feat: enhance Azure storage provisioning with CORS support

fix: streamline clean workflow by removing untagged version deletion and enhancing package retention logic

fix: use GHCR_TOKEN for container-scan attestation push in trivy.yml (#845)

fix: resolve CI failures in Trivy container scan and Backend CI attest jobs (#843)

feat: implement tagging logic for MCP publishing and add script to set server.json version

feat: add max-parallel strategy to CI workflows and create aspire.config.json for app host configuration

feat: add pushed-after input to prevent TOCTOU in digest retrieval and enhance logging in post-tool audit

refactor: Code structure and remove redundant code blocks for improved readability and maintainability

refactor(actions): rename dotnet workflows to backend and add dedicated Betterleaks workflow

fix: redirect error message to stderr in get-digest.sh and use environment variable for repository name in action.yaml

feat(ci): improve container image pipeline with security hardening and CD workflow

feat: Implement Agent Governance Toolkit for enhanced policy enforcement (#836)

refactor(logging): simplify log messages in LoggingBehavior and KeycloakTokenIntrospectionMiddleware

chore: apply Alpine security updates and remove npm tooling from runtime image

chore(security): remediate Dependabot alerts in docs bun lockfiles