chore(codeowners): drop .github/workflows/ owner line (standards#55 Rule 3)

[hyperpolymath]

Removes the .github/workflows/ CODEOWNERS line, which is the
Dependabot github-actions-ecosystem review-request trigger.

idaptik is co-owned (@JoshuaJewell). Per CODEOWNERS-POLICY.adoc
Rule 3, dropping a line that auto-requests review from a co-owner
removes that co-owner's review gate and requires the repo lead's
explicit decision. This PR is opened for that decision — do not merge
without it. All other @JoshuaJewell co-owner path gates (engine,
bindings, app, build, guix, security) are retained per Rule 2 — only
the workflows line is removed.

Resolves the idaptik row of standards#55.

[github-actions]

🔍 Hypatia Security Scan

Findings: 55 issues detected

Severity	Count
🔴 Critical	12
🟠 High	29
🟡 Medium	14

⚠️ Action Required: Critical security issues found!

View findings

[
  {
    "reason": "Issue in quality.yml",
    "type": "missing_workflow",
    "file": "quality.yml",
    "action": "create",
    "rule_module": "workflow_audit",
    "severity": "high"
  },
  {
    "reason": "Issue in security-policy.yml",
    "type": "missing_workflow",
    "file": "security-policy.yml",
    "action": "create",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Action hyperpolymath/standards/.github/workflows/governance-reusable.yml@main needs attention",
    "type": "unpinned_action",
    "file": "governance.yml",
    "action": "pin_sha",
    "rule_module": "workflow_audit",
    "severity": "high"
  },
  {
    "reason": "No permissions declaration -- add permissions: read-all",
    "type": "missing_permissions",
    "file": "serviceworker-check.yml",
    "action": "add_permissions",
    "rule_module": "workflow_audit",
    "severity": "medium"
  },
  {
    "reason": "Python file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/idaptik/idaptik/dlc/idaptik-dlc-reversible/robot-repo-bot/_modules/robot_repo.py",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "Deno -A grants all permissions -- use specific --allow-* flags (3 occurrences, CWE-250)",
    "type": "js_deno_all_perms",
    "file": "/home/runner/work/idaptik/idaptik/run.js",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "high"
  },
  {
    "reason": "Nickel file missing SPDX-License-Identifier header (1 occurrences, CWE-1104)",
    "type": "ncl_missing_spdx",
    "file": "/home/runner/work/idaptik/idaptik/configs/config.ncl",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "medium"
  },
  {
    "reason": "getExn on external data -- use pattern matching (2 occurrences, CWE-754)",
    "type": "getexn_on_external",
    "file": "/home/runner/work/idaptik/idaptik/src/app/devices/VMBridge.res",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "critical"
  },
  {
    "reason": "JSON decode without validation (2 occurrences, CWE-20)",
    "type": "json_decode_no_validation",
    "file": "/home/runner/work/idaptik/idaptik/src/app/proven/SafeJson.res",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "critical"
  },
  {
    "reason": "JSON decode without validation (1 occurrences, CWE-20)",
    "type": "json_decode_no_validation",
    "file": "/home/runner/work/idaptik/idaptik/src/app/screens/BalanceAnalyserModel.res",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "critical"
  }
]

Powered by Hypatia Neurosymbolic CI/CD Intelligence