From 41e1b94641fe7d1fd57e2ab1a5da0d814b7924e4 Mon Sep 17 00:00:00 2001 From: Chris Swan <478926+cpswan@users.noreply.github.com> Date: Tue, 19 Mar 2024 10:28:53 +0000 Subject: [PATCH 1/3] docs: Update README with scorecard and best practices badges --- README.md | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 3268cab..1220b58 100644 --- a/README.md +++ b/README.md @@ -1,30 +1,42 @@ The Atsign FoundationThe Atsign Foundation +[![GitHub License](https://img.shields.io/badge/license-BSD3-blue.svg)](./LICENSE) +[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/atsign-foundation/docs/badge)](https://securityscorecards.dev/viewer/?uri=github.com/atsign-foundation/docs&sort_by=check-score&sort_direction=desc) +[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/8681/badge)](https://www.bestpractices.dev/projects/8681) + # Docs -This repo contains all of our open-source developer documentation which syncs with [GitBook](https://www.gitbook.com/). +This repo contains all of our open-source developer documentation which syncs +with [GitBook](https://www.gitbook.com/). ## Who is this for? -Our goal is to make sure that this repo has the A -> Z of everything that you need to develop with the atPlatform. +Our goal is to make sure that this repo has the A -> Z of everything that you +need to develop with the atPlatform. -If you are a developer, this is for you! Come join us, and help us improve the content and experience. We are always learning from you. +If you are a developer, this is for you! Come join us, and help us improve +the content and experience. We are always learning from you. ## What can you find in this repo? -If you are new to the atPlatform, learn about how the platform works and how this can make such a big difference for you by cutting down on time to develop and market applications. +If you are new to the atPlatform, learn about how the platform works and how +this can make such a big difference for you by cutting down on time to develop +and market applications. -The site gives you all the tools, samples, examples and documentation needed to get started on the atPlatform and SDK. The site also provides access to the various communities where you can collaborate and talk to other developers working on the platform. +The site gives you all the tools, samples, examples and documentation needed +to get started on the atPlatform and SDK. The site also provides access to +the various communities where you can collaborate and talk to other developers +working on the platform. ## Visit the actual site -> Coming Soon! - -For now, visit our existing site [here](https://docs.atsign.com/). +The contents of this repo are published at +[https://docs.atsign.com/](https://docs.atsign.com/). ## How can you contribute? -If you think there should be a change made, or think there could be anything done better, feel free to open a pull request to the trunk branch! +If you think there should be a change made, or think there could be anything +done better, feel free to open a pull request to the trunk branch! Take a look at [CONTRIBUTING.md](CONTRIBUTING.md) for further instructions. From 0cfaea882caba3bf8295f1c9f7f060547ba483db Mon Sep 17 00:00:00 2001 From: Chris Swan <478926+cpswan@users.noreply.github.com> Date: Tue, 19 Mar 2024 10:29:16 +0000 Subject: [PATCH 2/3] ci: Add scorecard workflow --- .github/workflows/scorecards.yml | 72 ++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 .github/workflows/scorecards.yml diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml new file mode 100644 index 0000000..d9886ba --- /dev/null +++ b/.github/workflows/scorecards.yml @@ -0,0 +1,72 @@ +# This workflow uses actions that are not certified by GitHub. They are provided +# by a third-party and are governed by separate terms of service, privacy +# policy, and support documentation. + +name: Scorecards supply-chain security +on: + # For Branch-Protection check. Only the default branch is supported. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection + branch_protection_rule: + # To guarantee Maintained check is occasionally updated. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained + schedule: + - cron: '22 4 * * 6' + push: + branches: [ "trunk" ] + +# Declare default permissions as read only. +permissions: read-all + +jobs: + analysis: + name: Scorecards analysis + runs-on: ubuntu-latest + permissions: + # Needed to upload the results to code-scanning dashboard. + security-events: write + # Needed to publish results and get a badge (see publish_results below). + id-token: write + # Uncomment the permissions below if installing in a private repository. + # contents: read + # actions: read + + steps: + - name: "Checkout code" + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 + with: + persist-credentials: false + + - name: "Run analysis" + uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 + with: + results_file: results.sarif + results_format: sarif + # (Optional) Read-only PAT token. Uncomment the `repo_token` line below if: + # - you want to enable the Branch-Protection check on a *public* repository, or + # - you are installing Scorecards on a *private* repository + # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. + repo_token: ${{ secrets.SCORECARD_READ_TOKEN }} + + # Public repositories: + # - Publish results to OpenSSF REST API for easy access by consumers + # - Allows the repository to include the Scorecard badge. + # - See https://github.com/ossf/scorecard-action#publishing-results. + # For private repositories: + # - `publish_results` will always be set to `false`, regardless + # of the value entered here. + publish_results: true + + # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF + # format to the repository Actions tab. + - name: "Upload artifact" + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + with: + name: SARIF file + path: results.sarif + retention-days: 5 + + # Upload the results to GitHub's code scanning dashboard. + - name: "Upload to code-scanning" + uses: github/codeql-action/upload-sarif@3ab4101902695724f9365a384f86c1074d94e18c # v3.24.7 + with: + sarif_file: results.sarif From fe12725212aa73ced53718abf77b6ff2981deaeb Mon Sep 17 00:00:00 2001 From: Chris Swan <478926+cpswan@users.noreply.github.com> Date: Tue, 19 Mar 2024 10:30:16 +0000 Subject: [PATCH 3/3] chore: Remove local templates --- .github/ISSUE_TEMPLATE/bug_report.md | 36 ----------------------- .github/ISSUE_TEMPLATE/feature_request.md | 20 ------------- .github/PULL_REQUEST_TEMPLATE.md | 20 ------------- 3 files changed, 76 deletions(-) delete mode 100644 .github/ISSUE_TEMPLATE/bug_report.md delete mode 100644 .github/ISSUE_TEMPLATE/feature_request.md delete mode 100644 .github/PULL_REQUEST_TEMPLATE.md diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md deleted file mode 100644 index 35c2662..0000000 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ /dev/null @@ -1,36 +0,0 @@ ---- -name: Bug report -about: Create a report to help us improve -title: '' -labels: 'bug' -assignees: '' - ---- - -**Describe the bug** -A clear and concise description of what the bug is. - -**To Reproduce** -Steps to reproduce the behavior: -1. First I '...' -2. Then I '...' -3. And then '...' -4. - -**Expected behavior** -A clear and concise description of what you expected to happen. - -**Screenshots** -If applicable, add screenshots to help explain your problem. - -**Smartphone (please complete the following information):** - - Device: [e.g. iPhone11] - - OS: [e.g. iOS14.1] - - Browser [e.g. stock browser, safari] - - Version [e.g. 59] - -**Were you using an @‎application when the bug was found?** - - [e.g. @‎buzz, @‎tmosphere] - -**Additional context** -Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md deleted file mode 100644 index 36014cd..0000000 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -name: Feature request -about: Suggest an idea for this project -title: '' -labels: 'enhancement' -assignees: '' - ---- - -**Is your feature request related to a problem? Please describe.** -A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] - -**Describe the solution you'd like** -A clear and concise description of what you want to happen. - -**Describe alternatives you've considered** -A clear and concise description of any alternative solutions or features you've considered. - -**Additional context** -Add any other context or screenshots about the feature request here. diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md deleted file mode 100644 index c57a7dc..0000000 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ /dev/null @@ -1,20 +0,0 @@ - - -**- What I did** - -**- How I did it** - -**- How to verify it** - -**- Description for the changelog** - \ No newline at end of file