{"id":29035366,"url":"https://github.com/open-nudge/opentemplate","last_synced_at":"2025-06-26T12:08:21.691Z","repository":{"id":299132495,"uuid":"1002117105","full_name":"open-nudge/opentemplate","owner":"open-nudge","description":"All-in-one Python template. One click. Everything included.","archived":false,"fork":false,"pushed_at":"2025-06-22T08:22:18.000Z","size":9980,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-06-22T09:28:00.094Z","etag":null,"topics":["attestations","automation","best-practices","github-actions","hardened","intuitive","legal","linter","nudging","one-click","performance","pre-commit","python","reuse","sbom","security","simple","slsa","template"],"latest_commit_sha":null,"homepage":"https://open-nudge.github.io/opentemplate/","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/open-nudge.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.md","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":"CODEOWNERS","security":"SECURITY-DEPENDENCY.md","support":"SUPPORT.md","governance":"GOVERNANCE.md","roadmap":"ROADMAP.md","authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-06-14T18:47:16.000Z","updated_at":"2025-06-22T08:22:20.000Z","dependencies_parsed_at":"2025-06-14T21:53:57.018Z","dependency_job_id":null,"html_url":"https://github.com/open-nudge/opentemplate","commit_stats":null,"previous_names":["open-nudge/opentemplate"],"tags_count":0,"template":true,"template_full_name":null,"purl":"pkg:github/open-nudge/opentemplate","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/open-nudge%2Fopentemplate","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/open-nudge%2Fopentemplate/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/open-nudge%2Fopentemplate/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/open-nudge%2Fopentemplate/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/open-nudge","download_url":"https://codeload.github.com/open-nudge/opentemplate/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/open-nudge%2Fopentemplate/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":261272394,"owners_count":23133790,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["attestations","automation","best-practices","github-actions","hardened","intuitive","legal","linter","nudging","one-click","performance","pre-commit","python","reuse","sbom","security","simple","slsa","template"],"created_at":"2025-06-26T12:08:20.987Z","updated_at":"2025-06-26T12:08:21.677Z","avatar_url":"https://github.com/open-nudge.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003c!--\nSPDX-FileCopyrightText: Ā© 2025 open-nudge \u003chttps://github.com/open-nudge\u003e\nSPDX-FileContributor: szymonmaszke \u003cgithub@maszke.co\u003e\n\nSPDX-License-Identifier: Apache-2.0\n--\u003e\n\n# opentemplate\n\n\u003c!-- mkdocs remove start --\u003e\n\n\u003c!-- vale off --\u003e\n\n\u003c!-- pyml disable-num-lines 30 line-length--\u003e\n\n\u003cp align=\"center\"\u003e\n \u003cem\u003eAll-in-one Python template. One click. Everything included.\u003c/em\u003e\n\u003c/p\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n\u003ca href=\"https://pypi.org/project/opentemplate\"\u003e![PyPI - Python Version](https://img.shields.io/pypi/v/opentemplate?style=for-the-badge\u0026label=release\u0026labelColor=grey\u0026color=blue)\n\u003c/a\u003e\n\u003ca href=\"https://pypi.org/project/opentemplate\"\u003e![Python Version from PEP 621 TOML](https://img.shields.io/python/required-version-toml?tomlFilePath=https%3A%2F%2Fraw.githubusercontent.com%2Fopen-nudge%2Fopentemplate%2Fmain%2Fpyproject.toml\u0026style=for-the-badge\u0026label=python\u0026labelColor=grey\u0026color=blue)\n\u003c/a\u003e\n\u003ca href=\"https://opensource.org/licenses/Apache-2.0\"\u003e![License](https://img.shields.io/badge/License-Apache_2.0-blue?style=for-the-badge)\n\u003c/a\u003e\n\u003ca\u003e![Coverage Hardcoded](https://img.shields.io/badge/coverage-100%25-green?style=for-the-badge)\n\u003c/a\u003e\n\u003ca href=\"https://scorecard.dev/viewer/?uri=github.com/open-nudge/opentemplate\"\u003e![OSSF-Scorecard Score](https://img.shields.io/ossf-scorecard/github.com/open-nudge/opentemplate?style=for-the-badge\u0026label=OSSF)\n\u003c/a\u003e\n\n\u003c/div\u003e\n\n\u003cp align=\"center\"\u003e\nāœØ \u003ca href=\"#features\"\u003eFeatures\u003c/a\u003e\nšŸš€ \u003ca href=\"#quick-start\"\u003eQuick start\u003c/a\u003e\nšŸ“š \u003ca href=\"https://open-nudge.github.io/opentemplate\"\u003eDocumentation\u003c/a\u003e\nšŸ¤ \u003ca href=\"#contribute\"\u003eContribute\u003c/a\u003e\nšŸ‘ \u003ca href=\"https://github.com/open-nudge/opentemplate/blob/main/ADOPTERS.md\"\u003eAdopters\u003c/a\u003e\nšŸ“œ \u003ca href=\"#legal\"\u003eLegal\u003c/a\u003e\n\u003c/p\u003e\n\n______________________________________________________________________\n\n\u003c!-- mkdocs remove end --\u003e\n\n## Features\n\n__opentemplate__ is a Python template which is:\n\n- [__Truly open source__](https://open-nudge.github.io/opentemplate/template/about/philosophy):\n no tokens, no fees, no premium plans, open source software only\n- [__Easy to use__](https://open-nudge.github.io/opentemplate/template/quickstart/usage):\n clone templated repo, run `pdm setup` and __focus on your code__\n- [__State of the art__](https://open-nudge.github.io/opentemplate/template/details):\n best checkers for Python, YAML, Markdown, prose, and more unified\n- [__Secure__](https://open-nudge.github.io/opentemplate/template/details/security):\n [SLSA Level 3](https://slsa.dev/spec/v1.0-rc1/levels), [SBOMs](https://www.cisa.gov/sbom),\n [attestations](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds),\n [secured egress](https://github.com/step-security/harden-runner),\n [OSSF Best Practices](https://github.com/ossf/scorecard)\n- [__Consistent__](https://open-nudge.github.io/opentemplate/template/configuration/basic):\n all pipelines (`GitHub Actions`, `pre-commit`)\n share the same `pyproject.toml` config\n- [__Performant__](https://open-nudge.github.io/opentemplate/template/details/github-actions):\n parallel checks, builds, minimally-sized caches and checkouts\n\n\u003e [!IMPORTANT]\n\u003e __An example repository using `opentemplate`\n\u003e [here](https://github.com/open-nudge/cogeol)__\n\n\u003e [!CAUTION]\n\u003e __All files in this repo will be copied to your project,\n\u003e using the title and description you provide.__\n\n\u003c!-- vale on --\u003e\n\n### Code quality (Python focused)\n\n\u003e [!IMPORTANT]\n\u003e __You can adjust everything from `pyproject.toml` level!__\n\n- __Package manager:__ [`pdm`](https://pdm-project.org/en/latest/)\n with a single `pdm setup` manages everything!\n (see [why pdm](https://open-nudge.github.io/opentemplate/latest/template/about/faq/#why-use-pdm-instead-of-uv))\n- __Testing:__ [`pytest`](https://docs.pytest.org/en/stable/)\n (with [`coverage`](https://coverage.readthedocs.io/en/7.9.1/),\n and [`hypothesis`](https://hypothesis.readthedocs.io/en/latest/) for\n fuzzing); __testing across all Python versions\n done WITHOUT [`tox`](https://tox.wiki/en/4.27.0/)\n or [`nox`](https://nox.thea.codes/en/stable/)__(managed directly by `pdm`!)\n- __Documentation:__ [`mkdocs`](https://www.mkdocs.org/) -\n __document once, have it everywhere (unified look on GitHub and hosted docs)__,\n [semantically versioned](https://semver.org/)\n (via [`mike`](https://github.com/jimporter/mike)),\n autogenerated from\n [coverage](https://github.com/econchick/interrogate),\n [deadlink](https://github.com/AlexanderDokuchaev/md-dead-link-check)\n and [spell-checked](https://github.com/codespell-project/codespell) docstrings,\n automatically deployed after each GitHub release with clean\n [material design look](https://github.com/squidfunk/mkdocs-material)\n- __Code formatting and linting:__ [`ruff`](https://github.com/astral-sh/ruff)\n (checks hand-picked for best quality and ease of use; most are enabled),\n [`basedpyright`](https://github.com/DetachHead/basedpyright)\n for type checking, [`FawltyDeps`](https://github.com/tweag/FawltyDeps)\n for static dependency analysis\n- __Each file is copyrighted with your git information__ -\n copyrights added automatically by `pre-commit`,\n see [REUSE](https://reuse.readthedocs.io/en/stable/) and\n [SPDX Licensing](https://spdx.dev/learn/handling-license-info/)\n for more information\n- __Automated Python version updates__: `pyproject.toml`\n (and GitHub Actions pipelines where necessary)\n are automatically updated to always use __3 latest Python\n versions__ (via [`cogeol`](https://pypi.org/project/cogeol/))\n according to [Scientific Python SPEC0](https://scientific-python.org/specs/spec-0000/)\n deprecation and end-of-life policies\n- __Other code linting__: checks for `YAML`, `Markdown`, `INI`, `JSON`, `prose`,\n all config files, `shell`, `GitHub Actions` -\n __all grouped as `check-\u003cgroup\u003e` and `fix-\u003cgroup\u003e` `pdm` commands__\n- __Release to `PyPI` and `GitHub`__: done by making a\n [GitHub release](https://docs.github.com/en/repositories/releasing-projects-on-github/about-releases),\n each release is attested and immutably versioned via\n [`commition`](https://pypi.org/project/commition/)\n- [__`pre-commit`__](https://pre-commit.com/): __all checks and fixers are run\n before commit__, no need to remember them!\n (`pre-commit` is also setup after running a single `pdm setup` command!)\n\n### Security\n\n\u003e [!IMPORTANT]\n\u003e __Everything below is already provided out of the box, one-click only!__\n\n- [__Hardening__](https://open-nudge.github.io/opentemplate/latest/template/quickstart/installation/#hardening):\n during setup, an automated issue is created to guide you step by step\n through enabling rulesets, branch protection, mandatory reviewers,\n necessary signatures etc.\n ([see here for an example](https://github.com/open-nudge/opentemplate/issues/1)).\n Best part? __`harden.yml` workflow, which does that\n automatically__ (if you follow the instructions in the issue)!\n- [__SLSA compliance__](https://slsa.dev/spec/v1.0-rc1/levels):\n Level 3+ for public/enterprise repositories\n and L2 for private repositories\n via [slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator)\n- __[Software Bills of Materials](https://www.cisa.gov/sbom) (SBOMs)__:\n generated per-Python, per-OS, per-dependency group -\n __each [attested](https://github.com/actions/attest)__,\n and attached to the release\n- __Static security analysis tooling__: [`osv-scanner`](https://github.com/google/osv-scanner)\n checks against [OSV database](https://osv.dev/),\n [`semgrep`](https://semgrep.dev/) monitors code quality and security,\n [`zizmor`](https://github.com/zizmorcore/zizmor) verifies workflows,\n while [`trufflehog`](https://github.com/trufflesecurity/trufflehog)\n looks for leaked secrets\n- __Reusable workflows__: most of the workflows are [reusable](https://docs.github.com/en/actions/sharing-automations/reusing-workflows)\n (pointing to `opentemplate` workflows) to improve security and\n __get automated pipeline updates__ - you can make them local by\n running `.github/reusability/localize.sh` script. __No need\n to manage/update your own workflows!__\n- __Pinned dependencies__: all dependencies are pinned to specific versions\n (GitHub Actions, `pre-commit` and `pdm.lock`)\n- __Monitored egress in GitHub Actions__: [`harden-runner`](https://github.com/step-security/harden-runner)\n with a __whitelisted minimal set of domains__ necessary to run the workflows\n- __Security documentation__: `SECURITY.md`, `SECURITY-INSIGHTS.yml`,\n `SECURITY-SELF-ASSESSMENT.md` (only security file to update\n manually before release), and `SECURITY-DEPENDENCY.md`\n define high quality security policies\n\n\u003e [!TIP]\n\u003e See [this example release](https://github.com/open-nudge/opentemplate/releases/tag/v0.1.3)\n\u003e for all security artifacts described above.\n\n\u003e [!NOTE]\n\u003e Although there is __around 100__ workflows helping you\n\u003e maintain high quality, __most of them reuse the same workflow__,\n\u003e which makes them maintainable and extendable.\n\n### GitHub\n\n- __GitHub Actions cache__ - after each merge\n to the `main` branch, dependencies are cached __per-group and\n per-OS__ for maximum performance\n- __Minimal checkouts and triggers__ - each workflow is\n __triggered based on appropriate path__ and performs\n [`sparse-checkout`](https://github.blog/open-source/git/bring-your-monorepo-down-to-size-with-sparse-checkout/)\n when possible to minimize the amount of data transferred;\n __great for large repositories with many files and large history__\n- __Dependency updates__: [Renovate](https://docs.renovatebot.com/)\n updates all dependencies in a grouped manner once a week\n- __Templates__: __every possible template included__ (discussions,\n issues, pull requests - each extensively described)\n- __Predefined labels__ - each pull request will be automatically labeled\n (over `20` labels created during setup!) based on changed files\n (e.g. `docs`, `tests`, `deps`, `config` etc.).\n __No need to specify [semver](https://semver.org/) `scope`\n of commit anymore!__\n- __Open source documents__: `CODE_OF_CONDUCT.md`,\n `CONTRIBUTING.md`, `ROADMAP.md`, `CHANGELOG.md`, `CODEOWNERS`, `DCO`,\n and much more - all automatically added and linked to your\n Python documentation out of the box\n- __Release changelog__: [`git-cliff`](https://git-cliff.org/) - commits\n automatically divided based on `labels`, `types`, human/bot authors,\n and linked to appropriate issues and pull requests\n- __Config files__: [editorconfig](https://editorconfig.org/), `.gitattributes`,\n always the latest Python `.gitignore` etc.\n- __Commit checks__: verification of signatures, commit messages,\n DCO signing, no commit to the main branch policy\n (via [conform](https://github.com/siderolabs/conform))\n\n## Comparison\n\n- Broader scope than other [`cookiecutter`](https://github.com/cookiecutter/cookiecutter)\n templates (e.g. one-click and one-command setup, security,\n GitHub Actions, comprehensive docs, rulesets. deprecation policies,\n automated copyrights and more).\n Check [here](https://github.com/fpgmaas/cookiecutter-uv)\n or [here](https://github.com/audreyfeldroy/cookiecutter-pypackage)\n to compare yourself.\n- Truly FOSS (no freemium, no paid plans, no tokens) when compared to commercial\n offerings like [`snyk`](https://snyk.io/) or\n [`jit.io`](https://www.jit.io/). Additionally Python-centric and sticks\n with tools widely known by developers (their own environment and\n GitHub interface).\n\n\u003e [!TIP]\n\u003e See detailed comparison in the\n\u003e [documentation](https://open-nudge.github.io/opentemplate/latest/template/about/comparison/)\n\n## Quick start\n\n### Installation\n\n\u003e [!NOTE]\n\u003e [Install `pdm`](https://pdm-project.org/en/latest/#recommended-installation-method)\n\u003e (if you don't have it already), for Linux/MacOS:\n\n```sh\ncurl -sSL https://pdm-project.org/install-pdm.py | python3 -\n```\n\n1. Create a new GitHub repository using this template\n (green `Use this template` button)\n1. Name your repo (__use underscore `_`, not hyphens `-`__)\n1. Add project description (__necessary!__)\n1. __Wait until the setup commit appears__\n (performed by `github-actions[bot]`, it may take a few minutes)\n1. Clone the repository\n1. Run `pdm setup` command locally to setup development environment\n\n\u003e [!TIP]\n\u003e For more details read the\n\u003e [documentation](https://open-nudge.github.io/opentemplate/template/quickstart/installation)\n\n### Usage\n\n1. Create a new branch\n1. Optionally add dependencies to `pyproject.toml`\n1. Write code in `/src/\u003cproject_name\u003e` and tests in `/tests`\n1. Use `git add`, `git commit` and `git push` your changes\n1. `pre-commit` will guide you through the process\n\n\u003e [!TIP]\n\u003e For more details read the\n\u003e [documentation](https://open-nudge.github.io/opentemplate/template/quickstart/usage)\n\n### Examples\n\n\u003e [!CAUTION]\n\u003e Click on each example to see it in action!\n\n\u003cdetails\u003e\n \u003csummary\u003e\u003cb\u003e\u003cbig\u003eRun checkers or fixers manually\u003c/big\u003e\u003c/b\u003e (click me)\u003c/summary\u003e\n\u0026nbsp;\n\n```sh\n\u003e pdm check-\u003cgroup\u003e [FILE1, FILE2, ...] # pdm fix-\u003cgroup\u003e\n```\n\nFor example, to check __all Python files__:\n\n```sh\n\u003e pdm check-python\n```\n\nOr to check `/src/__init__.py`:\n\n```sh\n\u003e pdm check-python src/__init__.py\n```\n\nNote that all `check` and `fix` commands are grouped for your convenience:\n\n```sh\n\u003e pdm check-all # pdm fix-all\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n \u003csummary\u003e\u003cb\u003e\u003cbig\u003eAdjust template\u003c/big\u003e\u003c/b\u003e (click me)\u003c/summary\u003e\n\u0026nbsp;\n\n\u003e Most of the adjustments can be done by __only__ editing `pyproject.toml`\n\nCommon changes to `pyproject.toml`:\n\n- Add dev dependencies under `[dependency-groups]`\n (everything is named `dev-\u003cgroup\u003e`)\n- Modify `[tool.pdm.scripts]` for custom command\n (`check-\u003cgroup\u003e` or `fix-\u003cgroup\u003e`, the latter modifies files)\n- Use `[tool.\u003cname\u003e]` to adjust specific tool configuration\n\n\u003e __Adjusting these sections will affect `pre-commit` and `GitHub Actions`__\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n \u003csummary\u003e\u003cb\u003e\u003cbig\u003eDisable some pre-commit check\u003c/big\u003e\u003c/b\u003e (click me)\u003c/summary\u003e\n\u0026nbsp;\n\n\u003e Disabling checks should be done cautiously!\n\n`pre-commit` checks are defined in `.pre-commit-config.yaml`.\n\nDisable a check using `SKIP` environment variable:\n\n```sh\nSKIP=\"\u003cgroup1\u003e,\u003cgroup2\u003e\" git commit -m \u003cmessage\u003e\n```\n\nFor example, the following will skip `DCO` and `ini` checks\nand Python fixes (which would modify files):\n\n```sh\nSKIP=\"dco,ini,fix-python\" git commit -m \u003cmessage\u003e\n```\n\nFor details, refer to the `id` fields in `.pre-commit-config.yaml`.\n\n\u003e Some commands have both `\u003cgroup\u003e-fix` and `\u003cgroup\u003e-check`\n\u003e for different actions!\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n \u003csummary\u003e\u003cb\u003e\u003cbig\u003eDisable GitHub Actions checks\u003c/big\u003e\u003c/b\u003e (click me)\u003c/summary\u003e\n\u0026nbsp;\n\n\u003e Disabling checks should be done cautiously!\n\nWhen making a commit you can add one of the following\nstrings to the message:\n\n- `[skip ci]`\n- `[ci skip]`\n- `[no ci]`\n- `[skip actions]`\n- `[actions skip]`\n\n\u003e Note that you can also merge pull requests __even if the checks fail__.\n\n\u003c/details\u003e\n\n\u003c!-- mkdocs remove start --\u003e\n\n## Contribute\n\nWe welcome your contributions! Start here:\n\n- [Code of Conduct](/CODE_OF_CONDUCT.md)\n- [Contributing Guide](/CONTRIBUTING.md)\n- [Roadmap](/ROADMAP.md)\n- [Changelog](/CHANGELOG.md)\n- [Report security vulnerabilities](/SECURITY.md)\n- [Open an Issue](https://github.com/open-nudge/opentemplate/issues)\n\n## Legal\n\n- This project is licensed under the _Apache 2.0 License_ - see\n the [LICENSE](/LICENSE.md) file for details.\n- This project is copyrighted by _open-nudge_ - the\n appropriate copyright notice is included in each file.\n\n\u003c!-- mkdocs remove end --\u003e\n\n\u003c!-- md-dead-link-check: on --\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopen-nudge%2Fopentemplate","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopen-nudge%2Fopentemplate","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopen-nudge%2Fopentemplate/lists"}