Initial commit

Author: edthedev

.github/workflows/cleanup.yml

@@ -0,0 +1,17 @@
+name: 'Close stale issues and pull requests'
+on:
+  schedule:
+  # Daily at 1:30pm
+    - cron: '30 13 * * 1-5'
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/stale@v8
+        with:
+          stale-issue-message: 'This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 14 days.'
+          stale-pr-message: 'This pull request is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 14 days.'
+          days-before-stale: 60
+          days-before-close: 14
+          exempt-issue-labels: 'bug,requested'

.github/workflows/pr_reminder.yml

@@ -0,0 +1,19 @@
+name: PRs reviews reminder
+
+on:
+  schedule:
+    # Every weekday at 8:30a CST / 14:30 UTC and 1:30p CST / 19:30 UTC
+    - cron: '30 14,19 * * 1-5'
+
+jobs:
+  pr-reviews-reminder:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: DavideViolante/pr-reviews-reminder-action@v2.7.0
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        webhook-url: ${{ secrets.TEAMS_WEBHOOK }}
+        provider: 'msteams'
+        github-provider-map: ${{ vars.MAP_USERNAMES_TEAMS }}
+      

.gitignore

@@ -0,0 +1,15 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+ 
+## Unreleased
+
+### Added
+
+### Changed
+
+### Removed

CHANGELOG.md

@@ -0,0 +1,128 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, religion, or sexual identity
+and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the
+  overall community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or
+  advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email
+  address, without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+securitysupport@illinois.edu.
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series
+of actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or
+permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior,  harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within
+the community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.0, available at
+https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+
+Community Impact Guidelines were inspired by [Mozilla's code of conduct
+enforcement ladder](https://github.com/mozilla/diversity).
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see the FAQ at
+https://www.contributor-covenant.org/faq. Translations are available at
+https://www.contributor-covenant.org/translations.

CODE_OF_CONDUCT.md

@@ -0,0 +1,35 @@
+University of Illinois/NCSA Open Source License
+
+Copyright (c) 2023 by the Board of Trustees of the University of
+Illinois. All rights reserved.
+
+Developed by Cybersecurity and Technology Services
+University of Illinois
+https://techservices.illinois.edu
+
+Permission is hereby granted, free of charge, to any person
+obtaining a copy of this software and associated documentation files
+(the "Software"), to deal with the Software without restriction,
+including without limitation the rights to use, copy, modify, merge,
+publish, distribute, sublicense, and/or sell copies of the Software,
+and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+- Redistributions of source code must retain the above copyright notice,
+  this list of conditions and the following disclaimers.
+
+- Redistributions in binary form must reproduce the above copyright
+  notice, this list of conditions and the following disclaimers in the
+  documentation and/or other materials provided with the distribution.
+
+- Neither the names of University of Illinois nor the names of its
+  contributors may be used to endorse or promote products derived from
+  this Software without specific prior written permission.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+CONTRIBUTORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS WITH
+THE SOFTWARE.

LICENSE

@@ -0,0 +1,43 @@
+## About
+
+This repository is used by Cybersecurity operations teams at the 
+University of Illinois as a GitHub template.
+
+This resource helps comply with University of Illinois
+Cybersecurity standards - including [IT-07][it07], [IT08][it08],
+and [IT13][it13].
+
+[it07]: https://go.illinois.edu/secstd-IT07
+[it08]: https://go.illinois.edu/secstd-IT08
+[it13]: https://go.illinois.edu/secstd-IT13
+
+See [Cybersecurity Development on the Illinois Knowledge Base][kbsearch]
+for information about our development standards. 
+
+[kbsearch]: https://answers.uillinois.edu/illinois/search.php?q=cybersecurity+developer&cat=0
+
+The remainder of this `README.md` contains example text.
+
+## Data Sources
+
+|Data Store|Data Type|Sensitivity|Notes|
+|----------|---------|-----------|-----|
+
+## Endpoint Connections
+
+|Endpoint|Purpose|Stage|Access|
+|--------|-------|-----|------|
+
+## Product Support
+
+This product is supported by Cybersecurity teams at the
+University of Illinois Urbana-Champaign on a best-effort basis.
+
+As of the last update to this README, the expected End-of-Life and 
+End-of-Support dates of this product are <YEAR MONTH>.
+
+End-of-Life was decided upon based on these dependencies:
+
+  - <dependency (YEAR MONTH) >
+  - <dependency (YEAR MONTH) >
+

README.md

@@ -0,0 +1,12 @@
+# Security Policy
+
+## Supported Versions
+
+Patches for this solution will only be applied to the current release.
+
+## Reporting a Bug or Vulnerability
+ 
+Vulnerabilities can be responsibly disclosed through the contact information
+found at [Cybersecurity Vulnerability Disclosure](https://go.illinois.edu/vulnerability).
+
+Bugs can be reported via repository issues.