Cookiecutter for creating open source Python packages

Related tags

Security related resourcespythonbest-practicescookiecutter-templatecruft
Overview

Wolt Python Package Cookiecutter

Cookiecutter for rapidly developing new open source Python packages. Best practices with all the modern bells and whistles included.

Demo

Example projects which use Wolt Python Package Cookiecutter

Features

Automatic updates to the projects generated from this cookiecutter

  • Powered by cruft
  • Keep your project up-to-date with best practices

Continuous integration

  • Powered by Github Actions
  • Testing against multiple different versions

Documentation

Automated releases

  • Publishing to PyPI when a release is made in GitHub

Changelog management

  • Gently enforced: Keep a Changelog
  • GitHub releases get their description automatically populated based on the changelog content
  • The Unreleased section is automatically updated when a release is done
  • Changelog is embedded in the documentation

Bells and whistles

  • Poetry for managing dependencies and packaging
  • pre-commit for running all the goodies listed below
  • mypy for static type checking
  • flake8 (with multiple plugins) for linting (e.g. style and complexity checks)
  • black for auto-formatting the code
  • isort for auto-sorting imports
  • autoflake for auto-removing unused imports

Automation

  • Updates to the best practices (via GHA workflow which runs cruft update and creates a PR)
  • Dependency updates (via GHA workflow which creates a PR)

Usage

Make sure you have cruft installed. Alternatively, you can use cookiecutter if you are not interested in getting updates to the project "boilerplate" in the future.

Create a new project:

cruft create https://github.com/woltapp/wolt-python-package-cookiecutter

The CLI interface will ask some basic questions, such the name of the project, and then generate all the goodies automatically.

After that you can make it a proper git repo:

cd <your-project-slug>
git init
git add .
git commit -m "Initial project structure from Wolt Python Package cookiecutter"

We update this cookiecutter template regularly to keep it up-to-date with the best practices of the Python world. You can get the updates into your project with:

cruft update

Configure secrets

PYPI_TOKEN

Required for publishing the package to PyPI. You can generate a token by logging into PyPI and navigating to Add API token in your account settings.

AUTO_UPDATE_GITHUB_TOKEN

This cookiecutter template comes with an auto update feature if the project was created using cruft. A GitHub action automatically checks for updates and creates a pull request.

Generate personal access token and use it as the value for AUTO_UPDATE_GITHUB_TOKEN secret. When creating the access token, the following permissions have to be granted

  • repo
  • workflow

After the first release

The first release will create gh-pages branch which will contain the static files for the documentation. Enable GitHub Pages in the Pages section of the repository settings.

Owner
Wolt
Wolt
GitHub Repository
Scans for Log4j versions effected by CVE-2021-44228

check_mkExtension to check for log4j2 CVE-2021-44228 This Plugin wraps around logpresso/CVE-2021-44228-Scanner (Apache License 2.0) How it works Run i

inett GmbH 4 Jun 30, 2022
Lazarus analysis tools and research report

Lazarus Research This repository publishes analysis reports and analysis tools for Operation Dream Job and Operation JTrack for Lazarus. Tools Python

JPCERT Coordination Center 50 Sep 13, 2022
Fast python tool to test apache path traversal CVE-2021-41773 in a List of url

CVE-2021-41773 Fast python tool to test apache path traversal CVE-2021-41773 in a List of url Usage :- create a live urls file and use the flag "-l" p

Zahir Tariq 12 Nov 09, 2022
PoC for CVE-2021-26855 -Just a checker-

CVE-2021-26855 PoC for CVE-2021-26855 -Just a checker- Usage python3 CVE-2021-26855.py -u https://mail.example.com -c example.burpcollaborator.net # C

Abdullah AlZahrani 17 Dec 22, 2022
Laravel RCE (CVE-2021-3129)

CVE-2021-3129 - Laravel RCE About The script has been made for exploiting the Laravel RCE (CVE-2021-3129) vulnerability. This script allows you to wri

Joshua van der Poll 21 Dec 27, 2022
MD5-CRACKER - A gmail brute force app created with python3

MD5-CRACKER So this is my first app i created with python3 . if you guys downloa

2 Nov 10, 2022
RedTeam-Security - In this repo you will get the information of Red Team Security related links

OSINT Passive Discovery Amass - https://github.com/OWASP/Amass (Attack Surface M

Abhinav Pathak 5 May 18, 2022
LaxrFar Python Obfuscator

LaxrFar Python Obfuscator Usage First do the things from "Upload to Webserver" o

LaxrFar 5 Jul 19, 2022
Program that mathematically generates and validates CPF numbers

✔️ Gerador e Validador de CPF Programa que gera e valida números de CPF Requisitos • Como usar • Capturas de Tela Requisitos Antes de começar, você va

João Victor Vilela dos Santos 1 Nov 07, 2021
Python & JavaScript Obfuscator made in Python 3.

Python Code Obfuscator A script that converts code into full on random numerical expressions. Simple Scripts: Python Mode... Input: Function that deco

rzx. 1 Dec 29, 2021
Scarecrow is a tool written in Python3 allowing you to protect your Python3 scripts.

🕷️ Scarecrow 🕷️ Scarecrow is a tool written in Python3 allowing you to protect your Python3 scripts. It looks for processes with specific names to v

Billy 33 Sep 28, 2022
VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read

vcenter_fileread_exploit VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read Usage python3 vCenter_fileread.py http(s)://ip Referen

Ashish Kunwar 4 Sep 23, 2022
The Devils Eye is an OSINT tool that searches the Darkweb for onion links and descriptions that match with the users query without requiring the use for Tor.

The Devil's Eye searches the darkweb for information relating to the user's query and returns the results including .onion links and their description

Richard Mwewa 135 Dec 31, 2022
Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells

About create a target list or select one target, scans then exploits, done! Vulnnr is a Vulnerability Scanner & Auto Exploiter You can use this tool t

Nano 108 Dec 04, 2021
BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.

Follow us on Twitter! BoobSnail BoobSnail allows generating XLM (Excel 4.0) macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro gen

STM Cyber 232 Nov 21, 2022
This project is all about building an amazing application that will help users manage their passwords and even generate new passwords for them

An amazing application that will help us manage our passwords and even generate new passwords for us.

1 Jan 23, 2022
USSR-Scanner - USSR Scanner with python

Purposes ? Hey there is abosolutely no need to do this we do it only to irritate

Binary.club 2 Jan 24, 2022
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.

DOME - A subdomain enumeration tool Check the Spanish Version Dome is a fast and reliable python script that makes active and/or passive scan to obtai

Vadi 329 Jan 01, 2023
CVE-2021-36798 Exp: Cobalt Strike < 4.4 Dos

A denial of service (DoS) vulnerability (CVE-2021-36798) was found in Cobalt Strike. The vulnerability was fixed in the scope of the 4.4 release. More

104 Nov 09, 2022
CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE

CVE-2022-1388 CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE. POST /mgmt/tm/util/bash HTTP/1.1 Host: Accept-Encoding: gzip, deflate Accept: */

M4rtin Hsu 81 Dec 12, 2022