hyperpolymath · hyperpolymath · Mar 3, 2026 · Mar 3, 2026
@@ -0,0 +1,5 @@
+# SPDX-License-Identifier: PMPL-1.0-or-later
+# https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners
+
+# All files in the repository
+* @hyperpolymath
@@ -0,0 +1,29 @@
+# OpenSSF Best Practices (CII) Adherence
+
+This document tracks the project's adherence to the [OpenSSF Best Practices Badge](https://best-practices.coreinfrastructure.org/) criteria.
+
+## Summary
+The Amethe project is committed to following open-source security and quality best practices.
+
+## Change Control
+- **Public Repository**: All source code is hosted on GitHub and is public.
+- **Version Control**: We use Git for version control.
+- **Unique Versioning**: All releases use unique version identifiers (SemVer).
+
+## Reporting
+- **Bug Reporting Process**: Documented in `CONTRIBUTING.md`.
+- **Vulnerability Reporting**: A clear `SECURITY.md` file defines the private reporting process.
+
+## Quality
+- **Automated Builds**: We use GitHub Actions for automated builds and CI.
+- **Testing**: Automated test suites are integrated into the CI pipeline via `Justfile`.
+- **New Features**: New functionality is required to have associated tests.
+
+## Security
+- **Secure Development**: We use automated security scanners (CodeQL, Trufflehog).
+- **Dependency Pinning**: GitHub Actions and critical dependencies are pinned to specific versions/SHAs.
+- **No Hardcoded Secrets**: Scanned via `trufflehog` and `gitleaks`.
+
+## Best Practices
+- **SPDX Headers**: We use SPDX license identifiers in all source files.
+- **Code Review**: All changes require a pull request and code review before merging to `main`.
@@ -0,0 +1,9 @@
+# Security Acknowledgments
+
+We would like to thank the following researchers for their contributions to keeping Amethe safe.
+
+## 2026
+- Currently no entries.
+
+## 2025
+- Currently no entries.
@@ -13,7 +13,7 @@ set dotenv-load := true
 set positional-arguments := true
 
 # Project metadata - CUSTOMIZE THESE
-project := "RSR-template-repo"
+project := "amethe"
 version := "0.1.0"
 tier := "infrastructure"  # 1 | 2 | infrastructure
 
@@ -56,6 +56,10 @@ build *args:
     set -euo pipefail
     echo "Building {{project}}..."
     built=false
+    if [ -f "ffi/zig/build.zig" ]; then
+        (cd ffi/zig && zig build $@)
+        built=true
+    fi
     if [ -f "Cargo.toml" ]; then
         cargo build $@
         built=true
@@ -137,9 +141,14 @@ clean-all: clean
 test *args:
     #!/usr/bin/env bash
     set -euo pipefail
-    echo "Running tests..."
+    echo "Testing {{project}}..."
     tested=false
+    if [ -f "ffi/zig/build.zig" ]; then
+        (cd ffi/zig && zig build test $@)
+        tested=true
+    fi
     if [ -f "Cargo.toml" ]; then
+
         cargo test $@
         tested=true
     fi
@@ -200,6 +209,10 @@ fmt:
     set -euo pipefail
     echo "Formatting..."
     formatted=false
+    if [ -f "ffi/zig/build.zig" ]; then
+        (cd ffi/zig && zig fmt .)
+        formatted=true
+    fi
     if [ -f "Cargo.toml" ]; then
         cargo fmt
         formatted=true

@@ -0,0 +1,15 @@
+# Fuzzing for Amethe
+
+This directory contains fuzzing configurations and targets for Amethe components.
+
+## Strategy
+
+We leverage Zig's built-in testing and custom fuzzing harnesses to ensure the robustness of our FFI and core logic.
+
+## Running Fuzzers
+
+Fuzzing is integrated into our quality assurance process. To run tests with fuzzing-like coverage:
+
+```bash
+just test
+```