Release v1.0

.gitattributes

@@ -0,0 +1,3 @@
+* text=auto
+*.py text eol=lf
+*.sh text eol=lf

.github/CODEOWNERS

@@ -1,32 +1,58 @@
-/augur/cli/ @sgoggins
-/augur/metrics/ @sgoggins @sgoggins
-/augur/housekeeper/ @sgoggins
-/augur/server.py @sgoggins @sgoggins
-/augur/application.py @sgoggins @sgoggins @sgoggins
-/augur/routes/ @sgoggins @sgoggins @sgoggins
-
-/frontend/ @sgoggins @sgoggins
-
-/schema/ @sgoggins @sgoggins
-
-/schema/generate @sgoggins 
-
-/workers/ @sgoggins @sgoggins @sgoggins
-
-/README.md @sgoggins @sgoggins
-/CONTRIBUTING.md @sgoggins @sgoggins
-/LICENSE @sgoggins @sgoggins
-/CODE_OF_CONDUCT.md @sgoggins @sgoggins
-
-/tests/ @sgoggins
-/util/docker @sgoggins
-/scripts/ @sgoggins
-/docs/ @sgoggins
-/.dockerignore @sgoggins
-/.travis.yml @sgoggins
-*compose.yml @sgoggins
-/readthedocs.yml @sgoggins
-/Makefile @sgoggins
-/tox.ini @sgoggins
-*requirements.txt @sgoggins
-/setup.py @sgoggins @sgoggins
+# API
+/collectoss/api/ @MoralCode
+
+/collectoss/api/view @MoralCode @Ulincsys 
+/collectoss/api/routes/user.py @MoralCode @Ulincsys 
+
+# CLI
+/collectoss/cli/ @MoralCode
+
+# Frontend
+/collectoss/templates/ @MoralCode
+
+# Schema
+/collectoss/application/db/ @MoralCode
+/collectoss/application/schema/ @MoralCode
+
+# Workers
+/collectoss/tasks @MoralCode
+
+# Repo and Community Infrastructure
+/README.md @MoralCode
+/CONTRIBUTING.md @MoralCode
+/CREDITS.md @MoralCode
+/MAINTAINERS.md @MoralCode
+SECURITY.md @MoralCode
+.github/ @MoralCode 
+pyproject.toml @MoralCode
+
+# Testing
+/tests/ @MoralCode
+/scripts/ci @MoralCode
+
+# Keyman
+/keyman @MoralCode @Ulincsys
+/tests/test_key_manager @MoralCode @Ulincsys
+
+# Docs
+/docs/ @MoralCode
+/readthedocs.yml @MoralCode
+
+# Install - Manual
+/Makefile @MoralCode
+/scripts/control @MoralCode
+/scripts/install @MoralCode
+/scripts/mat_view_explore @MoralCode
+
+# Install - Containers
+/docker @MoralCode
+/scripts/docker @MoralCode
+
+/.dockerignore @MoralCode
+*compose.yml @MoralCode
+
+# Misc
+/collectoss/metrics/ @MoralCode
+/collectoss/server.py @MoralCode
+/collectoss/application.py @MoralCode
+/collectoss/application/config.py @MoralCode

.github/ISSUE_TEMPLATE/bug_report.md

@@ -20,9 +20,9 @@ A clear and concise description of what you expected to happen.
 If applicable, add screenshots to help explain your problem. If your bug is related to the UI, you **must** include screenshots.
 
 **Log files**
-Attach the relevant log files here. Server and installation logs can be found in the `logs/` directory in the root `augur/` directory, and the logs for each worker are stored in their respective directories. If the logs are pretty long (> 50ish lines or just use your best judgement) please use a Gist or a [pastebin](https://pastebin.com/). **These logs file are required if you would like help solving your issue.**
+Attach the relevant log files here. Logs are most commonly found using docker's native logging. If the logs are pretty long (> 50ish lines or just use your best judgement) please use a Gist or a [pastebin](https://pastebin.com/). **Including logs helps us help you substantially faster.**
 
 **Software versions:**
- - Augur: (you can use `pip show augur` to find your version)
+ - CollectOSS: (which release version or git hash are you running CollectOSS from?)
  - OS: (`sw_vers` for macOS, `lsb_release -a` on Linux)
  - Browser: (if applicable)

.github/SECURITY_ADVISORY_TEMPLATE.md

@@ -0,0 +1,20 @@
+### Description
+Provide a clear and concise description of the vulnerability.
+
+### Impact
+What kind of damage could this cause? (e.g., unauthorized data access, service disruption).
+
+### Reproduction Steps
+Please provide a proof-of-concept or clear, step-by-step instructions to reproduce the issue.
+
+### Affected Versions
+Which versions of CollectOSS are confirmed to be affected?
+
+### AI Disclosure
+**Did you use Artificial Intelligence (AI) tools to identify or document this vulnerability?**
+- [ ] Yes
+- [ ] No
+*If yes, please specify which tool was used and which parts of the report were generated or assisted by AI.*
+
+### Suggested Fix
+If you have a proposed fix or patch, please describe it here.

.github/profile/README.md

@@ -1,8 +0,0 @@
-# Welcome!
-![Augur Landing](chaosscon.jpg)
-
-Augur is part of the CHAOSS Community, and focuses on the accurate, verifiable collection of open source software health and sustainability data. 
-
-**Through May 18, 2022, Augur will not be issuing new releases. This freeze is due to a highly distributed documentation update effort, and we don't want to have to resolve any more merge conflicts than are necessary**
-
-Great things are coming! Stay Tuned!

.github/pull_request_template.md

@@ -16,5 +16,5 @@ Contributing Conventions:
 2. Build and test your changes before submitting a PR. 
 3. Sign your commits
 
-By following the community's [contribution conventions](https://github.com/chaoss/augur/blob/main/CONTRIBUTING.md) upfront, the review process will be accelerated and your PR merged more quickly.
+By following the community's [contribution conventions](https://github.com/chaoss/collectoss/blob/main/CONTRIBUTING.md) upfront, the review process will be accelerated and your PR merged more quickly.
 -->

.github/release-drafter.yml

@@ -1,4 +1,4 @@
 template: |
-  ## What’s Changed
+  ## What's Changed
 
   $CHANGES

.github/workflows/bandit.yml

@@ -0,0 +1,51 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# Bandit is a security linter designed to find common security issues in Python code.
+# This action will run Bandit on your codebase.
+# The results of the scan will be found under the Security tab of your repository.
+
+# https://github.com/marketplace/actions/bandit-scan is ISC licensed, by abirismyname
+# https://pypi.org/project/bandit/ is Apache v2.0 licensed, by PyCQA
+
+name: Bandit
+on:
+  push:
+    branches: [ "main", "release" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "main" ]
+  schedule:
+    - cron: '24 2 * * 2'
+
+jobs:
+  bandit:
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Bandit Scan
+        uses: shundor/python-bandit-scan@ab1d87dfccc5a0ffab88be3aaac6ffe35c10d6cd
+        with: # optional arguments
+          # exit with 0, even with results found
+          exit_zero: true # optional, default is DEFAULT
+          # Github token of the repository (automatically created by Github)
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information.
+          # File or directory to run bandit on
+          # path: # optional, default is .
+          # Report only issues of a given severity level or higher. Can be LOW, MEDIUM or HIGH. Default is UNDEFINED (everything)
+          # level: # optional, default is UNDEFINED
+          # Report only issues of a given confidence level or higher. Can be LOW, MEDIUM or HIGH. Default is UNDEFINED (everything)
+          # confidence: # optional, default is UNDEFINED
+          # comma-separated list of paths (glob patterns supported) to exclude from scan (note that these are in addition to the excluded paths provided in the config file) (default: .svn,CVS,.bzr,.hg,.git,__pycache__,.tox,.eggs,*.egg)
+          excluded_paths: tests
+          # comma-separated list of test IDs to skip
+          # skips: # optional, default is DEFAULT
+          # path to a .bandit file that supplies command line arguments
+          # ini_path: # optional, default is DEFAULT
+