+name: Validate Manifest
+
+on:
+  push:
+    paths:
+      - 'manifest.json'
+      - 'schemas/**'
+  pull_request:
+    paths:
+      - 'manifest.json'
+      - 'schemas/**'
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Install check-jsonschema
+        run: pip install check-jsonschema
+      
+      - name: Validate manifest.json
+        run: check-jsonschema --schemafile schemas/manifest.schema.json manifest.json

.github/workflows/validate-manifest.yml

@@ -1,5 +1,21 @@
 # Changelog
 
+## [1.0.3] - 2025-05-28
+### Added
+- JSON Schema validation for `manifest.json`.
+- Codecov integration and coverage badge.
+- `CODEOWNERS` file for clear ownership assignment.
+- SHA-256 hash for private documentation.
+
+### Changed
+- Updated documentation structure.
+- Improved ISO 42001 compliance documentation.
+- Enhanced governance pipeline with coverage tracking.
+
+### Security
+- Added documentation integrity verification.
+- Updated private documentation handling.
+
 ## [1.0.1] – 2025-05-25
 ### Changed
 - Restructured `docs/` to separate public and private content.

CHANGELOG.md

@@ -6,6 +6,7 @@ A high-performance module for calculating NDVI, NDRE, and SAVI indices from Sent
 
 ## Project Status
 ![Tests & Lint](https://github.com/australmetrics/pascal-ndvi-block/actions/workflows/test.yml/badge.svg)
+[![codecov](https://codecov.io/gh/australmetrics/pascal-ndvi-block/branch/main/graph/badge.svg)](https://codecov.io/gh/australmetrics/pascal-ndvi-block)
 [![ISO 42001](https://img.shields.io/badge/ISO-42001-blue.svg)](docs/compliance/iso42001_compliance.md)
 
 - **Version**: 1.0.0
@@ -20,6 +21,14 @@ A high-performance module for calculating NDVI, NDRE, and SAVI indices from Sent
 - **Intuitive CLI**: Simple commands for all operations
 - **Automated Pipeline**: Complete processing with a single command
 
+## Normative Dependencies
+
+This project follows ISO 42001 compliance requirements and integrates with other PASCAL ecosystem blocks. For detailed information about normative dependencies and compliance:
+
+- [Normative Dependencies Documentation](docs/compliance/normative_dependencies.md)
+- [ISO 42001 Compliance](docs/compliance/iso42001_compliance.md)
+- [Security Policy](SECURITY.md)
+
 ## Quality Control & CI/CD
 
 This project implements robust Continuous Integration (CI) and Continuous Delivery (CD) practices:

README.md

@@ -0,0 +1,41 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 1.0.1   | :white_check_mark: |
+| 1.0.0   | :white_check_mark: |
+| < 1.0   | :x:                |
+
+## Security and Privacy Considerations
+
+### Data Protection
+- Input raster data is processed locally
+- No data is transmitted externally
+- Results and logs are stored in user-specified locations
+- Backup logs are encrypted with SHA-256
+
+### ISO 42001 Compliance
+This project adheres to ISO 42001 standards for AI systems:
+- Traceability of operations through detailed logging
+- Validation of input/output data formats
+- Clear documentation of parameters and their impacts
+- System behavior predictability and reproducibility
+
+## Reporting a Vulnerability
+
+1. **DO NOT** open public issues for security vulnerabilities
+2. Email security@australmetrics.com with:
+   - Description of the vulnerability
+   - Steps to reproduce
+   - Potential impact
+3. You will receive a response within 48 hours
+4. A fix will be developed and deployed as per severity:
+   - Critical: Within 24 hours
+   - High: Within 72 hours
+   - Medium: Next release
+   - Low: Scheduled as needed
+
+## Privacy Policy
+See our full privacy policy in [docs/compliance/privacy_policy.md](docs/compliance/privacy_policy.md)