{"id":17809289,"url":"https://github.com/codfish/generator-codfish","last_synced_at":"2025-10-14T08:38:40.500Z","repository":{"id":52472449,"uuid":"165969536","full_name":"codfish/generator-codfish","owner":"codfish","description":"A yeoman generator for my open source packages and personal projects.","archived":false,"fork":false,"pushed_at":"2022-08-10T18:38:38.000Z","size":171,"stargazers_count":0,"open_issues_count":2,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-10-14T08:38:39.970Z","etag":null,"topics":["generator","oss","scaffolding","yeoman","yeoman-generator"],"latest_commit_sha":null,"homepage":"http://yeoman.io/","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/codfish.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-01-16T03:50:06.000Z","updated_at":"2022-08-10T18:38:41.000Z","dependencies_parsed_at":"2022-08-20T12:20:18.612Z","dependency_job_id":null,"html_url":"https://github.com/codfish/generator-codfish","commit_stats":null,"previous_names":[],"tags_count":27,"template":false,"template_full_name":null,"purl":"pkg:github/codfish/generator-codfish","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codfish%2Fgenerator-codfish","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codfish%2Fgenerator-codfish/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codfish%2Fgenerator-codfish/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codfish%2Fgenerator-codfish/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/codfish","download_url":"https://codeload.github.com/codfish/generator-codfish/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codfish%2Fgenerator-codfish/sbom","scorecard":{"id":298082,"data":{"date":"2025-08-11","repo":{"name":"github.com/codfish/generator-codfish","commit":"be89499be4fe1cd2f038402140f795ef969977b7"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.4,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/14 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":0,"reason":"dangerous workflow patterns detected","details":["Warn: script injection with untrusted input 'github.head_ref ': .github/workflows/validate.yml:23"],"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/release.yml:1","Warn: no topLevel permission defined: .github/workflows/validate.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/codfish/generator-codfish/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/codfish/generator-codfish/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/codfish/generator-codfish/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validate.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/codfish/generator-codfish/validate.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validate.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/codfish/generator-codfish/validate.yml/main?enable=pin","Warn: npmCommand not pinned by hash: .github/workflows/release.yml:21","Warn: npmCommand not pinned by hash: .github/workflows/validate.yml:20","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned","Info:   0 out of   2 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 23 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-17T20:01:34.734Z","repository_id":52472449,"created_at":"2025-08-17T20:01:34.735Z","updated_at":"2025-08-17T20:01:34.735Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279018302,"owners_count":26086344,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-14T02:00:06.444Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["generator","oss","scaffolding","yeoman","yeoman-generator"],"created_at":"2024-10-27T15:16:19.806Z","updated_at":"2025-10-14T08:38:40.478Z","avatar_url":"https://github.com/codfish.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# generator-codfish\n\n\u003e Yeoman generators to scaffold out personal projects \u0026 open source modules.\n\n[![version][version-badge]][package] [![downloads][downloads-badge]][npmcharts]\n[![GitHub Workflow Status][actions-badge]][actions-badge] [![MIT License][license-badge]][license]\n[![PRs Welcome][prs-badge]][prs] [![Semantic Release][semantic-release-badge]][semantic-release]\n[![Commitizen friendly][commitizen-badge]][commitizen]\n\nUltimate goal is to get up and running as quickly as possible. This is a generator I will use to\nscaffold out new projects and npm modules. It goes further than just setting up code. It will also:\n\n- Sets up auto-linting on commit with [`cod-scripts`](https://github.com/codfish/cod-scripts).\n- Sets up some basic GitHub Actions workflows with automated versioning \u0026 deployments with\n  [semantic-release](https://github.com/semantic-release/semantic-release).\n- Optionally creates a new GitHub repo for you.\n- Init's git and makes an initial commit. All you need to do is `git push origin master`.\n\n\u003c!-- START doctoc --\u003e\n\u003c!-- END doctoc--\u003e\n\n## Installation\n\n**Recommended:** Don't install globally, just run with `npx`.\n\n```sh\nnpx -p yo -p generator-codfish -c 'yo codfish'\n```\n\nOr go old school:\n\n```sh\nnpm install -g yo generator-codfish\n```\n\nWith generators you're typically always looking to use the latest \u0026 greatest when generating so I\nprefer `npx` so you don't need to keep your global installation up to date.\n\n## Usage\n\n```sh\nyo codfish\n```\n\n### Advanced Usage\n\n```sh\nyo codfish[:\u003csub\u003e] [\u003cproject-directory\u003e] [\u003coptions\u003e]\n```\n\n- **project-directory** - Directory to generate into. Will make the directory for you if it doesn't\n  exist. The current directory will be used by default.\n- **sub** - Optional sub generator.\n- **options** - Optional flags to pass to the generator to change functionality. See below for more\n  details.\n\n**Examples:**\n\n**Note**: If you're using `npx` you can wrap the following examples with\n`npx -p yo -p generator-codfish -c '\u003cexample\u003e'`.\n\n```sh\n# Scaffold a new project into the current directory.\nyo codfish\n\n# Scaffold a new project/module into a directory named `new-module`.\nyo codfish new-module\n\n# By default the generator automatically tries to create a github repository for you.\n# This will skip that.\nyo codfish new-module --skip-github\n\n# To add my linting configuration \u0026 tooling to an existing project you can\n# run the linting sub generator directly. When starting a new project\n# with the other generators, this will automatically be included.\nyo codfish:linting\n\n# To add GitHub templates \u0026 GitHub Actions workflows to an existing project\nyo codfish:github\n```\n\n### Options\n\n- `skip-install` (Boolean, default: `false`) - Skip installation of npm dependencies.\n- `skip-github` (Boolean, default: `false`) - Skip the auto creation of a new github repository.\n\n## Sub generators\n\nRemember you can see the options of each sub generators by running `yo codfish:sub --help`.\n\n- `yo codfish:linting` - Linting config \u0026 tooling for JS, Markdown, CSS, JSON, Git commits, etc.\n- `yo codfish:github` - Adds node `.gitignore`, GitHub Actions workflows \u0026 GitHub templates.\n\nThese are all run automatically as part of the main generator when running `yo codfish`.\n\n## Getting To Know Yeoman\n\n- Yeoman has a heart of gold.\n- Yeoman is a person with feelings and opinions, but is very easy to work with.\n- Yeoman can be too opinionated at times but is easily convinced not to be.\n- Feel free to [learn more about Yeoman](http://yeoman.io/).\n\n## LICENSE\n\nMIT\n\n[npm]: https://www.npmjs.com/\n[node]: https://nodejs.org\n[semantic-release]: https://github.com/semantic-release/semantic-release\n[semantic-release-badge]:\n  https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg?style=flat-square\n[prs]: http://makeapullrequest.com\n[prs-badge]: https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square\n[commitizen]: http://commitizen.github.io/cz-cli/\n[commitizen-badge]:\n  https://img.shields.io/badge/commitizen-friendly-brightgreen.svg?style=flat-square\n[npmcharts]: http://npmcharts.com/compare/generator-codfish\n[version-badge]: https://img.shields.io/npm/v/generator-codfish.svg?style=flat-square\n[package]: https://www.npmjs.com/package/generator-codfish\n[downloads-badge]: https://img.shields.io/npm/dm/generator-codfish.svg?style=flat-square\n[license-badge]: https://img.shields.io/npm/l/generator-codfish.svg?style=flat-square\n[license]: https://github.com/codfish/generator-codfish/blob/master/LICENSE\n[actions]: https://github.com/codfish/generator-codfish/actions\n[actions-badge]:\n  https://img.shields.io/github/workflow/status/codfish/generator-codfish/Release/master?style=flat-square\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcodfish%2Fgenerator-codfish","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcodfish%2Fgenerator-codfish","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcodfish%2Fgenerator-codfish/lists"}