{"id":31601697,"url":"https://github.com/intersectmbo/project-compliance-attestation","last_synced_at":"2026-02-14T08:01:09.010Z","repository":{"id":316225430,"uuid":"1062493421","full_name":"IntersectMBO/Project-Compliance-Attestation","owner":"IntersectMBO","description":"This is a basic script that runs compliance checks for projects in Tooling Program","archived":false,"fork":false,"pushed_at":"2025-09-24T13:34:46.000Z","size":15,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-10-06T07:58:51.049Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/IntersectMBO.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-09-23T10:27:54.000Z","updated_at":"2025-09-24T13:34:50.000Z","dependencies_parsed_at":null,"dependency_job_id":"fd947c51-888c-4c06-b734-b84f5b6a9532","html_url":"https://github.com/IntersectMBO/Project-Compliance-Attestation","commit_stats":null,"previous_names":["intersectmbo/project-compliance-attestation"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/IntersectMBO/Project-Compliance-Attestation","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IntersectMBO%2FProject-Compliance-Attestation","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IntersectMBO%2FProject-Compliance-Attestation/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IntersectMBO%2FProject-Compliance-Attestation/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IntersectMBO%2FProject-Compliance-Attestation/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/IntersectMBO","download_url":"https://codeload.github.com/IntersectMBO/Project-Compliance-Attestation/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IntersectMBO%2FProject-Compliance-Attestation/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29439820,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-14T07:24:13.446Z","status":"ssl_error","status_checked_at":"2026-02-14T07:23:58.969Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-10-06T07:58:49.127Z","updated_at":"2026-02-14T08:01:08.990Z","avatar_url":"https://github.com/IntersectMBO.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Project-Compliance-Attestation\nThis is a script that runs compliance checks for projects in Tooling Program\n\n# Script Name\n\nThis scripts performs a self-attestation on the owner/repo.e.g. cardano-foundation/cardano-wallet\n\n## Setup\n\n### Set up github token with readonly permissions\n\nYou can generate a GitHub personal access token (classic or fine-grained) with read-only permissions by restricting its scope. Here’s how:\n\n#### Instructions on Option 1 \n\n🔹 Fine-grained personal access token (recommended) \n\n- Fine-grained tokens are more secure and allow setting read-only permissions explicitly.\n\n- Go to GitHub Settings → Developer settings → Personal access tokens → Fine-grained tokens\n- Click Generate new token.\n - Fill in:\n - Token name → something descriptive like readonly-token.\n - Expiration → set a time limit (best practice).\n - Repository access → choose \"Only select repositories\" (or \"All repositories\" if you want broader read-only access).\n  - Permissions → expand and select Read-only for:\n  - Contents (so you can clone / pull code but not push).\n  - Metadata (usually required for basic repo info).\n  - Any other resource you need (issues, actions, etc.) → set to Read-only only.\n\n - Click Generate token.\n  - Copy and save the token — you won’t be able to view it again.\n  - Consider storing this so you can initialise an environment variable called GH_TOKEN \n  - e.g. export GH_TOKEN = \"hjsdhf\u0026jhjsdhf###jhhj\"\n  - Usage : Usage example (for HTTPS clone/pull):\n   - git clone https://\u003cYOUR_TOKEN\u003e@github.com/owner/repo.git\n\n#### Instructions on Option 2 \n\n🔹 Classic personal access token (less granular)\n\n - Go to GitHub Settings → Developer settings → Personal access tokens → Tokens (classic)\n - Click Generate new token (classic).\n - Give it a name and expiration date.\n - Select only read-only scopes:\n - For code access: check repo → Public Repo (for public repos only).\n - For private repos: you must check repo, but classic tokens don’t allow strict read-only — they always include write permissions.\n - This is why fine-grained tokens are recommended.\n - Generate and copy the token.\n - Consider storing this so you can initialise an environment variable called GH_TOKEN \n  - e.g. export GH_TOKEN = \"hjsdhf\u0026jhjsdhf###jhhj\"\n  - use this in your script\n * Outcome * : this ensures only read access is available \n\n\n### Unset your Github Token and set to you readonly token\n\n- @MyMachine:~/projects/intersect$ unset GH_TOKEN\n - @MyMachine:~/projects/intersect$ gh auth login\n - ? Where do you use GitHub? GitHub.com\n - ? What is your preferred protocol for Git operations on this host? SSH\n - ? Upload your SSH public key to your GitHub account? Skip\n - ? How would you like to authenticate GitHub CLI? Paste an authentication token\n - Tip: you can generate a Personal Access Token here https://github.com/settings/tokens\n - The minimum required scopes are 'repo', 'read:org'.\n - ? Paste your authentication token: ****************************************\n\n\n### Instructions to install or run.\n- Setup\n  - initialise you github per above  'Unset your Github ... '  \n - Get the script from Intersect \n  - clone the repo per below to get the self-attest script\n  -- gh repo clone IntersectMBO/Open-Source-Office *or*\n  -- just download as a zip and unpack\n  - confirm repo status \n   - git status \n  - ensure the script has +x executable permissions\n    - chmod +x intersect_ost_self_attest.sh\n  - run the script\n    - now run the script as below (noting if you wish to have 180 days window, change 30 below to 180)\n    - ./intersect_ost_self_attest.sh input-output-hk/daedalus --out io_da_attest.pdf --days 30\n    - the output should include output locations myuserdir and runninghere (for example)\n    - output is html, pdf and markdown\n     - ==============================================\n     -  [OUTPUT] Working directory : /home/myuserdir/runninghere\n     -  [OUTPUT] HTML report       : /home/myuserdir/runninghere/io_da_attest.html\n     -  [OUTPUT] PDF report        : /home/myuserdir/runninghere/io_da_attest.pdf\n     -  [OUTPUT] Markdown summary  : /home/myuserdir/runninghere/io_da_attest.md\n     -  ==============================================\n\n\n## Usage\n\n    - ./intersect_ost_self_attest.sh input-output-hk/daedalus --out io_da_attest.pdf --days 30\n\n## License\n\nMIT / Apache-2.0 / etc.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fintersectmbo%2Fproject-compliance-attestation","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fintersectmbo%2Fproject-compliance-attestation","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fintersectmbo%2Fproject-compliance-attestation/lists"}