Merge pull request #1 from revanite-io/basic-skeleton

trumant · web-flow · commit 505c726773ef · 2025-09-21T13:42:38.000-04:00
chore: initial commit
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,16 @@
+---
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    commit-message:
+      prefix: "chore(deps)"
+    labels: ["github_actions", "dependencies"]
+    groups:
+      dependencies:
+        applies-to: version-updates
+        update-types:
+          - "minor"
+          - "patch"
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,29 @@
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v5
+        with:
+          persist-credentials: false
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      - name: Install uv
+        run: pip install uv
+
+      - name: Install dependencies with uv
+        run: uv sync
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+.venv
diff --git a/.python-version b/.python-version
@@ -0,0 +1 @@
+3.12
diff --git a/README.md b/README.md
@@ -0,0 +1,4 @@
+# Example OSPS Baseline Level 1
+
+This repository fulfills the minimal requirements necessary to comply
+with all controls in the [OpenSSF's OSPS Baseline](https://baseline.openssf.org/versions/2025-02-25#level-1)
diff --git a/main.py b/main.py
@@ -0,0 +1,6 @@
+def main():
+    print("Hello from example-osps-baseline-level-1!")
+
+
+if __name__ == "__main__":
+    main()
diff --git a/pyproject.toml b/pyproject.toml
@@ -0,0 +1,9 @@
+[project]
+name = "example-osps-baseline-level-1"
+version = "0.1.0"
+description = "Add your description here"
+readme = "README.md"
+requires-python = ">=3.12"
+dependencies = [
+    "requests>=2.32.5",
+]
diff --git a/security-insights.yml b/security-insights.yml
@@ -0,0 +1,76 @@
+header:
+  schema-version: 2.0.0
+  last-updated: '2025-09-21'
+  last-reviewed: '2025-09-21'
+  url: https://github.com/revanite-io/example-osps-baseline-level-1
+
+project:
+  name: "Example OSPS Baseline Level 1"
+  administrators:
+    - name: Eddie Knight
+      affiliation: Sonatype
+      email: knight@linux.com
+      primary: true
+  documentation:
+    detailed-guide: https://github.com/revanite-io/example-osps-baseline-level-1/blob/main/README.md
+    quickstart-guide: https://github.com/revanite-io/example-osps-baseline-level-1/blob/main/README.md
+    code-of-conduct: https://github.com/revanite-io/example-osps-baseline-level-1/blob/main/README.md
+  repositories:
+    - name: example-osps-baseline-level-1
+      url: https://github.com/revanite-io/example-osps-baseline-level-1
+      comment: |
+        The repository
+  vulnerability-reporting:
+    reports-accepted: true
+    bug-bounty-available: false
+
+repository:
+  url: https://github.com/revanite-io/example-osps-baseline-level-1
+  status: active
+  accepts-change-request: true
+  accepts-automated-change-request: false
+  core-team:
+    - name: Eddie Knight
+      affiliation: Sonatype
+      email: knight@linux.com
+      primary: true
+    - name: Jason Meridth
+      affiliation: GitHub
+      email: jmeridth@gmail.com
+      primary: false
+    - name: Travis Truman
+      affiliation: Independent
+      email: trumant@gmail.com
+      primary: false
+    - name: Alex Speasmaker
+      affiliation: USAA
+      email: alex.speasmaker@gmail.com
+      primary: false
+  documentation:
+    contributing-guide: https://github.com/revanite-io/example-osps-baseline-level-1?tab=contributing-ov-file
+  license:
+    url: https://github.com/revanite-io/example-osps-baseline-level-1?tab=MIT-1-ov-file
+    expression: MIT
+  security:
+    assessments:
+      self:
+        comment: |
+          Self assessment has not yet been completed.
+    tools:
+      - name: Dependabot
+        type: SCA
+        version: "2"
+        rulesets:
+          - built-in
+        results:
+          adhoc:
+            name: Scheduled SCA Scan Results
+            predicate-uri: https://docs.github.com/en/graphql/reference/objects#repositoryvulnerabilityalert
+            location: https://github.com/revanite-io/example-osps-baseline-level-1/security/dependabot
+            comment: |
+              The results of the scheduled SCA scan are available in the Dependabot tab of the Security Insights page.
+        integration:
+          adhoc: true
+          ci: false
+          release: false
+      
diff --git a/uv.lock b/uv.lock
