feat: expand TODO/FIXME scan scope to include `freqtrade/` and `scripts/` and whitelist `0.0.0.0` in `docs/PHASE_P39.md` for port exposure scanning.

scripts/gates/p39_ops_hardening.sh

@@ -36,8 +36,8 @@ if [ "$GATE_MODE" == "pos" ]; then
     # We allow some, but maybe warn? Or fail if threshold exceeded?
     # Requirement: "check for any TODO or FIXME".
     # We'll just list them and maybe count them.
-    TODO_COUNT=$(grep -r "TODO" src/ adapters/ | wc -l)
-    FIXME_COUNT=$(grep -r "FIXME" src/ adapters/ | wc -l)
+    TODO_COUNT=$((grep -r "TODO" freqtrade/ adapters/ scripts/ || true) | wc -l)
+    FIXME_COUNT=$((grep -r "FIXME" freqtrade/ adapters/ scripts/ || true) | wc -l)
     echo "Found $TODO_COUNT TODOs and $FIXME_COUNT FIXMEs."
     if [ "$FIXME_COUNT" -gt 0 ]; then
         echo "[WARN] FIXMEs found. Review required."

scripts/ops/p20_scan_port_exposure.py

@@ -50,6 +50,7 @@ ALLOWLIST = {
     "tests/rpc/test_rpc_apiserver.py": ["0.0.0.0"],
     "freqtrade/configuration/deploy_config.py": ["0.0.0.0"],
     "scripts/ops/p20_scan_port_exposure.py": ["0.0.0.0", "8080:8080"],
+    "docs/PHASE_P39.md": ["0.0.0.0"],
 }
 
 RISKY_PATTERNS = [