nhcarrigan/hikari-desktop
9
0
Fork 0
generated from nhcarrigan/template
Code Issues 9 Pull Requests 36 Actions Releases 22 Activity

Initial commit

Browse Source
This commit is contained in:
NHCarrigan
2026-01-14 18:24:35 -08:00
commit daf1bfecb8
14 changed files with 489 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitattributes
+8
View File
@@ -0,0 +1,8 @@
# Auto detect text files and perform LF normalization
* text eol=LF
*.ts text
*.spec.ts text
# Ignore binary files >:(
*.png binary
*.jpg binary
.gitea/issue_template/bug_report.yaml
+69
View File
@@ -0,0 +1,69 @@
name: 🐛 Bug Report
description: Something isn't working as expected? Let us know!
title: '[BUG] - '
labels:
- "status/awaiting triage"
body:
- type: checkboxes
id: attestations
attributes:
label: Attestations
description: "By checking the boxes below, I certify that:"
options:
- label: "I have read and agree to the [Code of Conduct](https://docs.nhcarrigan.com/community/coc/)"
validations:
required: true
- label: I have read and agree to the [Community Guidelines](https://docs.nhcarrigan.com/community/guide/).
validations:
required: true
- label: I have confirmed that the issue I am opening is unique, and has not already been reported (whether closed or not).
validations:
required: true
- label: I have reviewed the [Security Policy](https://docs.nhcarrigan.com/legal/security/) and have determined that this is not a security vulnerability.
validations:
required: true
- type: textarea
id: description
attributes:
label: "Describe your Issue:"
description: A clear and concise description of what the bug is.
validations:
required: true
- type: dropdown
id: reproduce
attributes:
label: Can you reproduce this issue?
options:
- Yes
- No
validations:
required: true
- type: textarea
id: reproduction
attributes:
label: "Steps to Reproduce:"
description: Steps to reproduce the behavior.
- type: input
id: os
attributes:
label: "Operating System:"
description: The operating system you are using, including the version/build number.
validations:
required: true
# Remove this section for non-web apps.
- type: input
id: browser
attributes:
label: "Browser:"
description: The browser you are using, including the version number.
validations:
required: true
- type: dropdown
attributes:
label: Are you willing and able to contribute a fix?
options:
- Yes
- No
validations:
required: true
.gitea/issue_template/config.yml
+5
View File
@@ -0,0 +1,5 @@
blank_issues_enabled: false
contact_links:
- name: "Discord"
url: "https://chat.nhcarrigan.com"
about: "Chat with us directly."
.gitea/issue_template/feature_proposal.yml
+46
View File
@@ -0,0 +1,46 @@
name: 💭 Feature Proposal
description: Have an idea for how we can improve? Share it here!
title: '[FEAT] - '
labels:
- "status/awaiting triage"
body:
- type: checkboxes
id: attestations
attributes:
label: Attestations
description: "By checking the boxes below, I certify that:"
options:
- label: "I have read and agree to the [Code of Conduct](https://docs.nhcarrigan.com/community/coc/)"
validations:
required: true
- label: I have read and agree to the [Community Guidelines](https://docs.nhcarrigan.com/community/guide/).
validations:
required: true
- label: I have confirmed that the issue I am opening is unique, and has not already been reported (whether closed or not).
validations:
required: true
- label: I have reviewed the [Security Policy](https://docs.nhcarrigan.com/legal/security/) and have determined that this is not a security vulnerability.
validations:
required: true
- type: textarea
id: description
attributes:
label: "Describe your Idea:"
description: A clear and concise description of the feature you would like added.
validations:
required: true
- type: textarea
id: solution
attributes:
label: "What problem does this feature solve?"
description: Why are you requesting this feature? How would it improve your experience with the product?
validations:
required: true
- type: dropdown
attributes:
label: Are you willing and able to contribute this feature?
options:
- Yes
- No
validations:
required: true
.gitea/issue_template/other.yml
+34
View File
@@ -0,0 +1,34 @@
name: ❓ Other Issue
description: I have something that is neither a bug nor a feature request.
title: '[OTHER] - '
labels:
- "status/awaiting triage"
body:
- type: checkboxes
id: attestations
attributes:
label: Attestations
description: "By checking the boxes below, I certify that:"
options:
- label: "I have read and agree to the [Code of Conduct](https://docs.nhcarrigan.com/community/coc/)"
validations:
required: true
- label: I have read and agree to the [Community Guidelines](https://docs.nhcarrigan.com/community/guide/).
validations:
required: true
- label: I have confirmed that the issue I am opening is unique, and has not already been reported (whether closed or not).
validations:
required: true
- label: I have reviewed the [Security Policy](https://docs.nhcarrigan.com/legal/security/) and have determined that this is not a security vulnerability.
validations:
required: true
- label: This is not a feature request or bug report that I am mis-filing to avoid the issue template.
validations:
required: true
- type: textarea
id: description
attributes:
label: "Share your thoughts:"
description: Why are you opening this issue?
validations:
required: true
.gitea/pull_request_template.yml
+91
View File
@@ -0,0 +1,91 @@
name: "Pull Request Template"
about: "Template for pulls"
body:
- type: textarea
id: explain
attributes:
label: "Explanation"
description: "Briefly explain WHY this pull request is necessary. Do not explain what it does, as that's evidenced in the changes."
validations:
required: true
- type: input
id: issue
attributes:
label: "Issue"
description: "My pull request relates to or resolves the following issue number:"
validations:
required: true
is_number: true
- type: checkboxes
id: attestations
attributes:
label: Attestations
description: "By checking the boxes below, I certify that:"
options:
- label: "I have read and agree to the [Code of Conduct](https://docs.nhcarrigan.com/community/coc/)"
validations:
required: true
- label: I have read and agree to the [Community Guidelines](https://docs.nhcarrigan.com/community/guide/).
validations:
required: true
- label: My contribution complies with the [Contributor Covenant](https://docs.nhcarrigan.com/dev/covenant/).
validations:
required: true
- type: checkboxes
id: dependencies
attributes:
label: Dependencies
description: "My pull request adds or updates dependencies, so:"
options:
- label: I have pinned the dependencies to a specific patch version.
validations:
required: false
- type: checkboxes
id: style
attributes:
label: Style
description: "My contribution adheres to the following style guidelines:"
options:
- label: I have run the linter and resolved any errors.
validations:
required: true
- label: My pull request uses an appropriate title, matching the conventional commit standards.
validations:
required: true
- label: My scope of feat/fix/chore/etc. correctly matches the nature of changes in my pull request.
validations:
required: true
- type: checkboxes
id: tests
attributes:
label: Tests
description: "My contribution includes the following tests:"
options:
- label: My contribution adds new code, and I have added tests to cover it.
validations:
required: false
- label: My contribution modifies existing code, and I have updated the tests to reflect these changes.
validations:
required: false
- label: All new and existing tests pass locally with my changes.
validations:
required: true
- label: Code coverage remains at or above the configured threshold.
validations:
required: true
- type: input
id: docs
attributes:
label: Documentation
description: "I have made the following PR to update the documentation site with my changes:"
validations:
required: true
- type: dropdown
id: version
attributes:
label: Versioning
description: "I believe my changes should be included in the following release:"
options:
- "Major - My pull request introduces a breaking change."
- "Minor - My pull request introduces a new non-breaking feature."
- "Patch - My pull request introduces bug fixes ONLY."
.gitea/workflows/security.yml
+177
View File
@@ -0,0 +1,177 @@
name: Security Scan and Upload
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
schedule:
- cron: '0 0 * * 1'
workflow_dispatch:
jobs:
security-audit:
name: Security & DefectDojo Upload
runs-on: ubuntu-latest
continue-on-error: true
steps:
- name: Checkout code
uses: actions/checkout@v4
# --- AUTO-SETUP PROJECT ---
- name: Ensure DefectDojo Product Exists
env:
DD_URL: ${{ secrets.DD_URL }}
DD_TOKEN: ${{ secrets.DD_TOKEN }}
PRODUCT_NAME: ${{ github.repository }}
PRODUCT_TYPE_ID: 1
run: |
sudo apt-get install jq -y > /dev/null
echo "Checking connection to $DD_URL..."
# Check if product exists - capture HTTP code to debug connection issues
RESPONSE=$(curl --write-out "%{http_code}" --silent --output /tmp/response.json \
-H "Authorization: Token $DD_TOKEN" \
"$DD_URL/api/v2/products/?name=$PRODUCT_NAME")
# If response is not 200, print error
if [ "$RESPONSE" != "200" ]; then
echo "::error::Failed to query DefectDojo. HTTP Code: $RESPONSE"
cat /tmp/response.json
exit 1
fi
COUNT=$(cat /tmp/response.json | jq -r '.count')
if [ "$COUNT" = "0" ]; then
echo "Creating product '$PRODUCT_NAME'..."
curl -s -X POST "$DD_URL/api/v2/products/" \
-H "Authorization: Token $DD_TOKEN" \
-H "Content-Type: application/json" \
-d '{ "name": "'"$PRODUCT_NAME"'", "description": "Auto-created by Gitea Actions", "prod_type": '$PRODUCT_TYPE_ID' }'
else
echo "Product '$PRODUCT_NAME' already exists."
fi
# --- 1. TRIVY (Dependencies & Misconfig) ---
- name: Install Trivy
run: |
sudo apt-get install wget apt-transport-https gnupg lsb-release -y
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo "deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update && sudo apt-get install trivy -y
- name: Run Trivy (FS Scan)
run: |
trivy fs . --scanners vuln,misconfig --format json --output trivy-results.json --exit-code 0
- name: Upload Trivy to DefectDojo
env:
DD_URL: ${{ secrets.DD_URL }}
DD_TOKEN: ${{ secrets.DD_TOKEN }}
run: |
echo "Uploading Trivy results..."
# Generate today's date in YYYY-MM-DD format
TODAY=$(date +%Y-%m-%d)
HTTP_CODE=$(curl --write-out "%{http_code}" --output response.txt --silent -X POST "$DD_URL/api/v2/import-scan/" \
-H "Authorization: Token $DD_TOKEN" \
-F "active=true" \
-F "verified=true" \
-F "scan_type=Trivy Scan" \
-F "engagement_name=CI/CD Pipeline" \
-F "product_name=${{ github.repository }}" \
-F "scan_date=$TODAY" \
-F "auto_create_context=true" \
-F "file=@trivy-results.json")
if [[ "$HTTP_CODE" != "200" && "$HTTP_CODE" != "201" ]]; then
echo "::error::Upload Failed with HTTP $HTTP_CODE"
echo "--- SERVER RESPONSE ---"
cat response.txt
echo "-----------------------"
exit 1
else
echo "Upload Success!"
fi
# --- 2. GITLEAKS (Secrets) ---
- name: Install Gitleaks
run: |
wget -qO gitleaks.tar.gz https://github.com/gitleaks/gitleaks/releases/download/v8.18.0/gitleaks_8.18.0_linux_x64.tar.gz
tar -xzf gitleaks.tar.gz
sudo mv gitleaks /usr/local/bin/ && chmod +x /usr/local/bin/gitleaks
- name: Run Gitleaks
run: gitleaks detect --source . -v --report-path gitleaks-results.json --report-format json --no-git || true
- name: Upload Gitleaks to DefectDojo
env:
DD_URL: ${{ secrets.DD_URL }}
DD_TOKEN: ${{ secrets.DD_TOKEN }}
run: |
echo "Uploading Gitleaks results..."
TODAY=$(date +%Y-%m-%d)
HTTP_CODE=$(curl --write-out "%{http_code}" --output response.txt --silent -X POST "$DD_URL/api/v2/import-scan/" \
-H "Authorization: Token $DD_TOKEN" \
-F "active=true" \
-F "verified=true" \
-F "scan_type=Gitleaks Scan" \
-F "engagement_name=CI/CD Pipeline" \
-F "product_name=${{ github.repository }}" \
-F "scan_date=$TODAY" \
-F "auto_create_context=true" \
-F "file=@gitleaks-results.json")
if [[ "$HTTP_CODE" != "200" && "$HTTP_CODE" != "201" ]]; then
echo "::error::Upload Failed with HTTP $HTTP_CODE"
echo "--- SERVER RESPONSE ---"
cat response.txt
echo "-----------------------"
exit 1
else
echo "Upload Success!"
fi
# --- 3. SEMGREP (SAST) ---
- name: Install Semgrep (via pipx)
run: |
sudo apt-get install pipx -y
pipx install semgrep
# Add pipx binary path to GITHUB_PATH so next steps can see 'semgrep'
echo "$HOME/.local/bin" >> $GITHUB_PATH
- name: Run Semgrep
run: semgrep scan --config=p/security-audit --config=p/owasp-top-ten --json --output semgrep-results.json . || true
- name: Upload Semgrep to DefectDojo
env:
DD_URL: ${{ secrets.DD_URL }}
DD_TOKEN: ${{ secrets.DD_TOKEN }}
run: |
echo "Uploading Semgrep results..."
TODAY=$(date +%Y-%m-%d)
HTTP_CODE=$(curl --write-out "%{http_code}" --output response.txt --silent -X POST "$DD_URL/api/v2/import-scan/" \
-H "Authorization: Token $DD_TOKEN" \
-F "active=true" \
-F "verified=true" \
-F "scan_type=Semgrep JSON Report" \
-F "engagement_name=CI/CD Pipeline" \
-F "product_name=${{ github.repository }}" \
-F "scan_date=$TODAY" \
-F "auto_create_context=true" \
-F "file=@semgrep-results.json")
if [[ "$HTTP_CODE" != "200" && "$HTTP_CODE" != "201" ]]; then
echo "::error::Upload Failed with HTTP $HTTP_CODE"
echo "--- SERVER RESPONSE ---"
cat response.txt
echo "-----------------------"
exit 1
else
echo "Upload Success!"
fi
CODE_OF_CONDUCT.md
+3
View File
@@ -0,0 +1,3 @@
# Code of Conduct
Our Code of Conduct can be found here: https://docs.nhcarrigan.com/#/coc
CONTRIBUTING.md
+3
View File
@@ -0,0 +1,3 @@
# Contributing
Our contributing guidelines can be found here: https://docs.nhcarrigan.com/#/contributing
LICENSE.md
+5
View File
@@ -0,0 +1,5 @@
# License
This software is licensed under our [global software license](https://docs.nhcarrigan.com/#/license).
Copyright held by Naomi Carrigan.
PRIVACY.md
+3
View File
@@ -0,0 +1,3 @@
# Privacy Policy
Our privacy policy can be found here: https://docs.nhcarrigan.com/#/privacy
README.md
+39
View File
@@ -0,0 +1,39 @@
# New Repository Template
This template contains all of our basic files for a new GitHub repository. There is also a handy workflow that will create an issue on a new repository made from this template, with a checklist for the steps we usually take in setting up a new repository.
If you're starting a Node.JS project with TypeScript, we have a [specific template](https://github.com/naomi-lgbt/nodejs-typescript-template) for that purpose.
## Readme
Delete all of the above text (including this line), and uncomment the below text to use our standard readme template.
<!-- # Project Name
Project Description
## Live Version
This page is currently deployed. [View the live website.]
## Feedback and Bugs
If you have feedback or a bug report, please feel free to open a GitHub issue!
## Contributing
If you would like to contribute to the project, you may create a Pull Request containing your proposed changes and we will review it as soon as we are able! Please review our [contributing guidelines](CONTRIBUTING.md) first.
## Code of Conduct
Before interacting with our community, please read our [Code of Conduct](CODE_OF_CONDUCT.md).
## License
This software is licensed under our [global software license](https://docs.nhcarrigan.com/#/license).
Copyright held by Naomi Carrigan.
## Contact
We may be contacted through our [Chat Server](http://chat.nhcarrigan.com) or via email at `contact@nhcarrigan.com`. -->
SECURITY.md
+3
View File
@@ -0,0 +1,3 @@
# Security Policy
Our security policy can be found here: https://docs.nhcarrigan.com/#/security
TERMS.md
+3
View File
@@ -0,0 +1,3 @@
# Terms of Service
Our Terms of Service can be found here: https://docs.nhcarrigan.com/#/terms