feat: transfer ownership

[lhoupert]

This pull request updates repository references from lhoupert to developmentseed throughout documentation and workflow files, and introduces improvements to GitHub Actions workflows for better concurrency control, permissions clarity, and maintainability. The most important changes are grouped below.

Repository reference updates:

• Updated all URLs and usage instructions in README.md and CHANGELOG.md to reference developmentseed/action-python-security-auditing instead of lhoupert/action-python-security-auditing. This ensures users and badges point to the correct repository. [1] [2] [3] [4] [5] [6] [7] [8]

GitHub Actions workflow enhancements:

• Added concurrency groups to .github/workflows/ci.yml, .github/workflows/release-please.yml, and .github/workflows/scorecard.yml to prevent overlapping runs and cancel in-progress jobs on new pushes or PR updates, improving CI reliability. [1] [2] [3]
• Clarified and documented permissions in workflow jobs, making explicit which permissions are required for each job and step, improving security posture and maintainability. [1] [2] [3] [4]

Workflow job improvements:

• Added explicit name fields to jobs in workflow files for clearer job identification in the Actions UI. [1] [2] [3]
• Improved environment variable usage and GitHub CLI (gh) commands in workflow steps for better consistency and maintainability, including extracting variables and using them in API calls and git commands. [1] [2] [3]

These changes collectively improve repository clarity, workflow reliability, and security.

[github-actions]

Security Audit Report

View workflow run

Bandit — Static Security Analysis (Security tab)

12 issue(s) found: 12 low

✅ No issues at or above HIGH severity.

12 low issue(s) below threshold not shown in table.

pip-audit — Dependency Vulnerabilities (Security tab)

Package	Version	ID	Fix Versions	Description
pygments	2.19.2	CVE-2026-4539	none	A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file

1 vulnerability/vulnerabilities found (0 fixable) across 1 package(s).

---

Result: ✅ No blocking issues found.

[github-actions]

✅ All test workflows behaved as expected

14 passed, 0 failed

Test	Name	Expected	Actual	Bandit	pip-audit	Result
01	requirements · flat · clean	success	success	—	—	✅
02	requirements · src/ · bandit HIGH	failure	failure	B105, B404, B602	—	✅
03	requirements · src/+scripts/ · bandit HIGH + pip-audit	failure	failure	B105, B404, B602	cryptography, idna, requests, urllib3	✅
04	uv · flat · clean	success	success	—	—	✅
05	uv · src/ · pip-audit vuln	failure	failure	—	idna, requests, urllib3	✅
06	uv · src/+scripts/ · bandit MEDIUM	failure	failure	B324, B506	—	✅
07	poetry · flat · clean	success	success	—	—	✅
08	poetry · src/ · bandit MEDIUM + pip-audit	failure	failure	B105, B324	cryptography, idna, requests, urllib3	✅
09	pipenv · flat · clean	success	success	—	—	✅
10	pipenv · src/+scripts/ · bandit HIGH	failure	failure	B404, B602	—	✅
11	requirements · flat · clean (root working dir)	success	success	—	—	✅
12	uv · flat · bandit-only (no pip-audit)	failure	failure	B404, B602	disabled	✅
13	requirements · flat · unfixable vulns (should pass)	success	success	—	pygments	✅
14	uv · flat · low threshold (B101 assert)	failure	failure	B101	disabled	✅

[vincentsarago]

🚀