Update structure

Author: SegoCode

.github/FUNDING.yml

@@ -1,4 +1,4 @@
-github: [SegoCode]
+github: [{username}]
 community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
 issuehunt: # Replace with a single IssueHunt username
 ko_fi: # Replace with a single ko_fi username

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -57,7 +57,7 @@ body:
     attributes:
       label: Confirmation 
       options:
-        - label: I performed a [search of the issue tracker](https://github.com/SegoCode/webdl/issues) to avoid opening a duplicate issue
+        - label: I performed a [search of the issue tracker](https://github.com/{username}/{reponame}/issues) to avoid opening a duplicate issue
           required: true
         - label: I understand that not filling out this template correctly may lead to the issue being closed
           required: true

.github/ISSUE_TEMPLATE/config.yml

@@ -1,5 +1,5 @@
 blank_issues_enabled: false
 contact_links:
   - name: Contact the developer
-    url: https://SegoCode.github.io/SegoCode/
+    url: https://{username}.github.io/{username}/
     about: To discuss any type of related topic

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -34,7 +34,7 @@ body:
     attributes:
       label: Confirmation
       options:
-        - label: I performed a [search of the feature requests](https://github.com/SegoCode/webdl/issues) to avoid suggesting a duplicate feature
+        - label: I performed a [search of the feature requests](https://github.com/{username}/{reponame}/issues) to avoid suggesting a duplicate feature
           required: true
         - label: I understand that not filling out this template correctly may lead to the request being closed
           required: true

.github/SECURITY.md

@@ -1 +1 @@
-If you discover a vulnerability in this application, that poses a significant threat to the security of the users, we recommend that you do not open a public issue. Instead, please send your report via [email](https://SegoCode.github.io/SegoCode/). Include as much detailed information as possible to help understand the nature of the vulnerability.
+If you discover a vulnerability in this application, that poses a significant threat to the security of the users, we recommend that you do not open a public issue. Instead, please send your report via [email](https://{username}.github.io/{username}/). Include as much detailed information as possible to help understand the nature of the vulnerability.

.github/workflows/do-not-merge.yml

@@ -5,7 +5,7 @@ on:
     types: [opened, edited, labeled, unlabeled, synchronize, ready_for_review]
 
 jobs:
-  check_wip:
+  checks:
     runs-on: ubuntu-latest
     steps:
       - name: Check if PR is ready to be merged
@@ -24,3 +24,41 @@ jobs:
             } else {
               console.log('The Pull Request is ready to be merged.');
             }
+      
+      - name: Check if PR is from develop to main
+        uses: actions/github-script@v6
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const pr = context.payload.pull_request;
+            const baseBranch = pr.base.ref;
+            const headBranch = pr.head.ref;
+            
+            if (headBranch === 'develop' && baseBranch === 'main') {
+              const repoFullName = context.payload.repository.full_name;
+              const syncWorkflowLink = `https://github.com/${repoFullName}/actions/workflows/sync-from-develop-to-main.yml`;
+              
+              const message = `
+              ## ⚠️ Direct PR from develop to main detected
+              
+              This pull request is merging changes directly from \`develop\` to \`main\`.
+              
+              ### Important Note
+              Please consider using our [sync workflow](${syncWorkflowLink}) instead of this direct PR.
+              
+              **If you don't use the sync workflow:**
+              - This PR will not trigger a release
+              - You'll need to manually handle release processes
+              `;
+              
+              await github.rest.issues.createComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: pr.number,
+                body: message
+              });
+              
+              console.log('Added comment to PR from develop to main');
+            } else {
+              console.log('PR is not from develop to main, no action needed');
+            }

.github/workflows/generate-tag.yml

@@ -10,7 +10,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Fetch all history for tag retrieval
 
       - name: Set up git
         run: |
@@ -66,7 +68,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Fetch all history for tag retrieval
 
       - name: Set up git
         run: |

.github/workflows/gitleaks.yml

@@ -1,15 +1,67 @@
 name: Gitleaks
-on: [pull_request, workflow_dispatch]
+on:
+  pull_request:
+  workflow_dispatch:
+  schedule:
+    # Run at 00:00 UTC on the first day of each month
+    - cron: '0 0 1 * *'
+
 jobs:
   scan:
-    name: gitleaks
+    name: Gitleaks Scan
     runs-on: ubuntu-latest
+    # Only run scheduled jobs on main branch
+    if: github.event_name != 'schedule' || github.ref == 'refs/heads/main'
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
+      
       - name: Run Gitleaks
+        id: gitleaks
         uses: gitleaks/gitleaks-action@v2
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        continue-on-error: true
+      
+      - name: Create issue if leaks found
+        if: steps.gitleaks.outcome == 'failure' && (github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch')
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          echo "Creating detailed security issue report..."
+          
+          # Get current timestamp
+          TIMESTAMP=$(date -u +"%Y-%m-%d %H:%M:%S UTC")
+          
+          # Create an enriched issue body
+          ISSUE_BODY="## 🚨 Security Alert: Potential Secrets Detected
+
+          **Detection Time:** ${TIMESTAMP}
+          **Branch:** ${GITHUB_REF#refs/heads/}
+          **Triggered by:** ${{ github.event_name == 'workflow_dispatch' && 'Manual workflow run' || (github.event_name == 'schedule' && 'Monthly scheduled scan' || 'Automated scan') }}
+          **Detected by:** Gitleaks Security Scanner
+          
+          ### Details
+          Gitleaks has detected one or more potential secrets or credentials in the codebase.
+          
+          ### Impact
+          Exposed secrets can lead to unauthorized access, data breaches, or account compromise.
+          
+          ### Next Steps
+          1. Review the workflow logs for specific details about the detected secrets: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+          2. Revoke any exposed credentials immediately
+          3. Remove the secrets from the codebase
+          4. Consider using GitHub Secrets or environment variables instead
+          
+          ### Contact
+          Please reach out to the security team for assistance if needed.
+          
+          ---
+          *This issue was automatically generated by the Gitleaks security scanning workflow.*"
+          
+          gh issue create \
+            --repo ${{ github.repository }} \
+            --title "Security Alert: Potential secrets detected in ${{ github.event_name == 'pull_request' && format('PR #{0}', github.event.pull_request.number) || 'main branch' }}" \
+            --body "${ISSUE_BODY}"

.github/workflows/initializer.yml

@@ -0,0 +1,95 @@
+name: Initialize repository
+
+on:
+  workflow_dispatch:
+
+jobs:
+  initialize_repo:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          ref: main
+          fetch-depth: 0
+
+      - name: Setup git
+        run: |
+          git config --global user.name "github-actions"
+          git config --global user.email "[email protected]"
+
+      - name: Install GitHub CLI
+        run: |
+          sudo apt-get update
+          sudo apt-get install gh -y
+
+      - name: Extract repository and username
+        id: extract
+        run: |
+          REPO_NAME="${{ github.repository }}"
+          USERNAME=$(echo $REPO_NAME | cut -d'/' -f1)
+          REPO_NAME_ONLY=$(echo $REPO_NAME | cut -d'/' -f2)
+          echo "username=$USERNAME" >> $GITHUB_OUTPUT
+          echo "reponame=$REPO_NAME_ONLY" >> $GITHUB_OUTPUT
+
+      - name: Set branch name
+        id: vars
+        run: echo "branch=initialize-repo-$(date +%Y%m%d%H%M%S)" >> $GITHUB_OUTPUT
+
+      - name: Create develop branch if it doesn't exist
+        run: |
+          # Check if develop branch exists
+          if ! git ls-remote --heads origin develop | grep develop; then
+            echo "Creating develop branch from main..."
+            git checkout -b develop
+            git push -u origin develop
+            git checkout main  # Return to main branch for the rest of the workflow
+          else
+            echo "Develop branch already exists."
+          fi
+
+      - name: Replace {reponame} and {username} with actual values in non-workflow files
+        run: |
+          REPO_NAME_ONLY="${{ steps.extract.outputs.reponame }}"
+          USERNAME="${{ steps.extract.outputs.username }}"
+          REPO_NAME_ESCAPED=$(echo $REPO_NAME_ONLY | sed 's/\//\\\//g')
+          USERNAME_ESCAPED=$(echo $USERNAME | sed 's/\//\\\//g')
+          
+          # Modify all files except workflow files
+          find . -type f -not -path "./.git/*" -not -path "./.github/workflows/*" -exec sed -i "s/{reponame}/$REPO_NAME_ESCAPED/g" {} \;
+          find . -type f -not -path "./.git/*" -not -path "./.github/workflows/*" -exec sed -i "s/{username}/$USERNAME_ESCAPED/g" {} \;
+
+      - name: Remove initializer workflow
+        run: |
+          rm -f .github/workflows/initializer.yml
+
+      - name: Commit changes
+        run: |
+          BRANCH_NAME="${{ steps.vars.outputs.branch }}"
+          git checkout -b $BRANCH_NAME
+          
+          # Exclude workflow files to avoid permission errors
+          git add --all -- ':!.github/workflows'
+          
+          # Explicitly add the deletion of the initializer workflow
+          git add .github/workflows/initializer.yml
+          
+          git commit -m "Initialize repository with repo name ${{ steps.extract.outputs.reponame }} and username ${{ steps.extract.outputs.username }}"
+          git push origin HEAD:$BRANCH_NAME
+
+      - name: Create pull request
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          BRANCH_NAME="${{ steps.vars.outputs.branch }}"
+          PR_URL=$(gh pr create --base main --head $BRANCH_NAME --title "Initialize repository" --body "This PR initializes the repository with the actual repository name, with the actual username and removing the initializer workflow.")
+          
+          # Extract PR number from URL
+          PR_NUMBER=$(basename $PR_URL)
+          
+          # Add any desired labels to the pull request
+          # gh pr edit $PR_NUMBER --add-label "initialization"

.github/workflows/sync-from-main-to-develop.yml

@@ -8,27 +8,25 @@ on:
 jobs:
   sync_main_into_develop:
     runs-on: ubuntu-latest
+    permissions:
+      contents: write 
     steps:
       - name: Checkout develop branch
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4  
         with:
           ref: develop
-          fetch-depth: 0  # Fetch all history for all branches and tags
+          fetch-depth: 0
 
-      - name: Setup git
+      - name: Configure Git
         run: |
           git config --global user.name "github-actions"
           git config --global user.email "[email protected]"
 
       - name: Merge main into develop
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           git fetch origin main
           git merge origin/main --no-edit
-
+        
       - name: Push changes to develop
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           git push origin develop