{"id":45909522,"url":"https://github.com/project-navi/navi-bootstrap","last_synced_at":"2026-03-03T23:03:36.555Z","repository":{"id":340686538,"uuid":"1167151091","full_name":"Project-Navi/navi-bootstrap","owner":"Project-Navi","description":"A repo that bootstraps repos. Spec-driven Jinja2 engine + 7 template packs for production-grade CI, security, and release pipelines.","archived":false,"fork":false,"pushed_at":"2026-02-28T02:43:46.000Z","size":586,"stargazers_count":0,"open_issues_count":5,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-28T07:26:57.426Z","etag":null,"topics":["bootstrapping","ci-cd","code-review","devops","jinja2","python","security","template-engine"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Project-Navi.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":"Fieldnote-Echo"}},"created_at":"2026-02-26T01:50:44.000Z","updated_at":"2026-02-28T02:43:48.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/Project-Navi/navi-bootstrap","commit_stats":null,"previous_names":["project-navi/navi-bootstrap"],"tags_count":1,"template":true,"template_full_name":null,"purl":"pkg:github/Project-Navi/navi-bootstrap","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Project-Navi%2Fnavi-bootstrap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Project-Navi%2Fnavi-bootstrap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Project-Navi%2Fnavi-bootstrap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Project-Navi%2Fnavi-bootstrap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Project-Navi","download_url":"https://codeload.github.com/Project-Navi/navi-bootstrap/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Project-Navi%2Fnavi-bootstrap/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30064797,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-03T18:21:05.932Z","status":"ssl_error","status_checked_at":"2026-03-03T18:20:59.341Z","response_time":61,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bootstrapping","ci-cd","code-review","devops","jinja2","python","security","template-engine"],"created_at":"2026-02-28T05:59:04.032Z","updated_at":"2026-03-03T23:03:36.550Z","avatar_url":"https://github.com/Project-Navi.png","language":"Python","funding_links":["https://github.com/sponsors/Fieldnote-Echo"],"categories":[],"sub_categories":[],"readme":"# navi-bootstrap\n\n[![Tests](https://github.com/Project-Navi/navi-bootstrap/actions/workflows/tests.yml/badge.svg)](https://github.com/Project-Navi/navi-bootstrap/actions/workflows/tests.yml)\n[![CodeQL](https://github.com/Project-Navi/navi-bootstrap/actions/workflows/codeql.yml/badge.svg)](https://github.com/Project-Navi/navi-bootstrap/actions/workflows/codeql.yml)\n[![Fuzz](https://github.com/Project-Navi/navi-bootstrap/actions/workflows/fuzz.yml/badge.svg)](https://github.com/Project-Navi/navi-bootstrap/actions/workflows/fuzz.yml)\n[![codecov](https://codecov.io/gh/Project-Navi/navi-bootstrap/graph/badge.svg?token=PJ9F194alS)](https://codecov.io/gh/Project-Navi/navi-bootstrap)\n[![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/Project-Navi/navi-bootstrap/badge)](https://scorecard.dev/viewer/?uri=github.com/Project-Navi/navi-bootstrap)\n[![PyPI](https://img.shields.io/pypi/v/navi-bootstrap)](https://pypi.org/project/navi-bootstrap/)\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)\n[![Python 3.12+](https://img.shields.io/badge/python-3.12%2B-blue.svg)](https://www.python.org/downloads/)\n[![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json)](https://github.com/astral-sh/ruff)\n\nnavi-bootstrap generates operational infrastructure for Python projects — CI, security scanning, code review, release pipelines, quality gates, and the project skeleton itself — from declarative template packs.\n\n---\n\n## Quick start\n\n```bash\npip install navi-bootstrap\n\nnboot new my-project\n```\n\nOne command, complete project:\n\n```\nmy-project/\n├── pyproject.toml\n├── src/my_project/__init__.py\n├── src/my_project/py.typed\n├── tests/conftest.py\n├── tests/test_my_project.py\n├── README.md\n├── LICENSE\n├── .gitignore\n├── .github/workflows/tests.yml\n├── .github/dependabot.yml\n├── .pre-commit-config.yaml\n├── AGENTS.md\n├── DEBT.md\n└── nboot-spec.json\n```\n\n## How it works\n\n```\nspec (what your project is) + pack (what to generate) → rendered output\n```\n\nThe **spec** describes your project: name, owner, Python version, license. The **pack** is a set of Jinja2 templates with a manifest declaring conditions and loops. The **engine** connects them deterministically — same spec + same pack = same output, every time.\n\n## Packs\n\nEight template packs, layered with explicit dependencies:\n\n| Pack | What it generates |\n|------|-------------------|\n| **scaffold** | Project skeleton — pyproject.toml, src layout, tests, README, LICENSE, .gitignore |\n| **base** | CI workflows, pre-commit config, dependabot, tool config, AGENTS.md, DEBT.md |\n| **security-scanning** | CodeQL analysis, OpenSSF Scorecard |\n| **github-templates** | Bug report, feature request, issue config, PR template |\n| **review-system** | Code review and security review workflows |\n| **quality-gates** | Quality metrics baseline, test parity map |\n| **code-hygiene** | CONTRIBUTING.md |\n| **release-pipeline** | SLSA L3 build workflow, release dispatcher, changelog config |\n\n`nboot new` applies `scaffold` + `base`. All other packs are elective and can be layered on afterward with `nboot apply`.\n\n## CLI reference\n\n| Command | Description |\n|---------|-------------|\n| `nboot new \u003cname\u003e` | Create a new project with scaffold + base packs |\n| `nboot render --spec --pack --out` | Render a single pack to a new directory |\n| `nboot apply --spec --pack --target` | Apply a pack to an existing project |\n| `nboot diff --spec --pack --target` | Preview changes without writing |\n| `nboot init --target` | Generate spec by inspecting an existing project |\n| `nboot validate --spec` | Validate spec and manifest |\n| `nboot list-packs` | List available packs |\n\n## Architecture\n\nSix-stage pipeline. Stateless and deterministic through stage 3.\n\n```\nspec.json + pack/\n  -\u003e [Stage 0: Resolve]   action SHAs via gh api\n  -\u003e [Stage 1: Validate]  spec + manifest against schemas\n  -\u003e [Stage 2: Plan]      evaluate conditions, expand loops, build render list\n  -\u003e [Stage 3: Render]    Jinja2 render to memory\n  -\u003e [Stage 4: Validate]  run post-render checks\n  -\u003e [Stage 5: Hooks]     post-render shell commands\n  -\u003e output/\n```\n\nStages 0-3 are pure functions — spec and pack in, rendered files out, no side effects. All project-specific opinions live in the spec and the template pack, never in the engine.\n\n```\nsrc/navi_bootstrap/\n├── cli.py        # Click CLI: new, init, render, apply, diff, validate, list-packs\n├── engine.py     # Plan + Render (stages 2-3), sandboxed dest paths\n├── manifest.py   # Manifest loading + validation\n├── spec.py       # Spec loading + JSON Schema validation\n├── resolve.py    # Stage 0: action SHA resolution\n├── validate.py   # Stage 4: post-render validation\n├── hooks.py      # Stage 5: hook runner\n├── sanitize.py   # Input sanitization (homoglyphs, traversal, injection)\n├── init.py       # Project inspection -\u003e spec generation\n├── diff.py       # Drift detection (render-to-memory + unified diff)\n└── packs.py      # Pack discovery, resolution, and ordering\n```\n\n## Development\n\n```bash\nuv sync                                                # Install dependencies\nuv run pytest tests/ -v                                # Run all tests\nuv run ruff check src/navi_bootstrap/ tests/           # Lint\nuv run ruff format src/navi_bootstrap/ tests/          # Format\nuv run mypy src/navi_bootstrap/                        # Type check\nuv run bandit -r src/navi_bootstrap -ll                # Security scan\npre-commit run --all-files                             # All hooks\n```\n\nConventional commits: `feat:`, `fix:`, `chore:`, `docs:`, `test:`, `refactor:`.\n\nFull documentation: **[Wiki](https://github.com/Project-Navi/navi-bootstrap/wiki)** — architecture, pack reference, spec schema, CLI reference, custom pack authoring.\n\n## License\n\n[MIT](LICENSE) -- Copyright (c) 2026 Project Navi\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fproject-navi%2Fnavi-bootstrap","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fproject-navi%2Fnavi-bootstrap","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fproject-navi%2Fnavi-bootstrap/lists"}