{"id":37084640,"url":"https://github.com/simonsdave/dev-env","last_synced_at":"2026-01-14T10:23:13.958Z","repository":{"id":62567829,"uuid":"100543857","full_name":"simonsdave/dev-env","owner":"simonsdave","description":"Simplify automated development environment provisioning","archived":true,"fork":false,"pushed_at":"2022-10-23T14:16:35.000Z","size":821,"stargazers_count":2,"open_issues_count":28,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-10-27T04:35:18.645Z","etag":null,"topics":["automation","developer-tools"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/simonsdave.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"docs/contributing.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-08-17T00:20:37.000Z","updated_at":"2024-01-22T12:25:24.000Z","dependencies_parsed_at":"2022-11-03T16:30:46.627Z","dependency_job_id":null,"html_url":"https://github.com/simonsdave/dev-env","commit_stats":null,"previous_names":[],"tags_count":52,"template":false,"template_full_name":null,"purl":"pkg:github/simonsdave/dev-env","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simonsdave%2Fdev-env","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simonsdave%2Fdev-env/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simonsdave%2Fdev-env/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simonsdave%2Fdev-env/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/simonsdave","download_url":"https://codeload.github.com/simonsdave/dev-env/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simonsdave%2Fdev-env/sbom","scorecard":{"id":825032,"data":{"date":"2025-08-11","repo":{"name":"github.com/simonsdave/dev-env","commit":"b53f8a3edd67d3f381203d803eac667e4221ab72"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.5,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"project is archived","details":["Warn: Repository is archived."],"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: containerImage not pinned by hash: dockerfiles/Dockerfile:1: pin your Docker image by updating ubuntu:20.04 to ubuntu:20.04@sha256:8feb4d8ca5354def3d8fce243717141ce31e2c428701f6682bd2fafe15388214","Warn: downloadThenRun not pinned by hash: dockerfiles/Dockerfile:159-163","Warn: downloadThenRun not pinned by hash: dockerfiles/Dockerfile:207","Warn: pipCommand not pinned by hash: .cut-release-master-branch-changes.sh:16","Warn: pipCommand not pinned by hash: bin/install-dev-env.sh:73","Info:   0 out of   1 containerImage dependencies pinned","Info:   0 out of   2 downloadThenRun dependencies pinned","Info:   0 out of   2 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v0.6.21 not signed: https://api.github.com/repos/simonsdave/dev-env/releases/56650708","Warn: release artifact v0.6.20 not signed: https://api.github.com/repos/simonsdave/dev-env/releases/56646911","Warn: release artifact v0.6.19 not signed: https://api.github.com/repos/simonsdave/dev-env/releases/56346106","Warn: release artifact v0.6.18 not signed: https://api.github.com/repos/simonsdave/dev-env/releases/56343026","Warn: release artifact v0.6.17 not signed: https://api.github.com/repos/simonsdave/dev-env/releases/56277509","Warn: release artifact v0.6.21 does not have provenance: https://api.github.com/repos/simonsdave/dev-env/releases/56650708","Warn: release artifact v0.6.20 does not have provenance: https://api.github.com/repos/simonsdave/dev-env/releases/56646911","Warn: release artifact v0.6.19 does not have provenance: https://api.github.com/repos/simonsdave/dev-env/releases/56346106","Warn: release artifact v0.6.18 does not have provenance: https://api.github.com/repos/simonsdave/dev-env/releases/56343026","Warn: release artifact v0.6.17 does not have provenance: https://api.github.com/repos/simonsdave/dev-env/releases/56277509"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'","Warn: branch protection not enabled for branch 'release-0.6.21'","Warn: branch protection not enabled for branch 'release-0.6.20'","Warn: branch protection not enabled for branch 'release-0.6.19'","Warn: branch protection not enabled for branch 'release-0.6.18'","Warn: branch protection not enabled for branch 'release-0.6.17'","Warn: branch protection not enabled for branch 'release-0.6.16'","Warn: branch protection not enabled for branch 'release-0.6.15'","Warn: branch protection not enabled for branch 'release-0.6.14'","Warn: branch protection not enabled for branch 'release-0.6.13'","Warn: branch protection not enabled for branch 'release-0.6.12'","Warn: branch protection not enabled for branch 'release-0.6.11'","Warn: branch protection not enabled for branch 'release-0.6.10'","Warn: branch protection not enabled for branch 'release-0.6.9'","Warn: branch protection not enabled for branch 'release-0.6.8'","Warn: branch protection not enabled for branch 'release-0.6.7'","Warn: branch protection not enabled for branch 'release-0.6.6'","Warn: branch protection not enabled for branch 'release-0.6.5'","Warn: branch protection not enabled for branch 'release-0.6.4'","Warn: branch protection not enabled for branch 'release-0.6.3'","Warn: branch protection not enabled for branch 'release-0.6.2'","Warn: branch protection not enabled for branch 'release-0.6.1'","Warn: branch protection not enabled for branch 'release-0.6.0'","Warn: branch protection not enabled for branch 'release-0.5.26'","Warn: branch protection not enabled for branch 'release-0.5.25'","Warn: branch protection not enabled for branch 'release-0.5.24'","Warn: branch protection not enabled for branch 'release-0.5.23'","Warn: branch protection not enabled for branch 'release-0.5.22'","Warn: branch protection not enabled for branch 'release-0.5.21'","Warn: branch protection not enabled for branch 'release-0.5.20'","Warn: branch protection not enabled for branch 'release-0.5.19'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}}]},"last_synced_at":"2025-08-23T16:27:49.951Z","repository_id":62567829,"created_at":"2025-08-23T16:27:49.952Z","updated_at":"2025-08-23T16:27:49.952Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28417022,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T10:18:03.274Z","status":"ssl_error","status_checked_at":"2026-01-14T10:16:11.865Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","developer-tools"],"created_at":"2026-01-14T10:23:13.214Z","updated_at":"2026-01-14T10:23:13.950Z","avatar_url":"https://github.com/simonsdave.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# dev-env\n\n![Maintained](https://img.shields.io/maintenance/yes/2022.svg?style=flat)\n[![MIT license](http://img.shields.io/badge/license-MIT-brightgreen.svg)](http://opensource.org/licenses/MIT)\n![PythonVersions](https://img.shields.io/pypi/pyversions/dev-env.svg?style=flat)\n![status](https://img.shields.io/pypi/status/dev-env.svg?style=flat)\n[![PyPI](https://img.shields.io/pypi/v/dev-env.svg?style=flat)](https://pypi.python.org/pypi/dev-env)\n[![CodeFactor](https://www.codefactor.io/repository/github/simonsdave/dev-env/badge/master)](https://www.codefactor.io/repository/github/simonsdave/dev-env/overview/master)\n[![CircleCI](https://circleci.com/gh/simonsdave/dev-env/tree/master.svg?style=shield)](https://circleci.com/gh/simonsdave/dev-env/tree/master)\n[![codecov](https://codecov.io/gh/simonsdave/dev-env/branch/master/graph/badge.svg)](https://codecov.io/gh/simonsdave/dev-env/branch/master)\n[![docker-simonsdave/bionic-dev-env](https://img.shields.io/badge/docker-simonsdave%2Fbionic--dev--env-blue.svg)](https://hub.docker.com/r/simonsdave/bionic-dev-env/)\n\nThis repo was originally created as a way to centralize\nand document the process of provisioning development environments (dev env).\nAs time went on it became clear that it would be helpful to\ncentralize other common development tools and utilities.\nThis repo now contains tools, scripts and utilities which:\n\n* provision dev and CI environments using [Docker](https://www.docker.com/) with confidence that both the development and CI environments are the same\n* automate cutting releases\n* simplify integration testing\n\nThe tools, scripts and utilities in this repo assume the user follows a pre-defined set of patterns and practices.\n\n## Key Concepts\n\n* a project is hosted in either public or private github repo\n* at the project's root is a text file called ```cfg4dev``` which configures the project's dev env\n* after git cloning the repo, a developer configures the dev env by executing ```source cfg4dev```\n* ```dev-env``` publishes dev env docker images to [Docker Hub](https://hub.docker.com/)\n* the docker images are docker pulled to a developer's machine by ```cfg4dev```\n* [CircleCI](https://www.circleci.com) can use a ```dev-env``` docker image as a [docker executor](https://circleci.com/docs/2.0/executor-types/#using-docker)\n* [shell and python scripts](bin) are run on a developer's machine to access the dev env packaged in the docker image\n* the scripts are installed on a developer's machine by ```cfg4dev```\n* at the project's root is a text file called ```CHANGELOG.md``` which is manually curated by developers to record key changes to the project\n\n## Assumptions\n\n* developers use [macOS](https://www.apple.com/ca/macos/)\n* ```dev-env``` targets projects which are shell and Python centric\n* if a project's repo is called ```abc-def-ghi``` and the project builds\n  a Python package, the package is called ```abc_def_ghi``` and the source\n  code for the package is in a sub-directory of the project's root directory\n  called ```abc_def_ghi``` - in addition, the ```abc_def_ghi``` directory\n  contains a file called ```__init__.py``` that contains at least a single\n  line that looks like ```__version__ = '1.2.0'``` which declares the Python\n  package version\n* scripts and Dockerfiles to build a project's development environment\n  are in a sub-directory of the project's root directory called ```dev_env```\n* projects use a branching strategy something like\n  * all development is done on the ```master``` branch (optionally using [feature branches](https://guides.github.com/introduction/flow/))\n  * use [Semantic Versioning](http://semver.org/)\n  * for each release a new branch is created from master called ```release-\u003cversion\u003e```\n* ```CHANGELOG.md``` follows a predefined format / structure\n\n## What Next\n\n* take a look at the [shell and python scripts](bin) to assess ```dev-env``` capability\n* [here's](docs/using.md) a description of how to start using ```dev-env```\n* take a look at [this](https://github.com/simonsdave/dev-env-testing) github repo which illustrates how to use ```dev-env```\n* if you'd like to help contribute to ```dev-env``` see [this](docs/contributing.md)\n\n## References/Inspirations\n\n* [21 Nov '18 - How to fully utilise Docker during development](https://medium.com/tsftech/how-to-fully-utilise-docker-during-development-42bb3cdc3017)\n* [semantic-release - fully automated version management and package publishing](https://github.com/semantic-release/semantic-release)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimonsdave%2Fdev-env","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsimonsdave%2Fdev-env","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimonsdave%2Fdev-env/lists"}