Welcome to the Template Repository on GitHub! This repository is designed to serve as a starting point for creating new Git repositories with best practices and configurations already set up.
π View Full Documentation - Comprehensive guides, tutorials, and API reference
Below is a brief overview of the structure and the purpose of each file and directory in this repository.
.
βββ .editorconfig # ποΈ Configuration for consistent coding styles
βββ .gitattributes # π Git attributes configuration
βββ .github # π οΈ GitHub-specific configurations
β βββ CONTRIBUTING.md # π€ Contribution guidelines
β βββ ISSUE_TEMPLATE # π GitHub issue templates
β β βββ bug_report.md # π Bug report template
β β βββ config.yml # βοΈ Issue template configuration
β β βββ documentation.md # π Documentation issue template
β β βββ feature_request.md # β¨ Feature request template
β β βββ issue_template.md # π General issue template
β βββ SECURITY.md # π Security policy and vulnerability reporting
β βββ dependabot.yml # π€ Dependabot configuration
β βββ pull_request_template.md # π Pull request template
β βββ workflows # βοΈ GitHub Actions workflows
β βββ automerge.yml # π Auto-merge workflow for dependabot PRs
β βββ cleanup-caches.yaml # π§Ή Cleanup old workflow caches
β βββ codeql.yaml # π CodeQL security analysis workflow
β βββ deps-review.yaml # π Dependency review workflow
β βββ gitleaks.yaml # π Secret scanning workflow
β βββ lint-pr.yaml # π§Ή Linting workflow for pull requests
β βββ pre-commit-auto-update.yaml # π Pre-commit hook auto-update workflow
β βββ pre-commit-ci.yaml # β
Pre-commit CI workflow
β βββ release.yaml # π Release workflow
β βββ stale.yaml # β³ Stale issue management workflow
β βββ template-repo-sync.yaml # π Template repository sync workflow
β βββ update-license.yml # π License year update workflow
βββ .gitignore # π« Files and directories to be ignored by Git
βββ .gitleaks.toml # π Gitleaks secret scanning configuration
βββ .pre-commit-config.yaml # π οΈ Pre-commit hooks configuration
βββ .releaserc.json # π Semantic release configuration
βββ .templatesyncignore # π Template sync ignore patterns
βββ .vscode # π₯οΈ VSCode-specific configurations
β βββ extensions.json # π οΈ Recommended extensions for VSCode
β βββ settings.json # βοΈ VSCode settings
βββ .yamllint # π YAML linting configuration
βββ CHANGELOG.md # π Change log of the project
βββ CODEOWNERS # π₯ Defines the code owners for the repository
βββ LICENSE # βοΈ License for the project
βββ README.md # π Project documentation (this file)
This project uses Semantic Commit Messages to ensure meaningful and consistent commit history. The format is as follows:
<type>(<scope>): <subject>feat: A new feature (e.g.,feat: add login functionality).fix: A bug fix (e.g.,fix: resolve login button issue).docs: Documentation changes (e.g.,docs: update API documentation).style: Code style changes (formatting, missing semi-colons, etc.) without changing logic (e.g.,style: fix indentation).refactor: Code changes that neither fix a bug nor add a feature (e.g.,refactor: update user controller structure).test: Adding or updating tests (e.g.,test: add unit tests for login service).chore: Changes to build process, auxiliary tools, or libraries (e.g.,chore: update dependencies).
Optional: The part of the codebase affected by the change (e.g., feat(auth): add OAuth support)
A brief description of the change, using the imperative mood (e.g., fix: resolve issue with user authentication).
This project uses Gitleaks to detect secrets and sensitive information in the codebase. Gitleaks is configured to run both locally via pre-commit hooks and in CI/CD pipelines.
Gitleaks runs automatically as a pre-commit hook. To install the pre-commit hooks:
pre-commit installTo run Gitleaks manually:
pre-commit run gitleaks --all-filesGitleaks runs automatically on:
- Pull requests to main/master branch
- Pushes to main/master branch
The workflow will fail if any secrets are detected, helping prevent accidental exposure of sensitive information.
The .gitleaks.toml file contains:
- Allowlist patterns for false positives
- Custom scanning rules
- Output configuration
This project uses GitHub CodeQL to perform advanced security analysis and detect vulnerabilities in the codebase. CodeQL is configured to analyze JavaScript and Python code by default.
CodeQL analysis runs automatically on:
- Pull requests to main/master branch
- Pushes to main/master branch
- Weekly schedule (every Monday at 00:00 UTC)
The workflow is configured with continue-on-error: true, which means:
- If a specified language (JavaScript or Python) is not detected in the repository, the workflow will not fail
- This is useful for template repositories where different projects may use different languages
- Analysis will still run for any languages that are present
To customize the languages analyzed, edit .github/workflows/codeql.yaml:
matrix:
language: [ 'javascript', 'python' ]
# Supported: 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift'Security vulnerabilities detected by CodeQL are reported in the Security tab of your repository under "Code scanning alerts".
- Analyze commits: Semantic Release inspects commit messages to determine the type of changes in the codebase.
- Generate release version: Based on the commit type, it will automatically bump the version following semantic versioning:
- fix β Patch release (e.g., 1.0.1)
- feat β Minor release (e.g., 1.1.0)
- BREAKING CHANGE β Major release (e.g., 2.0.0)
- Create release notes: It generates a changelog from the commit messages and includes it in the release.
- Publish: It automatically publishes the new version to the repository (and any other configured registries, e.g., npm).
If you find any issues or have suggestions for improving this template repository, please feel free to open an issue or submit a pull request. Contributions are always welcome!
This repository is licensed under the MIT License. See the LICENSE file for more information.