Merge branch 'main' into feature/scan-test-coverage

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,11 @@
+blank_issues_enabled: false
+contact_links:
+  - name: 🐛 Bug Bounty
+    url: https://safetycli.com/resources/bug-bounty
+    about: Participate in our Bug Bounty program and get rewarded!
+  - name: 📖 Safety CLI Documentation
+    url: https://docs.safetycli.com/safety-docs
+    about: Check the Safety CLI documentation for in-depth overview of all the available commands and options.
+  - name: 💻 Take Our Survey!
+    url: https://form.typeform.com/to/ttlLdSaM
+    about: We're on a mission to make Safety CLI the best it can be, and we need YOUR help. We've put together a brief survey to understand how you use Safety CLI, what you love about it, and where you think we can do better.

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,86 @@
+name: 🚀 Feature Request
+description: Suggest an idea or a feature for this project
+labels: ["feature request"]
+
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this feature request!
+
+  - type: checkboxes
+    id: checklist
+    attributes:
+      label: Checklist
+      options:
+        - label: I agree to the terms within the [Safety Code of Conduct](https://github.com/pyupio/safety/blob/main/CODE_OF_CONDUCT.md).
+          required: true
+
+  - type: textarea
+    id: safety-version
+    attributes:
+      label: Safety version
+      description: Specify the version of Safety you're using.
+      placeholder: e.g., 3.2.5
+    validations:
+      required: true
+
+  - type: textarea
+    id: python-version
+    attributes:
+      label: Python version
+      description: Specify the version of Python you're using.
+      placeholder: e.g., 3.11.2
+    validations:
+      required: true
+
+  - type: textarea
+    id: os
+    attributes:
+      label: Operating System
+      description: Specify the operating system you're using.
+      placeholder: e.g., macOS 13, Windows 10
+    validations:
+      required: true
+
+  - type: textarea
+    id: description
+    attributes:
+      label: Describe the problem you'd like to have solved
+      description: A clear and concise description of what the problem is.
+      placeholder: My life would be a lot simpler if...
+    validations:
+      required: true
+
+  - type: textarea
+    id: ideal-solution
+    attributes:
+      label: Describe the ideal solution
+      description: A clear and concise description of what you want to happen.
+    validations:
+      required: true
+
+  - type: textarea
+    id: alternatives-and-workarounds
+    attributes:
+      label: Alternatives and current workarounds
+      description: A clear and concise description of any alternatives you've considered or any workarounds that are currently in place.
+    validations:
+      required: false
+
+  - type: textarea
+    id: additional-context
+    attributes:
+      label: Additional context
+      description: Add any other context or screenshots about the feature request here.
+    validations:
+      required: false
+
+  - type: textarea
+    id: what-i-did
+    attributes:
+      label: What I Did
+      description: Describe what you were trying to get done. Tell us what happened, what went wrong, and what you expected to happen.
+      placeholder: Paste the command(s) you ran and the output. If there was a crash, please include the traceback here.
+    validations:
+      required: true

.github/workflows/issue_responder.yml

@@ -0,0 +1,31 @@
+name: Issue Responder
+
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  respond:
+    runs-on: ubuntu-latest
+    permissions:
+      issues: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Install GitHub CLI
+        run: sudo apt-get install gh
+
+      - name: Respond to new issues
+        run: gh issue comment ${{ github.event.issue.number }} --body "$BODY"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          BODY: |
+            Hi @${{ github.event.issue.user.login }}, thank you for opening this issue!
+
+            We appreciate your effort in reporting this. Our team will review it and get back to you soon.
+            If you have any additional details or updates, feel free to add them to this issue.
+
+            **Note:** If this is a serious security issue that could impact the security of Safety CLI users, please email [email protected] immediately.
+
+            Thank you for contributing to Safety CLI!

CHANGELOG.md

@@ -5,6 +5,34 @@ All notable changes to this project will be documented in this file.
 The format is partly based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html) and [PEP 440](https://peps.python.org/pep-0440/)
 
+## [3.2.7] - 2024-08-29
+- fix/increase-auth-timeout: increase timeout to 5s (#583)
+- Update Issue Templates: Add Feature Request Template and Improve Issue Submission Process (#580)
+
+## [3.2.6] - 2024-08-21
+- fix/update-schemas-0-0-4 (#581)
+- chore/update-coc-email (#579)
+- docs(contributing): add CONTRIBUTING.md with guidelines for contributors (#571)
+- chore: update-network-url (#569)
+
+## [3.2.5] - 2024-08-09
+- fix: increment schemas version (#567)
+- Add SLA Document (#565)
+- Add Table of Contents to README.md (#564)
+- docs: code of conduct (#559)
+- Add More Badges (#558)
+- feat: fixed issue responder (#561)
+- feat(logger): config.ini, proxy, network stats (#547)
+- refactor: replace private typer functions with rich module equivalents (#556)
+- feat(safety_cli): docstrings, type hints, comments (#549)
+- feat: add GitHub Action to automatically respond to new issues (#554)
+- readme: add download badge to readme (#557)
+- fix(debug): fix --debug flag and associated tests (#552)
+- chore: release 3.2.4 (#545)
+- fix(cache): handle get_from_cache=None and ensure directory exists (#544)
+- REQUEST_TIMEOUT Env Var (#541)
+- Update URLs, Lint (#540)
+
 ## [3.2.4] - 2024-07-04
 - Handle `get_from_cache=None` and ensure directory exists (#538)
 - Switch filelock package to compatible release clause (#538)

CODE_OF_CONDUCT.md

@@ -0,0 +1,57 @@
+# Safety CLI Code of Conduct
+
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to make participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment include:
+
+- Using welcoming and inclusive language.
+- Being respectful of differing viewpoints and experiences.
+- Gracefully accepting constructive criticism.
+- Focusing on what is best for the community.
+- Showing empathy towards other community members.
+
+Examples of unacceptable behavior by participants include:
+
+- The use of sexualized language or imagery and unwelcome sexual attention or advances.
+- Trolling, insulting/derogatory comments, and personal or political attacks.
+- Public or private harassment.
+- Publishing others' private information, such as a physical or electronic address, without explicit permission.
+- Conduct which could reasonably be considered inappropriate for the forum in which it occurs.
+
+All Safety CLI forums and spaces are meant for professional interactions, and any behavior which could reasonably be considered inappropriate in a professional setting is unacceptable.
+
+## Our Responsibilities
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
+
+## Scope
+This Code of Conduct applies to all content on safetycli.com, Safety CLI’s GitHub organization, or any other official Safety CLI web presence allowing for community interactions, as well as at all official Safety CLI events, whether offline or online.
+
+The Code of Conduct also applies within project spaces and in public spaces whenever an individual is representing Safety CLI or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed or de facto representative at an online or offline event.
+
+## Conflict Resolution
+Conflicts in an open source project can take many forms, from someone having a bad day and using harsh and hurtful language in the issue queue, to more serious instances such as sexist/racist statements or threats of violence, and everything in between.
+
+If the behavior is threatening or harassing, or for other reasons requires immediate escalation, please see below.
+
+However, for the vast majority of issues, we aim to empower individuals to first resolve conflicts themselves, asking for help when needed, and only after that fails to escalate further. This approach gives people more control over the outcome of their dispute.
+
+If you are experiencing or witnessing conflict, we ask you to use the following escalation strategy to address the conflict:
+
+1. Address the perceived conflict directly with those involved, preferably in a real-time medium.
+2. If this fails, get a third party (e.g., a mutual friend, and/or someone with background on the issue, but not involved in the conflict) to intercede.
+3. If you are still unable to resolve the conflict, and you believe it rises to harassment or another code of conduct violation, report it.
+
+## Reporting Violations
+Violations of the Code of Conduct can be reported to [[email protected]](mailto:[email protected]). The Project Steward will determine whether the Code of Conduct was violated, and will issue an appropriate sanction, possibly including a written warning or expulsion from the project, project sponsored spaces, or project forums. We ask that you make a good-faith effort to resolve your conflict via the conflict resolution policy before submitting a report.
+
+Violations of the Code of Conduct can occur in any setting, even those unrelated to the project. We will only consider complaints about conduct that has occurred within one year of the report.
+
+## Enforcement
+If the Project Stewards receive a report alleging a violation of the Code of Conduct, the Project Stewards will notify the accused of the report, and provide them an opportunity to discuss the report before a sanction is issued. The Project Stewards will do their utmost to keep the reporter anonymous. If the act is ongoing (such as someone engaging in harassment), or involves a threat to anyone's safety (e.g., threats of violence), the Project Stewards may issue sanctions without notice.
+
+## Attribution
+This Code of Conduct is adapted from the Contributor Covenant, version 1.4, available at https://contributor-covenant.org/version/1/4, and includes some aspects of the Geek Feminism Code of Conduct and the Drupal Code of Conduct.

CONTRIBUTING.md

@@ -0,0 +1,111 @@
+# Contributing to SafetyCLI
+
+First off, thanks for taking the time to contribute! We welcome contributions from everyone and are grateful for your help in making SafetyCLI better.
+
+## Table of Contents
+- [Contributing to SafetyCLI](#contributing-to-safetycli)
+  - [Table of Contents](#table-of-contents)
+  - [How Can I Contribute?](#how-can-i-contribute)
+    - [Reporting Bugs](#reporting-bugs)
+    - [Suggesting Enhancements](#suggesting-enhancements)
+    - [Improving Documentation](#improving-documentation)
+  - [Getting Started](#getting-started)
+    - [Code of Conduct](#code-of-conduct)
+    - [Development Setup](#development-setup)
+    - [Running Tests](#running-tests)
+  - [Pull Request Process](#pull-request-process)
+    - [Commit Messages](#commit-messages)
+    - [Merging Changes](#merging-changes)
+  - [License](#license)
+
+## How Can I Contribute?
+
+### Reporting Bugs
+
+If you find a bug, please report it by opening a [GitHub issue](https://github.com/pyupio/safety/issues). When reporting a bug, please include:
+- A clear and descriptive title.
+- Steps to reproduce the issue.
+- Expected and actual behavior.
+- Any relevant logs or screenshots.
+- The version of SafetyCLI and Python you are using.
+
+If your bug report has security implications or involves a potential vulnerability, we encourage you to participate in our [Bug Bounty Program](https://safetycli.com/resources/bug-bounty). Your responsible disclosure will help us improve the security of our software and may be eligible for a reward.
+
+Please use the appropriate label when creating an issue:
+- `bug`: Indicates a problem that needs to be resolved.
+- `Critical`: Issues that break core functionality or pose significant security vulnerabilities.
+- `High`, `Medium`, `Low`: Significance of bugs affecting users.
+
+### Suggesting Enhancements
+
+To suggest an enhancement, open an issue with details on the proposed improvement:
+- A detailed description of the enhancement.
+- A rationale for why the enhancement is needed.
+- Any possible alternatives or workarounds.
+
+Please use the following label:
+- `enhancement`: Suggests an improvement or new feature.
+
+### Improving Documentation
+
+Improving documentation is one of the best ways to contribute. You can suggest improvements, correct typos, or add new sections. The documentation is located [here](https://docs.safetycli.com/safety-docs).
+
+Please use the following label:
+- `documentation`: Indicates issues related to documentation improvements or updates.
+
+Before submitting code changes, please ensure:
+- Your changes are focused on a single issue or feature.
+- You have written tests for your changes.
+- All tests pass locally.
+
+Please use the following labels as needed:
+- `help wanted`: Requests assistance from the community or other contributors.
+- `good first issue`: Highlights issues that are suitable for first-time contributors.
+
+## Getting Started
+
+### Code of Conduct
+
+Please read and adhere to our [Code of Conduct](CODE_OF_CONDUCT.md) to ensure a welcoming environment for all contributors.
+
+### Development Setup
+1. **Clone the repository:**
+   ```bash
+   git clone https://github.com/pyupio/safety.git
+   ```
+
+2. **Set up your environment:**
+- Ensure you are using Python 3.11.2.
+- Install dependencies:
+    ```bash
+    pip install -r requirements.txt
+    ```
+
+### Running Tests
+We use pytest for running tests. To run the tests locally:
+    ```pytest```
+
+Ensure all tests pass before submitting your changes.
+
+## Pull Request Process
+
+### Commit Messages
+
+We follow Conventional Commits for our commit messages. Please ensure your commits adhere to this specification.
+Use the following format:
+
+```markdown
+<type>(<scope>): <description>
+
+[optional body]
+
+[optional footer(s)]
+```
+
+### Merging Changes
+- Ensure all CI checks pass.
+- A project maintainer will review and merge the pull request.
+- Pull requests require at least one approval before merging.
+
+## License
+By contributing to SafetyCLI, you agree that your contributions will be licensed under the same [MIT License](https://github.com/pyupio/safety/blob/main/LICENSE) that covers the project.