From e78badf003f341c9a3122bccefad1e2250dcd191 Mon Sep 17 00:00:00 2001
From: Florian Wathling <kontakt@hellion-media.de>
Date: Sat, 9 May 2026 16:41:15 +0200
Subject: [PATCH] Initial template setup

---
 .editorconfig                            | 25 ++++++++++
 .gitea/ISSUE_TEMPLATE/bug_report.md      | 26 ++++++++++
 .gitea/ISSUE_TEMPLATE/feature_request.md | 22 +++++++++
 .gitea/PULL_REQUEST_TEMPLATE.md          | 22 +++++++++
 .gitea/workflows/security.yml            | 18 +++++++
 .gitignore                               | 44 +++++++++++++++++
 CODEOWNERS                               |  8 +++
 LICENSE                                  | 21 ++++++++
 README.md                                | 63 ++++++++++++++++++++++++
 examples/README.md                       |  5 ++
 10 files changed, 254 insertions(+)
 create mode 100644 .editorconfig
 create mode 100644 .gitea/ISSUE_TEMPLATE/bug_report.md
 create mode 100644 .gitea/ISSUE_TEMPLATE/feature_request.md
 create mode 100644 .gitea/PULL_REQUEST_TEMPLATE.md
 create mode 100644 .gitea/workflows/security.yml
 create mode 100644 .gitignore
 create mode 100644 CODEOWNERS
 create mode 100644 LICENSE
 create mode 100644 README.md
 create mode 100644 examples/README.md

diff --git a/.editorconfig b/.editorconfig
new file mode 100644
index 0000000..698fcd5
--- /dev/null
+++ b/.editorconfig
@@ -0,0 +1,25 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+indent_style = space
+indent_size = 2
+
+[*.py]
+indent_size = 4
+max_line_length = 100
+
+[*.{sh,bash}]
+indent_size = 2
+
+[*.{ps1,psm1}]
+indent_size = 4
+
+[Makefile]
+indent_style = tab
+
+[*.md]
+trim_trailing_whitespace = false
diff --git a/.gitea/ISSUE_TEMPLATE/bug_report.md b/.gitea/ISSUE_TEMPLATE/bug_report.md
new file mode 100644
index 0000000..031c2d2
--- /dev/null
+++ b/.gitea/ISSUE_TEMPLATE/bug_report.md
@@ -0,0 +1,26 @@
+---
+name: Bug Report
+about: Something is broken or behaves unexpectedly
+title: "[Bug] "
+labels: ["bug"]
+---
+
+## What happened
+
+<!-- Describe the bug. What did you do, what did you expect, what happened instead? -->
+
+## Steps to reproduce
+
+1.
+2.
+3.
+
+## Environment
+
+- Version:
+- OS:
+- Anything else relevant:
+
+## Logs / Screenshots
+
+<!-- Paste relevant log output or attach screenshots. Use ```code blocks``` for logs. -->
diff --git a/.gitea/ISSUE_TEMPLATE/feature_request.md b/.gitea/ISSUE_TEMPLATE/feature_request.md
new file mode 100644
index 0000000..693fd4d
--- /dev/null
+++ b/.gitea/ISSUE_TEMPLATE/feature_request.md
@@ -0,0 +1,22 @@
+---
+name: Feature Request
+about: Suggest an idea or improvement
+title: "[Feature] "
+labels: ["enhancement"]
+---
+
+## The problem
+
+<!-- What are you trying to do? What's missing or annoying? -->
+
+## Proposed solution
+
+<!-- How would you solve it? Concrete behavior, not implementation details. -->
+
+## Alternatives considered
+
+<!-- What else did you think about? Why didn't that work? -->
+
+## Additional context
+
+<!-- Screenshots, examples from other tools, related issues. -->
diff --git a/.gitea/PULL_REQUEST_TEMPLATE.md b/.gitea/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 0000000..d00988a
--- /dev/null
+++ b/.gitea/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,22 @@
+## Summary
+
+<!-- What does this PR do? 1-3 bullet points. -->
+
+-
+
+## Why
+
+<!-- Linked issue, motivation, or context. "Fixes #N" if applicable. -->
+
+## Testing
+
+<!-- How did you verify this works? -->
+
+- [ ]
+
+## Checklist
+
+- [ ] Code builds without warnings
+- [ ] Tests pass (or N/A)
+- [ ] Documentation updated (or N/A)
+- [ ] No secrets or credentials committed
diff --git a/.gitea/workflows/security.yml b/.gitea/workflows/security.yml
new file mode 100644
index 0000000..9854461
--- /dev/null
+++ b/.gitea/workflows/security.yml
@@ -0,0 +1,18 @@
+name: Security
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+    - cron: '0 4 * * 1'   # Mondays 04:00 UTC
+
+jobs:
+  semgrep:
+    uses: Hellion-Forge/security-workflows/.gitea/workflows/semgrep.yml@main
+    # If you need to exclude specific rules or paths, drop a .semgrep-exclude.yml
+    # at the repo root. The reusable workflow honors it.
+
+  trivy:
+    uses: Hellion-Forge/security-workflows/.gitea/workflows/trivy.yml@main
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..8ffb148
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,44 @@
+# OS
+.DS_Store
+Thumbs.db
+
+# Editors
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+.venv/
+venv/
+env/
+.pytest_cache/
+.coverage
+.mypy_cache/
+
+# Node / Bun
+node_modules/
+dist/
+.next/
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+.pnpm-debug.log*
+
+# Shell / build artifacts
+*.tar.gz
+*.zip
+out/
+build/
+
+# Local env / secrets
+.env
+.env.local
+.env.*.local
+*.local.json
+secrets/
diff --git a/CODEOWNERS b/CODEOWNERS
new file mode 100644
index 0000000..e54a1af
--- /dev/null
+++ b/CODEOWNERS
@@ -0,0 +1,8 @@
+# CODEOWNERS — automatic review-assignment for PRs.
+# Syntax: <pattern>  <user-or-team-handle>
+#
+# More: https://docs.gitea.com/usage/code-owners
+#
+# Default owner for everything in the repo.
+# Replace with the appropriate user/team for the new repo.
+*  @JonKazama-Hellion
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..765ff79
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Florian Wathling / Hellion Online Media
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..c455956
--- /dev/null
+++ b/README.md
@@ -0,0 +1,63 @@
+# Forge Tool Template
+
+A starting point for small tools and scripts on the [Hellion Forge](https://gitea.hellion-forge.cloud/) — language-agnostic, Renovate-aware, security-scanned.
+
+Use this when you have:
+
+- a one-shot script (Bash, Python, PowerShell, Node, etc.)
+- a small CLI utility
+- a config-only repo (Ansible, dotfiles, infrastructure-as-code)
+- anything that doesn't fit the [Dalamud Plugin Template](../dalamud-plugin-template) or the [Web App Template](../web-app-template)
+
+---
+
+## How to use this template
+
+1. Click **"Use this template"** on the Forge.
+2. Update this `README.md` to describe your actual tool — replace this template-usage section with real install/run/contribute instructions.
+3. Drop your tool's source files at the repo root or under a sensible folder (`scripts/`, `src/`, `bin/`).
+4. Adjust `.gitignore` for your language. The default has Python, Node, and shell artifacts pre-listed; remove or extend as needed.
+5. If your tool needs a different security-scan config, edit `.gitea/workflows/security.yml`.
+
+---
+
+## What's included
+
+```
+.
+├── .editorconfig
+├── .gitea/
+│   ├── ISSUE_TEMPLATE/             Bug + feature templates
+│   ├── PULL_REQUEST_TEMPLATE.md
+│   └── workflows/
+│       └── security.yml            Semgrep + Trivy via Hellion-Forge/security-workflows
+├── .gitignore                      Multi-language defaults
+├── examples/README.md              Placeholder for usage examples
+├── CODEOWNERS                      Default reviewer (replace for new repo)
+├── LICENSE                         MIT
+└── README.md                       This file (replace before shipping)
+```
+
+---
+
+## Renovate
+
+Renovate runs as a system-level service on the Forge. New repos in `Hellion-Forge` are picked up automatically — no per-repo config needed unless you want to override the default behavior. Add a `renovate.json` at the repo root for custom rules.
+
+---
+
+## Security scanning
+
+The `.gitea/workflows/security.yml` stub calls the reusable workflows in `Hellion-Forge/security-workflows`. Default behavior:
+
+- Semgrep with the recommended ruleset
+- Trivy filesystem scan for known CVEs
+- Runs on push to main + pull requests + weekly cron
+
+To exclude specific paths or rules, drop a `.semgrep-exclude.yml` at the repo root (the reusable workflow honors it).
+
+---
+
+## License
+
+MIT — see `LICENSE`.
diff --git a/examples/README.md b/examples/README.md
new file mode 100644
index 0000000..5e9c5d5
--- /dev/null
+++ b/examples/README.md
@@ -0,0 +1,5 @@
+# Examples
+
+Drop usage examples for your tool here — sample input files, expected output, common command-line invocations, integration snippets.
+
+If your tool has no useful examples (e.g. an internal-only script), delete this folder.