feat(legal): add CLA with automated enforcement via CLA Assistant

- CLA.md: Individual Contributor License Agreement v1.0
  Grants copyright + patent license to maintainer (including commercial use),
  contributor retains ownership. Required for dual open-source/enterprise model.

- .github/workflows/cla.yml: CLA Assistant bot (contributor-assistant/github-action@v2.6.1)
  Automatically requests signature on every PR, blocks merge until signed,
  stores signatures in .github/cla-signatures.json on main branch.
  Dependabot and bots are exempt.

- CONTRIBUTING.md: add CLA section at top + step 6 in PR process

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: filipi86

.github/workflows/cla.yml

@@ -0,0 +1,47 @@
+name: CLA Assistant
+
+on:
+  issue_comment:
+    types: [created]
+  pull_request_target:
+    types: [opened, closed, synchronize]
+
+permissions:
+  contents: write        # write CLA signatures file
+  pull-requests: write   # comment on PRs
+  statuses: write        # set commit status check
+
+jobs:
+  cla-check:
+    name: CLA Check
+    runs-on: ubuntu-latest
+    # Skip Dependabot — automated dependency updates don't require CLA
+    if: github.actor != 'dependabot[bot]'
+    steps:
+      - name: CLA Assistant
+        uses: contributor-assistant/github-action@v2.6.1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          path-to-signatures: ".github/cla-signatures.json"
+          path-to-document: "https://github.com/filipi86/drogonsec/blob/main/CLA.md"
+          branch: main
+          allowlist: filipi86,bot*,*[bot]
+          custom-notsigned-prcomment: |
+            Thank you for your contribution to **DrogonSec**!
+
+            Before we can merge this pull request, we need you to sign our **Contributor License Agreement (CLA)**.
+
+            The CLA ensures you retain ownership of your contribution while granting the project the rights needed to maintain and develop DrogonSec — including any future enterprise products built on top of the open-source core.
+
+            Please read the [CLA document](https://github.com/filipi86/drogonsec/blob/main/CLA.md) and sign by commenting below:
+
+            ```
+            I have read the CLA Document and I hereby sign the CLA
+            ```
+
+            This is a one-time action — once signed, all future PRs from your account are automatically approved.
+          custom-signed-prcomment: |
+            CLA signed. Thank you for contributing to DrogonSec!
+          custom-allsigned-prcomment: |
+            All contributors have signed the CLA. This check has passed.

CLA.md

@@ -0,0 +1,72 @@
+# DrogonSec Individual Contributor License Agreement
+
+**Version 1.0 — Effective 2026-04-14**
+
+Thank you for your interest in contributing to **DrogonSec**, a project maintained by **filipi86** ("Project Maintainer").
+
+This Individual Contributor License Agreement ("CLA") clarifies the intellectual property rights you grant when submitting a Contribution to this project. By signing this CLA, you agree to the following terms.
+
+---
+
+## 1. Definitions
+
+- **"You"** means the individual submitting a Contribution.
+- **"Contribution"** means any original work of authorship — including source code, documentation, bug fixes, tests, configuration, or any other material — submitted by You to this project via a pull request, issue, or any other means.
+- **"Project"** means the DrogonSec software and all associated repositories under https://github.com/filipi86/drogonsec.
+
+---
+
+## 2. Grant of Copyright License
+
+You retain full ownership of your Contribution. You grant the Project Maintainer a **perpetual, worldwide, non-exclusive, royalty-free, irrevocable copyright license** to:
+
+- Reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute your Contribution and any derivative works, **in any form and under any license**, including proprietary commercial licenses.
+
+This means the Project Maintainer may use your Contribution in both the open-source version of DrogonSec and any commercial or enterprise product derived from it.
+
+---
+
+## 3. Grant of Patent License
+
+You grant the Project Maintainer and all recipients of the Project a **perpetual, worldwide, non-exclusive, royalty-free, irrevocable patent license** to make, have made, use, offer to sell, sell, import, and otherwise transfer your Contribution, where such a license applies to patents that you hold that are necessarily infringed by your Contribution alone or in combination with the Project.
+
+---
+
+## 4. Representations
+
+By submitting a Contribution, you represent that:
+
+1. You have the legal right to grant the licenses described above.
+2. Your Contribution is your original creation, or you have sufficient rights to submit it under this CLA.
+3. Your Contribution does not violate any third-party intellectual property rights.
+4. If your employer has rights to intellectual property you create, you have received permission to submit this Contribution on behalf of your employer, or your employer has waived such rights.
+
+---
+
+## 5. No Obligation
+
+Nothing in this CLA obligates the Project Maintainer to use, accept, or distribute your Contribution.
+
+---
+
+## 6. Disclaimer
+
+Your Contribution is provided **"AS IS"**, without warranties or conditions of any kind.
+
+---
+
+## How to Sign
+
+When you open a pull request, the CLA Assistant bot will automatically request your signature. You can sign by commenting on the PR:
+
+```
+I have read the CLA Document and I hereby sign the CLA
+```
+
+Your GitHub username and the date will be recorded as proof of agreement.
+
+---
+
+## Questions
+
+For questions about this CLA, open an issue at https://github.com/filipi86/drogonsec/issues.

CONTRIBUTING.md

@@ -6,6 +6,7 @@ Thank you for your interest in contributing to **DrogonSec**! This project is a
 
 ## Table of Contents
 
+- [Contributor License Agreement (CLA)](#contributor-license-agreement-cla)
 - [Code of Conduct](#code-of-conduct)
 - [Getting Started](#getting-started)
 - [Project Structure](#project-structure)
@@ -23,6 +24,22 @@ Thank you for your interest in contributing to **DrogonSec**! This project is a
 
 ---
 
+## Contributor License Agreement (CLA)
+
+**All contributors must sign the CLA before their pull request can be merged.**
+
+When you open a PR, the CLA Assistant bot will automatically post a comment asking you to sign. Simply reply with:
+
+```
+I have read the CLA Document and I hereby sign the CLA
+```
+
+This is a **one-time action** — once signed, all future PRs from your account are automatically approved. The CLA ensures you retain full ownership of your contribution while granting DrogonSec the rights needed to maintain the project and build enterprise products on top of the open-source core.
+
+Read the full [CLA document](./CLA.md) before signing.
+
+---
+
 ## Code of Conduct
 
 This project follows a **Contributor Covenant** approach. Be respectful, inclusive, and constructive. Harassment, discrimination, or bad-faith contributions will not be tolerated.
@@ -277,7 +294,9 @@ docs(readme): update installation instructions
    - How it was tested
    - Related issues (`Closes #123`)
 
-6. A maintainer will review and may request changes. Once approved, your PR will be merged.
+6. **Sign the CLA** when the bot posts the request — one-time action.
+
+7. A maintainer will review and may request changes. Once approved, your PR will be merged.
 
 ---