.gitignore

@@ -1,7 +0,0 @@
-trivy
-syft
-grype
-gitleaks
-deps
-snyk
-index.html

README.md

@@ -1,10 +1,20 @@
-# Security Scanner
+# New Repository Template
 
-This is a bash script to scan all repositories on my local file system for security issues, generate reports, and publish a webpage with the reports on our servers.
+This template contains all of our basic files for a new GitHub repository. There is also a handy workflow that will create an issue on a new repository made from this template, with a checklist for the steps we usually take in setting up a new repository.
+
+If you're starting a Node.JS project with TypeScript, we have a [specific template](https://github.com/naomi-lgbt/nodejs-typescript-template) for that purpose.
+
+## Readme
+
+Delete all of the above text (including this line), and uncomment the below text to use our standard readme template.
+
+<!-- # Project Name
+
+Project Description
 
 ## Live Version
 
-This page is currently deployed. [View the live website.](https://security.nhcarrigan.com)
+This page is currently deployed. [View the live website.]
 
 ## Feedback and Bugs
 
@@ -26,4 +36,4 @@ Copyright held by Naomi Carrigan.
 
 ## Contact
 
-We may be contacted through our [Chat Server](http://chat.nhcarrigan.com) or via email at `contact@nhcarrigan.com`.
+We may be contacted through our [Chat Server](http://chat.nhcarrigan.com) or via email at `contact@nhcarrigan.com`. -->

scan.sh

@@ -1,87 +0,0 @@
-# Clean existing reports.
-rm -r ./gitleaks;
-rm -r ./trivy;
-rm -r ./grype;
-rm -r ./syft;
-rm -r ./snyk;
-rm -r ./deps;
-
-# Create the directories for the reports.
-mkdir ./gitleaks;
-mkdir ./trivy;
-mkdir ./grype;
-mkdir ./syft;
-mkdir ./snyk;
-mkdir ./deps;
-
-# Parse directories for all of the projects we "own".
-repositories=($(find /home/naomi/code/naomi -maxdepth 1 -type d -not -name '.' -printf "%f\n" | sort));
-html=();
-
-for directory in "${repositories[@]}"; do
-  if [ $directory == "naomi" ] || [ $directory == "security" ]; then
-    continue;
-  fi;
-  echo "Scanning $directory";
-
-  # Automated scanning tools
-  gitleaks detect --source /home/naomi/code/naomi/$directory -r ./gitleaks/$directory.json --no-banner;
-  trivy repo --format json --output ./trivy/$directory.json /home/naomi/code/naomi/$directory;
-  grype -o json --file ./grype/$directory.json /home/naomi/code/naomi/$directory;
-  syft scan /home/naomi/code/naomi/$directory -o json=./syft/$directory.json;
-
-  # Need to move directories for Snyk to track the target correctly.
-  cd /home/naomi/code/naomi/$directory;
-  snyk monitor --dev --project-name=$directory --remote-repo-url=$(git remote get-url origin) /home/naomi/code/naomi/$directory;
-  snyk test --dev --json --json-file-output=/home/naomi/code/naomi/security/snyk/$directory.json /home/naomi/code/naomi/$directory;
-  cd /home/naomi/code/naomi/security;
-
-  # Manual dependency version checks (no reliable package to do this for us :/ )
-  echo "No supported package manager found in this project." > /home/naomi/code/naomi/security/deps/$directory.txt;
-  if [ -f /home/naomi/code/naomi/$directory/package.json ]; then
-    cd /home/naomi/code/naomi/$directory;
-    pnpm outdated | grep -v "^WARN" > /home/naomi/code/naomi/security/deps/$directory.txt;
-    cd /home/naomi/code/naomi/security;
-  fi;
-  if [ -f /home/naomi/code/naomi/$directory/Pipfile ]; then
-    cd /home/naomi/code/naomi/$directory;
-    pip list --outdated > /home/naomi/code/naomi/security/deps/$directory.txt;
-    cd /home/naomi/code/naomi/security;
-  fi;
-  if [ -f /home/naomi/code/naomi/$directory/*.csproj ]; then
-    cd /home/naomi/code/naomi/$directory;
-    dotnet list package --outdated > /home/naomi/code/naomi/security/deps/$directory.txt;
-    cd /home/naomi/code/naomi/security;
-  fi;
-  if [ -f /home/naomi/code/naomi/$directory/go.mod ]; then
-    cd /home/naomi/code/naomi/$directory;
-    go list -m -u all > /home/naomi/code/naomi/security/deps/$directory.txt;
-    cd /home/naomi/code/naomi/security;
-  fi;
-  if [ -f /home/naomi/code/naomi/$directory/rockspec ]; then
-    cd /home/naomi/code/naomi/$directory;
-    luarocks list --outdated > /home/naomi/code/naomi/security/deps/$directory.txt;
-    cd /home/naomi/code/naomi/security;
-  fi;
-  if [ -f /home/naomi/code/naomi/$directory/composer.json ]; then
-    cd /home/naomi/code/naomi/$directory;
-    composer outdated --format=json > /home/naomi/code/naomi/security/deps/$directory.json;
-    cd /home/naomi/code/naomi/security;
-  fi;
-  if [ -f /home/naomi/code/naomi/$directory/Gemfile ]; then
-    cd /home/naomi/code/naomi/$directory;
-    bundle outdated > /home/naomi/code/naomi/security/deps/$directory.txt;
-    cd /home/naomi/code/naomi/security;
-  fi;
-  if [ -f /home/naomi/code/naomi/$directory/Cargo.toml ]; then
-    cd /home/naomi/code/naomi/$directory;
-    cargo outdated > /home/naomi/code/naomi/security/deps/$directory.txt;
-    cd /home/naomi/code/naomi/security;
-  fi;
-  html+=("<h2>$directory</h2><ul><li style='list-style-type: none;'><a href='./gitleaks/$directory.json'>Gitleaks</a></li><li style='list-style-type: none;'><a href='./trivy/$directory.json'>Trivy</a></li><li style='list-style-type: none;'><a href='./grype/$directory.json'>Grype</a></li><li style='list-style-type: none;'><a href='./syft/$directory.json'>Syft</a></li><li style='list-style-type: none;'><a href='./snyk/$directory.json'>Snyk</a></ul><li style='list-style-type: none;'><a href='./deps/$directory.txt'>Outdated Dependencies</a></ul>");
-done;
-
-echo "<!DOCTYPE html><html><head><title>Security Audits</title><meta charset=\"utf-8\" /><meta name=\"viewport\" content=\"width=device-width, initial-scale=1\" /><meta name=\"description\" content=\"A collection of the various reporting tools we run against our repositories.\" /><script src=\"https://cdn.nhcarrigan.com/headers/index.js\" async defer></script></head><body><main><h1>Security Audits</h1><section><p>A collection of the various reporting tools we run against our repositories.</p><p>Contributions to resolve a reported issue are welcomed!</section><section>${html[*]}</section></main></body></html>" > ./index.html;
-
-# Deploy the reports to the production server.
-GLOBIGNORE='.git' scp -r ./* prod:/home/nhcarrigan/security