From d252540f3d0ad8bf0f2919e4400f2df845dce122 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 13:23:47 -0500 Subject: [PATCH 01/78] workflows --- .github/workflows/update-deps.yml | 39 +++++++++++++ .github/workflows/validate.yml | 96 +++++++++++++++++++++++++++++++ 2 files changed, 135 insertions(+) create mode 100644 .github/workflows/update-deps.yml create mode 100644 .github/workflows/validate.yml diff --git a/.github/workflows/update-deps.yml b/.github/workflows/update-deps.yml new file mode 100644 index 00000000..c094c341 --- /dev/null +++ b/.github/workflows/update-deps.yml @@ -0,0 +1,39 @@ +name: Update Dependencies + +on: + schedule: + - cron: '0 0 * * 0' # Run weekly + workflow_dispatch: # Allow manual triggers + +jobs: + update: + runs-on: macos-latest + steps: + - uses: actions/checkout@v4 + + - name: Setup Homebrew + run: | + brew update + brew upgrade + + - name: Update mise + run: | + brew install mise + mise upgrade + + - name: Create Pull Request + uses: peter-evans/create-pull-request@v5 + with: + token: ${{ secrets.GITHUB_TOKEN }} + branch: update-dependencies + title: 'chore: update dependencies' + commit-message: 'chore: update dependencies' + body: | + Updates dependencies to their latest versions: + + - Homebrew packages + - mise tools + + This PR was automatically created by GitHub Actions. + labels: dependencies,automated + delete-branch: true \ No newline at end of file diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml new file mode 100644 index 00000000..7a64a65b --- /dev/null +++ b/.github/workflows/validate.yml @@ -0,0 +1,96 @@ +name: Validate Dotfiles + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + schedule: + - cron: '0 0 * * 0' # Run weekly + +jobs: + validate: + runs-on: macos-latest + steps: + - uses: actions/checkout@v4 + + - name: Setup Homebrew + run: | + brew update + brew install nushell neovim tmux git + + - name: Validate Nushell Configuration + run: | + for file in dot_config/nushell/*.nu.tmpl; do + nu --check $file + done + + - name: Validate Neovim Configuration + run: | + nvim --headless --noplugin -c "lua require('lazy').setup({})" -c q + + - name: Validate Tmux Configuration + run: | + tmux start-server + tmux source-file dot_config/tmux/tmux.conf + tmux kill-server + + - name: Check Git Configuration + run: | + git config --file dot_config/git/config.tmpl --list + + security: + runs-on: macos-latest + steps: + - uses: actions/checkout@v4 + + - name: Run TruffleHog + uses: trufflesecurity/trufflehog@main + with: + path: ./ + base: ${{ github.event.repository.default_branch }} + head: HEAD + + - name: Check for GPG Keys + run: | + if grep -r "BEGIN PGP" .; then + echo "Warning: Possible GPG key found in repository" + exit 1 + fi + + dependencies: + runs-on: macos-latest + steps: + - uses: actions/checkout@v4 + + - name: Setup Homebrew + run: | + brew update + brew outdated + + - name: Check mise Versions + run: | + brew install mise + mise install + mise list + + documentation: + runs-on: macos-latest + steps: + - uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: '20' + + - name: Install markdownlint + run: npm install -g markdownlint-cli + + - name: Lint Markdown + run: markdownlint '**/*.md' + + - name: Check for Broken Links + run: | + brew install lychee + lychee **/*.md \ No newline at end of file From 5868ce46071a9cabc5779426f78be66d785ed75e Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 13:26:02 -0500 Subject: [PATCH 02/78] fix markdown --- .github/workflows/markdown-lint.yml | 83 +++++++++++++++++++++++++++++ .github/workflows/validate.yml | 2 +- .markdownlint.json | 25 +++++++++ 3 files changed, 109 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/markdown-lint.yml create mode 100644 .markdownlint.json diff --git a/.github/workflows/markdown-lint.yml b/.github/workflows/markdown-lint.yml new file mode 100644 index 00000000..8bfec32d --- /dev/null +++ b/.github/workflows/markdown-lint.yml @@ -0,0 +1,83 @@ +name: Markdown Lint and Fix + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + schedule: + - cron: '0 0 * * 0' # Run weekly + workflow_dispatch: # Allow manual triggers + +jobs: + lint: + runs-on: macos-latest + steps: + - uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: '20' + + - name: Install markdownlint + run: npm install -g markdownlint-cli markdownlint-cli2 + + - name: Lint Markdown + run: markdownlint '**/*.md' + + fix: + runs-on: macos-latest + if: github.event_name == 'workflow_dispatch' || github.event_name == 'schedule' + steps: + - uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: '20' + + - name: Install markdownlint + run: npm install -g markdownlint-cli markdownlint-cli2 + + - name: Fix Markdown + run: | + # Fix line length issues + find . -name "*.md" -exec sed -i '' 's/\([^ ]\{80,\}\)/\1\n/g' {} \; + + # Add blank lines around lists + find . -name "*.md" -exec sed -i '' 's/^\([^#\n].*\)$/\n\1\n/g' {} \; + + # Add blank lines around headings + find . -name "*.md" -exec sed -i '' 's/^\(#.*\)$/\n\1\n/g' {} \; + + # Add blank lines around code blocks + find . -name "*.md" -exec sed -i '' 's/^```\([^`]*\)$/```\1\n/g' {} \; + + # Remove trailing spaces + find . -name "*.md" -exec sed -i '' 's/[[:space:]]*$//g' {} \; + + # Ensure files end with a single newline + find . -name "*.md" -exec sed -i '' -e :a -e '/^\n*$/{$d;N;ba' -e '}' {} \; + find . -name "*.md" -exec sh -c 'echo "" >> "$1"' sh {} \; + + - name: Create Pull Request + uses: peter-evans/create-pull-request@v5 + with: + token: ${{ secrets.GITHUB_TOKEN }} + branch: fix-markdown-formatting + title: 'style: fix markdown formatting' + commit-message: 'style: fix markdown formatting' + body: | + Fixes markdown formatting issues: + + - Line length limits + - Blank lines around lists + - Blank lines around headings + - Blank lines around code blocks + - Trailing spaces + - File endings + + This PR was automatically created by GitHub Actions. + labels: documentation,automated + delete-branch: true \ No newline at end of file diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 7a64a65b..d24f9837 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -88,7 +88,7 @@ jobs: run: npm install -g markdownlint-cli - name: Lint Markdown - run: markdownlint '**/*.md' + run: markdownlint --config .markdownlint.json '**/*.md' - name: Check for Broken Links run: | diff --git a/.markdownlint.json b/.markdownlint.json new file mode 100644 index 00000000..eac4fc2d --- /dev/null +++ b/.markdownlint.json @@ -0,0 +1,25 @@ +{ + "default": true, + "MD013": { + "line_length": 100, + "code_blocks": false, + "tables": false + }, + "MD033": { + "allowed_elements": ["a", "img", "br", "hr", "code", "pre"] + }, + "MD041": false, + "MD024": { + "siblings_only": true + }, + "MD026": { + "punctuation": ".,;:!" + }, + "MD029": { + "style": "ordered" + }, + "MD036": false, + "MD047": { + "require_newline_at_eof": true + } +} \ No newline at end of file From 4bedff6c0842239da7c622fc05584b4d68dd5049 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 13:26:45 -0500 Subject: [PATCH 03/78] fix nushell thing --- .github/workflows/validate.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index d24f9837..46636e41 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -22,7 +22,9 @@ jobs: - name: Validate Nushell Configuration run: | for file in dot_config/nushell/*.nu.tmpl; do - nu --check $file + echo "Validating $file..." + # Use nushell to parse the file without executing it + nu --no-config-file -c "source $file; exit 0" || { echo "Error in $file"; exit 1; } done - name: Validate Neovim Configuration From a6fd9786392e823f398b66d64883f8148b4c96b3 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 13:27:53 -0500 Subject: [PATCH 04/78] security --- .github/workflows/validate.yml | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 46636e41..999afc6c 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -46,12 +46,13 @@ jobs: steps: - uses: actions/checkout@v4 - - name: Run TruffleHog - uses: trufflesecurity/trufflehog@main - with: - path: ./ - base: ${{ github.event.repository.default_branch }} - head: HEAD + - name: Install TruffleHog + run: | + brew install trufflesecurity/tap/trufflehog + + - name: Scan for Secrets + run: | + trufflehog filesystem --directory . --json | jq -r '.SourceMetadata.Data.Filesystem.file' || true - name: Check for GPG Keys run: | @@ -60,6 +61,15 @@ jobs: exit 1 fi + - name: Check for API Keys and Tokens + run: | + # Check for common API key patterns + if grep -r -E "(api[_-]?key|token|secret|password|credential)" --include="*.{json,yaml,yml,toml,env,conf,config,nu,lua,tmpl}" .; then + echo "Warning: Possible API keys or tokens found in repository" + # Don't fail the build, just warn + # exit 1 + fi + dependencies: runs-on: macos-latest steps: From 47fd429ea09cffb57c0e40e3eeeca8daab4e60e7 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 15:26:16 -0500 Subject: [PATCH 05/78] fixed pokeget issue --- dot_config/nushell/env.nu.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dot_config/nushell/env.nu.tmpl b/dot_config/nushell/env.nu.tmpl index b5e38cdc..a0d4314e 100644 --- a/dot_config/nushell/env.nu.tmpl +++ b/dot_config/nushell/env.nu.tmpl @@ -8,7 +8,7 @@ $env.PATH = ($env.PATH | '/usr/local/bin' '/opt/homebrew/opt/libpq/bin' "/Library/Developer/CommandLineTools/usr/bin" - $env.HOME | path join ".cargo/bin" + ($env.HOME | path join ".cargo/bin") ] | uniq ) From ae8cf0b7c7bc2bc854a0fa2daeb942f13bfb51af Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 15:26:47 -0500 Subject: [PATCH 06/78] ignored and hidden files are displayed in snacks explorer sidebar --- dot_config/nvim/lua/plugins/snacks.lua | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/dot_config/nvim/lua/plugins/snacks.lua b/dot_config/nvim/lua/plugins/snacks.lua index b524e374..fa4fd822 100644 --- a/dot_config/nvim/lua/plugins/snacks.lua +++ b/dot_config/nvim/lua/plugins/snacks.lua @@ -11,6 +11,20 @@ return { indent = { enabled = true }, input = { enabled = true }, notifier = { enabled = true }, + picker = { + enabled = true, + exclude = { -- add folder names here to exclude + ".git", + "node_modules", + }, + sources = { + explorer = { + auto_close = true, + hidden = true, + ignored = true, + }, + }, + }, quickfile = { enabled = true }, scope = { enabled = true }, scroll = { enabled = false }, From a42a4f1a64cdca91a5e3ef6502ddaa5ce5f9aa88 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:04:10 -0500 Subject: [PATCH 07/78] readme lint --- .chezmoidata/treesitter.yaml | 60 ++++++++++++ dot_config/nushell/env.nu.tmpl | 5 + dot_config/nvim/README.md | 15 ++- .../nvim/lua/plugins/llm/codecompanion.lua | 13 +-- dot_config/nvim/lua/plugins/lsp/blink.lua | 18 ++++ .../nvim/lua/plugins/lsp/nvim-treesitter.lua | 98 ------------------- .../lua/plugins/lsp/nvim-treesitter.lua.tmpl | 23 +++++ dot_config/nvim/lua/plugins/snacks.lua | 2 +- 8 files changed, 128 insertions(+), 106 deletions(-) create mode 100644 .chezmoidata/treesitter.yaml create mode 100644 dot_config/nvim/lua/plugins/lsp/blink.lua delete mode 100644 dot_config/nvim/lua/plugins/lsp/nvim-treesitter.lua create mode 100644 dot_config/nvim/lua/plugins/lsp/nvim-treesitter.lua.tmpl diff --git a/.chezmoidata/treesitter.yaml b/.chezmoidata/treesitter.yaml new file mode 100644 index 00000000..4e4f3b3e --- /dev/null +++ b/.chezmoidata/treesitter.yaml @@ -0,0 +1,60 @@ +treesitter: + ensure_installed: + - bash + - cmake + - comment + - csv + - diff + - dockerfile + - dot + - embedded_template + - elixir + - git_config + - gitignore + - gleam + - gpg + - graphql + - html + - html + - java + - javascript + - json + - jq + - kotlin + - llvm + - lua + - luadoc + - latex + - markdown + - markdown_inline + - nu + - nix + - nginx + - norg + - python + - proto + - query + - readline + - r + - regex + - rust + - ruby + - ssh_config + - swift + - svelte + - superhtml + - ssh_config + - sql + - scss + - scala + - toml + - tsx + - typescript + - tmux + - typst + - terraform + - vim + - vimdoc + - xml + - yaml + - zig diff --git a/dot_config/nushell/env.nu.tmpl b/dot_config/nushell/env.nu.tmpl index a0d4314e..2d9158fc 100644 --- a/dot_config/nushell/env.nu.tmpl +++ b/dot_config/nushell/env.nu.tmpl @@ -86,3 +86,8 @@ $env.STARSHIP_CONFIG = $env.XDG_CONFIG_HOME | path join "starship/starship.toml" ## $env.BAT_THEME = "Catppuccin {{ title .CATPPUCCIN_FLAVOR }}" $env.MANPAGER = "sh -c 'sed -u -e \"s/\\x1B[[0-9;]*m//g; s/.\\x08//g\" | bat -p -lman'" + +## +## CODE COMPANION NVIM +## +$env.CODECOMPANION_TOKEN_PATH = $env.XDG_CONFIG_HOME; diff --git a/dot_config/nvim/README.md b/dot_config/nvim/README.md index b33f690d..1e75accd 100644 --- a/dot_config/nvim/README.md +++ b/dot_config/nvim/README.md @@ -1,6 +1,7 @@ # Neovim Configuration -A modern Neovim configuration built on top of LazyVim, featuring a beautiful and functional setup with various plugins and customizations. +A modern Neovim configuration built on top of LazyVim, +featuring a beautiful and functional setup with various plugins and customizations. ## Features @@ -30,12 +31,14 @@ A modern Neovim configuration built on top of LazyVim, featuring a beautiful and ## Plugin Highlights ### Core Plugins + - [LazyVim](https://github.com/LazyVim/LazyVim) - Base configuration - [Catppuccin](https://github.com/catppuccin/nvim) - Beautiful theme - [Bufferline](https://github.com/akinsho/bufferline.nvim) - Tab management - [Lualine](https://github.com/nvim-lualine/lualine.nvim) - Status line ### Git Integration + - [blame.nvim](https://github.com/FabijanZulj/blame.nvim) - Git blame with virtual text - Custom date format - Virtual text style @@ -43,6 +46,7 @@ A modern Neovim configuration built on top of LazyVim, featuring a beautiful and - Custom mappings ### UI Enhancements + - [snacks.nvim](https://github.com/folke/snacks.nvim) - UI enhancements - Big file handling - Dashboard customization @@ -61,11 +65,13 @@ A modern Neovim configuration built on top of LazyVim, featuring a beautiful and 1. Ensure you have Neovim installed (version 0.9.0 or higher) 2. Clone this configuration using Chezmoi: + ```bash chezmoi init --apply ``` 3. Start Neovim and let Lazy.nvim install all plugins: + ```bash nvim ``` @@ -73,6 +79,7 @@ A modern Neovim configuration built on top of LazyVim, featuring a beautiful and ## Configuration Structure The configuration is organized as follows: + - `init.lua.tmpl` - Main configuration file (Chezmoi template) - `lua/plugins/` - Plugin configurations - `theme.lua` - Theme and UI settings @@ -82,14 +89,18 @@ The configuration is organized as follows: ## Customization ### Theme + The configuration uses Catppuccin theme with the following features: + - Transparent background - Mocha flavor - Custom styles for comments and conditionals - LSP integration with custom virtual text styles ### Git Blame + Custom git blame configuration includes: + - Date format: DD.MM.YYYY - Virtual text style - Custom key mappings: @@ -100,7 +111,9 @@ Custom git blame configuration includes: - `` or `q` - Close ### UI Enhancements + Snacks.nvim provides various UI improvements: + - Big file handling - Dashboard customization - Git browse integration diff --git a/dot_config/nvim/lua/plugins/llm/codecompanion.lua b/dot_config/nvim/lua/plugins/llm/codecompanion.lua index 1090d6ae..a44a629c 100644 --- a/dot_config/nvim/lua/plugins/llm/codecompanion.lua +++ b/dot_config/nvim/lua/plugins/llm/codecompanion.lua @@ -3,16 +3,17 @@ return { { "olimorris/codecompanion.nvim", - opts = { - llm = { - provider = "copilot", - model = "claude-3-sonnet-20240229", - } - }, dependencies = { "nvim-lua/plenary.nvim", "nvim-treesitter/nvim-treesitter", "zbirenbaum/copilot.lua", + "saghen/blink.cmp", + }, + opts = { + llm = { + provider = "copilot", + model = "claude-3-sonnet-20240229", + }, }, }, } diff --git a/dot_config/nvim/lua/plugins/lsp/blink.lua b/dot_config/nvim/lua/plugins/lsp/blink.lua new file mode 100644 index 00000000..2ad95460 --- /dev/null +++ b/dot_config/nvim/lua/plugins/lsp/blink.lua @@ -0,0 +1,18 @@ +return { + { + "saghen/blink.cmp", + lazy = false, + version = "*", + opts = { + keymap = { + preset = "enter", + [""] = { "select_prev", "fallback" }, + [""] = { "select_next", "fallback" }, + }, + cmdline = { sources = { "cmdline" } }, + sources = { + default = { "lsp", "path", "buffer", "codecompanion" }, + }, + }, + }, +} diff --git a/dot_config/nvim/lua/plugins/lsp/nvim-treesitter.lua b/dot_config/nvim/lua/plugins/lsp/nvim-treesitter.lua deleted file mode 100644 index 1a04d6b2..00000000 --- a/dot_config/nvim/lua/plugins/lsp/nvim-treesitter.lua +++ /dev/null @@ -1,98 +0,0 @@ -return { - { - "nvim-treesitter/nvim-treesitter", - dependencies = { "RRethy/nvim-treesitter-endwise" }, - endwise = { enable = true }, - auto_install = true, - - config = function(_, opts) - require("nvim-treesitter.configs").setup(opts) - vim.treesitter.language.register("lua", "lua.tmpl") - vim.treesitter.language.register("toml", "toml.tmpl") - end, - - opts = function(_, opts) - vim.list_extend(opts.ensure_installed, { - "bash", - - "cmake", - "comment", - "csv", - - "diff", - "dockerfile", - "dot", - - "embedded_template", - "elixir", - - "git_config", - "gitignore", - "gleam", - "gpg", - "graphql", - "html", - - "html", - - "java", - "javascript", - "json", - "jq", - - "kotlin", - - "llvm", - - "lua", - "luadoc", - "latex", - - "markdown", - "markdown_inline", - - "nu", - "nix", - "nginx", - "norg", - - "python", - "proto", - - "query", - - "readline", - "r", - "regex", - "rust", - "ruby", - - "ssh_config", - "swift", - "svelte", - "superhtml", - "ssh_config", - "sql", - "scss", - "scala", - - "toml", - "tsx", - "typescript", - "tmux", - "typst", - "terraform", - "templ", - - "vim", - "vimdoc", - - "xml", - - "yaml", - - "zig", - }) - end, - }, -} diff --git a/dot_config/nvim/lua/plugins/lsp/nvim-treesitter.lua.tmpl b/dot_config/nvim/lua/plugins/lsp/nvim-treesitter.lua.tmpl new file mode 100644 index 00000000..edc8d256 --- /dev/null +++ b/dot_config/nvim/lua/plugins/lsp/nvim-treesitter.lua.tmpl @@ -0,0 +1,23 @@ +return { + { + "nvim-treesitter/nvim-treesitter", + dependencies = { "RRethy/nvim-treesitter-endwise" }, + endwise = { enable = true }, + auto_install = true, + + config = function(_, opts) + require("nvim-treesitter.configs").setup(opts) + vim.treesitter.language.register("lua", "lua.tmpl") + vim.treesitter.language.register("toml", "toml.tmpl") + end, + + opts = function(_, opts) + vim.list_extend(opts.ensure_installed, { + {{- range $package := .treesitter.ensure_installed -}} + "{{.}}", + + {{- end -}} + }) + end, + }, +} diff --git a/dot_config/nvim/lua/plugins/snacks.lua b/dot_config/nvim/lua/plugins/snacks.lua index fa4fd822..696674d9 100644 --- a/dot_config/nvim/lua/plugins/snacks.lua +++ b/dot_config/nvim/lua/plugins/snacks.lua @@ -19,7 +19,7 @@ return { }, sources = { explorer = { - auto_close = true, + auto_close = false, hidden = true, ignored = true, }, From c4c0c58bff89cb53ee728148eca59b6b173cbd1b Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:05:42 -0500 Subject: [PATCH 08/78] readme lint --- dot_config/obsidian/README.md | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/dot_config/obsidian/README.md b/dot_config/obsidian/README.md index 1e4a42f3..dacad96e 100644 --- a/dot_config/obsidian/README.md +++ b/dot_config/obsidian/README.md @@ -1,6 +1,7 @@ # Obsidian Configuration -A personalized Obsidian setup for knowledge management and note-taking, integrated with Neovim for enhanced editing capabilities. +A personalized Obsidian setup for knowledge management and note-taking, +integrated with Neovim for enhanced editing capabilities. ## Features @@ -22,6 +23,7 @@ A personalized Obsidian setup for knowledge management and note-taking, integrat ## Configuration Structure The configuration is managed through Chezmoi: + - `.chezmoiexternal.toml.tmpl` - External template configuration - Vault-specific configurations - Plugin settings @@ -29,11 +31,13 @@ The configuration is managed through Chezmoi: ## Installation 1. Clone this configuration using Chezmoi: + ```bash chezmoi init --apply ``` 2. Install Obsidian: + ```bash brew install --cask obsidian ``` @@ -43,17 +47,21 @@ The configuration is managed through Chezmoi: ## Customization ### Vault Management + - Multiple vault support - Custom vault organization - Neovim integration for editing ### Plugin Settings + Configured plugins include: + - Core plugins - Community plugins - Custom settings ### Theme and Styling + - Custom CSS snippets - Theme settings - Layout preferences @@ -61,6 +69,7 @@ Configured plugins include: ## Neovim Integration The configuration includes Neovim integration for enhanced editing: + - Custom commands for vault access - Plugin support - Syntax highlighting @@ -74,4 +83,4 @@ The configuration includes Neovim integration for enhanced editing: ## Contributing -Feel free to submit issues and enhancement requests! \ No newline at end of file +Feel free to submit issues and enhancement requests! From b04d17b1e21bf2109cad042492170be4fac76db4 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:09:46 -0500 Subject: [PATCH 09/78] readme lint --- dot_config/git/README.md | 12 +++++++++++- dot_config/tmux/README.md | 14 ++++++++++++-- 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/dot_config/git/README.md b/dot_config/git/README.md index 74876cf7..1e156f81 100644 --- a/dot_config/git/README.md +++ b/dot_config/git/README.md @@ -5,6 +5,7 @@ A comprehensive Git configuration with custom aliases, hooks, and settings for e ## Features - **Custom Aliases** + - Quick access to common Git commands - Enhanced workflow shortcuts - Repository management helpers @@ -23,6 +24,7 @@ A comprehensive Git configuration with custom aliases, hooks, and settings for e ## Configuration Structure The configuration is managed through Chezmoi templates: + - `config.tmpl` - Main Git configuration (Chezmoi template) - `.chezmoiexternal.toml` - External template configuration - `dot_gitignore` - Global gitignore patterns @@ -30,11 +32,13 @@ The configuration is managed through Chezmoi templates: ## Installation 1. Clone this configuration using Chezmoi: + ```bash chezmoi init --apply ``` 2. Ensure Git is installed: + ```bash brew install git ``` @@ -42,20 +46,26 @@ The configuration is managed through Chezmoi templates: ## Customization ### Global Settings + The configuration includes: + - Default editor settings - Branch naming conventions - Commit message templates - GPG signing configuration ### Git Hooks + Custom hooks are available for: + - Pre-commit checks - Post-merge actions - Workflow automation ### Aliases + Common Git aliases include: + - Quick status checks - Branch management - Commit shortcuts @@ -69,4 +79,4 @@ Common Git aliases include: ## Contributing -Feel free to submit issues and enhancement requests! \ No newline at end of file +Feel free to submit issues and enhancement requests! diff --git a/dot_config/tmux/README.md b/dot_config/tmux/README.md index d8e57942..9c7a11d0 100644 --- a/dot_config/tmux/README.md +++ b/dot_config/tmux/README.md @@ -1,6 +1,7 @@ # Tmux Configuration -A modern and functional Tmux configuration with Catppuccin theme integration, custom keybindings, and productivity features. +A modern and functional Tmux configuration with Catppuccin theme integration, +custom keybindings, and productivity features. ## Features @@ -18,6 +19,7 @@ A modern and functional Tmux configuration with Catppuccin theme integration, cu ## Configuration Structure The configuration is split into multiple files for better organization: + - `tmux.conf` - Main configuration file - `tmux.keybindings.conf` - Custom keybindings - `tmux.pomodoro.conf` - Pomodoro timer settings @@ -27,11 +29,13 @@ The configuration is split into multiple files for better organization: ## Installation 1. Clone this configuration using Chezmoi: + ```bash chezmoi init --apply ``` 2. Ensure Tmux is installed: + ```bash brew install tmux ``` @@ -39,20 +43,26 @@ The configuration is split into multiple files for better organization: ## Customization ### Theme + The configuration uses Catppuccin theme with: + - Transparent background support - Custom status line colors - Theme variables managed through Chezmoi ### Keybindings + Custom keybindings are organized in `tmux.keybindings.conf`: + - Window management - Pane splitting and navigation - Session management - Copy mode enhancements ### Pomodoro Timer + The Pomodoro timer configuration includes: + - Custom timer durations - Visual notifications - Status bar integration @@ -64,4 +74,4 @@ The Pomodoro timer configuration includes: ## Contributing -Feel free to submit issues and enhancement requests! \ No newline at end of file +Feel free to submit issues and enhancement requests! From a469e29da78630d07d37a4625fc71ceaaf159bab Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:13:23 -0500 Subject: [PATCH 10/78] readme lint --- README.md | 14 +++++++++++++- dot_config/nushell/README.md | 15 ++++++++++++++- 2 files changed, 27 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d7e90b22..a27d2fdf 100644 --- a/README.md +++ b/README.md @@ -1,17 +1,22 @@ # Dotfiles -My personal dotfiles managed with [Chezmoi](https://www.chezmoi.io/), featuring a modern and efficient development environment setup. +My personal dotfiles managed with [Chezmoi](https://www.chezmoi.io/), featuring a modern and +efficient development environment setup. ## Components ### Shell Environment + - [Nushell Configuration](dot_config/nushell/README.md) + - Modern shell with enhanced features - Custom aliases and functions - Work environment integration ### Development Tools + - [Neovim Configuration](dot_config/nvim/README.md) + - LazyVim-based setup - Catppuccin theme - LSP integration @@ -23,14 +28,18 @@ My personal dotfiles managed with [Chezmoi](https://www.chezmoi.io/), featuring - Global settings ### Terminal Tools + - [Tmux Configuration](dot_config/tmux/README.md) + - Catppuccin theme - Pomodoro timer - Custom keybindings - Session management ### Knowledge Management + - [Obsidian Configuration](dot_config/obsidian/README.md) + - Multiple vault support - Neovim integration - Plugin configuration @@ -38,16 +47,19 @@ My personal dotfiles managed with [Chezmoi](https://www.chezmoi.io/), featuring ## Installation 1. Install Chezmoi: + ```bash brew install chezmoi ``` 2. Clone this repository: + ```bash chezmoi init --apply ``` 3. Install dependencies: + ```bash mise install ``` diff --git a/dot_config/nushell/README.md b/dot_config/nushell/README.md index 7eb2e682..fe2a4277 100644 --- a/dot_config/nushell/README.md +++ b/dot_config/nushell/README.md @@ -1,10 +1,14 @@ # Nushell Configuration -This repository contains my personal Nushell configuration, featuring a modern and efficient shell setup with various customizations and integrations. The configuration is managed using [Chezmoi](https://www.chezmoi.io/), a dotfiles manager that allows for template-based configuration. +This repository contains my personal Nushell configuration, featuring a modern +and efficient shell setup with various customizations and integrations. +The configuration is managed using [Chezmoi](https://www.chezmoi.io/), +a dotfiles manager that allows for template-based configuration. ## Configuration Structure All Nushell configuration files are Chezmoi templates with the `.nu.tmpl` extension: + - `config.nu.tmpl` - Main configuration file - `aliases.nu.tmpl` - Custom aliases and functions - `env.nu.tmpl` - Environment variables @@ -42,17 +46,20 @@ All Nushell configuration files are Chezmoi templates with the `.nu.tmpl` extens ## Aliases ### Directory Navigation + - `l` - List directory contents - `ll` - List all files (including hidden) - `la` - List all files with details ### Chezmoi + - `chezmoi_update` - Update dotfiles excluding scripts - `cia` - Quick apply dotfiles - `chezmoi_data` - View Chezmoi configuration - `chezmoi_data_edit` - Edit Chezmoi configuration ### Other + - `y` - Launch Yazi file manager - `cat` - Use `bat` for file viewing - `tks` - Kill tmux server @@ -60,6 +67,7 @@ All Nushell configuration files are Chezmoi templates with the `.nu.tmpl` extens ## Custom Functions ### GitHub Management + - `gh-create-repo` - Create new repositories - `gh-clone-repo` - Clone repositories - `gh-list-repos` - List repositories @@ -68,6 +76,7 @@ All Nushell configuration files are Chezmoi templates with the `.nu.tmpl` extens - `gh-open-repo` - Open repository in browser ### System Management + - `poke_system_info` - Display system information with random Pokemon - `reset_nvim` - Reset Neovim configuration - `obsidian_nvim` - Open Obsidian vault in Neovim @@ -88,21 +97,25 @@ All Nushell configuration files are Chezmoi templates with the `.nu.tmpl` extens ## Installation 1. Clone this repository using Chezmoi: + ```bash chezmoi init --apply ``` 2. Configure Chezmoi data (if not already done): + ```bash chezmoi data ``` 3. Ensure all dependencies are installed: + ```bash mise install ``` 4. Restart your shell or source the configuration: + ```bash source ~/.config/nushell/config.nu ``` From 0ec830256808beb36ec2d89ba5dc3ecd6faa8a85 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:18:41 -0500 Subject: [PATCH 11/78] tree --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a27d2fdf..a22cb963 100644 --- a/README.md +++ b/README.md @@ -66,7 +66,7 @@ efficient development environment setup. ## Structure -``` +```tree . ├── dot_config/ │ ├── nushell/ # Shell configuration From a15372241d478356011390fc6f97056e57ebce8b Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:22:38 -0500 Subject: [PATCH 12/78] validate github action fixes --- .github/workflows/validate.yml | 29 ++++++++++++++++++++++++++--- 1 file changed, 26 insertions(+), 3 deletions(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 999afc6c..74be2caf 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -21,6 +21,22 @@ jobs: - name: Validate Nushell Configuration run: | + # Create necessary directories + mkdir -p ~/.config/nushell + mkdir -p ~/Library/Application\ Support/nushell + + # Create empty placeholder files to satisfy dependencies + touch ~/.config/nushell/env.nu + touch ~/.config/nushell/aliases.nu + touch ~/.config/nushell/secrets.nu + touch ~/.config/nushell/work.nu + + # Copy Catppuccin theme files if they exist + if [ -d dot_config/nushell/.catppuccin ]; then + cp -r dot_config/nushell/.catppuccin ~/.config/nushell/ + fi + + # Validate each template file for file in dot_config/nushell/*.nu.tmpl; do echo "Validating $file..." # Use nushell to parse the file without executing it @@ -48,11 +64,18 @@ jobs: - name: Install TruffleHog run: | - brew install trufflesecurity/tap/trufflehog + brew tap trufflesecurity/tap || true + HOMEBREW_NO_INSTALL_FROM_API=1 brew install trufflesecurity/tap/trufflehog || \ + brew install --cask docker && \ + docker pull trufflesecurity/trufflehog:latest - name: Scan for Secrets run: | - trufflehog filesystem --directory . --json | jq -r '.SourceMetadata.Data.Filesystem.file' || true + if command -v trufflehog >/dev/null 2>&1; then + trufflehog filesystem --directory . --json | jq -r '.SourceMetadata.Data.Filesystem.file' || true + else + docker run --rm -v "$PWD:/repo" trufflesecurity/trufflehog:latest filesystem --directory /repo --json | jq -r '.SourceMetadata.Data.Filesystem.file' || true + fi - name: Check for GPG Keys run: | @@ -105,4 +128,4 @@ jobs: - name: Check for Broken Links run: | brew install lychee - lychee **/*.md \ No newline at end of file + lychee **/*.md From 5600eb397102f10c94123a5819687b436db899e5 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:23:20 -0500 Subject: [PATCH 13/78] nushell documentation --- dot_config/nushell/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dot_config/nushell/README.md b/dot_config/nushell/README.md index fe2a4277..0a539575 100644 --- a/dot_config/nushell/README.md +++ b/dot_config/nushell/README.md @@ -91,7 +91,7 @@ All Nushell configuration files are Chezmoi templates with the `.nu.tmpl` extens - [Neovim](https://neovim.io/) - [Yazi](https://github.com/sxyazi/yazi) - [bat](https://github.com/sharkdp/bat) -- [pokeget](https://github.com/taylorskalyo/kuro) +- [pokeget](https://github.com/talwat/pokeget) - [fastfetch](https://github.com/fastfetch-cli/fastfetch) ## Installation From a1547f35a42407bb3ba7704e8e04bb042e0549fa Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:24:06 -0500 Subject: [PATCH 14/78] replace bash mentions with zsh --- README.md | 6 +++--- dot_config/git/README.md | 4 ++-- dot_config/nushell/README.md | 8 ++++---- dot_config/nvim/README.md | 4 ++-- dot_config/obsidian/README.md | 4 ++-- dot_config/tmux/README.md | 4 ++-- 6 files changed, 15 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index a22cb963..2fb54c86 100644 --- a/README.md +++ b/README.md @@ -48,19 +48,19 @@ efficient development environment setup. 1. Install Chezmoi: - ```bash + ```zsh brew install chezmoi ``` 2. Clone this repository: - ```bash + ```zsh chezmoi init --apply ``` 3. Install dependencies: - ```bash + ```zsh mise install ``` diff --git a/dot_config/git/README.md b/dot_config/git/README.md index 1e156f81..8b94b7b9 100644 --- a/dot_config/git/README.md +++ b/dot_config/git/README.md @@ -33,13 +33,13 @@ The configuration is managed through Chezmoi templates: 1. Clone this configuration using Chezmoi: - ```bash + ```zsh chezmoi init --apply ``` 2. Ensure Git is installed: - ```bash + ```zsh brew install git ``` diff --git a/dot_config/nushell/README.md b/dot_config/nushell/README.md index 0a539575..16b3d795 100644 --- a/dot_config/nushell/README.md +++ b/dot_config/nushell/README.md @@ -98,25 +98,25 @@ All Nushell configuration files are Chezmoi templates with the `.nu.tmpl` extens 1. Clone this repository using Chezmoi: - ```bash + ```zsh chezmoi init --apply ``` 2. Configure Chezmoi data (if not already done): - ```bash + ```zsh chezmoi data ``` 3. Ensure all dependencies are installed: - ```bash + ```zsh mise install ``` 4. Restart your shell or source the configuration: - ```bash + ```zsh source ~/.config/nushell/config.nu ``` diff --git a/dot_config/nvim/README.md b/dot_config/nvim/README.md index 1e75accd..17a18419 100644 --- a/dot_config/nvim/README.md +++ b/dot_config/nvim/README.md @@ -66,13 +66,13 @@ featuring a beautiful and functional setup with various plugins and customizatio 2. Clone this configuration using Chezmoi: - ```bash + ```zsh chezmoi init --apply ``` 3. Start Neovim and let Lazy.nvim install all plugins: - ```bash + ```zsh nvim ``` diff --git a/dot_config/obsidian/README.md b/dot_config/obsidian/README.md index dacad96e..a147873e 100644 --- a/dot_config/obsidian/README.md +++ b/dot_config/obsidian/README.md @@ -32,13 +32,13 @@ The configuration is managed through Chezmoi: 1. Clone this configuration using Chezmoi: - ```bash + ```zsh chezmoi init --apply ``` 2. Install Obsidian: - ```bash + ```zsh brew install --cask obsidian ``` diff --git a/dot_config/tmux/README.md b/dot_config/tmux/README.md index 9c7a11d0..de8ed146 100644 --- a/dot_config/tmux/README.md +++ b/dot_config/tmux/README.md @@ -30,13 +30,13 @@ The configuration is split into multiple files for better organization: 1. Clone this configuration using Chezmoi: - ```bash + ```zsh chezmoi init --apply ``` 2. Ensure Tmux is installed: - ```bash + ```zsh brew install tmux ``` From 613df9b9b496551811bfb9c027ca70f8065bd9fd Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:25:39 -0500 Subject: [PATCH 15/78] fix validate.yaml nushell stuff --- .github/workflows/validate.yml | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 74be2caf..6d90d272 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -25,11 +25,20 @@ jobs: mkdir -p ~/.config/nushell mkdir -p ~/Library/Application\ Support/nushell - # Create empty placeholder files to satisfy dependencies - touch ~/.config/nushell/env.nu - touch ~/.config/nushell/aliases.nu - touch ~/.config/nushell/secrets.nu - touch ~/.config/nushell/work.nu + # Create basic env.nu file with minimal configuration + cat > ~/Library/Application\ Support/nushell/env.nu << 'EOF' + $env.config = { + show_banner: false, + } + EOF + + # Create basic config files in both locations + for file in env.nu aliases.nu secrets.nu work.nu; do + # Create in ~/.config/nushell + touch ~/.config/nushell/$file + # Create in ~/Library/Application Support/nushell + touch ~/Library/Application\ Support/nushell/$file + done # Copy Catppuccin theme files if they exist if [ -d dot_config/nushell/.catppuccin ]; then @@ -40,7 +49,7 @@ jobs: for file in dot_config/nushell/*.nu.tmpl; do echo "Validating $file..." # Use nushell to parse the file without executing it - nu --no-config-file -c "source $file; exit 0" || { echo "Error in $file"; exit 1; } + nu --no-config-file --env-config ~/Library/Application\ Support/nushell/env.nu -c "source $file; exit 0" || { echo "Error in $file"; exit 1; } done - name: Validate Neovim Configuration From f6f248a0eb436ca08b37f571c419f06921e7d70b Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:26:40 -0500 Subject: [PATCH 16/78] fix validate security --- .github/workflows/validate.yml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 6d90d272..807883c2 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -71,20 +71,19 @@ jobs: steps: - uses: actions/checkout@v4 + - name: Install and Configure Docker + run: | + brew install colima + colima start + - name: Install TruffleHog run: | - brew tap trufflesecurity/tap || true - HOMEBREW_NO_INSTALL_FROM_API=1 brew install trufflesecurity/tap/trufflehog || \ - brew install --cask docker && \ + # Try to install via docker directly since homebrew tap is failing docker pull trufflesecurity/trufflehog:latest - name: Scan for Secrets run: | - if command -v trufflehog >/dev/null 2>&1; then - trufflehog filesystem --directory . --json | jq -r '.SourceMetadata.Data.Filesystem.file' || true - else - docker run --rm -v "$PWD:/repo" trufflesecurity/trufflehog:latest filesystem --directory /repo --json | jq -r '.SourceMetadata.Data.Filesystem.file' || true - fi + docker run --rm -v "$PWD:/repo" trufflesecurity/trufflehog:latest filesystem --directory /repo --json | jq -r '.SourceMetadata.Data.Filesystem.file' || true - name: Check for GPG Keys run: | From 508b7181be6beebcc63271bc455fefc63d569449 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:29:05 -0500 Subject: [PATCH 17/78] idk what im fixing. i vibe coded this while wathcing tv --- .github/workflows/validate.yml | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 807883c2..8f766e37 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -73,12 +73,25 @@ jobs: - name: Install and Configure Docker run: | + # Install Docker CLI and Colima + brew install docker brew install colima + + # Start Colima with Docker runtime colima start + # Wait for Docker daemon to be ready + for i in {1..30}; do + if docker info > /dev/null 2>&1; then + break + fi + echo "Waiting for Docker daemon to be ready..." + sleep 1 + done + - name: Install TruffleHog run: | - # Try to install via docker directly since homebrew tap is failing + # Pull TruffleHog image docker pull trufflesecurity/trufflehog:latest - name: Scan for Secrets From 85e54b86a7d33e1b04db7a8567bff29c9003d78c Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:34:40 -0500 Subject: [PATCH 18/78] gitleaks --- .chezmoidata/homebrew.yaml | 2 - .github/workflows/validate.yml | 72 +++++++++++----------------------- 2 files changed, 23 insertions(+), 51 deletions(-) diff --git a/.chezmoidata/homebrew.yaml b/.chezmoidata/homebrew.yaml index 1d7cfd51..fc6d0e7f 100644 --- a/.chezmoidata/homebrew.yaml +++ b/.chezmoidata/homebrew.yaml @@ -104,7 +104,6 @@ homebrew: - cmake - cmake-docs - cspell - - colima - colordiff - coreutils - charmbracelet/tap/mods @@ -169,7 +168,6 @@ homebrew: - libffi - libgit2 - libpq - - lima - links - lua - lua-language-server diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 8f766e37..94336dae 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -19,6 +19,10 @@ jobs: brew update brew install nushell neovim tmux git + - name: Install Chezmoi + run: | + brew install chezmoi + - name: Validate Nushell Configuration run: | # Create necessary directories @@ -40,16 +44,22 @@ jobs: touch ~/Library/Application\ Support/nushell/$file done - # Copy Catppuccin theme files if they exist - if [ -d dot_config/nushell/.catppuccin ]; then - cp -r dot_config/nushell/.catppuccin ~/.config/nushell/ - fi + # Create minimal chezmoi config + mkdir -p ~/.config/chezmoi + cat > ~/.config/chezmoi/chezmoi.toml << 'EOF' + [data] + WORK_ENVIRONMENT = false + CATPPUCCIN_FLAVOR = "mocha" + EOF - # Validate each template file + # Initialize chezmoi and apply templates + chezmoi init --source=. + + # Validate each template file after processing for file in dot_config/nushell/*.nu.tmpl; do echo "Validating $file..." - # Use nushell to parse the file without executing it - nu --no-config-file --env-config ~/Library/Application\ Support/nushell/env.nu -c "source $file; exit 0" || { echo "Error in $file"; exit 1; } + processed_file=$(chezmoi cat "$file") + echo "$processed_file" | nu --no-config-file --env-config ~/Library/Application\ Support/nushell/env.nu -c "source /dev/stdin; exit 0" || { echo "Error in $file"; exit 1; } done - name: Validate Neovim Configuration @@ -67,52 +77,16 @@ jobs: git config --file dot_config/git/config.tmpl --list security: - runs-on: macos-latest + runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - - name: Install and Configure Docker - run: | - # Install Docker CLI and Colima - brew install docker - brew install colima - - # Start Colima with Docker runtime - colima start - - # Wait for Docker daemon to be ready - for i in {1..30}; do - if docker info > /dev/null 2>&1; then - break - fi - echo "Waiting for Docker daemon to be ready..." - sleep 1 - done - - - name: Install TruffleHog - run: | - # Pull TruffleHog image - docker pull trufflesecurity/trufflehog:latest + with: + fetch-depth: 0 - name: Scan for Secrets - run: | - docker run --rm -v "$PWD:/repo" trufflesecurity/trufflehog:latest filesystem --directory /repo --json | jq -r '.SourceMetadata.Data.Filesystem.file' || true - - - name: Check for GPG Keys - run: | - if grep -r "BEGIN PGP" .; then - echo "Warning: Possible GPG key found in repository" - exit 1 - fi - - - name: Check for API Keys and Tokens - run: | - # Check for common API key patterns - if grep -r -E "(api[_-]?key|token|secret|password|credential)" --include="*.{json,yaml,yml,toml,env,conf,config,nu,lua,tmpl}" .; then - echo "Warning: Possible API keys or tokens found in repository" - # Don't fail the build, just warn - # exit 1 - fi + uses: gitleaks/gitleaks-action@v2 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} dependencies: runs-on: macos-latest From a17f037aad4589bfdc90b8c544601d8fe996faeb Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:36:14 -0500 Subject: [PATCH 19/78] security --- .github/workflows/validate.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 94336dae..cad14c97 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -83,10 +83,13 @@ jobs: with: fetch-depth: 0 + - name: Install TruffleHog + run: | + pip install trufflehog + - name: Scan for Secrets - uses: gitleaks/gitleaks-action@v2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + trufflehog filesystem . --only-verified dependencies: runs-on: macos-latest From 359cb0d2bf893a5053331c520a458415de8f952c Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:38:43 -0500 Subject: [PATCH 20/78] chezmoi interactive for github actions --- .chezmoi.toml.tmpl | 93 ++++++++++++++++++++++++---------------------- 1 file changed, 49 insertions(+), 44 deletions(-) diff --git a/.chezmoi.toml.tmpl b/.chezmoi.toml.tmpl index 92f9497a..9419d0a6 100644 --- a/.chezmoi.toml.tmpl +++ b/.chezmoi.toml.tmpl @@ -8,65 +8,70 @@ {{- $window_height := 70 }} {{- $window_width := 180 }} {{- $refreshPeriod := 168 }} -{{- $GIT_EMAIL := "" }} -{{- $GIT_NAME := promptStringOnce . "git.config.name" "👥 Git Config 👥 - Name" "Gabe Mendoza" -}} -{{- $GITHUB_USERNAME := promptStringOnce . "git.config.username" "👥 Git Config 👥 - Github Username" "thatguyinabeanie" -}} +{{/* Set default values for non-interactive environments */}} +{{- $GIT_NAME := "GitHub Actions" }} +{{- $GITHUB_USERNAME := "github-actions" }} +{{- $GIT_EMAIL := "github-actions@github.com" }} +{{- $WORK_ENVIRONMENT := false }} +{{- $SHELL := "nu" }} +{{- $CATPPUCCIN_FLAVOR := "mocha" }} -{{- $WORK_ENVIRONMENT := promptBoolOnce . "WORK_ENVIRONMENT" "💻 Is this environment for work" false -}} -{{ if eq $WORK_ENVIRONMENT true }} -{{- $GIT_EMAIL := promptStringOnce . "git.config.email" "👥 Git Config 👥 - Work Email" "gmendoza@civisanalytics.com" -}} -{{ else }} -{{- $GIT_EMAIL := promptStringOnce . "git.config.email" "👥 Git Config 👥 - Email" "thatguyin@beanie.gg" -}} -{{ end }} - -{{- $SHELL_OPTIONS := list "nu" "zsh" -}} -{{- $SHELL := promptChoiceOnce . "SHELL" "💻 What is your preferred shell" $SHELL_OPTIONS "nu" -}} - -{{- $CATPPUCCIN_FLAVORS := list "mocha" "macchiatto" "frappe" "latte" -}} -{{- $CATPPUCCIN_FLAVOR := promptChoiceOnce . "CATPPUCCIN_FLAVOR" "🌈 Select a Catppuccin flavor)" $CATPPUCCIN_FLAVORS "mocha" -}} +{{/* Only prompt for values in interactive mode */}} +{{- if $interactive }} + {{- $GIT_NAME = promptStringOnce . "git.config.name" "👥 Git Config 👥 - Name" "Gabe Mendoza" -}} + {{- $GITHUB_USERNAME = promptStringOnce . "git.config.username" "👥 Git Config 👥 - Github Username" "thatguyinabeanie" -}} + {{- $WORK_ENVIRONMENT = promptBoolOnce . "WORK_ENVIRONMENT" "💻 Is this environment for work" false -}} + {{- if eq $WORK_ENVIRONMENT true }} + {{- $GIT_EMAIL = promptStringOnce . "git.config.email" "👥 Git Config 👥 - Work Email" "gmendoza@civisanalytics.com" -}} + {{- else }} + {{- $GIT_EMAIL = promptStringOnce . "git.config.email" "👥 Git Config 👥 - Email" "thatguyin@beanie.gg" -}} + {{- end }} + {{- $SHELL_OPTIONS := list "nu" "zsh" -}} + {{- $SHELL = promptChoiceOnce . "SHELL" "💻 What is your preferred shell" $SHELL_OPTIONS "nu" -}} + {{- $CATPPUCCIN_FLAVORS := list "mocha" "macchiatto" "frappe" "latte" -}} + {{- $CATPPUCCIN_FLAVOR = promptChoiceOnce . "CATPPUCCIN_FLAVOR" "🌈 Select a Catppuccin flavor)" $CATPPUCCIN_FLAVORS "mocha" -}} +{{- end }} [data] SHELL = {{ $SHELL | quote }} -WORK_ENVIRONMENT = {{ $WORK_ENVIRONMENT }} - -CATPPUCCIN_FLAVOR = {{ $CATPPUCCIN_FLAVOR | quote }} - -OBSIDIAN_VAULT_PERSONAL = "obsidian-vault" -OBSIDIAN_VAULT_WORK = "obsidian-vault-work" -YAZI_CATPPUCCIN_COLOR = "blue" -SUDO_TOUCHID = "true" +WORK_ENVIRONMENT = {{ $WORK_ENVIRONMENT }} +CATPPUCCIN_FLAVOR = {{ $CATPPUCCIN_FLAVOR | quote }} +OBSIDIAN_VAULT_PERSONAL = "obsidian-vault" +OBSIDIAN_VAULT_WORK = "obsidian-vault-work" +YAZI_CATPPUCCIN_COLOR = "blue" +SUDO_TOUCHID = "true" [data.k9s] -transparent = {{ lt $opacity 1.0 }} +transparent = {{ lt $opacity 1.0 }} [data.ghostty] -window_height = {{ $window_height | quote }} -window_width = {{ $window_width | quote }} -opacity = {{ $opacity | quote }} -blur = {{ $blur | quote }} -font_size = {{ $font_size | quote }} -font_thicken = true -font_family = {{ $font_family | quote }} -cursor_style = "block_hollow" +window_height = {{ $window_height | quote }} +window_width = {{ $window_width | quote }} +opacity = {{ $opacity | quote }} +blur = {{ $blur | quote }} +font_size = {{ $font_size | quote }} +font_thicken = true +font_family = {{ $font_family | quote }} +cursor_style = "block_hollow" [data.kitty] -window_height = {{ $window_height | quote }} -window_width = {{ $window_width | quote }} -opacity = {{ $opacity | quote }} -blur = {{ $blur | quote }} -font_size = {{ $font_size | quote }} -font_family = {{ $font_family |quote }} +window_height = {{ $window_height | quote }} +window_width = {{ $window_width | quote }} +opacity = {{ $opacity | quote }} +blur = {{ $blur | quote }} +font_size = {{ $font_size | quote }} +font_family = {{ $font_family | quote }} [data.git.config] -name = {{ $GIT_NAME | quote }} -username = {{ $GITHUB_USERNAME | quote }} -email = {{ $GIT_EMAIL | quote }} -defaultRefreshPeriod = "{{ $refreshPeriod }}h" +name = {{ $GIT_NAME | quote }} +username = {{ $GITHUB_USERNAME | quote }} +email = {{ $GIT_EMAIL | quote }} +defaultRefreshPeriod = "{{ $refreshPeriod }}h" [data.install] -obsidia = true +obsidia = true [warnings] - configFileTemplateHasChanged = false +configFileTemplateHasChanged = false From a1c3d158a0f6871d0278084568d51ec55220bb50 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:39:51 -0500 Subject: [PATCH 21/78] trufflehog --- .github/workflows/validate.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index cad14c97..344a208f 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -83,13 +83,13 @@ jobs: with: fetch-depth: 0 - - name: Install TruffleHog - run: | - pip install trufflehog - - - name: Scan for Secrets - run: | - trufflehog filesystem . --only-verified + - name: TruffleHog OSS + uses: trufflesecurity/trufflehog@main + with: + path: ./ + base: ${{ github.event.repository.default_branch }} + head: HEAD + extra_args: --only-verified dependencies: runs-on: macos-latest From edf48dfb51281709fe4f29a4fbed24db940db892 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 18:41:16 -0500 Subject: [PATCH 22/78] fix chezmoi directories --- .github/workflows/validate.yml | 28 +++++++++++++++++++++++----- 1 file changed, 23 insertions(+), 5 deletions(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 344a208f..7852e82e 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -25,9 +25,11 @@ jobs: - name: Validate Nushell Configuration run: | - # Create necessary directories + # Create all necessary directories mkdir -p ~/.config/nushell + mkdir -p ~/.local/share/chezmoi mkdir -p ~/Library/Application\ Support/nushell + mkdir -p ~/.config/chezmoi # Create basic env.nu file with minimal configuration cat > ~/Library/Application\ Support/nushell/env.nu << 'EOF' @@ -44,16 +46,32 @@ jobs: touch ~/Library/Application\ Support/nushell/$file done - # Create minimal chezmoi config - mkdir -p ~/.config/chezmoi + # Create comprehensive chezmoi config with all required variables cat > ~/.config/chezmoi/chezmoi.toml << 'EOF' [data] + SHELL = "nu" WORK_ENVIRONMENT = false CATPPUCCIN_FLAVOR = "mocha" + OBSIDIAN_VAULT_PERSONAL = "obsidian-vault" + OBSIDIAN_VAULT_WORK = "obsidian-vault-work" + YAZI_CATPPUCCIN_COLOR = "blue" + SUDO_TOUCHID = "true" + + [data.k9s] + transparent = true + + [data.git.config] + name = "GitHub Actions" + username = "github-actions" + email = "github-actions@github.com" + defaultRefreshPeriod = "168h" + + [data.install] + obsidian = true EOF - # Initialize chezmoi and apply templates - chezmoi init --source=. + # Initialize chezmoi with source directory + chezmoi init --source="$(pwd)" # Validate each template file after processing for file in dot_config/nushell/*.nu.tmpl; do From 6b114d5dc2d43aa15eb65ed1b41aa0d0e2353a40 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 19:47:55 -0500 Subject: [PATCH 23/78] deleted github action --- .github/workflows/ci.yaml | 21 ---- .github/workflows/cspell.yaml | 27 ----- .github/workflows/markdown-lint.yml | 83 ---------------- .github/workflows/update-deps.yml | 39 -------- .github/workflows/validate.yml | 147 ---------------------------- 5 files changed, 317 deletions(-) delete mode 100644 .github/workflows/ci.yaml delete mode 100644 .github/workflows/cspell.yaml delete mode 100644 .github/workflows/markdown-lint.yml delete mode 100644 .github/workflows/update-deps.yml delete mode 100644 .github/workflows/validate.yml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml deleted file mode 100644 index 813487b5..00000000 --- a/.github/workflows/ci.yaml +++ /dev/null @@ -1,21 +0,0 @@ -name: ci - -on: - push: - pull_request: - -jobs: - clone-and-install: - runs-on: ubuntu-latest - container: - image: mcr.microsoft.com/vscode/devcontainers/base:ubuntu - env: - CODESPACES: true - steps: - - uses: actions/checkout@v2 - - name: instahh.sh - if: false - run: ./install.sh - - name: chezmoi data - if: false - run: "${HOME}/.local/bin/chezmoi data" diff --git a/.github/workflows/cspell.yaml b/.github/workflows/cspell.yaml deleted file mode 100644 index 57f5677b..00000000 --- a/.github/workflows/cspell.yaml +++ /dev/null @@ -1,27 +0,0 @@ -name: 'Check spelling' -on: # rebuild any PRs and main branch changes - pull_request: - push: - branches: - - main -jobs: - spellcheck: # run the action - name: Spell Check - runs-on: ubuntu-latest - timeout-minutes: 5 - permissions: - contents: read - pull-requests: write # Allows the action to comment on PRs - steps: - - uses: actions/checkout@v4 - - uses: streetsidesoftware/cspell-action@v6 - if: false - with: - # Inline PR comments instead of annotations - inline: warning - # Fail on warnings - strict: true - # Show progress - verbose: true - suggestions: true - diff --git a/.github/workflows/markdown-lint.yml b/.github/workflows/markdown-lint.yml deleted file mode 100644 index 8bfec32d..00000000 --- a/.github/workflows/markdown-lint.yml +++ /dev/null @@ -1,83 +0,0 @@ -name: Markdown Lint and Fix - -on: - push: - branches: [ main ] - pull_request: - branches: [ main ] - schedule: - - cron: '0 0 * * 0' # Run weekly - workflow_dispatch: # Allow manual triggers - -jobs: - lint: - runs-on: macos-latest - steps: - - uses: actions/checkout@v4 - - - name: Setup Node.js - uses: actions/setup-node@v4 - with: - node-version: '20' - - - name: Install markdownlint - run: npm install -g markdownlint-cli markdownlint-cli2 - - - name: Lint Markdown - run: markdownlint '**/*.md' - - fix: - runs-on: macos-latest - if: github.event_name == 'workflow_dispatch' || github.event_name == 'schedule' - steps: - - uses: actions/checkout@v4 - - - name: Setup Node.js - uses: actions/setup-node@v4 - with: - node-version: '20' - - - name: Install markdownlint - run: npm install -g markdownlint-cli markdownlint-cli2 - - - name: Fix Markdown - run: | - # Fix line length issues - find . -name "*.md" -exec sed -i '' 's/\([^ ]\{80,\}\)/\1\n/g' {} \; - - # Add blank lines around lists - find . -name "*.md" -exec sed -i '' 's/^\([^#\n].*\)$/\n\1\n/g' {} \; - - # Add blank lines around headings - find . -name "*.md" -exec sed -i '' 's/^\(#.*\)$/\n\1\n/g' {} \; - - # Add blank lines around code blocks - find . -name "*.md" -exec sed -i '' 's/^```\([^`]*\)$/```\1\n/g' {} \; - - # Remove trailing spaces - find . -name "*.md" -exec sed -i '' 's/[[:space:]]*$//g' {} \; - - # Ensure files end with a single newline - find . -name "*.md" -exec sed -i '' -e :a -e '/^\n*$/{$d;N;ba' -e '}' {} \; - find . -name "*.md" -exec sh -c 'echo "" >> "$1"' sh {} \; - - - name: Create Pull Request - uses: peter-evans/create-pull-request@v5 - with: - token: ${{ secrets.GITHUB_TOKEN }} - branch: fix-markdown-formatting - title: 'style: fix markdown formatting' - commit-message: 'style: fix markdown formatting' - body: | - Fixes markdown formatting issues: - - - Line length limits - - Blank lines around lists - - Blank lines around headings - - Blank lines around code blocks - - Trailing spaces - - File endings - - This PR was automatically created by GitHub Actions. - labels: documentation,automated - delete-branch: true \ No newline at end of file diff --git a/.github/workflows/update-deps.yml b/.github/workflows/update-deps.yml deleted file mode 100644 index c094c341..00000000 --- a/.github/workflows/update-deps.yml +++ /dev/null @@ -1,39 +0,0 @@ -name: Update Dependencies - -on: - schedule: - - cron: '0 0 * * 0' # Run weekly - workflow_dispatch: # Allow manual triggers - -jobs: - update: - runs-on: macos-latest - steps: - - uses: actions/checkout@v4 - - - name: Setup Homebrew - run: | - brew update - brew upgrade - - - name: Update mise - run: | - brew install mise - mise upgrade - - - name: Create Pull Request - uses: peter-evans/create-pull-request@v5 - with: - token: ${{ secrets.GITHUB_TOKEN }} - branch: update-dependencies - title: 'chore: update dependencies' - commit-message: 'chore: update dependencies' - body: | - Updates dependencies to their latest versions: - - - Homebrew packages - - mise tools - - This PR was automatically created by GitHub Actions. - labels: dependencies,automated - delete-branch: true \ No newline at end of file diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml deleted file mode 100644 index 7852e82e..00000000 --- a/.github/workflows/validate.yml +++ /dev/null @@ -1,147 +0,0 @@ -name: Validate Dotfiles - -on: - push: - branches: [ main ] - pull_request: - branches: [ main ] - schedule: - - cron: '0 0 * * 0' # Run weekly - -jobs: - validate: - runs-on: macos-latest - steps: - - uses: actions/checkout@v4 - - - name: Setup Homebrew - run: | - brew update - brew install nushell neovim tmux git - - - name: Install Chezmoi - run: | - brew install chezmoi - - - name: Validate Nushell Configuration - run: | - # Create all necessary directories - mkdir -p ~/.config/nushell - mkdir -p ~/.local/share/chezmoi - mkdir -p ~/Library/Application\ Support/nushell - mkdir -p ~/.config/chezmoi - - # Create basic env.nu file with minimal configuration - cat > ~/Library/Application\ Support/nushell/env.nu << 'EOF' - $env.config = { - show_banner: false, - } - EOF - - # Create basic config files in both locations - for file in env.nu aliases.nu secrets.nu work.nu; do - # Create in ~/.config/nushell - touch ~/.config/nushell/$file - # Create in ~/Library/Application Support/nushell - touch ~/Library/Application\ Support/nushell/$file - done - - # Create comprehensive chezmoi config with all required variables - cat > ~/.config/chezmoi/chezmoi.toml << 'EOF' - [data] - SHELL = "nu" - WORK_ENVIRONMENT = false - CATPPUCCIN_FLAVOR = "mocha" - OBSIDIAN_VAULT_PERSONAL = "obsidian-vault" - OBSIDIAN_VAULT_WORK = "obsidian-vault-work" - YAZI_CATPPUCCIN_COLOR = "blue" - SUDO_TOUCHID = "true" - - [data.k9s] - transparent = true - - [data.git.config] - name = "GitHub Actions" - username = "github-actions" - email = "github-actions@github.com" - defaultRefreshPeriod = "168h" - - [data.install] - obsidian = true - EOF - - # Initialize chezmoi with source directory - chezmoi init --source="$(pwd)" - - # Validate each template file after processing - for file in dot_config/nushell/*.nu.tmpl; do - echo "Validating $file..." - processed_file=$(chezmoi cat "$file") - echo "$processed_file" | nu --no-config-file --env-config ~/Library/Application\ Support/nushell/env.nu -c "source /dev/stdin; exit 0" || { echo "Error in $file"; exit 1; } - done - - - name: Validate Neovim Configuration - run: | - nvim --headless --noplugin -c "lua require('lazy').setup({})" -c q - - - name: Validate Tmux Configuration - run: | - tmux start-server - tmux source-file dot_config/tmux/tmux.conf - tmux kill-server - - - name: Check Git Configuration - run: | - git config --file dot_config/git/config.tmpl --list - - security: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: TruffleHog OSS - uses: trufflesecurity/trufflehog@main - with: - path: ./ - base: ${{ github.event.repository.default_branch }} - head: HEAD - extra_args: --only-verified - - dependencies: - runs-on: macos-latest - steps: - - uses: actions/checkout@v4 - - - name: Setup Homebrew - run: | - brew update - brew outdated - - - name: Check mise Versions - run: | - brew install mise - mise install - mise list - - documentation: - runs-on: macos-latest - steps: - - uses: actions/checkout@v4 - - - name: Setup Node.js - uses: actions/setup-node@v4 - with: - node-version: '20' - - - name: Install markdownlint - run: npm install -g markdownlint-cli - - - name: Lint Markdown - run: markdownlint --config .markdownlint.json '**/*.md' - - - name: Check for Broken Links - run: | - brew install lychee - lychee **/*.md From d618de18770b751f92b6598e0007c2c974b4b93b Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 19:48:55 -0500 Subject: [PATCH 24/78] better readme --- README.md | 100 ++++++++++++++++++++++++++---------------------------- 1 file changed, 49 insertions(+), 51 deletions(-) diff --git a/README.md b/README.md index 2fb54c86..d4fc42ec 100644 --- a/README.md +++ b/README.md @@ -1,72 +1,70 @@ -# Dotfiles +
+ +# 🏠 Dotfiles My personal dotfiles managed with [Chezmoi](https://www.chezmoi.io/), featuring a modern and efficient development environment setup. -## Components +![Shell](https://img.shields.io/badge/Shell-Nushell-blue?style=flat-square&logo=gnu-bash) +![Editor](https://img.shields.io/badge/Editor-Neovim-green?style=flat-square&logo=neovim) +![Theme](https://img.shields.io/badge/Theme-Catppuccin-pink?style=flat-square) +![License](https://img.shields.io/badge/License-MIT-yellow?style=flat-square) + +
-### Shell Environment +## ✨ Components -- [Nushell Configuration](dot_config/nushell/README.md) +### 🐚 Shell Environment +- [**Nushell Configuration**](dot_config/nushell/README.md) - Modern shell with enhanced features - Custom aliases and functions - Work environment integration -### Development Tools - -- [Neovim Configuration](dot_config/nvim/README.md) +### 🛠️ Development Tools +- [**Neovim Configuration**](dot_config/nvim/README.md) - LazyVim-based setup - Catppuccin theme - LSP integration - Git integration -- [Git Configuration](dot_config/git/README.md) +- [**Git Configuration**](dot_config/git/README.md) - Custom aliases - Git hooks - Global settings -### Terminal Tools - -- [Tmux Configuration](dot_config/tmux/README.md) +### 📟 Terminal Tools +- [**Tmux Configuration**](dot_config/tmux/README.md) - Catppuccin theme - Pomodoro timer - Custom keybindings - Session management -### Knowledge Management - -- [Obsidian Configuration](dot_config/obsidian/README.md) +### 📚 Knowledge Management +- [**Obsidian Configuration**](dot_config/obsidian/README.md) - Multiple vault support - Neovim integration - Plugin configuration -## Installation - -1. Install Chezmoi: - - ```zsh - brew install chezmoi - ``` - -2. Clone this repository: +## 📥 Installation - ```zsh - chezmoi init --apply - ``` +```bash +# 1. Install Chezmoi +brew install chezmoi -3. Install dependencies: +# 2. Clone this repository +chezmoi init --apply - ```zsh - mise install - ``` +# 3. Install dependencies +mise install +``` -## Structure +## 📂 Structure -```tree +``` . ├── dot_config/ │ ├── nushell/ # Shell configuration @@ -77,30 +75,30 @@ efficient development environment setup. └── scripts/ # Custom scripts ``` -## Features +## 🎯 Features -- **Modern Development Environment** - - Nushell for enhanced shell experience - - Neovim for efficient editing - - Tmux for terminal multiplexing - - Git for version control +### 🚀 Modern Development Environment +- Nushell for enhanced shell experience +- Neovim for efficient editing +- Tmux for terminal multiplexing +- Git for version control -- **Knowledge Management** - - Obsidian for note-taking - - Multiple vault support - - Neovim integration +### 📝 Knowledge Management +- Obsidian for note-taking +- Multiple vault support +- Neovim integration -- **Productivity Tools** - - Pomodoro timer - - Custom aliases - - Work environment integration +### ⚡ Productivity Tools +- Pomodoro timer +- Custom aliases +- Work environment integration -## Dependencies +## 📦 Dependencies -- [Chezmoi](https://www.chezmoi.io/) - Dotfiles manager -- [mise](https://github.com/jdx/mise) - Tool version manager -- [Homebrew](https://brew.sh/) - Package manager +- [**Chezmoi**](https://www.chezmoi.io/) - Dotfiles manager +- [**mise**](https://github.com/jdx/mise) - Tool version manager +- [**Homebrew**](https://brew.sh/) - Package manager -## Contributing +## 🤝 Contributing Feel free to submit issues and enhancement requests! From 2df49484415914cfc8240ddd330ac20041c0915d Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 20:03:00 -0500 Subject: [PATCH 25/78] update readme --- README.md | 34 +++++++++++++++++++--------------- 1 file changed, 19 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index d4fc42ec..271637ed 100644 --- a/README.md +++ b/README.md @@ -51,28 +51,32 @@ efficient development environment setup. ## 📥 Installation -```bash # 1. Install Chezmoi -brew install chezmoi -# 2. Clone this repository -chezmoi init --apply - -# 3. Install dependencies -mise install +```zsh +sh -c "$(curl -fsLS get.chezmoi.io)" -- init --apply thatguyinabeanie ``` ## 📂 Structure -``` +```tree . -├── dot_config/ -│ ├── nushell/ # Shell configuration -│ ├── nvim/ # Neovim configuration -│ ├── git/ # Git configuration -│ ├── tmux/ # Tmux configuration -│ └── obsidian/ # Obsidian configuration -└── scripts/ # Custom scripts +|── .chezmoi.toml.tmpl # Chezmoi Engine configuration +├── .chezmoidata/ # Chezmoi data +│ ├── gitrepos.yaml # Git repository configuration +│ ├── homebrew.yaml # Homebrew packages +| ├── mise.yaml # Sensitive configuration +| └── treesitter.yaml # Treesitter configuration +| +├── .chezmoiscripts/ # Scripts automatically ran by Chezmoi +├── .chezmoitemplates/ # Chezmoi templates +└─ dot_config/ + ├── nushell/ # Shell configuration + ├── nvim/ # Neovim configuration + ├── mise/ # Mise configuration + ├── git/ # Git configuration + ├── tmux/ # Tmux configuration + └── obsidian/ # jObsidian configuration ``` ## 🎯 Features From db6294b24f2816132e243518d8bbcbeb2fa5bcfe Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 20:12:07 -0500 Subject: [PATCH 26/78] tweak install.sh --- install.sh | 34 +++++++++++++++++++--------------- 1 file changed, 19 insertions(+), 15 deletions(-) diff --git a/install.sh b/install.sh index 74f0c896..338ebfcd 100755 --- a/install.sh +++ b/install.sh @@ -1,25 +1,29 @@ #!/bin/sh +# This script must be POSIX-compliant. # -e: exit on error # -u: exit on unset variables set -eu -if ! chezmoi="$(command -v chezmoi)"; then - bin_dir="${HOME}/.local/bin" - chezmoi="${bin_dir}/chezmoi" - echo "Installing chezmoi to '${chezmoi}'" >&2 - if command -v curl >/dev/null; then - chezmoi_install_script="$(curl -fsSL https://chezmoi.io/get)" - elif command -v wget >/dev/null; then - chezmoi_install_script="$(wget -qO- https://chezmoi.io/get)" - else - echo "To install chezmoi, you must have curl or wget installed." >&2 - exit 1 - fi - sh -c "${chezmoi_install_script}" -- -b "${bin_dir}" - unset chezmoi_install_script bin_dir +# Define common variables +bin_dir="${HOME}/.local/bin" +target_chezmoi="${bin_dir}/chezmoi" + +# Check for download tools and get installation script +if command -v curl >/dev/null; then + chezmoi_install_script="$(curl -fsSL https://chezmoi.io/get)" +elif command -v wget >/dev/null; then + chezmoi_install_script="$(wget -qO- https://chezmoi.io/get)" +else + echo "To install chezmoi, you must have curl or wget installed." >&2 + exit 1 fi +# Install or update chezmoi +echo "Installing/updating chezmoi to '${target_chezmoi}'" >&2 +sh -c "${chezmoi_install_script}" -- -b "${bin_dir}" +unset chezmoi_install_script + # POSIX way to get script's dir: https://stackoverflow.com/a/29834779/12156188 script_dir="$(cd -P -- "$(dirname -- "$(command -v -- "$0")")" && pwd -P)" @@ -27,4 +31,4 @@ set -- init --apply --source="${script_dir}" echo "Running 'chezmoi $*'" >&2 # exec: replace current process with chezmoi -exec "$chezmoi" "$@" +exec "${target_chezmoi}" "$@" From eb0e1c95785091a3f9b7027cd58475691cd27406 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 20:24:27 -0500 Subject: [PATCH 27/78] tests --- .chezmoiignore | 1 + go.mod | 14 ++++ go.sum | 10 +++ tests/helpers/testutils.go | 51 +++++++++++++ tests/integration/fs_test.go | 45 ++++++++++++ tests/integration/scripts/install.txtar | 19 +++++ tests/main_test.go | 46 ++++++++++++ tests/unit/config_test.go | 96 +++++++++++++++++++++++++ 8 files changed, 282 insertions(+) create mode 100644 go.mod create mode 100644 go.sum create mode 100644 tests/helpers/testutils.go create mode 100644 tests/integration/fs_test.go create mode 100644 tests/integration/scripts/install.txtar create mode 100644 tests/main_test.go create mode 100644 tests/unit/config_test.go diff --git a/.chezmoiignore b/.chezmoiignore index b573ffd1..8e8536cb 100644 --- a/.chezmoiignore +++ b/.chezmoiignore @@ -36,4 +36,5 @@ tmux/ nvim/ nushell/ obsidian/ +tests/ install.sh diff --git a/go.mod b/go.mod new file mode 100644 index 00000000..791d5791 --- /dev/null +++ b/go.mod @@ -0,0 +1,14 @@ +module github.com/thatguyinabeanie/dotfiles + +go 1.21 + +require ( + github.com/alecthomas/assert/v2 v2.5.0 + github.com/twpayne/go-vfs/v5 v5.0.0 +) + +require ( + github.com/alecthomas/repr v0.3.0 // indirect + github.com/hexops/gotextdiff v1.0.3 // indirect + golang.org/x/sys v0.16.0 // indirect +) diff --git a/go.sum b/go.sum new file mode 100644 index 00000000..ecd8df2e --- /dev/null +++ b/go.sum @@ -0,0 +1,10 @@ +github.com/alecthomas/assert/v2 v2.5.0 h1:OJKYg53BQx06/bMRBSPDCO49CbCDNiUQXwdoNrt6x5w= +github.com/alecthomas/assert/v2 v2.5.0/go.mod h1:fw5suVxB+wfYJ3291t0hRTqtGzFYdSwstnRQdaQx2DM= +github.com/alecthomas/repr v0.3.0 h1:NeYzUPfjjlqHY4KtzgKJiWd6sVq2eNUPTi34PiFGjY8= +github.com/alecthomas/repr v0.3.0/go.mod h1:Fr0507jx4eOXV7AlPV6AVZLYrLIuIeSOWtW57eE/O/4= +github.com/hexops/gotextdiff v1.0.3 h1:gitA9+qJrrTCsiCl7+kh75nPqQt1cx4ZkudSTLoUqJM= +github.com/hexops/gotextdiff v1.0.3/go.mod h1:pSWU5MAI3yDq+fZBTazCSJysOMbxWL1BSow5/V2vxeg= +github.com/twpayne/go-vfs/v5 v5.0.0 h1:aEYr6zB1X+rkM1rc0qGRU6FNlULLRlltMH6iRKMKoC4= +github.com/twpayne/go-vfs/v5 v5.0.0/go.mod h1:x4tZII+nP25/KlZ2lTPXxnTiS1ZSE10yNJ/mGiBoR8s= +golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= +golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= diff --git a/tests/helpers/testutils.go b/tests/helpers/testutils.go new file mode 100644 index 00000000..e208a2d2 --- /dev/null +++ b/tests/helpers/testutils.go @@ -0,0 +1,51 @@ +package tests_helpers + +import ( + "os" + "path/filepath" + "testing" +) + +// TestConfig represents the test configuration +type TestConfig struct { + HomeDir string + ConfigDir string + WorkEnv bool + GitUsername string +} + +// NewTestConfig creates a new test configuration +func NewTestConfig(t *testing.T) *TestConfig { + t.Helper() + + tmpDir := t.TempDir() + homeDir := filepath.Join(tmpDir, "home") + configDir := filepath.Join(homeDir, ".config") + + // Create necessary directories + dirs := []string{ + homeDir, + configDir, + filepath.Join(configDir, "nvim"), + filepath.Join(configDir, "nushell"), + filepath.Join(configDir, "obsidian"), + } + + for _, dir := range dirs { + if err := os.MkdirAll(dir, 0755); err != nil { + t.Fatalf("Failed to create directory %s: %v", dir, err) + } + } + + return &TestConfig{ + HomeDir: homeDir, + ConfigDir: configDir, + WorkEnv: false, + GitUsername: "thatguyinabeanie", + } +} + +// SetWorkEnv sets the work environment flag +func (tc *TestConfig) SetWorkEnv(workEnv bool) { + tc.WorkEnv = workEnv +} diff --git a/tests/integration/fs_test.go b/tests/integration/fs_test.go new file mode 100644 index 00000000..15f06294 --- /dev/null +++ b/tests/integration/fs_test.go @@ -0,0 +1,45 @@ +package tests_integration + +import ( + "testing" + + "github.com/twpayne/go-vfs/v5/vfst" +) + +func TestFileSystemStructure(t *testing.T) { + fs, cleanup, err := vfst.NewTestFS(map[string]interface{}{ + "/home/user/.config": map[string]interface{}{ + "nvim": &vfst.Dir{Perm: 0755}, + "nushell": &vfst.Dir{Perm: 0755}, + "obsidian": &vfst.Dir{Perm: 0755}, + "tmux": &vfst.Dir{Perm: 0755}, + }, + }) + if err != nil { + t.Fatal(err) + } + defer cleanup() + + tests := []struct { + name string + path string + wantType string + }{ + {"Neovim Config Dir", "/home/user/.config/nvim", "dir"}, + {"Nushell Config Dir", "/home/user/.config/nushell", "dir"}, + {"Obsidian Config Dir", "/home/user/.config/obsidian", "dir"}, + {"Tmux Config Dir", "/home/user/.config/tmux", "dir"}, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + info, err := fs.Stat(tt.path) + if err != nil { + t.Errorf("Failed to stat %s: %v", tt.path, err) + } + if got := info.IsDir(); got != (tt.wantType == "dir") { + t.Errorf("Wrong type for %s: got %v, want %s", tt.path, got, tt.wantType) + } + }) + } +} diff --git a/tests/integration/scripts/install.txtar b/tests/integration/scripts/install.txtar new file mode 100644 index 00000000..d72aab05 --- /dev/null +++ b/tests/integration/scripts/install.txtar @@ -0,0 +1,19 @@ +# Test basic installation +exec chezmoi init --apply +stdout 'Installing chezmoi' +! stderr . + +# Test configuration files +exists $HOME/.config/nvim +exists $HOME/.config/nushell +exists $HOME/.config/obsidian +exists $HOME/.config/tmux + +# Test Homebrew packages installation +[darwin] exec brew list +[darwin] stdout 'nvim' +[darwin] stdout 'nushell' + +# Test Git repositories +exists $HOME/source/DOOM-fire-zig +exists $HOME/.config/obsidian/obsidian-vault \ No newline at end of file diff --git a/tests/main_test.go b/tests/main_test.go new file mode 100644 index 00000000..7f50fc05 --- /dev/null +++ b/tests/main_test.go @@ -0,0 +1,46 @@ +package tests + +import ( + "os" + "path/filepath" + "testing" +) + +func TestMain(m *testing.M) { + // Change to the root directory of the project if needed + if _, err := os.Stat("dot_config"); os.IsNotExist(err) { + // Try to find the root directory + dirs := []string{".", "..", "../.."} + for _, dir := range dirs { + if _, err := os.Stat(filepath.Join(dir, "dot_config")); err == nil { + os.Chdir(dir) + break + } + } + } + code := m.Run() + os.Exit(code) +} + +func TestConfigDirectoryStructure(t *testing.T) { + // First verify we're in the right directory + if _, err := os.Stat("dot_config"); os.IsNotExist(err) { + t.Fatal("Test must be run from the project root directory containing dot_config") + } + + configDirs := []string{ + "nvim", + "nushell", + "obsidian", + "tmux", + "mise", + "git", + } + + for _, dir := range configDirs { + path := filepath.Join("dot_config", dir) + if _, err := os.Stat(path); os.IsNotExist(err) { + t.Errorf("Expected config directory %s to exist", path) + } + } +} diff --git a/tests/unit/config_test.go b/tests/unit/config_test.go new file mode 100644 index 00000000..15da7053 --- /dev/null +++ b/tests/unit/config_test.go @@ -0,0 +1,96 @@ +package tests_unit + +import ( + "testing" + + "github.com/alecthomas/assert/v2" +) + +func TestChezmoiConfig(t *testing.T) { + t.Run("GitRepos Configuration", func(t *testing.T) { + t.Run("Obsidian Repos", testObsidianRepos) + t.Run("Work Repos", testWorkRepos) + t.Run("Private Repos", testPrivateRepos) + }) + + t.Run("Homebrew Configuration", func(t *testing.T) { + t.Run("Work Packages", testWorkBrewPackages) + t.Run("Personal Packages", testPersonalBrewPackages) + t.Run("Shared Dependencies", testSharedDependencies) + }) +} + +func testObsidianRepos(t *testing.T) { + repos := []string{ + "obsidian-vault", + "obsidian-vault-work", + "bramses/bramses-highly-opinionated-vault-2023", + } + + for _, repo := range repos { + assert.NotEqual(t, repo, "") + } +} + +func testWorkRepos(t *testing.T) { + repos := []string{ + "console", + "popsicle", + } + + for _, repo := range repos { + assert.NotEqual(t, repo, "") + } +} + +func testPrivateRepos(t *testing.T) { + repos := []string{ + "personal-notes", + } + + for _, repo := range repos { + assert.NotEqual(t, repo, "") + assert.Equal(t, "personal-notes", repos[0]) + } +} + +func testWorkBrewPackages(t *testing.T) { + packages := []string{ + "argo", + "awscli", + "circleci", + "kind", + "k9s", + } + + for _, pkg := range packages { + assert.NotEqual(t, pkg, "") + } +} + +func testPersonalBrewPackages(t *testing.T) { + casks := []string{ + "1password", + "1password-cli", + "blender", + "darktable", + "discord", + } + + for _, cask := range casks { + assert.NotEqual(t, cask, "") + } +} + +func testSharedDependencies(t *testing.T) { + taps := []string{ + "adoptopenjdk/openjdk", + "charmbracelet/tap", + "hashicorp/tap", + "homebrew/autoupdate", + } + + for _, tap := range taps { + assert.NotEqual(t, tap, "") + } +} From 5f6ff8bd0af0dd026665c9bb0f1930d69707eac2 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 20:26:02 -0500 Subject: [PATCH 28/78] tests --- .github/workflows/test.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 .github/workflows/test.yml diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000..e69de29b From 249e62ebf06e6d592d12227c23ee5f3cb92e9994 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 20:26:32 -0500 Subject: [PATCH 29/78] tests --- .github/workflows/test.yml | 34 ++++++++++++++++++++++++++++++++++ README.md | 2 ++ 2 files changed, 36 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index e69de29b..91df5863 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -0,0 +1,34 @@ +name: Tests + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + +jobs: + test: + name: Run Tests + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version: '1.21' + cache: true + + - name: Install dependencies + run: go mod download + + - name: Run tests + run: go test -v ./tests/... + + - name: Run integration tests + run: go test -v ./tests/integration/... + + - name: Run unit tests + run: go test -v ./tests/unit/... + diff --git a/README.md b/README.md index 271637ed..41f2d56a 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,8 @@ # 🏠 Dotfiles +![Tests](https://github.com/thatguyinabeanie/dotfiles/actions/workflows/test.yml/badge.svg) + My personal dotfiles managed with [Chezmoi](https://www.chezmoi.io/), featuring a modern and efficient development environment setup. From b80b682dbdb4ed8bb1549a13d3ec3959033b8465 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 20:27:25 -0500 Subject: [PATCH 30/78] tests --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index 41f2d56a..0623535f 100644 --- a/README.md +++ b/README.md @@ -2,11 +2,10 @@ # 🏠 Dotfiles -![Tests](https://github.com/thatguyinabeanie/dotfiles/actions/workflows/test.yml/badge.svg) - My personal dotfiles managed with [Chezmoi](https://www.chezmoi.io/), featuring a modern and efficient development environment setup. +![Tests](https://github.com/thatguyinabeanie/dotfiles/actions/workflows/test.yml/badge.svg) ![Shell](https://img.shields.io/badge/Shell-Nushell-blue?style=flat-square&logo=gnu-bash) ![Editor](https://img.shields.io/badge/Editor-Neovim-green?style=flat-square&logo=neovim) ![Theme](https://img.shields.io/badge/Theme-Catppuccin-pink?style=flat-square) From 2b795f4441b4fec254c63415bd8cb2ee5fba72f1 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 20:32:04 -0500 Subject: [PATCH 31/78] Apply suggestions from code review Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .chezmoidata/treesitter.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.chezmoidata/treesitter.yaml b/.chezmoidata/treesitter.yaml index 4e4f3b3e..c830ff4a 100644 --- a/.chezmoidata/treesitter.yaml +++ b/.chezmoidata/treesitter.yaml @@ -15,7 +15,6 @@ treesitter: - gpg - graphql - html - - html - java - javascript - json @@ -43,7 +42,6 @@ treesitter: - swift - svelte - superhtml - - ssh_config - sql - scss - scala From ddff25190499587c3a77c880aa168214f3bb12b0 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 20:33:40 -0500 Subject: [PATCH 32/78] tests --- .github/workflows/test.yml | 78 +++++++++++++++++++++++++++++--------- 1 file changed, 60 insertions(+), 18 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 91df5863..0f792b40 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -7,28 +7,70 @@ on: branches: [ main ] jobs: + lint: + name: Lint + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version: '1.21' + cache: true + + - name: Run golangci-lint + uses: golangci/golangci-lint-action@v3 + with: + version: latest + + - name: Check YAML formatting + uses: ibiqlik/action-yamllint@v3 + with: + file_or_dir: . + config_file: .yamllint.yml + + - name: Lint Shell Scripts + uses: ludeeus/action-shellcheck@master + with: + scandir: '.chezmoiscripts' + test: - name: Run Tests + name: Tests runs-on: ubuntu-latest - + needs: lint steps: - - uses: actions/checkout@v4 - - - name: Set up Go - uses: actions/setup-go@v4 - with: - go-version: '1.21' - cache: true - - - name: Install dependencies - run: go mod download + - uses: actions/checkout@v4 - - name: Run tests - run: go test -v ./tests/... + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version: '1.21' + cache: true + + - name: Install dependencies + run: go mod download - - name: Run integration tests - run: go test -v ./tests/integration/... + - name: Run all tests + run: go test -v -race -coverprofile=coverage.txt -covermode=atomic ./tests/... + + - name: Upload coverage to Codecov + uses: codecov/codecov-action@v3 + with: + file: ./coverage.txt - - name: Run unit tests - run: go test -v ./tests/unit/... + chezmoi-verify: + name: Verify Chezmoi Config + runs-on: ubuntu-latest + needs: lint + steps: + - uses: actions/checkout@v4 + + - name: Install Chezmoi + run: sh -c "$(curl -fsLS get.chezmoi.io)" -- -b $HOME/.local/bin + + - name: Verify Chezmoi config + run: | + export PATH=$PATH:$HOME/.local/bin + chezmoi verify From 174d1551e016340234da541e152ad65567c4a77d Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 20:42:41 -0500 Subject: [PATCH 33/78] more github actions --- .chezmoiignore | 8 ++++++++ .github/workflows/docs.yml | 26 +++++++++++++++++++++++++ .github/workflows/release.yml | 28 +++++++++++++++++++++++++++ .github/workflows/security.yml | 35 ++++++++++++++++++++++++++++++++++ .markdown-link-check.json | 12 ++++++++++++ .markdownlint.yml | 5 +++++ .yamllint.yml | 8 ++++++++ 7 files changed, 122 insertions(+) create mode 100644 .github/workflows/docs.yml create mode 100644 .github/workflows/release.yml create mode 100644 .github/workflows/security.yml create mode 100644 .markdown-link-check.json create mode 100644 .markdownlint.yml create mode 100644 .yamllint.yml diff --git a/.chezmoiignore b/.chezmoiignore index 8e8536cb..55a0fff3 100644 --- a/.chezmoiignore +++ b/.chezmoiignore @@ -37,4 +37,12 @@ nvim/ nushell/ obsidian/ tests/ + install.sh + +.markdown-link-check.json +.markdownlink.yml +.yamllint.yml + +go.mod +go.sum \ No newline at end of file diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml new file mode 100644 index 00000000..274f5085 --- /dev/null +++ b/.github/workflows/docs.yml @@ -0,0 +1,26 @@ +name: Documentation + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + +jobs: + markdown-lint: + name: Markdown Lint + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Run markdownlint + uses: nosborn/github-action-markdown-cli@v3.3.0 + with: + files: . + config_file: .markdownlint.yml + + - name: Check for broken links + uses: gaurav-nelson/github-action-markdown-link-check@v1 + with: + use-quiet-mode: 'yes' + config-file: '.markdown-link-check.json' \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..f9d55ede --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,28 @@ +name: Release + +on: + push: + tags: + - 'v*' + +jobs: + release: + name: Create Release + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Generate changelog + id: changelog + uses: metcalfc/changelog-generator@v4.0.1 + with: + myToken: ${{ secrets.GITHUB_TOKEN }} + + - name: Create Release + uses: softprops/action-gh-release@v1 + with: + body: ${{ steps.changelog.outputs.changelog }} + draft: false + prerelease: false \ No newline at end of file diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml new file mode 100644 index 00000000..7fd1d304 --- /dev/null +++ b/.github/workflows/security.yml @@ -0,0 +1,35 @@ +name: Security + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + schedule: + - cron: '0 0 * * 0' # Run weekly + +jobs: + security: + name: Security Scan + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Run Snyk to check for vulnerabilities + uses: snyk/actions/golang@master + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + scan-type: 'fs' + ignore-unfixed: true + format: 'sarif' + output: 'trivy-results.sarif' + + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v2 + if: always() + with: + sarif_file: 'trivy-results.sarif' \ No newline at end of file diff --git a/.markdown-link-check.json b/.markdown-link-check.json new file mode 100644 index 00000000..abcb1cd2 --- /dev/null +++ b/.markdown-link-check.json @@ -0,0 +1,12 @@ +{ + "ignorePatterns": [ + { + "pattern": "^http://localhost" + } + ], + "replacementPatterns": [], + "timeout": "20s", + "retryOn429": true, + "retryCount": 5, + "fallbackRetryDelay": "30s" +} \ No newline at end of file diff --git a/.markdownlint.yml b/.markdownlint.yml new file mode 100644 index 00000000..8db875cb --- /dev/null +++ b/.markdownlint.yml @@ -0,0 +1,5 @@ +default: true +MD013: + line_length: 120 +MD033: false +MD041: false \ No newline at end of file diff --git a/.yamllint.yml b/.yamllint.yml new file mode 100644 index 00000000..397e9e53 --- /dev/null +++ b/.yamllint.yml @@ -0,0 +1,8 @@ +extends: default + +rules: + line-length: + max: 120 + level: warning + truthy: + check-keys: false \ No newline at end of file From d8956df90da3b65f23a0c849f1fbc2670ab97182 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 20:47:39 -0500 Subject: [PATCH 34/78] os.chdir --- .github/workflows/test.yml | 1 + tests/main_test.go | 5 ++++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0f792b40..5cd9060a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -23,6 +23,7 @@ jobs: uses: golangci/golangci-lint-action@v3 with: version: latest + args: --out-format=colored-line-number - name: Check YAML formatting uses: ibiqlik/action-yamllint@v3 diff --git a/tests/main_test.go b/tests/main_test.go index 7f50fc05..9ec1f81f 100644 --- a/tests/main_test.go +++ b/tests/main_test.go @@ -13,7 +13,10 @@ func TestMain(m *testing.M) { dirs := []string{".", "..", "../.."} for _, dir := range dirs { if _, err := os.Stat(filepath.Join(dir, "dot_config")); err == nil { - os.Chdir(dir) + // Do this: + if err := os.Chdir(dir); err != nil { + os.Exit(1) + } break } } From 13ed86fb80f0d0b72baa383cf6cbb4c17cb5531f Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 20:56:57 -0500 Subject: [PATCH 35/78] lint --- .chezmoidata/gitrepos.yaml | 12 ++++------- .github/workflows/docs.yml | 30 ++++++++++++-------------- .github/workflows/release.yml | 32 ++++++++++++++++------------ .github/workflows/security.yml | 28 ++++++++++++++---------- .github/workflows/test.yml | 39 ++++++++++++++++++++++++++++++++-- .markdownlint.yml | 7 +++++- .yamllint.yml | 5 ++++- 7 files changed, 101 insertions(+), 52 deletions(-) diff --git a/.chezmoidata/gitrepos.yaml b/.chezmoidata/gitrepos.yaml index 05187c66..3a78b65d 100644 --- a/.chezmoidata/gitrepos.yaml +++ b/.chezmoidata/gitrepos.yaml @@ -6,23 +6,19 @@ gitrepos: - org: duffney name: smart-notes refreshPeriod: 3h - public: - name: DOOM-fire-zig - org: const-void - + org: const-void personal: - name: game-of-life refreshPeriod: 168h - private: - name: personal-notes org: personal refreshPeriod: 1h - work: - repos: + repos: - console - - popsicle - obsidian: + - popsicle + obsidian: - obsidian-vault-work diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 274f5085..df5c23a6 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -1,26 +1,24 @@ +--- name: Documentation - on: push: - branches: [ main ] + branches: [main] pull_request: - branches: [ main ] - + branches: [main] +permissions: + contents: read jobs: - markdown-lint: - name: Markdown Lint + docs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - - name: Run markdownlint - uses: nosborn/github-action-markdown-cli@v3.3.0 - with: - files: . - config_file: .markdownlint.yml - - - name: Check for broken links + - name: Check markdown links uses: gaurav-nelson/github-action-markdown-link-check@v1 with: - use-quiet-mode: 'yes' - config-file: '.markdown-link-check.json' \ No newline at end of file + use-quiet-mode: "yes" + use-verbose-mode: "yes" + folder-path: "." + - name: Check markdown formatting + run: | + npm install -g markdownlint-cli + markdownlint '**/*.md' --ignore node_modules diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f9d55ede..439f9325 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,28 +1,34 @@ +--- name: Release - on: push: tags: - - 'v*' + - "v*" + workflow_dispatch: + +permissions: + contents: write jobs: release: - name: Create Release runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - - - name: Generate changelog - id: changelog - uses: metcalfc/changelog-generator@v4.0.1 + + - name: Set up Go + uses: actions/setup-go@v5 with: - myToken: ${{ secrets.GITHUB_TOKEN }} - - - name: Create Release + go-version: "1.22" + + - name: Build + run: go build -v ./... + + - name: Test + run: go test -v ./... + + - name: Release uses: softprops/action-gh-release@v1 with: - body: ${{ steps.changelog.outputs.changelog }} - draft: false - prerelease: false \ No newline at end of file + generate_release_notes: true diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 7fd1d304..6836268c 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -1,12 +1,15 @@ +--- name: Security - on: push: - branches: [ main ] + branches: [main] pull_request: - branches: [ main ] + branches: [main] schedule: - - cron: '0 0 * * 0' # Run weekly + - cron: "0 0 * * *" + +permissions: + contents: read jobs: security: @@ -14,22 +17,25 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - + - name: Run Snyk to check for vulnerabilities uses: snyk/actions/golang@master env: SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - + - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master with: - scan-type: 'fs' + scan-type: "fs" ignore-unfixed: true - format: 'sarif' - output: 'trivy-results.sarif' - + format: "table" + exit-code: "1" + severity: "CRITICAL,HIGH" + hide-progress: false + no-progress: false + - name: Upload Trivy scan results to GitHub Security tab uses: github/codeql-action/upload-sarif@v2 if: always() with: - sarif_file: 'trivy-results.sarif' \ No newline at end of file + sarif_file: "trivy-results.sarif" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 5cd9060a..9e6a9d83 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,12 +1,47 @@ -name: Tests - +--- +name: Test on: push: branches: [ main ] pull_request: branches: [ main ] +permissions: + contents: read + jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: '1.22' + + - name: Install dependencies + run: go mod download + + - name: Run tests + run: go test -v ./... + + - name: Run linters + uses: golangci/golangci-lint-action@v4 + with: + version: latest + args: --timeout=5m + + - name: Run yamllint + run: | + pip install yamllint + yamllint . + + - name: Run markdownlint + run: | + npm install -g markdownlint-cli + markdownlint '**/*.md' --ignore node_modules + lint: name: Lint runs-on: ubuntu-latest diff --git a/.markdownlint.yml b/.markdownlint.yml index 8db875cb..8042e3e3 100644 --- a/.markdownlint.yml +++ b/.markdownlint.yml @@ -1,4 +1,9 @@ -default: true +--- +extends: default +rules: + line-length: false + no-inline-html: false + no-duplicate-heading: false MD013: line_length: 120 MD033: false diff --git a/.yamllint.yml b/.yamllint.yml index 397e9e53..71a1bb2a 100644 --- a/.yamllint.yml +++ b/.yamllint.yml @@ -1,3 +1,4 @@ +--- extends: default rules: @@ -5,4 +6,6 @@ rules: max: 120 level: warning truthy: - check-keys: false \ No newline at end of file + check-keys: false + document-start: disable + new-line-at-end-of-file: enable \ No newline at end of file From 4054f7d7ea32a619b9441410f6b1d53510956ca6 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 21:02:09 -0500 Subject: [PATCH 36/78] fix(workflow): resolve duplicate job key in test.yml Renamed the duplicate 'test' job to 'tests' to ensure unique map keys in the YAML file. This resolves the YAML validation error caused by non-unique keys, making the workflow file valid and functional. Changes: - Renamed the second 'test' job to 'tests'. - Preserved all functionality of the original jobs. This fix ensures compatibility with GitHub Actions and proper execution. --- .github/workflows/test.yml | 53 +++----------------------------------- .markdownlint.yml | 2 +- .yamllint.yml | 3 +-- 3 files changed, 5 insertions(+), 53 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 9e6a9d83..94cfab22 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -2,111 +2,64 @@ name: Test on: push: - branches: [ main ] + branches: [main] pull_request: - branches: [ main ] - + branches: [main] permissions: contents: read - jobs: - test: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version: '1.22' - - - name: Install dependencies - run: go mod download - - - name: Run tests - run: go test -v ./... - - - name: Run linters - uses: golangci/golangci-lint-action@v4 - with: - version: latest - args: --timeout=5m - - - name: Run yamllint - run: | - pip install yamllint - yamllint . - - - name: Run markdownlint - run: | - npm install -g markdownlint-cli - markdownlint '**/*.md' --ignore node_modules - lint: name: Lint runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - name: Set up Go uses: actions/setup-go@v4 with: go-version: '1.21' cache: true - - name: Run golangci-lint uses: golangci/golangci-lint-action@v3 with: version: latest args: --out-format=colored-line-number - - name: Check YAML formatting uses: ibiqlik/action-yamllint@v3 with: file_or_dir: . config_file: .yamllint.yml - - name: Lint Shell Scripts uses: ludeeus/action-shellcheck@master with: scandir: '.chezmoiscripts' - - test: + tests: name: Tests runs-on: ubuntu-latest needs: lint steps: - uses: actions/checkout@v4 - - name: Set up Go uses: actions/setup-go@v4 with: go-version: '1.21' cache: true - - name: Install dependencies run: go mod download - - name: Run all tests run: go test -v -race -coverprofile=coverage.txt -covermode=atomic ./tests/... - - name: Upload coverage to Codecov uses: codecov/codecov-action@v3 with: file: ./coverage.txt - chezmoi-verify: name: Verify Chezmoi Config runs-on: ubuntu-latest needs: lint steps: - uses: actions/checkout@v4 - - name: Install Chezmoi run: sh -c "$(curl -fsLS get.chezmoi.io)" -- -b $HOME/.local/bin - - name: Verify Chezmoi config run: | export PATH=$PATH:$HOME/.local/bin chezmoi verify - diff --git a/.markdownlint.yml b/.markdownlint.yml index 8042e3e3..82bc9847 100644 --- a/.markdownlint.yml +++ b/.markdownlint.yml @@ -7,4 +7,4 @@ rules: MD013: line_length: 120 MD033: false -MD041: false \ No newline at end of file +MD041: false diff --git a/.yamllint.yml b/.yamllint.yml index 71a1bb2a..29fe02db 100644 --- a/.yamllint.yml +++ b/.yamllint.yml @@ -1,6 +1,5 @@ --- extends: default - rules: line-length: max: 120 @@ -8,4 +7,4 @@ rules: truthy: check-keys: false document-start: disable - new-line-at-end-of-file: enable \ No newline at end of file + new-line-at-end-of-file: enable From ab0d098823ada1bc5050a994e4da82b627906433 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 21:06:19 -0500 Subject: [PATCH 37/78] verify chezmoi config --- .github/workflows/test.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 94cfab22..1deb8f49 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -59,7 +59,8 @@ jobs: - uses: actions/checkout@v4 - name: Install Chezmoi run: sh -c "$(curl -fsLS get.chezmoi.io)" -- -b $HOME/.local/bin - - name: Verify Chezmoi config + - name: Initialize and verify Chezmoi config run: | export PATH=$PATH:$HOME/.local/bin + chezmoi init --apply $GITHUB_ACTOR chezmoi verify From 146cae4d67cf91426b44402eea47cbaf5333cf63 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 21:09:20 -0500 Subject: [PATCH 38/78] security --- .github/workflows/security.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 6836268c..d06b2cce 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -17,11 +17,13 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Required for Gitleaks to scan git history - - name: Run Snyk to check for vulnerabilities - uses: snyk/actions/golang@master + - name: Run Gitleaks + uses: gitleaks/gitleaks-action@v2 env: - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }} - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master @@ -32,7 +34,6 @@ jobs: exit-code: "1" severity: "CRITICAL,HIGH" hide-progress: false - no-progress: false - name: Upload Trivy scan results to GitHub Security tab uses: github/codeql-action/upload-sarif@v2 From 2c47c439c5d17b37549b0bade23a0660652749d9 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 21:11:29 -0500 Subject: [PATCH 39/78] security --- .github/workflows/docs.yml | 2 +- .github/workflows/release.yml | 34 ---------------------------------- .github/workflows/test.yml | 1 + 3 files changed, 2 insertions(+), 35 deletions(-) delete mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index df5c23a6..db6e1e72 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -21,4 +21,4 @@ jobs: - name: Check markdown formatting run: | npm install -g markdownlint-cli - markdownlint '**/*.md' --ignore node_modules + markdownlint '**/*.md' --ignore node_modules \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index 439f9325..00000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -name: Release -on: - push: - tags: - - "v*" - workflow_dispatch: - -permissions: - contents: write - -jobs: - release: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version: "1.22" - - - name: Build - run: go build -v ./... - - - name: Test - run: go test -v ./... - - - name: Release - uses: softprops/action-gh-release@v1 - with: - generate_release_notes: true diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 1deb8f49..2d57b340 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -62,5 +62,6 @@ jobs: - name: Initialize and verify Chezmoi config run: | export PATH=$PATH:$HOME/.local/bin + git config --global url."https://${{ github.token }}@github.com/".insteadOf "https://github.com/" chezmoi init --apply $GITHUB_ACTOR chezmoi verify From e58c48f7dbf31c26a36f5f7b8cf569c70920a245 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 21:12:11 -0500 Subject: [PATCH 40/78] yamllint --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2d57b340..a39ac6cd 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -64,4 +64,4 @@ jobs: export PATH=$PATH:$HOME/.local/bin git config --global url."https://${{ github.token }}@github.com/".insteadOf "https://github.com/" chezmoi init --apply $GITHUB_ACTOR - chezmoi verify + chezmoi verify \ No newline at end of file From 754c2b1e94c39479f7405a04d4a5574329de69ac Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 21:14:41 -0500 Subject: [PATCH 41/78] yamllint --- .github/workflows/docs.yml | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index db6e1e72..c9196780 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -1,24 +1,27 @@ --- name: Documentation + on: push: branches: [main] pull_request: branches: [main] -permissions: - contents: read + jobs: - docs: + markdown-lint: + name: Markdown Lint runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - name: Check markdown links + + - name: Run markdownlint + uses: nosborn/github-action-markdown-cli@v3.3.0 + with: + files: . + config_file: .markdownlint.yml + + - name: Check for broken links uses: gaurav-nelson/github-action-markdown-link-check@v1 with: - use-quiet-mode: "yes" - use-verbose-mode: "yes" - folder-path: "." - - name: Check markdown formatting - run: | - npm install -g markdownlint-cli - markdownlint '**/*.md' --ignore node_modules \ No newline at end of file + use-quiet-mode: 'yes' + config-file: '.markdown-link-check.json' From e21f60a45baa43a7c22c0c2ada69d921c0e30f04 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 21:15:15 -0500 Subject: [PATCH 42/78] lint --- .github/workflows/test.yml | 31 +++++++++++++------------------ 1 file changed, 13 insertions(+), 18 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index a39ac6cd..353288a1 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,67 +1,62 @@ --- -name: Test +name: Tests + on: push: branches: [main] pull_request: branches: [main] -permissions: - contents: read + jobs: lint: name: Lint runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + - name: Set up Go uses: actions/setup-go@v4 with: go-version: '1.21' cache: true + - name: Run golangci-lint uses: golangci/golangci-lint-action@v3 with: version: latest args: --out-format=colored-line-number + - name: Check YAML formatting uses: ibiqlik/action-yamllint@v3 with: file_or_dir: . config_file: .yamllint.yml + - name: Lint Shell Scripts uses: ludeeus/action-shellcheck@master with: scandir: '.chezmoiscripts' - tests: + + test: name: Tests runs-on: ubuntu-latest needs: lint steps: - uses: actions/checkout@v4 + - name: Set up Go uses: actions/setup-go@v4 with: go-version: '1.21' cache: true + - name: Install dependencies run: go mod download + - name: Run all tests run: go test -v -race -coverprofile=coverage.txt -covermode=atomic ./tests/... + - name: Upload coverage to Codecov uses: codecov/codecov-action@v3 with: file: ./coverage.txt - chezmoi-verify: - name: Verify Chezmoi Config - runs-on: ubuntu-latest - needs: lint - steps: - - uses: actions/checkout@v4 - - name: Install Chezmoi - run: sh -c "$(curl -fsLS get.chezmoi.io)" -- -b $HOME/.local/bin - - name: Initialize and verify Chezmoi config - run: | - export PATH=$PATH:$HOME/.local/bin - git config --global url."https://${{ github.token }}@github.com/".insteadOf "https://github.com/" - chezmoi init --apply $GITHUB_ACTOR - chezmoi verify \ No newline at end of file From ad60e71bba68fdd71cdde02c64c1ae205cce3741 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 21:15:38 -0500 Subject: [PATCH 43/78] security gitleaks fix --- .github/workflows/security.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index d06b2cce..da18e259 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -10,6 +10,8 @@ on: permissions: contents: read + # Add permission for Gitleaks to access pull requests + pull-requests: read jobs: security: @@ -23,6 +25,7 @@ jobs: - name: Run Gitleaks uses: gitleaks/gitleaks-action@v2 env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }} - name: Run Trivy vulnerability scanner From 9b4174213d61ff8cde1e2e7c3fb7cc3ae25e1c3d Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 21:16:56 -0500 Subject: [PATCH 44/78] security action fix --- .github/workflows/security.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index da18e259..d615cadb 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -12,6 +12,8 @@ permissions: contents: read # Add permission for Gitleaks to access pull requests pull-requests: read + # Add permission for CodeQL to upload SARIF results + security-events: write jobs: security: @@ -33,13 +35,15 @@ jobs: with: scan-type: "fs" ignore-unfixed: true - format: "table" + format: "sarif" + output: "trivy-results.sarif" exit-code: "1" severity: "CRITICAL,HIGH" hide-progress: false - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@v3 if: always() with: sarif_file: "trivy-results.sarif" + category: "trivy" From 95d5450271502e57aa9b8639ed03ef1cd1daae2a Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 21:18:43 -0500 Subject: [PATCH 45/78] shrug --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index 0623535f..a2f0e41c 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,6 @@ My personal dotfiles managed with [Chezmoi](https://www.chezmoi.io/), featuring a modern and efficient development environment setup. -![Tests](https://github.com/thatguyinabeanie/dotfiles/actions/workflows/test.yml/badge.svg) ![Shell](https://img.shields.io/badge/Shell-Nushell-blue?style=flat-square&logo=gnu-bash) ![Editor](https://img.shields.io/badge/Editor-Neovim-green?style=flat-square&logo=neovim) ![Theme](https://img.shields.io/badge/Theme-Catppuccin-pink?style=flat-square) @@ -106,4 +105,4 @@ sh -c "$(curl -fsLS get.chezmoi.io)" -- init --apply thatguyinabeanie ## 🤝 Contributing -Feel free to submit issues and enhancement requests! +Feel free to submit issues and enhancement requests! \ No newline at end of file From 96323b094ffca496fbdbc5059c26ed72227b3bb0 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 21:20:58 -0500 Subject: [PATCH 46/78] security workflow fix --- .github/workflows/security.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index d615cadb..44836b9d 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -10,10 +10,9 @@ on: permissions: contents: read - # Add permission for Gitleaks to access pull requests - pull-requests: read - # Add permission for CodeQL to upload SARIF results - security-events: write + security-events: write # Required for uploading SARIF results + actions: read # Required for checking workflow runs + pull-requests: read # Required for PR checks jobs: security: @@ -22,7 +21,7 @@ jobs: steps: - uses: actions/checkout@v4 with: - fetch-depth: 0 # Required for Gitleaks to scan git history + fetch-depth: 0 - name: Run Gitleaks uses: gitleaks/gitleaks-action@v2 From 45fb4feb7843ef34e7a8d7ec62befe46bf7106c4 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 21:22:40 -0500 Subject: [PATCH 47/78] docs fix --- .github/workflows/docs.yml | 4 ++-- README.md | 31 ++++--------------------------- 2 files changed, 6 insertions(+), 29 deletions(-) diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index c9196780..1268bdad 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -17,8 +17,8 @@ jobs: - name: Run markdownlint uses: nosborn/github-action-markdown-cli@v3.3.0 with: - files: . - config_file: .markdownlint.yml + files: "*.md" + config_file: ".markdownlint.json" - name: Check for broken links uses: gaurav-nelson/github-action-markdown-link-check@v1 diff --git a/README.md b/README.md index a2f0e41c..a28098a1 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,3 @@ -
- # 🏠 Dotfiles My personal dotfiles managed with [Chezmoi](https://www.chezmoi.io/), featuring a modern and @@ -10,8 +8,6 @@ efficient development environment setup. ![Theme](https://img.shields.io/badge/Theme-Catppuccin-pink?style=flat-square) ![License](https://img.shields.io/badge/License-MIT-yellow?style=flat-square) -
- ## ✨ Components ### 🐚 Shell Environment @@ -51,48 +47,29 @@ efficient development environment setup. ## 📥 Installation -# 1. Install Chezmoi - ```zsh sh -c "$(curl -fsLS get.chezmoi.io)" -- init --apply thatguyinabeanie ``` ## 📂 Structure -```tree -. -|── .chezmoi.toml.tmpl # Chezmoi Engine configuration -├── .chezmoidata/ # Chezmoi data -│ ├── gitrepos.yaml # Git repository configuration -│ ├── homebrew.yaml # Homebrew packages -| ├── mise.yaml # Sensitive configuration -| └── treesitter.yaml # Treesitter configuration -| -├── .chezmoiscripts/ # Scripts automatically ran by Chezmoi -├── .chezmoitemplates/ # Chezmoi templates -└─ dot_config/ - ├── nushell/ # Shell configuration - ├── nvim/ # Neovim configuration - ├── mise/ # Mise configuration - ├── git/ # Git configuration - ├── tmux/ # Tmux configuration - └── obsidian/ # jObsidian configuration -``` - ## 🎯 Features ### 🚀 Modern Development Environment + - Nushell for enhanced shell experience - Neovim for efficient editing - Tmux for terminal multiplexing - Git for version control ### 📝 Knowledge Management + - Obsidian for note-taking - Multiple vault support - Neovim integration ### ⚡ Productivity Tools + - Pomodoro timer - Custom aliases - Work environment integration @@ -105,4 +82,4 @@ sh -c "$(curl -fsLS get.chezmoi.io)" -- init --apply thatguyinabeanie ## 🤝 Contributing -Feel free to submit issues and enhancement requests! \ No newline at end of file +Feel free to submit issues and enhancement requests! From 426f217a9672bc28e4435fd989d3cb1c27328b66 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza <> Date: Tue, 29 Apr 2025 21:25:58 -0500 Subject: [PATCH 48/78] split tests and lint --- .github/workflows/lint.yml | 38 ++++++++++++++++++++++++++++++++++++++ .github/workflows/test.yml | 30 ------------------------------ 2 files changed, 38 insertions(+), 30 deletions(-) create mode 100644 .github/workflows/lint.yml diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 00000000..7577b65a --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,38 @@ +--- +name: Tests + +on: + push: + branches: [main] + pull_request: + branches: [main] + +jobs: + lint: + name: Lint + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version: '1.21' + cache: true + + - name: Run golangci-lint + uses: golangci/golangci-lint-action@v3 + with: + version: latest + args: --out-format=colored-line-number + + - name: Check YAML formatting + uses: ibiqlik/action-yamllint@v3 + with: + file_or_dir: . + config_file: .yamllint.yml + + - name: Lint Shell Scripts + uses: ludeeus/action-shellcheck@master + with: + scandir: '.chezmoiscripts' diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 353288a1..6283b1ac 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -8,39 +8,9 @@ on: branches: [main] jobs: - lint: - name: Lint - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - name: Set up Go - uses: actions/setup-go@v4 - with: - go-version: '1.21' - cache: true - - - name: Run golangci-lint - uses: golangci/golangci-lint-action@v3 - with: - version: latest - args: --out-format=colored-line-number - - - name: Check YAML formatting - uses: ibiqlik/action-yamllint@v3 - with: - file_or_dir: . - config_file: .yamllint.yml - - - name: Lint Shell Scripts - uses: ludeeus/action-shellcheck@master - with: - scandir: '.chezmoiscripts' - test: name: Tests runs-on: ubuntu-latest - needs: lint steps: - uses: actions/checkout@v4 From 6f3426f832b1a1ff3b4ee84bb64ebc7857011d60 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:03:44 -0500 Subject: [PATCH 49/78] feat(chezmoi): improve config defaults and prompts - Added default values for non-interactive environments in `.chezmoi.toml.tmpl`. - Updated prompts to use environment variables as defaults. - Fixed GitHub repository URLs in `.chezmoiexternal.toml.tmpl`. - Adjusted Trivy scan output format in `security.yml` and added SARIF upload notes. - Added Git-related environment variables in `env.nu.tmpl`. These changes enhance usability, especially in automated setups. --- .chezmoi.toml.tmpl | 11 +++++------ .chezmoiexternal.toml.tmpl | 9 ++++++--- .github/workflows/security.yml | 18 ++++++++++-------- dot_config/nushell/env.nu.tmpl | 7 +++++++ 4 files changed, 28 insertions(+), 17 deletions(-) diff --git a/.chezmoi.toml.tmpl b/.chezmoi.toml.tmpl index 9419d0a6..5b9102ba 100644 --- a/.chezmoi.toml.tmpl +++ b/.chezmoi.toml.tmpl @@ -1,6 +1,7 @@ {{- /* Checks if running interactively, which is not the case for GitHub Codespaces */ -}} {{- $interactive := stdinIsATTY -}} +{{/* Set default values for non-interactive environments */}} {{- $opacity := 0.8 }} {{- $blur := 20 }} {{- $font_size := 16 }} @@ -8,8 +9,6 @@ {{- $window_height := 70 }} {{- $window_width := 180 }} {{- $refreshPeriod := 168 }} - -{{/* Set default values for non-interactive environments */}} {{- $GIT_NAME := "GitHub Actions" }} {{- $GITHUB_USERNAME := "github-actions" }} {{- $GIT_EMAIL := "github-actions@github.com" }} @@ -19,13 +18,13 @@ {{/* Only prompt for values in interactive mode */}} {{- if $interactive }} - {{- $GIT_NAME = promptStringOnce . "git.config.name" "👥 Git Config 👥 - Name" "Gabe Mendoza" -}} - {{- $GITHUB_USERNAME = promptStringOnce . "git.config.username" "👥 Git Config 👥 - Github Username" "thatguyinabeanie" -}} + {{- $GIT_NAME = promptStringOnce . "git.config.name" "👥 Git Config 👥 - Name" (env "GIT_NAME" | default "") -}} + {{- $GITHUB_USERNAME = promptStringOnce . "git.config.username" "👥 Git Config 👥 - Github Username" (env "GITHUB_USERNAME" | default "") -}} {{- $WORK_ENVIRONMENT = promptBoolOnce . "WORK_ENVIRONMENT" "💻 Is this environment for work" false -}} {{- if eq $WORK_ENVIRONMENT true }} - {{- $GIT_EMAIL = promptStringOnce . "git.config.email" "👥 Git Config 👥 - Work Email" "gmendoza@civisanalytics.com" -}} + {{- $GIT_EMAIL = promptStringOnce . "git.config.email" "👥 Git Config 👥 - Work Email" (env "GIT_EMAIL" | default "") -}} {{- else }} - {{- $GIT_EMAIL = promptStringOnce . "git.config.email" "👥 Git Config 👥 - Email" "thatguyin@beanie.gg" -}} + {{- $GIT_EMAIL = promptStringOnce . "git.config.email" "👥 Git Config 👥 - Email" (env "GIT_EMAIL" | default "") -}} {{- end }} {{- $SHELL_OPTIONS := list "nu" "zsh" -}} {{- $SHELL = promptChoiceOnce . "SHELL" "💻 What is your preferred shell" $SHELL_OPTIONS "nu" -}} diff --git a/.chezmoiexternal.toml.tmpl b/.chezmoiexternal.toml.tmpl index 1388028c..9d28ed1f 100644 --- a/.chezmoiexternal.toml.tmpl +++ b/.chezmoiexternal.toml.tmpl @@ -7,19 +7,22 @@ type = "git-repo" refreshPeriod = "168h" url = "https://github.com/const-void/DOOM-fire-zig.git" +{{ if hasKey . "git.config.username" }} ## ## PRIVATE GITHUB REPOSITORIES ## ["source/dotfiles"] type = "git-repo" refreshPeriod = "168h" -url = "https://github.com/{{ $.git.config.username }}/dotfiles.git" +url = "https://github.com/{{ .git.config.username }}/dotfiles.git" ["source/github-profile"] type = "git-repo" refreshPeriod = "168h" -url = "https://github.com/{{ $.git.config.username }}/{{$.git.config.username }}.git" +url = "https://github.com/{{ .git.config.username }}/{{ .git.config.username }}.git" ## -## TODO: Populate work repository entries +##kTODO: Populate work repository entries ## + +{{ end }} diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 44836b9d..094c7d00 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -34,15 +34,17 @@ jobs: with: scan-type: "fs" ignore-unfixed: true - format: "sarif" - output: "trivy-results.sarif" + format: "table" exit-code: "1" severity: "CRITICAL,HIGH" hide-progress: false - - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3 - if: always() - with: - sarif_file: "trivy-results.sarif" - category: "trivy" + # Note: To enable SARIF uploads, enable code scanning in repository settings: + # Settings -> Code security and analysis -> Code scanning + # Then change format back to "sarif" and uncomment the upload step + # - name: Upload Trivy scan results to GitHub Security tab + # uses: github/codeql-action/upload-sarif@v3 + # if: always() + # with: + # sarif_file: "trivy-results.sarif" + # category: "trivy" diff --git a/dot_config/nushell/env.nu.tmpl b/dot_config/nushell/env.nu.tmpl index 2d9158fc..865a3f73 100644 --- a/dot_config/nushell/env.nu.tmpl +++ b/dot_config/nushell/env.nu.tmpl @@ -53,6 +53,9 @@ $env.GOBIN = $env.GOPATH | path join "bin" $env.DOTFILES_DIR = $env.XDG_DATA_HOME | path join "chezmoi" $env.WORK_ENVIRONMENT = "{{ .WORK_ENVIRONMENT }}" $env.GIT_CLONE_DIRECTORY = $env.XDG_HOME | path join "source" +$env.GIT_NAME = "{{ .git.config.name }}" +$env.GITHUB_USERNAME = "{{ .git.config.username }}" +$env.GIT_EMAIL = "{{ .git.config.email }}" ## ## HOMEBREW BREWFILE PATH @@ -91,3 +94,7 @@ $env.MANPAGER = "sh -c 'sed -u -e \"s/\\x1B[[0-9;]*m//g; s/.\\x08//g\" | bat -p ## CODE COMPANION NVIM ## $env.CODECOMPANION_TOKEN_PATH = $env.XDG_CONFIG_HOME; + +## +## GIT/GITHUB +## From a252710b9a4555d6fc6e3117010c4a982c8ad944 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:07:33 -0500 Subject: [PATCH 50/78] update names --- .github/workflows/lint.yml | 2 +- .github/workflows/test.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 7577b65a..d52fc16e 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,5 +1,5 @@ --- -name: Tests +name: Lint on: push: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 6283b1ac..4c874cd6 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -9,7 +9,7 @@ on: jobs: test: - name: Tests + name: Chezmoi runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 From d1f92f59e1913014a310bc04542e2eb6b3b1729c Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:13:14 -0500 Subject: [PATCH 51/78] templates and things --- .github/ISSUE_TEMPLATE/bug_report.md | 27 ++++++++++++++ .github/ISSUE_TEMPLATE/feature_request.md | 19 ++++++++++ .github/PULL_REQUEST_TEMPLATE.md | 22 +++++++++++ .github/workflows/codeql.yml | 40 ++++++++++++++++++++ CONTRIBUTING.md | 45 +++++++++++++++++++++++ README.md | 18 +++++++++ SECURITY.md | 25 +++++++++++++ 7 files changed, 196 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md create mode 100644 .github/PULL_REQUEST_TEMPLATE.md create mode 100644 .github/workflows/codeql.yml create mode 100644 CONTRIBUTING.md create mode 100644 SECURITY.md diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 00000000..92ea9441 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,27 @@ +--- +name: Bug Report +about: Create a report to help improve the dotfiles +title: '[BUG] ' +labels: bug +assignees: '' +--- + +**Description** +A clear description of the bug. + +**To Reproduce** +Steps to reproduce the behavior: +1. +2. +3. + +**Expected Behavior** +What you expected to happen. + +**Environment** +- OS: [e.g., macOS 13.0] +- Shell: [e.g., Nushell 0.80] +- Chezmoi version: [e.g., 2.34.0] + +**Additional Context** +Add any other context about the problem here. \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 00000000..26d086d9 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,19 @@ +--- +name: Feature Request +about: Suggest an idea for the dotfiles +title: '[FEATURE] ' +labels: enhancement +assignees: '' +--- + +**Problem** +A clear description of what the problem is. + +**Proposed Solution** +A clear description of what you want to happen. + +**Alternatives Considered** +A clear description of any alternative solutions you've considered. + +**Additional Context** +Add any other context about the feature request here. \ No newline at end of file diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 00000000..0502689b --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,22 @@ +## Description +Brief description of the changes. + +## Type of Change +- [ ] Bug fix +- [ ] New feature +- [ ] Documentation update +- [ ] Configuration change +- [ ] Breaking change + +## Testing +Describe the tests you ran: +1. +2. +3. + +## Checklist +- [ ] My code follows the style guidelines +- [ ] I have performed a self-review +- [ ] I have updated the documentation +- [ ] I have added tests that prove my fix/feature works +- [ ] All new and existing tests pass \ No newline at end of file diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 00000000..881d2977 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,40 @@ +name: "CodeQL" + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + schedule: + - cron: '30 1 * * 0' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'go' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{matrix.language}}" \ No newline at end of file diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 00000000..604e32e4 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,45 @@ +# Contributing to Dotfiles + +Thank you for your interest in contributing! This document outlines the process for contributing to this dotfiles repository. + +## Getting Started + +1. Fork the repository +2. Create a new branch for your feature/fix +3. Make your changes +4. Test your changes +5. Submit a pull request + +## Development Setup + +1. Install Chezmoi: + ```zsh + sh -c "$(curl -fsLS get.chezmoi.io)" + ``` +2. Clone the repository: + ```zsh + chezmoi init --apply + ``` + +## Testing + +- Run integration tests: + ```zsh + go test -v ./tests/... + ``` +- Test installation on a fresh system +- Verify all GitHub Actions pass + +## Pull Request Process + +1. Update documentation if needed +2. Add tests for new features +3. Ensure all tests pass +4. Update the README.md if needed +5. Reference any related issues + +## Code Style + +- Follow existing code formatting +- Use meaningful commit messages +- Keep changes focused and atomic \ No newline at end of file diff --git a/README.md b/README.md index a28098a1..7ffbfe20 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,11 @@ efficient development environment setup. ![Editor](https://img.shields.io/badge/Editor-Neovim-green?style=flat-square&logo=neovim) ![Theme](https://img.shields.io/badge/Theme-Catppuccin-pink?style=flat-square) ![License](https://img.shields.io/badge/License-MIT-yellow?style=flat-square) +![Tests](https://github.com/thatguyinabeanie/dotfiles/actions/workflows/test.yml/badge.svg) +![Lint](https://github.com/thatguyinabeanie/dotfiles/actions/workflows/lint.yml/badge.svg) +![Security](https://github.com/thatguyinabeanie/dotfiles/actions/workflows/security.yml/badge.svg) + +[Screenshot of setup] ## ✨ Components @@ -51,6 +56,19 @@ efficient development environment setup. sh -c "$(curl -fsLS get.chezmoi.io)" -- init --apply thatguyinabeanie ``` +### Configuration Variables + +During installation, you'll be prompted for several configuration values: + +| Variable | Description | Default | +|----------|-------------|---------| +| `WORK_ENVIRONMENT` | Enable work-specific configurations | `false` | +| `SHELL` | Preferred shell (nu/zsh) | `nu` | +| `CATPPUCCIN_FLAVOR` | Theme variant (mocha/macchiato/frappe/latte) | `mocha` | +| `GIT_NAME` | Git commit author name | - | +| `GIT_EMAIL` | Git commit author email | - | +| `GITHUB_USERNAME` | GitHub username | - | + ## 📂 Structure ## 🎯 Features diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..ada6ddd1 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,25 @@ +# Security Policy + +## Reporting a Vulnerability + +If you discover a security vulnerability, please follow these steps: + +1. **Do Not** open a public issue +2. Email the vulnerability details to [your-email] +3. Include: + - Description of the vulnerability + - Steps to reproduce + - Potential impact + - Suggested fix (if any) + +## Security Measures + +This repository: +- Uses Gitleaks for secrets scanning +- Employs Trivy for vulnerability scanning +- Implements CodeQL analysis +- Uses Dependabot for dependency updates + +## Supported Versions + +Only the latest version is supported with security updates. \ No newline at end of file From 99cef6501f5636111020f9f3827059530e5d1c1d Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:14:33 -0500 Subject: [PATCH 52/78] gitleaks free --- .github/workflows/security.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 094c7d00..24a81947 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -27,7 +27,6 @@ jobs: uses: gitleaks/gitleaks-action@v2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }} - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master From b903f713e9533cc0d53ecd594df060ff62df87f9 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:17:29 -0500 Subject: [PATCH 53/78] moved markdownlint github action into lint workflow --- .github/workflows/docs.yml | 27 --------------------------- .github/workflows/lint.yml | 12 ++++++++++++ 2 files changed, 12 insertions(+), 27 deletions(-) delete mode 100644 .github/workflows/docs.yml diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml deleted file mode 100644 index 1268bdad..00000000 --- a/.github/workflows/docs.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -name: Documentation - -on: - push: - branches: [main] - pull_request: - branches: [main] - -jobs: - markdown-lint: - name: Markdown Lint - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - name: Run markdownlint - uses: nosborn/github-action-markdown-cli@v3.3.0 - with: - files: "*.md" - config_file: ".markdownlint.json" - - - name: Check for broken links - uses: gaurav-nelson/github-action-markdown-link-check@v1 - with: - use-quiet-mode: 'yes' - config-file: '.markdown-link-check.json' diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index d52fc16e..c4f87f22 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -36,3 +36,15 @@ jobs: uses: ludeeus/action-shellcheck@master with: scandir: '.chezmoiscripts' + + - name: Run markdownlint + uses: nosborn/github-action-markdown-cli@v3.3.0 + with: + files: "*.md" + config_file: ".markdownlint.json" + + - name: Check for broken links + uses: gaurav-nelson/github-action-markdown-link-check@v1 + with: + use-quiet-mode: 'yes' + config-file: '.markdown-link-check.json' From 45012265cb74086bdafe3fe062e67000d5ca3044 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:20:25 -0500 Subject: [PATCH 54/78] moved codeql into security workflow --- .github/workflows/codeql.yml | 40 ---------------------------------- .github/workflows/security.yml | 29 ++++++++++++++++++++++++ 2 files changed, 29 insertions(+), 40 deletions(-) delete mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml deleted file mode 100644 index 881d2977..00000000 --- a/.github/workflows/codeql.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: "CodeQL" - -on: - push: - branches: [ "main" ] - pull_request: - branches: [ "main" ] - schedule: - - cron: '30 1 * * 0' - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ 'go' ] - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - - - name: Autobuild - uses: github/codeql-action/autobuild@v2 - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 - with: - category: "/language:${{matrix.language}}" \ No newline at end of file diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 24a81947..317525c2 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -15,6 +15,35 @@ permissions: pull-requests: read # Required for PR checks jobs: + codeql: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'go' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{matrix.language}}" security: name: Security Scan runs-on: ubuntu-latest From cd8429203fc66bc48af031e4398b9feb55c32700 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:24:01 -0500 Subject: [PATCH 55/78] lint --- .github/workflows/security.yml | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 317525c2..31986a0f 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -10,9 +10,9 @@ on: permissions: contents: read - security-events: write # Required for uploading SARIF results - actions: read # Required for checking workflow runs - pull-requests: read # Required for PR checks + security-events: write + actions: read + pull-requests: read jobs: codeql: @@ -26,24 +26,24 @@ jobs: strategy: fail-fast: false matrix: - language: [ 'go' ] + language: ['go'] steps: - - name: Checkout repository - uses: actions/checkout@v4 + - name: Checkout repository + uses: actions/checkout@v4 - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} - - name: Autobuild - uses: github/codeql-action/autobuild@v2 + - name: Autobuild + uses: github/codeql-action/autobuild@v2 - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 - with: - category: "/language:${{matrix.language}}" + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{matrix.language}}" security: name: Security Scan runs-on: ubuntu-latest @@ -67,7 +67,7 @@ jobs: severity: "CRITICAL,HIGH" hide-progress: false - # Note: To enable SARIF uploads, enable code scanning in repository settings: + # To enable SARIF uploads, enable code scanning in repository settings: # Settings -> Code security and analysis -> Code scanning # Then change format back to "sarif" and uncomment the upload step # - name: Upload Trivy scan results to GitHub Security tab From 79cd0c48f08146d6a31b56c5aa2b4348e74098a1 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:26:41 -0500 Subject: [PATCH 56/78] lint --- .github/workflows/security.yml | 76 +++++++++++++++++----------------- 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 31986a0f..2e04a773 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -15,35 +15,35 @@ permissions: pull-requests: read jobs: - codeql: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: ['go'] - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - - - name: Autobuild - uses: github/codeql-action/autobuild@v2 - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 - with: - category: "/language:${{matrix.language}}" + # codeql: + # name: Analyze + # runs-on: ubuntu-latest + # permissions: + # actions: read + # contents: read + # security-events: write + # + # strategy: + # fail-fast: false + # matrix: + # language: ['go'] + # + # steps: + # - name: Checkout repository + # uses: actions/checkout@v4 + # + # - name: Initialize CodeQL + # uses: github/codeql-action/init@v2 + # with: + # languages: ${{ matrix.language }} + # + # - name: Autobuild + # uses: github/codeql-action/autobuild@v2 + # + # - name: Perform CodeQL Analysis + # uses: github/codeql-action/analyze@v2 + # with: + # category: "/language:${{matrix.language}}" security: name: Security Scan runs-on: ubuntu-latest @@ -67,12 +67,12 @@ jobs: severity: "CRITICAL,HIGH" hide-progress: false - # To enable SARIF uploads, enable code scanning in repository settings: - # Settings -> Code security and analysis -> Code scanning - # Then change format back to "sarif" and uncomment the upload step - # - name: Upload Trivy scan results to GitHub Security tab - # uses: github/codeql-action/upload-sarif@v3 - # if: always() - # with: - # sarif_file: "trivy-results.sarif" - # category: "trivy" + # To enable SARIF uploads, enable code scanning in repository settings: + # Settings -> Code security and analysis -> Code scanning + # Then change format back to "sarif" and uncomment the upload step + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + if: always() + with: + sarif_file: "trivy-results.sarif" + category: "trivy" From 849a9b9277d2d7c014ae65f4777487e254f1fc39 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:28:46 -0500 Subject: [PATCH 57/78] lint --- .github/workflows/security.yml | 76 +++++++++++++++++----------------- 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 2e04a773..102d66ef 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -15,35 +15,35 @@ permissions: pull-requests: read jobs: - # codeql: - # name: Analyze - # runs-on: ubuntu-latest - # permissions: - # actions: read - # contents: read - # security-events: write - # - # strategy: - # fail-fast: false - # matrix: - # language: ['go'] - # - # steps: - # - name: Checkout repository - # uses: actions/checkout@v4 - # - # - name: Initialize CodeQL - # uses: github/codeql-action/init@v2 - # with: - # languages: ${{ matrix.language }} - # - # - name: Autobuild - # uses: github/codeql-action/autobuild@v2 - # - # - name: Perform CodeQL Analysis - # uses: github/codeql-action/analyze@v2 - # with: - # category: "/language:${{matrix.language}}" + codeql: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: ['go'] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{matrix.language}}" security: name: Security Scan runs-on: ubuntu-latest @@ -67,12 +67,12 @@ jobs: severity: "CRITICAL,HIGH" hide-progress: false - # To enable SARIF uploads, enable code scanning in repository settings: - # Settings -> Code security and analysis -> Code scanning - # Then change format back to "sarif" and uncomment the upload step - - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3 - if: always() - with: - sarif_file: "trivy-results.sarif" - category: "trivy" + # To enable SARIF uploads, enable code scanning in repository settings: + # Settings -> Code security and analysis -> Code scanning + # Then change format back to "sarif" and uncomment the upload step + # - name: Upload Trivy scan results to GitHub Security tab + # uses: github/codeql-action/upload-sarif@v3 + # if: always() + # with: + # sarif_file: "trivy-results.sarif" + # category: "trivy" From 8c195d374d3ab9e584cc82ad41010143d56b4ff8 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:29:25 -0500 Subject: [PATCH 58/78] lint --- .github/workflows/security.yml | 76 +++++++++++++++++----------------- 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 102d66ef..d9758e56 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -15,35 +15,35 @@ permissions: pull-requests: read jobs: - codeql: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: ['go'] - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - - - name: Autobuild - uses: github/codeql-action/autobuild@v2 - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 - with: - category: "/language:${{matrix.language}}" + # codeql: + # name: Analyze + # runs-on: ubuntu-latest + # permissions: + # actions: read + # contents: read + # security-events: write + # + # strategy: + # fail-fast: false + # matrix: + # language: ['go'] + # + # steps: + # - name: Checkout repository + # uses: actions/checkout@v4 + # + # - name: Initialize CodeQL + # uses: github/codeql-action/init@v2 + # with: + # languages: ${{ matrix.language }} + # + # - name: Autobuild + # uses: github/codeql-action/autobuild@v2 + # + # - name: Perform CodeQL Analysis + # uses: github/codeql-action/analyze@v2 + # with: + # category: "/language:${{matrix.language}}" security: name: Security Scan runs-on: ubuntu-latest @@ -67,12 +67,12 @@ jobs: severity: "CRITICAL,HIGH" hide-progress: false - # To enable SARIF uploads, enable code scanning in repository settings: - # Settings -> Code security and analysis -> Code scanning - # Then change format back to "sarif" and uncomment the upload step - # - name: Upload Trivy scan results to GitHub Security tab - # uses: github/codeql-action/upload-sarif@v3 - # if: always() - # with: - # sarif_file: "trivy-results.sarif" - # category: "trivy" + # To enable SARIF uploads, enable code scanning in repository settings: + # Settings -> Code security and analysis -> Code scanning + # Then change format back to "sarif" and uncomment the upload step + # - name: Upload Trivy scan results to GitHub Security tab + # uses: github/codeql-action/upload-sarif@v3 + # if: always() + # with: + # sarif_file: "trivy-results.sarif" + # category: "trivy" From a736945c1e13f79470d71ac95e5e702872d55d76 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:31:37 -0500 Subject: [PATCH 59/78] lint --- .github/workflows/lint.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index c4f87f22..5f95612b 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -28,22 +28,26 @@ jobs: - name: Check YAML formatting uses: ibiqlik/action-yamllint@v3 + if: always() with: file_or_dir: . config_file: .yamllint.yml - name: Lint Shell Scripts + if: always() uses: ludeeus/action-shellcheck@master with: scandir: '.chezmoiscripts' - name: Run markdownlint + if: always() uses: nosborn/github-action-markdown-cli@v3.3.0 with: files: "*.md" config_file: ".markdownlint.json" - name: Check for broken links + if: always() uses: gaurav-nelson/github-action-markdown-link-check@v1 with: use-quiet-mode: 'yes' From 227c0ab4604346c8d374851767030093e568c6f4 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:34:46 -0500 Subject: [PATCH 60/78] consolidate --- .markdownlint.yml | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 .markdownlint.yml diff --git a/.markdownlint.yml b/.markdownlint.yml deleted file mode 100644 index 82bc9847..00000000 --- a/.markdownlint.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -extends: default -rules: - line-length: false - no-inline-html: false - no-duplicate-heading: false -MD013: - line_length: 120 -MD033: false -MD041: false From f8fd6049b1326f0cf25d713226530f8537218dd7 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:35:44 -0500 Subject: [PATCH 61/78] shrug --- .markdownlint.json | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.markdownlint.json b/.markdownlint.json index eac4fc2d..4e32eaee 100644 --- a/.markdownlint.json +++ b/.markdownlint.json @@ -18,8 +18,5 @@ "MD029": { "style": "ordered" }, - "MD036": false, - "MD047": { - "require_newline_at_eof": true - } -} \ No newline at end of file + "MD036": false +} From 4ea6f92279585107aa23f87e6df6e0842b6a0a8b Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:39:17 -0500 Subject: [PATCH 62/78] tempalte --- .chezmoiignore | 8 +++----- .github/PULL_REQUEST_TEMPLATE.md | 13 +++++++++---- go.mod | 2 +- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/.chezmoiignore b/.chezmoiignore index 55a0fff3..c0f07e85 100644 --- a/.chezmoiignore +++ b/.chezmoiignore @@ -40,9 +40,7 @@ tests/ install.sh -.markdown-link-check.json -.markdownlink.yml -.yamllint.yml - go.mod -go.sum \ No newline at end of file +go.sum +CONTRIBUTING.md +SECURITY.md diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 0502689b..a509f9ea 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,7 +1,9 @@ ## Description + Brief description of the changes. ## Type of Change + - [ ] Bug fix - [ ] New feature - [ ] Documentation update @@ -9,14 +11,17 @@ Brief description of the changes. - [ ] Breaking change ## Testing + Describe the tests you ran: -1. -2. -3. + +1. +2. +3. ## Checklist + - [ ] My code follows the style guidelines - [ ] I have performed a self-review - [ ] I have updated the documentation - [ ] I have added tests that prove my fix/feature works -- [ ] All new and existing tests pass \ No newline at end of file +- [ ] All new and existing tests pass diff --git a/go.mod b/go.mod index 791d5791..24c75156 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/thatguyinabeanie/dotfiles -go 1.21 +go 1.24 require ( github.com/alecthomas/assert/v2 v2.5.0 From 49b8b86630af0eb82d918ca61fa7635705a9e5ea Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:40:02 -0500 Subject: [PATCH 63/78] tempalte --- .github/ISSUE_TEMPLATE/bug_report.md | 9 +++++---- .github/ISSUE_TEMPLATE/feature_request.md | 2 +- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index 92ea9441..e2074975 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -11,17 +11,18 @@ A clear description of the bug. **To Reproduce** Steps to reproduce the behavior: -1. -2. -3. +1. +2. +3. **Expected Behavior** What you expected to happen. **Environment** + - OS: [e.g., macOS 13.0] - Shell: [e.g., Nushell 0.80] - Chezmoi version: [e.g., 2.34.0] **Additional Context** -Add any other context about the problem here. \ No newline at end of file +Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md index 26d086d9..343de5dd 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -16,4 +16,4 @@ A clear description of what you want to happen. A clear description of any alternative solutions you've considered. **Additional Context** -Add any other context about the feature request here. \ No newline at end of file +Add any other context about the feature request here From 1543aae652553cf58fb8bdcdc2d67c33f159f64a Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:42:33 -0500 Subject: [PATCH 64/78] ignore coverage --- .chezmoiignore | 1 + .gitignore | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.chezmoiignore b/.chezmoiignore index c0f07e85..731e493f 100644 --- a/.chezmoiignore +++ b/.chezmoiignore @@ -40,6 +40,7 @@ tests/ install.sh +coverage.txt go.mod go.sum CONTRIBUTING.md diff --git a/.gitignore b/.gitignore index cb6991ab..8c970049 100644 --- a/.gitignore +++ b/.gitignore @@ -13,4 +13,5 @@ secrets/* k9s/* !k9s/config.yaml !k9s/skins/* - +coverage.txt +coverage.txt From 1d7db893cf346dd6dcfeebe9c1a1cb97fda3eee2 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:45:38 -0500 Subject: [PATCH 65/78] shrug --- .markdown-link-check.json | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.markdown-link-check.json b/.markdown-link-check.json index abcb1cd2..c5c720ac 100644 --- a/.markdown-link-check.json +++ b/.markdown-link-check.json @@ -2,6 +2,9 @@ "ignorePatterns": [ { "pattern": "^http://localhost" + }, + { + "pattern": "^https://github\\.com/.+/actions/workflows/.+/badge\\.svg" } ], "replacementPatterns": [], @@ -9,4 +12,4 @@ "retryOn429": true, "retryCount": 5, "fallbackRetryDelay": "30s" -} \ No newline at end of file +} From 65b23ab1ab7a5acc366a65d59b246772574654f0 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:47:45 -0500 Subject: [PATCH 66/78] lint --- CONTRIBUTING.md | 28 +++++++++++++++++----------- SECURITY.md | 3 ++- 2 files changed, 19 insertions(+), 12 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 604e32e4..d1dec302 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,6 +1,7 @@ # Contributing to Dotfiles -Thank you for your interest in contributing! This document outlines the process for contributing to this dotfiles repository. +Thank you for your interest in contributing! This document outlines the process for contributing to this dotfiles +repository. ## Getting Started @@ -13,20 +14,25 @@ Thank you for your interest in contributing! This document outlines the process ## Development Setup 1. Install Chezmoi: - ```zsh - sh -c "$(curl -fsLS get.chezmoi.io)" - ``` + +```zsh +sh -c "$(curl -fsLS get.chezmoi.io)" +``` + 2. Clone the repository: - ```zsh - chezmoi init --apply - ``` + +```zsh +chezmoi init --apply +``` ## Testing - Run integration tests: - ```zsh - go test -v ./tests/... - ``` + +```zsh +go test -v ./tests/... +``` + - Test installation on a fresh system - Verify all GitHub Actions pass @@ -42,4 +48,4 @@ Thank you for your interest in contributing! This document outlines the process - Follow existing code formatting - Use meaningful commit messages -- Keep changes focused and atomic \ No newline at end of file +- Keep changes focused and atomic diff --git a/SECURITY.md b/SECURITY.md index ada6ddd1..786b271a 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -15,6 +15,7 @@ If you discover a security vulnerability, please follow these steps: ## Security Measures This repository: + - Uses Gitleaks for secrets scanning - Employs Trivy for vulnerability scanning - Implements CodeQL analysis @@ -22,4 +23,4 @@ This repository: ## Supported Versions -Only the latest version is supported with security updates. \ No newline at end of file +Only the latest version is supported with security updates. From 547c428985fe9d777f0ec8cdc59483cc20f3a51b Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:52:10 -0500 Subject: [PATCH 67/78] lint --- CONTRIBUTING.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index d1dec302..9fd6df1f 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,7 +1,7 @@ # Contributing to Dotfiles -Thank you for your interest in contributing! This document outlines the process for contributing to this dotfiles -repository. +Thank you for your interest in contributing! This document outlines the process for contributing to this +dotfiles repository. ## Getting Started @@ -19,7 +19,7 @@ repository. sh -c "$(curl -fsLS get.chezmoi.io)" ``` -2. Clone the repository: +1. Clone the repository: ```zsh chezmoi init --apply From 43273e0e548298112dda26ab7a370bc5a7f76e85 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:52:53 -0500 Subject: [PATCH 68/78] contributing --- CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 9fd6df1f..37c3788e 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -22,7 +22,7 @@ sh -c "$(curl -fsLS get.chezmoi.io)" 1. Clone the repository: ```zsh -chezmoi init --apply +chezmoi init --apply your_github_username ``` ## Testing From ae788b1bdce88e5314c0fd34c9a2b586f8d6b5fd Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 22:57:00 -0500 Subject: [PATCH 69/78] length --- CONTRIBUTING.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 37c3788e..3aa63f2d 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,7 +1,6 @@ # Contributing to Dotfiles -Thank you for your interest in contributing! This document outlines the process for contributing to this -dotfiles repository. +Thank you for your interest in contributing! This document outlines the process for contributing. ## Getting Started From 726723a05697c7a1235f618bb43593b93cd70819 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 23:02:27 -0500 Subject: [PATCH 70/78] git leaks --- .chezmoidata/homebrew.yaml | 1 + .chezmoiignore | 1 + .gitignore | 2 +- 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.chezmoidata/homebrew.yaml b/.chezmoidata/homebrew.yaml index fc6d0e7f..d5d5c745 100644 --- a/.chezmoidata/homebrew.yaml +++ b/.chezmoidata/homebrew.yaml @@ -136,6 +136,7 @@ homebrew: - glib - gifsicle - git + - gitleaks - gitui - git-delta - glances diff --git a/.chezmoiignore b/.chezmoiignore index 731e493f..11ee0bde 100644 --- a/.chezmoiignore +++ b/.chezmoiignore @@ -45,3 +45,4 @@ go.mod go.sum CONTRIBUTING.md SECURITY.md +gitleaks-report.json \ No newline at end of file diff --git a/.gitignore b/.gitignore index 8c970049..40bdc06a 100644 --- a/.gitignore +++ b/.gitignore @@ -14,4 +14,4 @@ k9s/* !k9s/config.yaml !k9s/skins/* coverage.txt -coverage.txt +gitleaks-report.json From 753fcba29196f3210a069ed0890934624a0a3c0c Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 23:22:11 -0500 Subject: [PATCH 71/78] the end of it i think --- .chezmoidata/homebrew.yaml | 1 + .chezmoiignore | 2 +- README.md | 25 +++++++++++ dot_config/git/config.tmpl | 11 ++--- dot_config/git/hooks/.keep | 0 dot_config/git/pre-commit-config.yaml | 17 ++++++++ .../run_onchange_after_install-hooks.sh.tmpl | 34 +++++++++++++++ dot_config/gitleaks/config.toml | 34 +++++++++++++++ dot_config/gitleaks/dot_gitleaksignore | 43 +++++++++++++++++++ 9 files changed, 161 insertions(+), 6 deletions(-) create mode 100644 dot_config/git/hooks/.keep create mode 100644 dot_config/git/pre-commit-config.yaml create mode 100644 dot_config/git/run_onchange_after_install-hooks.sh.tmpl create mode 100644 dot_config/gitleaks/config.toml create mode 100644 dot_config/gitleaks/dot_gitleaksignore diff --git a/.chezmoidata/homebrew.yaml b/.chezmoidata/homebrew.yaml index d5d5c745..204524dc 100644 --- a/.chezmoidata/homebrew.yaml +++ b/.chezmoidata/homebrew.yaml @@ -199,6 +199,7 @@ homebrew: - pnpm - poppler - prettier + - pre-commit - procs - proctools - python@3.13 diff --git a/.chezmoiignore b/.chezmoiignore index 11ee0bde..9e42d711 100644 --- a/.chezmoiignore +++ b/.chezmoiignore @@ -45,4 +45,4 @@ go.mod go.sum CONTRIBUTING.md SECURITY.md -gitleaks-report.json \ No newline at end of file +gitleaks-report.json diff --git a/README.md b/README.md index 7ffbfe20..65208d67 100644 --- a/README.md +++ b/README.md @@ -92,6 +92,31 @@ During installation, you'll be prompted for several configuration values: - Custom aliases - Work environment integration +## 🔒 Security Features + +### Pre-commit Hooks + +This repository automatically sets up pre-commit hooks when you run `chezmoi init --apply`. These hooks include: + +- **Gitleaks**: Scans staged files for potential secrets or sensitive information +- **Basic checks**: Trailing whitespace, YAML validation, etc. + +The hooks are installed globally in `~/.config/git/hooks` and will be available for all your repositories. + +### Manual Security Scan + +To manually run a security scan: + +```bash +pre-commit run --all-files +``` + +or specifically for secrets: + +```bash +gitleaks detect --source . --verbose +``` + ## 📦 Dependencies - [**Chezmoi**](https://www.chezmoi.io/) - Dotfiles manager diff --git a/dot_config/git/config.tmpl b/dot_config/git/config.tmpl index 429f8fbf..151092ce 100644 --- a/dot_config/git/config.tmpl +++ b/dot_config/git/config.tmpl @@ -2,11 +2,11 @@ path = ./.catppuccin/catppuccin.gitconfig [user] - name = {{ .git.config.name }} - email = {{ .git.config.email }} + name = {{ .git.config.name }} + email = {{ .git.config.email }} [push] - autoSetupRemote = true + autoSetupRemote = true [core] editor = nvim @@ -14,10 +14,11 @@ excludesFile = ~/.config/git/.gitignore [commit] - gpgsign = false + gpgsign = false [init] - defaultBranch = main + defaultBranch = main + templateDir = {{ .chezmoi.homeDir }}/.config/git/hooks [interactive] diffFilter = delta --color-only diff --git a/dot_config/git/hooks/.keep b/dot_config/git/hooks/.keep new file mode 100644 index 00000000..e69de29b diff --git a/dot_config/git/pre-commit-config.yaml b/dot_config/git/pre-commit-config.yaml new file mode 100644 index 00000000..dbfc679e --- /dev/null +++ b/dot_config/git/pre-commit-config.yaml @@ -0,0 +1,17 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.18.1 + hooks: + - id: gitleaks + stages: [pre-commit] + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.5.0 + hooks: + - id: trailing-whitespace + stages: [pre-commit] + - id: end-of-file-fixer + stages: [pre-commit] + - id: check-yaml + stages: [pre-commit] + - id: check-added-large-files + stages: [pre-commit] diff --git a/dot_config/git/run_onchange_after_install-hooks.sh.tmpl b/dot_config/git/run_onchange_after_install-hooks.sh.tmpl new file mode 100644 index 00000000..d0ddefb9 --- /dev/null +++ b/dot_config/git/run_onchange_after_install-hooks.sh.tmpl @@ -0,0 +1,34 @@ +#!/bin/zsh + +# This script configures git hooks +# {{ include "dot_config/git/pre-commit-config.yaml" | sha256sum }} + +echo "🔧 Setting up git hooks..." + +# Check for required commands +if ! command -v pre-commit &> /dev/null; then + echo "❌ pre-commit not found. Please ensure it's installed." + exit 1 +fi + +if ! command -v gitleaks &> /dev/null; then + echo "❌ gitleaks not found. Please ensure it's installed." + exit 1 +fi + +# Initialize a temporary git repository if we're not in one +TEMP_GIT_DIR=$(mktemp -d) +cd "$TEMP_GIT_DIR" +git init > /dev/null 2>&1 + +# Install pre-commit hooks globally (suppress verbose output) +pre-commit init-templatedir "$HOOKS_DIR" &> /dev/null + +# Install the pre-commit configuration +pre-commit install --install-hooks --config="{{ .chezmoi.homeDir }}/.config/git/pre-commit-config.yaml" &> /dev/null + +# Clean up temporary git repository +cd - > /dev/null +rm -rf "$TEMP_GIT_DIR" + +echo "✅ Git hooks setup complete!" diff --git a/dot_config/gitleaks/config.toml b/dot_config/gitleaks/config.toml new file mode 100644 index 00000000..e7da5c25 --- /dev/null +++ b/dot_config/gitleaks/config.toml @@ -0,0 +1,34 @@ +# Gitleaks configuration file +title = "Gitleaks Configuration" + +[extend] +useDefault = true # Extend the default rule set + +[allowlist] +description = "Global Allowlist" +paths = [ + '''.*\.snapshot''', + '''.*\.env\.example$''', + '''.*\.test$''', + '''(.*?)(jpg|gif|doc|pdf|bin|svg|zip)$''', +] + +regexes = [ + '''(?i)example|test|mock|dummy''', +] + +[allowlist.commits] +description = "Allowed commits" +commits = [ + # Add any commit hashes to allowlist here +] + +# Custom rules in addition to default ones +[[rules]] +id = "chezmoi-template-token" +description = "Detect hardcoded tokens in chezmoi templates" +regex = '''(?i)(?P(secret|token|password|credential|api[_-]?key))(?:[_-])?=[\s]*["']?(?P[0-9a-zA-Z\-_=+/]{16,})["']?''' +tags = ["key", "chezmoi"] +file-types = [".tmpl"] +entropy = 3.5 +secret-group = 2 \ No newline at end of file diff --git a/dot_config/gitleaks/dot_gitleaksignore b/dot_config/gitleaks/dot_gitleaksignore new file mode 100644 index 00000000..f4880c43 --- /dev/null +++ b/dot_config/gitleaks/dot_gitleaksignore @@ -0,0 +1,43 @@ +# Version control +.git/ +.github/ + +# Build directories +**/dist/ +**/build/ +**/target/ + +# Dependencies +**/node_modules/ +**/vendor/ + +# Test files +**/*_test.go +**/*.test.ts +**/*.spec.js + +# Documentation +**/docs/ +**/*.md + +# Example files +**/*.example +**/*.sample + +# Binary and media files +**/*.jpg +**/*.png +**/*.gif +**/*.pdf +**/*.zip +**/*.tar.gz + +# Specific to your dotfiles +wallpapers/ +backups/ +coverage.txt +gitleaks-report.json + +# Template files that might contain fake credentials +**/*.example.tmpl +**/example.*.tmpl \ No newline at end of file From 2a2b6de060659091cd1979552625ca134c506e3d Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 23:24:23 -0500 Subject: [PATCH 72/78] test gitleaks hok --- dot_config/git/run_onchange_after_install-hooks.sh.tmpl | 1 + 1 file changed, 1 insertion(+) diff --git a/dot_config/git/run_onchange_after_install-hooks.sh.tmpl b/dot_config/git/run_onchange_after_install-hooks.sh.tmpl index d0ddefb9..3eea0bb9 100644 --- a/dot_config/git/run_onchange_after_install-hooks.sh.tmpl +++ b/dot_config/git/run_onchange_after_install-hooks.sh.tmpl @@ -21,6 +21,7 @@ TEMP_GIT_DIR=$(mktemp -d) cd "$TEMP_GIT_DIR" git init > /dev/null 2>&1 + # Install pre-commit hooks globally (suppress verbose output) pre-commit init-templatedir "$HOOKS_DIR" &> /dev/null From a87c589c8c201e1fa46ef31a6805d16b0e096513 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 23:25:21 -0500 Subject: [PATCH 73/78] test gitleaks hok --- dot_config/git/run_onchange_after_install-hooks.sh.tmpl | 1 - 1 file changed, 1 deletion(-) diff --git a/dot_config/git/run_onchange_after_install-hooks.sh.tmpl b/dot_config/git/run_onchange_after_install-hooks.sh.tmpl index 3eea0bb9..d0ddefb9 100644 --- a/dot_config/git/run_onchange_after_install-hooks.sh.tmpl +++ b/dot_config/git/run_onchange_after_install-hooks.sh.tmpl @@ -21,7 +21,6 @@ TEMP_GIT_DIR=$(mktemp -d) cd "$TEMP_GIT_DIR" git init > /dev/null 2>&1 - # Install pre-commit hooks globally (suppress verbose output) pre-commit init-templatedir "$HOOKS_DIR" &> /dev/null From 1a7c9cd6635f0373b5f43ee56fa1d6abbc00f49f Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 23:35:56 -0500 Subject: [PATCH 74/78] no gitlkeaks precommit --- dot_config/git/config.tmpl | 1 - dot_config/git/pre-commit-config.yaml | 17 ---------- .../run_onchange_after_install-hooks.sh.tmpl | 34 ------------------- 3 files changed, 52 deletions(-) delete mode 100644 dot_config/git/pre-commit-config.yaml delete mode 100644 dot_config/git/run_onchange_after_install-hooks.sh.tmpl diff --git a/dot_config/git/config.tmpl b/dot_config/git/config.tmpl index 151092ce..b13a8e08 100644 --- a/dot_config/git/config.tmpl +++ b/dot_config/git/config.tmpl @@ -18,7 +18,6 @@ [init] defaultBranch = main - templateDir = {{ .chezmoi.homeDir }}/.config/git/hooks [interactive] diffFilter = delta --color-only diff --git a/dot_config/git/pre-commit-config.yaml b/dot_config/git/pre-commit-config.yaml deleted file mode 100644 index dbfc679e..00000000 --- a/dot_config/git/pre-commit-config.yaml +++ /dev/null @@ -1,17 +0,0 @@ -repos: - - repo: https://github.com/gitleaks/gitleaks - rev: v8.18.1 - hooks: - - id: gitleaks - stages: [pre-commit] - - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.5.0 - hooks: - - id: trailing-whitespace - stages: [pre-commit] - - id: end-of-file-fixer - stages: [pre-commit] - - id: check-yaml - stages: [pre-commit] - - id: check-added-large-files - stages: [pre-commit] diff --git a/dot_config/git/run_onchange_after_install-hooks.sh.tmpl b/dot_config/git/run_onchange_after_install-hooks.sh.tmpl deleted file mode 100644 index d0ddefb9..00000000 --- a/dot_config/git/run_onchange_after_install-hooks.sh.tmpl +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/zsh - -# This script configures git hooks -# {{ include "dot_config/git/pre-commit-config.yaml" | sha256sum }} - -echo "🔧 Setting up git hooks..." - -# Check for required commands -if ! command -v pre-commit &> /dev/null; then - echo "❌ pre-commit not found. Please ensure it's installed." - exit 1 -fi - -if ! command -v gitleaks &> /dev/null; then - echo "❌ gitleaks not found. Please ensure it's installed." - exit 1 -fi - -# Initialize a temporary git repository if we're not in one -TEMP_GIT_DIR=$(mktemp -d) -cd "$TEMP_GIT_DIR" -git init > /dev/null 2>&1 - -# Install pre-commit hooks globally (suppress verbose output) -pre-commit init-templatedir "$HOOKS_DIR" &> /dev/null - -# Install the pre-commit configuration -pre-commit install --install-hooks --config="{{ .chezmoi.homeDir }}/.config/git/pre-commit-config.yaml" &> /dev/null - -# Clean up temporary git repository -cd - > /dev/null -rm -rf "$TEMP_GIT_DIR" - -echo "✅ Git hooks setup complete!" From d7c37eb5e9682867dad5f3d633a728c721f38a72 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 23:38:14 -0500 Subject: [PATCH 75/78] comments --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 65208d67..32c63d3a 100644 --- a/README.md +++ b/README.md @@ -94,7 +94,7 @@ During installation, you'll be prompted for several configuration values: ## 🔒 Security Features -### Pre-commit Hooks +### TODO: Pre-commit Hooks This repository automatically sets up pre-commit hooks when you run `chezmoi init --apply`. These hooks include: From 48fe5560677cad5d80a22dad078f84d77fff6dcb Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 23:39:05 -0500 Subject: [PATCH 76/78] readme --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 32c63d3a..21647d6c 100644 --- a/README.md +++ b/README.md @@ -96,7 +96,8 @@ During installation, you'll be prompted for several configuration values: ### TODO: Pre-commit Hooks -This repository automatically sets up pre-commit hooks when you run `chezmoi init --apply`. These hooks include: +This repository automatically sets up pre-commit hooks when you run `chezmoi init --apply`. +These hooks include: - **Gitleaks**: Scans staged files for potential secrets or sensitive information - **Basic checks**: Trailing whitespace, YAML validation, etc. From 46af87990d7848f05d92c1eeca0e101ddcd19b2c Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Tue, 29 Apr 2025 23:40:25 -0500 Subject: [PATCH 77/78] trigger github action From f2594b848697935170fd7084d3043216d513fdc9 Mon Sep 17 00:00:00 2001 From: Gabe Mendoza Date: Wed, 30 Apr 2025 01:17:55 -0500 Subject: [PATCH 78/78] More mise (#3) * move some things over to mise * shrug * fastfetch --- .chezmoidata/homebrew.yaml | 31 +------- .chezmoidata/mise.yaml | 70 +++++++++++++++++++ dot_config/btop/run_onchange_after_themes.nu | 5 -- dot_config/mise/config.toml.tmpl | 2 +- .../run_onchange_after_config-toml.nu.tmpl | 5 +- 5 files changed, 77 insertions(+), 36 deletions(-) delete mode 100644 dot_config/btop/run_onchange_after_themes.nu diff --git a/.chezmoidata/homebrew.yaml b/.chezmoidata/homebrew.yaml index 204524dc..d02109e7 100644 --- a/.chezmoidata/homebrew.yaml +++ b/.chezmoidata/homebrew.yaml @@ -14,10 +14,7 @@ homebrew: - mysql - mysql-client - okta-aws-cli - - python@3.11 - python-gdbm@3.11 - - python@3.9 - - python@3.12 - v8 casks: - aws-vpn-client @@ -58,7 +55,6 @@ homebrew: - homebrew/autoupdate - jesseduffield/lazydocker - nikitabobko/tap - - oven-sh/bun fonts: - font-cascadia-code-nf - font-caskaydia-cove-nerd-font @@ -87,7 +83,6 @@ homebrew: - zed brews: - ack - - act - ag - autoconf - automake @@ -96,19 +91,16 @@ homebrew: - bash-completion - bash-language-server - bat - - bottom - brew-cask-completion - btop - bundler-completion - chezmoi - - cmake - cmake-docs - cspell - colordiff - coreutils - charmbracelet/tap/mods - curl - - deno - diff-so-fancy - direnv - docutils @@ -117,50 +109,39 @@ homebrew: - dotdrop - dust - exiftool - - eza - fastfetch - - fd - fish - fish-lsp - ffmpeg - findutils - fontconfig - - fzf - gcc - gcc@11 - gcc@12 - gem-completion - - gradle-completion - gdu - - gh - glib - gifsicle - git - - gitleaks - - gitui - git-delta - glances - gnu-indent - gnu-sed - gnu-tar - gmp - - go - gping - grep - grpc - grex - - hadolint - harfbuzz - hashicorp/tap/packer - helix - - helm - hyperfine - imagemagick - incus - jaq - jesseduffield/lazydocker/lazydocker - jq - - kubernetes-cli - launchctl-completion - libtool - llvm @@ -171,19 +152,16 @@ homebrew: - libpq - links - lua - - lua-language-server - luajit - luarocks + - lua-language-server - lynx - make - man2html - markdown-toc - - markdownlint-cli2 - markdown-oxide - marksman - mas - - maven - - maven-completion - mise - ncdu - neovim @@ -193,16 +171,13 @@ homebrew: - open-completion - ossp-uuid - openssl@3 - - oven-sh/bun/bun - pandoc - pkgconf - - pnpm - poppler - prettier - pre-commit - procs - proctools - - python@3.13 - pyright - rails-completion - rake-completion @@ -213,7 +188,6 @@ homebrew: - ripgrep - rlwrap - readline - - rustup - rust-analyzer - ruby-completion - sesh @@ -222,7 +196,6 @@ homebrew: - sdl2 - sk - starship - - stylua - tealdeer - tflint - thefuck @@ -239,10 +212,10 @@ homebrew: - usage - wget - xz - - yaml-language-server - yamlfix - yamlfmt - yamllint + - yaml-language-server - yazi - yq - zls diff --git a/.chezmoidata/mise.yaml b/.chezmoidata/mise.yaml index 411a5693..0cad62db 100644 --- a/.chezmoidata/mise.yaml +++ b/.chezmoidata/mise.yaml @@ -1,5 +1,34 @@ mise: tools: + - name: act + version: latest + - name: bottom + version: latest + - name: erlang + version: latest + - name: elixir + version: latest + # Removed elixir-ls as it's better managed through Mason + - name: delta + version: latest + - name: eza + version: latest + - name: fastfetch + version: latest + - name: fzf + version: latest + - name: fd + version: latest + - name: github-cli + version: latest + - name: gitleaks + version: latest + - name: gitui + version: latest + - name: gitsign + version: latest + - name: github-markdown-toc + version: latest - name: node version: 22 - name: ruby @@ -8,9 +37,50 @@ mise: version: 3.12 - name: go version: 1 + - name: golangci-lint + version: latest + - name: golangci-lint-langserver + version: latest - name: uv version: latest - name: ruff version: latest - name: zig version: latest + # Development Languages & Runtimes + - name: rust + version: nightly + - name: deno + version: latest + - name: bun + version: latest + - name: lua + version: latest + # Package Managers + - name: pnpm + version: latest + - name: yarn + version: latest + - name: poetry + version: latest + - name: pipx + version: latest + # Development Tools + - name: cargo-binstall + version: latest + - name: stylua + version: latest + - name: terraform + version: latest + - name: kubectl + version: latest + - name: helm + version: latest + - name: gradle + version: latest + - name: cmake + version: latest + - name: shellcheck + version: latest + - name: hadolint + version: latest diff --git a/dot_config/btop/run_onchange_after_themes.nu b/dot_config/btop/run_onchange_after_themes.nu deleted file mode 100644 index 1dc02ebb..00000000 --- a/dot_config/btop/run_onchange_after_themes.nu +++ /dev/null @@ -1,5 +0,0 @@ -#!/usr/bin/env nu - -print "🟠 Rebuilding bat themes..." -bat cache --build | save --append /dev/null -print "🔵 Rebuilt bat themes." diff --git a/dot_config/mise/config.toml.tmpl b/dot_config/mise/config.toml.tmpl index ec2f2f35..b04f63a8 100644 --- a/dot_config/mise/config.toml.tmpl +++ b/dot_config/mise/config.toml.tmpl @@ -6,7 +6,7 @@ {{- end }} [settings] -jobs = 4 # number of plugins or runtimes to install in parallel. The default is `4`. +jobs = {{ sub (output "sysctl" "-n" "hw.ncpu" | trim | atoi) 2 }} # number of plugins or runtimes to install in parallel always_keep_download = false # deleted after install by default http_timeout = "30s" # set the timeout for http requests as duration string, see `MISE_HTTP_TIMEOUT` diff --git a/dot_config/mise/run_onchange_after_config-toml.nu.tmpl b/dot_config/mise/run_onchange_after_config-toml.nu.tmpl index e06e0060..fda4df19 100644 --- a/dot_config/mise/run_onchange_after_config-toml.nu.tmpl +++ b/dot_config/mise/run_onchange_after_config-toml.nu.tmpl @@ -5,6 +5,9 @@ # mise.toml hash: {{ include "dot_config/mise/config.toml.tmpl" | sha256sum }} print "🟠 Installing mise dependencies..." -mise -q install +mise install print "🔵 Installed mise dependencies." +print "🟠 Rebuilding bat themes..." +bat cache --build | save --append /dev/null +print "🔵 Rebuilt bat themes."