Add standard files

Author: jamesnrokt

.github/CODEOWNERS

@@ -0,0 +1 @@
+* @mParticle/sdk-team

.github/dependabot.yml

@@ -1,7 +1,7 @@
 version: 2
 updates:
   - package-ecosystem: gradle
-    directory: "/core-sdk-samples/higgs-shop-sample-app/"
+    directory: "/"
     schedule:
       interval: daily
       time: "08:00"
@@ -10,4 +10,13 @@ updates:
     labels: ['dependabot']
     open-pull-requests-limit: 10
     commit-message:
-      prefix: "chore"
+      prefix: "chore"
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
+    open-pull-requests-limit: 4
+    labels:
+      - dependabot
+    commit-message:
+      prefix: "chore"

.github/workflows/pull-request.yml

@@ -14,3 +14,14 @@ jobs:
     name: "Save PR Number for Dependabot Automerge"
     needs: [ higgs-shop-sample-app ]
     uses: mParticle/mparticle-workflows/.github/workflows/dependabot-save-pr-number.yml@main
+
+  pr-notify:
+    if: >
+      github.event_name == 'pull_request' &&
+      github.event.pull_request.draft == false
+    needs:
+      - higgs-shop-sample-app
+    name: Notify GChat
+    uses: ROKT/rokt-workflows/.github/workflows/oss_pr_opened_notification.yml@main
+    secrets:
+      gchat_webhook: ${{ secrets.GCHAT_PRS_WEBHOOK }}

SECURITY.md

@@ -0,0 +1,9 @@
+# Security Policy
+
+## Reporting a vulnerability
+
+To avoid abuse by malicious actors please do not open GitHub issues or pull requests for any security related issue you may have spotted.
+
+The safest way to report any vulnerability or concern you may have is via our [dedicated submission form](https://www.rokt.com/vulnerability-disclosure/).
+
+For further information please refer to the [Rokt Vulnerability Disclosure Policy](https://www.rokt.com/vulnerability-disclosure/).