cyberark
diff --git a/Diff for: ‎.codeclimate.yml
+167 b/Diff for: ‎.codeclimate.yml
+167
diff --git a/Diff for: ‎.github/CODEOWNERS
+15 b/Diff for: ‎.github/CODEOWNERS
+15
diff --git a/Diff for: ‎.trivyignore
+7 b/Diff for: ‎.trivyignore
+7
diff --git a/Diff for: ‎CHANGELOG.md
+14 b/Diff for: ‎CHANGELOG.md
+14
diff --git a/Diff for: ‎CONTRIBUTING.md
+40 b/Diff for: ‎CONTRIBUTING.md
+40
@@ -0,0 +1,167 @@
+# This is our default .CodeClimate.yml, broken out by language. Uncomment the
+# sections at the bottom that apply to your project. ACTION comments indicate
+# places where config might need to be tweaked.
+
+version: "2"
+
+plugins:
+
+# ---------------
+# Cross-language plugins. Should always be on.
+
+  duplication: # Looks for similar and identical code blocks
+    enabled: true
+    config:
+      languages:
+        go:
+        java:
+        javascript:
+        php:
+        python:
+          python_version: 3  # ACTION Comment this out if using Python 2
+        ruby:
+        swift:
+        typescript:
+
+  fixme: # Flags any FIXME, TODO, BUG, XXX, HACK comments so they can be fixed
+    enabled: true
+    issue_override:
+      severity: info # Don't fail PRs for FIXME tags, but still flag them
+    config:
+      strings:
+      - FIXME
+      - TODO
+      - HACK
+      - XXX
+      - BUG
+
+# ---------------
+# Commonly-used languages - run time is minimal and all of these will work
+# whether files of that language are found or not. In general, leave uncommented
+
+  # Markdown
+  markdownlint:
+    enabled: true
+    issue_override:
+      severity: info # Should be redundant as CC says markdownlint defaults to
+                     # info already, but including it here to remind us it's so
+
+  # Go
+  gofmt:
+    enabled: true
+  golint:
+    enabled: true
+  govet:
+    enabled: true
+
+  # Ruby
+  flog:
+    enabled: true
+  reek:
+    enabled: true
+  rubocop:
+    enabled: true
+    channel: rubocop-0-79 # As of March 10, 2020, rubocop 0.80.1 is the latest
+                          # However, it does not work with CodeClimate - throws
+                          # an Invalid JSON error.
+  # ACTION uncomment bundler-audit below if using Gemfile/Gemfile.lock
+  # ACTION uncomment brakeman below if using Rails
+
+  # Shell scripts
+  shellcheck:
+   enabled: true
+
+# ---------------
+# Other languages - will work with or without language files present. Again,
+# runtime is minimal, so OK to leave uncommented.
+
+  # CoffeeScript
+  coffeelint:
+    enabled: true
+
+  # CSS
+  csslint:
+    enabled: true
+
+  # Groovy
+  codenarc:
+    enabled: true
+
+  # Java
+  pmd:
+    enabled: true
+  sonar-java:
+    enabled: true
+    config:
+      sonar.java.source: "7" # ACTION set this to the major version of Java used
+  # ACTION uncomment checkstyle below if Java code exists in repo
+
+  # Node.js
+  nodesecurity:
+    enabled: true
+  # ACTION uncomment eslint below if JavaScript already exists and .eslintrc
+  # file exists in repo
+
+  # PHP
+  phan:
+    enabled: true
+    config:
+      file_extensions: "php"
+  phpcodesniffer:
+    enabled: true
+    config:
+      file_extensions: "php,inc,lib"
+      # Using Wordpress standards as our one PHP repo is a Wordpress theme
+      standards: "PSR1,PSR2,WordPress,WordPress-Core,WordPress-Extra"
+  phpmd:
+    enabled: true
+    config:
+      file_extensions: "php,inc,lib"
+      rulesets: "cleancode,codesize,controversial,naming,unusedcode"
+  sonar-php:
+    enabled: true
+
+  # Python
+  bandit:
+    enabled: true
+  pep8:
+    enabled: true
+  radon:
+    enabled: true
+    # config:
+    #   python_version: 2 # ACTION Uncomment these 2 lines if using Python 2
+  sonar-python:
+    enabled: true
+
+# ---------------
+# Configuration Required Language specific - these will error and abort the
+# codeclimate run if they are turned on and certain files or configuration are
+# missing. Should be commented out unless the project already includes the
+# necessary files that the linter looks at
+
+  # Ruby - requires presence of Gemfile and Gemfile.lock
+  # bundler-audit:
+  #   enabled: true
+
+  # Rails - requires detecting a Rails application
+  # brakeman:
+  #   enabled: true
+
+  # Chef - requires detecting a cookbook
+  # foodcritic:
+  #   enabled: true
+
+  # Java - might require Java code? Errored when run without
+  # checkstyle:
+  #   enabled: true
+
+  # JavaScript - requires an eslintrc to be created and added to project
+  # eslint:
+  #   enabled: true
+  #   channel: "eslint-6"
+
+# ---------------
+# List any files/folders to exclude from checking. Wildcards accepted. Leave
+# commented if no files to exclude as an empty array will error
+exclude_patterns:
+  - ".gitignore"
@@ -0,0 +1,15 @@
+# In all these entries, it's OK to leave all 3 groups listed regardless of which
+# org the new repo will be in. GitHub automatically applies the correct version.
+
+# Uncomment the appropriate team line to automatically tag the owning team on PRs
+# * @cyberark/community-and-integrations-team @conjurinc/community-and-integrations-team @conjurdemos/community-and-integrations-team
+# * @cyberark/conjur-core-team @conjurinc/conjur-core-team @conjurdemos/conjur-core-team
+
+# Changes to .trivyignore require Security Architect approval
+.trivyignore @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects
+
+# Changes to SECURITY.md require Security Architect approval
+SECURITY.md @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects
+
+# Changes to .codeclimate.yml require Quality Architect approval
+.codeclimate.yml @cyberark/quality-architects @conjurinc/quality-architects @conjurdemos/quality-architects
@@ -0,0 +1,7 @@
+# CVES can be listed here to prevent trivy from flagging issues
+# to which we are not vulnerable. Changes to this file
+# require Security Architect/Champion approval.
+
+# Format is a CVE identifier number alone on an uncommented line.
+# Put comments just above the CVE identifier explaining why we are 
+# not vulnerable. 
@@ -0,0 +1,14 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
+and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+### Added
+### Changed
+### Deprecated
+### Removed
+### Fixed
+### Security
@@ -0,0 +1,40 @@
+# Contributing
+
+[Are you accepting contributions at this time? If not, please state that here.
+No need to include content from the rest of this document.]
+
+For general contribution and community guidelines, please see the [community repo](https://github.com/cyberark/community).
+
+## Table of Contents
+
+- [Development](#development)
+- [Testing](#testing)
+- [Releases](#releases)
+- [Contributing](#contributing-workflow)
+
+## Development
+
+TODO:
+[What development tools are required to start working on this project?]
+
+## Testing
+
+TODO:
+[Instructions for running the test suite]
+
+## Releases
+
+TODO:
+[Instructions for creating a new release]
+
+## Contributing workflow
+
+1. [Fork the project](https://help.github.com/en/github/getting-started-with-github/fork-a-repo)
+2. [Clone your fork](https://help.github.com/en/github/creating-cloning-and-archiving-repositories/cloning-a-repository)
+3. Make local changes to your fork by editing files
+3. [Commit your changes](https://help.github.com/en/github/managing-files-in-a-repository/adding-a-file-to-a-repository-using-the-command-line)
+4. [Push your local changes to the remote server](https://help.github.com/en/github/using-git/pushing-commits-to-a-remote-repository)
+5. [Create new Pull Request](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork)
+
+From here your pull request will be reviewed and once you've responded to all
+feedback it will be merged into the project. Congratulations, you're a contributor!