Hellion-Forge/forge-tool-template
Template
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial template setup
Security / semgrep (push) Failing after 0s
Details
Security / trivy (push) Failing after 0s
Details

Browse Source
This commit is contained in:
Jon Kazama
2026-05-09 16:41:15 +02:00
commit e78badf003
10 changed files with 254 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+63
View File
@@ -0,0 +1,63 @@
# Forge Tool Template
A starting point for small tools and scripts on the [Hellion Forge](https://gitea.hellion-forge.cloud/) — language-agnostic, Renovate-aware, security-scanned.
Use this when you have:
- a one-shot script (Bash, Python, PowerShell, Node, etc.)
- a small CLI utility
- a config-only repo (Ansible, dotfiles, infrastructure-as-code)
- anything that doesn't fit the [Dalamud Plugin Template](../dalamud-plugin-template) or the [Web App Template](../web-app-template)
---
## How to use this template
1. Click **"Use this template"** on the Forge.
2. Update this `README.md` to describe your actual tool — replace this template-usage section with real install/run/contribute instructions.
3. Drop your tool's source files at the repo root or under a sensible folder (`scripts/`, `src/`, `bin/`).
4. Adjust `.gitignore` for your language. The default has Python, Node, and shell artifacts pre-listed; remove or extend as needed.
5. If your tool needs a different security-scan config, edit `.gitea/workflows/security.yml`.
---
## What's included
```
.
├── .editorconfig
├── .gitea/
│ ├── ISSUE_TEMPLATE/ Bug + feature templates
│ ├── PULL_REQUEST_TEMPLATE.md
│ └── workflows/
│ └── security.yml Semgrep + Trivy via Hellion-Forge/security-workflows
├── .gitignore Multi-language defaults
├── examples/README.md Placeholder for usage examples
├── CODEOWNERS Default reviewer (replace for new repo)
├── LICENSE MIT
└── README.md This file (replace before shipping)
```
---
## Renovate
Renovate runs as a system-level service on the Forge. New repos in `Hellion-Forge` are picked up automatically — no per-repo config needed unless you want to override the default behavior. Add a `renovate.json` at the repo root for custom rules.
---
## Security scanning
The `.gitea/workflows/security.yml` stub calls the reusable workflows in `Hellion-Forge/security-workflows`. Default behavior:
- Semgrep with the recommended ruleset
- Trivy filesystem scan for known CVEs
- Runs on push to main + pull requests + weekly cron
To exclude specific paths or rules, drop a `.semgrep-exclude.yml` at the repo root (the reusable workflow honors it).
---
## License
MIT — see `LICENSE`.