diff --git a/.editorconfig b/.editorconfig index 9345cf7..2bf0901 100644 --- a/.editorconfig +++ b/.editorconfig @@ -2,6 +2,7 @@ root = true [*] charset = utf-8 +end_of_line = lf indent_size = 4 indent_style = space insert_final_newline = true diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..21dd534 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,3 @@ +# https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners + +* @ergebnis-bot @localheinz diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 6a730e1..141a83a 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -1,6 +1,6 @@ # CONTRIBUTING -We are using [GitHub Actions](https://github.com/features/actions) as a continuous integration system. +We use [GitHub Actions](https://github.com/features/actions) as a continuous integration system. For details, take a look at the following workflow configuration files: @@ -10,12 +10,12 @@ For details, take a look at the following workflow configuration files: ## Coding Standards -We are using [`yamllint`](https://github.com/adrienverge/yamllint) to enforce coding standards in YAML files. +We use [`yamllint`](https://github.com/adrienverge/yamllint) to enforce coding standards in YAML files. If you do not have `yamllint` installed yet, run ```sh -$ brew install yamllint +brew install yamllint ``` to install `yamllint`. @@ -23,7 +23,7 @@ to install `yamllint`. Run ```sh -$ make coding-standards +make coding-standards ``` to detect coding standard violations. @@ -33,7 +33,7 @@ to detect coding standard violations. Run ```sh -$ make +make ``` to detect coding standard violations! @@ -43,7 +43,7 @@ to detect coding standard violations! :bulb: Run ```sh -$ make help +make help ``` to display a list of available targets with corresponding descriptions. diff --git a/.github/SECURITY.md b/.github/SECURITY.md new file mode 100644 index 0000000..e90d610 --- /dev/null +++ b/.github/SECURITY.md @@ -0,0 +1,17 @@ +# Security Policy + +## Supported Versions + +The following versions of `ergebnis/.github` have active support: + +- `^1.8.0` + +## Unsupported Versions + +The following versions of `ergebnis/.github` have reached their end of life: + +- `<1.8.0` + +## Reporting a Vulnerability + +If you believe that you have found a security vulnerability, please send an email to `am@localheinz.com`. Ensure to include all details required to understand the severity of the issue. diff --git a/.github/dependabot.yml b/.github/dependabot.yaml similarity index 95% rename from .github/dependabot.yml rename to .github/dependabot.yaml index 61f6b18..fc4c7b3 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yaml @@ -1,4 +1,4 @@ -# https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates +# https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates version: 2 diff --git a/.github/settings.yml b/.github/settings.yml index 5ec4346..5d40ff0 100644 --- a/.github/settings.yml +++ b/.github/settings.yml @@ -1,4 +1,4 @@ -# https://github.com/probot/settings +# https://github.com/repository-settings/app branches: - name: "main" @@ -13,8 +13,8 @@ branches: require_code_owner_reviews: true required_approving_review_count: 1 required_status_checks: - contexts: - - "Coding Standards" + checks: + - context: "Coding Standards" strict: false restrictions: @@ -52,10 +52,6 @@ labels: color: "ee0701" description: "" - - name: "stale" - color: "eeeeee" - description: "" - # https://docs.github.com/en/rest/reference/repos#update-a-repository repository: @@ -66,11 +62,15 @@ repository: default_branch: "main" delete_branch_on_merge: true description: ":heart: Provides default community health files and composite actions for the @ergebnis organization." + enable_automated_security_fixes: true + enable_vulnerability_alerts: true + has_discussions: false has_downloads: false - has_issues: false + has_issues: true has_pages: false has_projects: false has_wiki: false + is_template: false name: ".github" private: false diff --git a/.github/workflows/integrate.yaml b/.github/workflows/integrate.yaml index 76561fd..4bcb39d 100644 --- a/.github/workflows/integrate.yaml +++ b/.github/workflows/integrate.yaml @@ -14,6 +14,8 @@ jobs: runs-on: "ubuntu-latest" + timeout-minutes: 5 + steps: - name: "Checkout" uses: "actions/checkout@v4.1.1" diff --git a/.github/workflows/merge.yaml b/.github/workflows/merge.yaml index 3c9222d..6212d9f 100644 --- a/.github/workflows/merge.yaml +++ b/.github/workflows/merge.yaml @@ -15,6 +15,8 @@ jobs: runs-on: "ubuntu-latest" + timeout-minutes: 5 + if: > github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success' && @@ -32,8 +34,8 @@ jobs: - name: "Assign @ergebnis-bot" uses: "ergebnis/.github/actions/github/pull-request/add-assignee@1.8.0" with: - github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" assignee: "ergebnis-bot" + github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" - name: "Approve pull request" uses: "ergebnis/.github/actions/github/pull-request/approve@1.8.0" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index c760eed..bbed7cd 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -13,6 +13,8 @@ jobs: runs-on: "ubuntu-latest" + timeout-minutes: 5 + steps: - name: "Create release" uses: "ergebnis/.github/actions/github/release/create@1.8.0" diff --git a/.github/workflows/triage.yaml b/.github/workflows/triage.yaml index 8f59cb6..6b1217b 100644 --- a/.github/workflows/triage.yaml +++ b/.github/workflows/triage.yaml @@ -13,6 +13,8 @@ jobs: runs-on: "ubuntu-latest" + timeout-minutes: 5 + steps: - name: "Add labels based on branch name" uses: "ergebnis/.github/actions/github/pull-request/add-label-based-on-branch-name@1.8.0" diff --git a/.yamllint.yaml b/.yamllint.yaml index 2c9e3b6..0f43625 100644 --- a/.yamllint.yaml +++ b/.yamllint.yaml @@ -1,7 +1,7 @@ extends: "default" ignore: | - .notes/ + .note/ rules: braces: diff --git a/LICENSE.md b/LICENSE.md new file mode 100644 index 0000000..cabb837 --- /dev/null +++ b/LICENSE.md @@ -0,0 +1,16 @@ +# The MIT License (MIT) + +Copyright (c) 2019-2023 Andreas Möller + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated +documentation files (the _Software_), to deal in the Software without restriction, including without limitation the +rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit +persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the +Software. + +THE SOFTWARE IS PROVIDED **AS IS**, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE +WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/README.md b/README.md index d3bbc3d..a1000a2 100644 --- a/README.md +++ b/README.md @@ -1,17 +1,14 @@ # .github -[![Integrate](https://github.com/ergebnis/.github/workflows/Integrate/badge.svg?branch=main)](https://github.com/ergebnis/.github/actions) -[![Merge](https://github.com/ergebnis/.github/workflows/Merge/badge.svg?branch=main)](https://github.com/ergebnis/.github/actions) -[![Release](https://github.com/ergebnis/.github/workflows/Release/badge.svg?branch=main)](https://github.com/ergebnis/.github/actions) -[![Triage](https://github.com/ergebnis/.github/workflows/Triage/badge.svg?branch=main)](https://github.com/ergebnis/.github/actions) +[![Integrate](https://github.com/ergebnis/.github/workflows/Integrate/badge.svg)](https://github.com/ergebnis/.github/actions) +[![Merge](https://github.com/ergebnis/.github/workflows/Merge/badge.svg)](https://github.com/ergebnis/.github/actions) +[![Release](https://github.com/ergebnis/.github/workflows/Release/badge.svg)](https://github.com/ergebnis/.github/actions) -Provides community health files for the [@ergebnis](https://github.com/ergebnis) organization. - -:bulb: Also see [GitHub Docs: Creating a default community health file](https://docs.github.com/en/github/building-a-strong-community/creating-a-default-community-health-file). +This project provides [community health files](https://docs.github.com/en/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file) and [composite actions](https://docs.github.com/en/actions/creating-actions/creating-a-composite-action) for the [@ergebnis](https://github.com/ergebnis) organization. ## Composite Actions -This repository provides the following composite actions: +This project provides the following composite actions: - [`ergebnis/.github/actions/composer/determine-cache-directory`](#composer-determine-cache-directory) - [`ergebnis/.github/actions/composer/determine-root-version`](#composer-determine-root-version) @@ -721,16 +718,30 @@ The directory configured by the `phive-home` directory is cached using [`actions ## Changelog -Please have a look at [`CHANGELOG.md`](CHANGELOG.md). +The maintainers of this project record notable changes to this project in a [changelog](CHANGELOG.md). ## Contributing -Please have a look at [`CONTRIBUTING.md`](.github/CONTRIBUTING.md). +The maintainers of this project suggest following the [contribution guide](.github/CONTRIBUTING.md). ## Code of Conduct -Please have a look at [`CODE_OF_CONDUCT.md`](CODE_OF_CONDUCT.md). +The maintainers of this project ask contributors to follow the [code of conduct](CODE_OF_CONDUCT.md). + +## General Support Policy + +The maintainers of this project provide limited support. + +You can support the maintenance of this project by [sponsoring @localheinz](https://github.com/sponsors/localheinz) or [requesting an invoice for services related to this project](mailto:am@localheinz.com?subject=ergebnis/.github:%20Requesting%20invoice%20for%20services). + +## Security Policy + +This project has a [security policy](.github/SECURITY.md). + +## License + +This project uses the [MIT license](LICENSE.md). -## Curious what I am building? +## Social -:mailbox_with_mail: [Subscribe to my list](https://localheinz.com/projects/), and I will occasionally send you an email to let you know what I am working on. +Follow [@localheinz](https://twitter.com/intent/follow?screen_name=localheinz) and [@ergebnis](https://twitter.com/intent/follow?screen_name=ergebnis) on Twitter.