Skip to content

Commit bbcdf1d

Browse files
author
tatanus
committed
major refactoring
1 parent 5f2e2e8 commit bbcdf1d

48 files changed

Lines changed: 7408 additions & 551 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
File renamed without changes.
Lines changed: 23 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
1-
# Contributing to BASH
1+
# Contributing
22

3-
Welcome to the **BASH** project! We're excited to have you contribute. Whether you're fixing a bug, improving documentation, or proposing a new feature, your contributions are greatly appreciated. Follow the guidelines below to ensure a smooth and productive collaboration.
3+
Welcome to the project! We're excited to have you contribute. Whether you're fixing a bug, improving documentation, or proposing a new feature, your contributions are greatly appreciated. Follow the guidelines below to ensure a smooth and productive collaboration.
44

55
---
66

@@ -29,8 +29,8 @@ This project adheres to the [Contributor Covenant Code of Conduct](https://www.c
2929
1. **Fork the repository** to your own GitHub account.
3030
2. **Clone your fork**:
3131
```bash
32-
git clone https://github.com/<your-username>/BASH.git
33-
cd BASH
32+
git clone https://github.com/<your-username>/<project>.git
33+
cd <project>
3434
```
3535
3. **Set up the project**:
3636
- Ensure you have the latest version of Bash installed.
@@ -90,31 +90,24 @@ Documentation improvements are highly valued! If you see errors or areas to enha
9090

9191
---
9292

93-
## Style Guide
94-
95-
- **Shellcheck and Shfmt**:
96-
- Run `shellcheck` with the repository's `.shellcheckrc` file to ensure consistent linting:
97-
```bash
98-
shellcheck --shell=bash --external-sources -x -S style -f gcc <your-script.sh>
99-
```
100-
- Format all scripts with the following `shfmt` options:
101-
```bash
102-
shfmt -i 4 -ci -bn -kp -sr -ln bash -d .
103-
```
104-
- **Comments**: Use the following template for functions:
105-
```bash
106-
###############################################################################
107-
# FUNCTION_NAME
108-
# ==============================
109-
# Description:
110-
# ------------------------------
111-
# Usage: FUNCTION_NAME <arg1> <arg2>
112-
# Returns: <expected return values>
113-
###############################################################################
114-
```
115-
- **Naming**: Use descriptive, lowercase function and variable names. Use underscores for multi-word names.
116-
- **Error Handling**: Always use `set -euo pipefail` for robust error handling.
117-
- **Modularity**: Break larger scripts into smaller reusable modules.
93+
## Style Guide & Best Practices
94+
95+
This project uses the tatanus Bash Style Guide (for Bash-based scripts). When contributing scripts or modifications, observe:
96+
- Strict mode: use set -uo pipefail and IFS=$'\n\t'; do not use set -e.
97+
- Function documentation: include a proc-doc header with Purpose, Usage, Arguments, Returns, Globals.
98+
- Naming:
99+
- Functions: snake_case_name
100+
- Variables: snake_case
101+
- Constants: UPPERCASE
102+
- Logging / output: use printf, not echo -e.
103+
- Testing conditionals: prefer [[ ... ]] and (( ... )) forms.
104+
- Pipelines & readability: use display pipes (put | at start of continuation lines).
105+
- No UUOC: avoid unnecessary cat.
106+
- Signal handling: trap SIGINT and SIGTERM and exit with a proper code (128 + signal).
107+
- Dependency validation: scripts should early-check commands or environment (e.g. validate_commands).
108+
- Linting / formatting: all scripts must pass shellcheck and be formatted with shfmt (as above).
109+
110+
If you’re unfamiliar with any of these rules, see the [bash_style_guide](https://github.com/tatanus/bash_style_guide) repository for full context.
118111

119112
---
120113

@@ -137,6 +130,6 @@ Documentation improvements are highly valued! If you see errors or areas to enha
137130

138131
If you have any questions, feel free to reach out via:
139132

140-
- **Issues**: Use the [Issues](https://github.com/tatanus/BASH/issues) tab.
133+
- **Issues**: Use the Issues tab in the repository.
141134

142135
Thank you for contributing and helping make **BASH** better!

.github/PULL_REQUEST_TEMPLATE.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,7 @@ Please complete the checklist below to ensure your PR meets the project standard
5656
```bash
5757
shfmt -i 4 -ci -bn -kp -sr -ln bash -d .
5858
```
59-
- [ ] I have verified that my changes are consistent with the project's [Style Guide](./STYLEGUIDE.md).
59+
- [ ] I have verified that my changes are consistent with the project's [Style Guide](https://github.com/tatanus/bash_style_guide).
6060
- [ ] I have updated or added relevant tests (e.g., unit tests, test scripts).
6161
- [ ] All existing tests pass successfully after my changes.
6262
- [ ] I have added or updated documentation as needed, and linked any relevant PRs in related repositories (e.g., documentation or tools).

.github/SECURITY.md

Lines changed: 76 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,76 @@
1+
# Security Policy
2+
3+
## Supported Versions
4+
5+
The following versions of the project are actively supported for security updates:
6+
7+
| Version | Supported |
8+
|-----------|--------------------|
9+
| `v1.x` | ✅ Fully supported |
10+
| `<v1.0` | ❌ No longer supported |
11+
12+
Please ensure you're using the latest version of the project to receive the most up-to-date security fixes.
13+
14+
---
15+
16+
## Reporting a Vulnerability
17+
18+
If you discover a security vulnerability in the project, please follow these steps:
19+
20+
1. **Do not disclose the vulnerability publicly**.
21+
- Report it directly to the maintainers so a fix can be developed before disclosure.
22+
2. **Submit a private report**:
23+
- Alternative: open a [private security advisory on GitHub](https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/creating-a-repository-security-advisory) if available.
24+
3. **Wait for acknowledgment**:
25+
- You should receive confirmation within **3 business days**. If you don’t, please follow up.
26+
27+
---
28+
29+
## Vulnerability Disclosure Process
30+
31+
1. Upon receiving a report, the maintainers will:
32+
- Confirm the vulnerability.
33+
- Investigate and develop a fix or mitigation.
34+
35+
2. Once a fix is ready:
36+
- The reporter will be notified.
37+
- A patch or release will be prepared.
38+
- Security advisories will be drafted.
39+
40+
3. Public disclosure:
41+
- The vulnerability will be disclosed publicly alongside the fix, after a reasonable grace period to allow users to update.
42+
43+
---
44+
45+
## Security Best Practices for Contributors
46+
47+
To help keep the project secure, contributors should follow these practices:
48+
49+
1. **Validate Inputs**:
50+
- Always sanitize and validate user inputs to prevent injection vulnerabilities.
51+
52+
2. **Principle of Least Privilege**:
53+
- Avoid running scripts or code with unnecessary privileges.
54+
55+
3. **Protect Secrets**:
56+
- Never hardcode sensitive information (e.g., credentials, tokens, API keys).
57+
- Use environment variables or secret managers.
58+
59+
4. **Static Analysis / Linters**:
60+
- Run project-specific security tools before submitting contributions.
61+
- For Bash projects, this includes:
62+
```bash
63+
shellcheck --shell=bash --external-sources -x -S style -f gcc <script.sh>
64+
shfmt -i 4 -ci -bn -kp -sr -ln bash -d .
65+
```
66+
67+
5. **Secure Storage**:
68+
- Encrypt sensitive files and data at rest, or store them in secure locations only.
69+
70+
---
71+
72+
## Contact
73+
74+
For additional security concerns or questions, please contact:
75+
- Email: `<security@project.org>`
76+
- GitHub Issues: Use the [Issues](../../issues) tab for **non-sensitive reports** only.

.github/SUPPORT.md

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
# Support
2+
3+
Thanks for using this project. We aim to keep support lightweight and transparent.
4+
5+
## Where to get help
6+
- **Questions / How-to**: Open a *Discussion* (Q&A category).
7+
- **Bugs**: Open an *Issue* using the Bug template. Include:
8+
- steps to reproduce, expected vs. actual behavior
9+
- OS / distro and version (e.g., Ubuntu 22.04, macOS 14)
10+
- `bash --version` and relevant logs (with secrets redacted)
11+
- **Feature requests**: Open an *Issue* with the use-case and proposed UX.
12+
- **Security issues**: **Do not** open a public issue. See `SECURITY.md` for private reporting.
13+
14+
## Service levels (community project)
15+
- First response target: **3 business days**
16+
- Resolution: best-effort; prioritized by impact and maintainers’ availability
17+
- Supported environments (target): Ubuntu LTS (22.04/24.04), macOS 13+ with Homebrew
18+
19+
## Before filing
20+
- Run the linters/tests locally (see `README.md` and `Makefile`).
21+
- Search existing issues/discussions.
22+
23+
## Useful links
24+
- `README.md` – Quickstart and usage
25+
- `CONTRIBUTING.md` – Dev environment, style, commit guidelines
26+
- `SECURITY.md` – Security policy and reporting

.gitignore

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -68,3 +68,5 @@ build/
6868

6969
.state/
7070
outputs/
71+
72+
menu_timestamps

.gitmodules

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,3 @@
11
[submodule "lib/common_core"]
2-
branch = main
32
path = lib/common_core
43
url = https://github.com/tatanus/common_core

.markdownlint.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
default: true
22
MD013:
3-
line_length: 120 # setup docs tend to have longer command lines
3+
line_length: 100
44
code_blocks: false
55
MD024:
66
siblings_only: true

CITATION.cff

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
cff-version: 1.2.0
2+
message: "If you use this software, please cite it as below."
3+
title: "pentest_setup"
4+
abstract: "Opinionated Bash-based setup tooling with tests, linting, and CI for consistent developer environments."
5+
version: "0.9.0"
6+
date-released: "2025-09-11"
7+
authors:
8+
- given-names: "Adam"
9+
family-names: "Compton"
10+
repository-code: "https://github.com/tatanus/pentest_setup"
11+
license: "MIT"
12+
keywords: ["bash", "automation", "setup", "dotfiles", "dev-environment"]
13+

LICENSE

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
MIT License
22

3-
Copyright (c) 2025 Adam Compton
3+
Copyright (c) 2024 Adam Compton
44

55
Permission is hereby granted, free of charge, to any person obtaining a copy
66
of this software and associated documentation files (the "Software"), to deal

0 commit comments

Comments
 (0)