Add comprehensive CI/CD workflows for Forgejo Actions

- ci.yml: Complete CI pipeline with lint, type-check, tests, build, security, and i18n validation
- code-quality.yml: Advanced code analysis including complexity, TODO tracking, and import analysis
- dependency-review.yml: Automated dependency update review with security checks
- pr-labeler.yml: Intelligent PR labeling based on files and content
- release.yml: Automated release process with changelog generation
- Documentation and best practices guide

Features:
- Multi-node testing (Node 18, 20)
- Security scanning for hardcoded secrets
- Bundle size impact analysis
- Translation key validation
- Complexity analysis and code quality metrics

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

.forgejo/workflows/README.md

@@ -0,0 +1,85 @@
+# Forgejo CI/CD Workflows
+
+This directory contains automated workflows for the Great Lakes Ice Report project.
+
+## Workflows
+
+### CI (ci.yml)
+Runs on every push to main and on all pull requests. Includes:
+- **Lint**: Checks code style with ESLint
+- **Type Check**: Validates TypeScript types
+- **Test**: Runs Jest tests on Node.js 18 and 20
+- **Build**: Verifies all build outputs (backend, frontend, CSS)
+- **Security**: Checks for hardcoded secrets and vulnerabilities
+- **i18n Validation**: Ensures translation files are valid and complete
+
+### Code Quality (code-quality.yml)
+Runs on pull requests to analyze code quality:
+- Complexity analysis
+- Detection of console.log statements
+- TODO/FIXME comment tracking
+- Large file detection
+- Import analysis and circular dependency checks
+
+### Dependency Review (dependency-review.yml)
+Triggered when package.json or package-lock.json changes:
+- Identifies major version updates
+- Security vulnerability scanning
+- Bundle size impact analysis
+
+### PR Labeler (pr-labeler.yml)
+Automatically suggests labels based on:
+- Changed file paths
+- PR title and description keywords
+- Type of changes (bug, feature, security, etc.)
+
+### Release (release.yml)
+Triggered on version tags (v*):
+- Runs full test suite
+- Builds the project
+- Generates changelog
+- Creates release archive
+
+## Running Workflows Locally
+
+You can test workflows locally using [act](https://github.com/nektos/act):
+
+```bash
+# Run all workflows
+act
+
+# Run specific workflow
+act -W .forgejo/workflows/ci.yml
+
+# Run specific job
+act -j lint -W .forgejo/workflows/ci.yml
+```
+
+## Workflow Status Badges
+
+Add these to your README:
+
+```markdown
+[![CI](https://git.deco.sh/deco/ice/actions/workflows/ci.yml/badge.svg)](https://git.deco.sh/deco/ice/actions/workflows/ci.yml)
+[![Code Quality](https://git.deco.sh/deco/ice/actions/workflows/code-quality.yml/badge.svg)](https://git.deco.sh/deco/ice/actions/workflows/code-quality.yml)
+```
+
+## Best Practices
+
+1. **Keep workflows fast**: Use caching and parallel jobs
+2. **Fail fast**: Put quick checks (lint, type-check) before slow ones (tests)
+3. **Be specific**: Use path filters to avoid unnecessary runs
+4. **Cache dependencies**: Always use `actions/setup-node` with cache
+5. **Security first**: Never commit secrets, always use repository secrets
+
+## Troubleshooting
+
+### Workflow not running?
+- Check if Forgejo Actions is enabled in repository settings
+- Verify workflow syntax with online YAML validators
+- Check runner availability
+
+### Tests failing in CI but passing locally?
+- Ensure Node.js versions match
+- Check for missing environment variables
+- Verify database initialization in CI environment