oe-python-template 0.5.4__tar.gz → 0.5.6__tar.gz

{oe_python_template-0.5.4 → oe_python_template-0.5.6}/.copier-answers.yml

@@ -1,4 +1,4 @@
-_commit: v0.5.2-1-g5661fbb
+_commit: v0.5.5-1-g5996dbe
 _src_path: .
 author_email: helmuthva@gmail.com
 author_github_username: helmut-hoffer-von-ankershoffen

{oe_python_template-0.5.4 → oe_python_template-0.5.6}/CHANGELOG.md

@@ -1,6 +1,20 @@
 [🧠 OE Python Template](https://oe-python-template.readthedocs.io/en/latest/)
 
-## [0.5.4](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/compare/v0.5.2..0.5.4) - 2025-03-14
+## [0.5.6](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/compare/v0.5.5..0.5.6) - 2025-03-14
+
+### 📚 Documentation
+
+- SECURITY.md with links - ([4ebd8cb](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/commit/4ebd8cb78c76e3f6ffff1bbbfd19c79ad5a1385d))
+
+
+## [0.5.5](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/compare/v0.5.4..v0.5.5) - 2025-03-14
+
+### Deps
+
+- *(ruff)* Bump in template - ([a85b7b2](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/commit/a85b7b21adb9796f58f789e704cc47803c404443))
+
+
+## [0.5.4](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/compare/v0.5.2..v0.5.4) - 2025-03-14
 
 ### 📚 Documentation
 

{oe_python_template-0.5.4 → oe_python_template-0.5.6}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: oe-python-template
-Version: 0.5.4
+Version: 0.5.6
 Summary: 🧠 Copier template to scaffold Python projects compliant with best practices and modern tooling.
 Project-URL: Homepage, https://oe-python-template.readthedocs.io/en/latest/
 Project-URL: Documentation, https://oe-python-template.readthedocs.io/en/latest/
@@ -66,6 +66,8 @@ Description-Content-Type: text/markdown
 [![PyPI - Python Version](https://img.shields.io/pypi/pyversions/oe-python-template.svg?logo=python&color=204361&labelColor=1E2933)](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/noxfile.py)
 [![CI](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/actions/workflows/test-and-report.yml/badge.svg)](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/actions/workflows/test-and-report.yml)
 [![Read the Docs](https://img.shields.io/readthedocs/oe-python-template)](https://oe-python-template.readthedocs.io/en/latest/)
+[![CodeQL](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/actions/workflows/codeql.yml/badge.svg)](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/security/code-scanning)
+[![Dependabot](https://img.shields.io/badge/dependabot-active-brightgreen?style=flat-square&logo=dependabot)](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/security/dependabot)
 [![Quality Gate](https://sonarcloud.io/api/project_badges/measure?project=helmut-hoffer-von-ankershoffen_oe-python-template&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=helmut-hoffer-von-ankershoffen_oe-python-template)
 [![Security](https://sonarcloud.io/api/project_badges/measure?project=helmut-hoffer-von-ankershoffen_oe-python-template&metric=security_rating)](https://sonarcloud.io/summary/new_code?id=helmut-hoffer-von-ankershoffen_oe-python-template)
 [![Maintainability](https://sonarcloud.io/api/project_badges/measure?project=helmut-hoffer-von-ankershoffen_oe-python-template&metric=sqale_rating)](https://sonarcloud.io/summary/new_code?id=helmut-hoffer-von-ankershoffen_oe-python-template)
@@ -201,12 +203,15 @@ This project is designed with operational excellence in mind, using modern Pytho
   - [Simple Python script](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/examples/script.py)
   - [Streamlit web application](https://oe-python-template.streamlit.app/) deployed on [Streamlit Community Cloud](https://streamlit.io/cloud)
   - [Jupyter](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/examples/notebook.ipynb) and [Marimo](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/examples/notebook.py) notebook
-* [Complete reference documenation](https://oe-python-template.readthedocs.io/en/latest/reference.html) on Read the Docs
+* [Complete reference documentation](https://oe-python-template.readthedocs.io/en/latest/reference.html) on Read the Docs
 * [Transparent test coverage](https://app.codecov.io/gh/helmut-hoffer-von-ankershoffen/oe-python-template) including unit and E2E tests (reported on Codecov)
 * Matrix tested with [multiple python versions](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/noxfile.py) to ensure compatibility (powered by [Nox](https://nox.thea.codes/en/stable/))
 * Compliant with modern linting and formatting standards (powered by [Ruff](https://github.com/astral-sh/ruff))
-* Up-to-date dependencies (monitored by [Renovate](https://github.com/renovatebot/renovate))
-* [A-grade code quality](https://sonarcloud.io/summary/new_code?id=helmut-hoffer-von-ankershoffen_oe-python-template) in security, maintainability, and reliability with low technical debt and low codesmell (verified by SonarQube)
+* Up-to-date dependencies (monitored by [Renovate](https://github.com/renovatebot/renovate) and [GitHub Dependabot](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/security/dependabot))
+* [A-grade code quality](https://sonarcloud.io/summary/new_code?id=helmut-hoffer-von-ankershoffen_oe-python-template) in security, maintainability, and reliability with low technical debt and codesmell (verified by SonarQube)
+* Additional code security checks using [GitHub CodeQL](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/security/code-scanning)
+* [Security Policy](SECURITY.md)
+* [License](LICENSE) compliant with the Open Source Initiative (OSI)
 * 1-liner for installation and execution of command line interface (CLI) via [uv(x)](https://github.com/astral-sh/uv) or [Docker](https://hub.docker.com/r/helmuthva/oe-python-template/tags)
 * Setup for developing inside a [devcontainer](https://code.visualstudio.com/docs/devcontainers/containers) included (supports VSCode and GitHub Codespaces)
 

{oe_python_template-0.5.4 → oe_python_template-0.5.6}/README.md

@@ -5,6 +5,8 @@
 [![PyPI - Python Version](https://img.shields.io/pypi/pyversions/oe-python-template.svg?logo=python&color=204361&labelColor=1E2933)](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/noxfile.py)
 [![CI](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/actions/workflows/test-and-report.yml/badge.svg)](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/actions/workflows/test-and-report.yml)
 [![Read the Docs](https://img.shields.io/readthedocs/oe-python-template)](https://oe-python-template.readthedocs.io/en/latest/)
+[![CodeQL](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/actions/workflows/codeql.yml/badge.svg)](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/security/code-scanning)
+[![Dependabot](https://img.shields.io/badge/dependabot-active-brightgreen?style=flat-square&logo=dependabot)](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/security/dependabot)
 [![Quality Gate](https://sonarcloud.io/api/project_badges/measure?project=helmut-hoffer-von-ankershoffen_oe-python-template&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=helmut-hoffer-von-ankershoffen_oe-python-template)
 [![Security](https://sonarcloud.io/api/project_badges/measure?project=helmut-hoffer-von-ankershoffen_oe-python-template&metric=security_rating)](https://sonarcloud.io/summary/new_code?id=helmut-hoffer-von-ankershoffen_oe-python-template)
 [![Maintainability](https://sonarcloud.io/api/project_badges/measure?project=helmut-hoffer-von-ankershoffen_oe-python-template&metric=sqale_rating)](https://sonarcloud.io/summary/new_code?id=helmut-hoffer-von-ankershoffen_oe-python-template)
@@ -140,12 +142,15 @@ This project is designed with operational excellence in mind, using modern Pytho
   - [Simple Python script](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/examples/script.py)
   - [Streamlit web application](https://oe-python-template.streamlit.app/) deployed on [Streamlit Community Cloud](https://streamlit.io/cloud)
   - [Jupyter](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/examples/notebook.ipynb) and [Marimo](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/examples/notebook.py) notebook
-* [Complete reference documenation](https://oe-python-template.readthedocs.io/en/latest/reference.html) on Read the Docs
+* [Complete reference documentation](https://oe-python-template.readthedocs.io/en/latest/reference.html) on Read the Docs
 * [Transparent test coverage](https://app.codecov.io/gh/helmut-hoffer-von-ankershoffen/oe-python-template) including unit and E2E tests (reported on Codecov)
 * Matrix tested with [multiple python versions](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/noxfile.py) to ensure compatibility (powered by [Nox](https://nox.thea.codes/en/stable/))
 * Compliant with modern linting and formatting standards (powered by [Ruff](https://github.com/astral-sh/ruff))
-* Up-to-date dependencies (monitored by [Renovate](https://github.com/renovatebot/renovate))
-* [A-grade code quality](https://sonarcloud.io/summary/new_code?id=helmut-hoffer-von-ankershoffen_oe-python-template) in security, maintainability, and reliability with low technical debt and low codesmell (verified by SonarQube)
+* Up-to-date dependencies (monitored by [Renovate](https://github.com/renovatebot/renovate) and [GitHub Dependabot](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/security/dependabot))
+* [A-grade code quality](https://sonarcloud.io/summary/new_code?id=helmut-hoffer-von-ankershoffen_oe-python-template) in security, maintainability, and reliability with low technical debt and codesmell (verified by SonarQube)
+* Additional code security checks using [GitHub CodeQL](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/security/code-scanning)
+* [Security Policy](SECURITY.md)
+* [License](LICENSE) compliant with the Open Source Initiative (OSI)
 * 1-liner for installation and execution of command line interface (CLI) via [uv(x)](https://github.com/astral-sh/uv) or [Docker](https://hub.docker.com/r/helmuthva/oe-python-template/tags)
 * Setup for developing inside a [devcontainer](https://code.visualstudio.com/docs/devcontainers/containers) included (supports VSCode and GitHub Codespaces)
 

oe_python_template-0.5.6/RELEASE_NOTES.md

@@ -0,0 +1,8 @@
+## [0.5.6](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/compare/v0.5.5..v0.5.6) - 2025-03-14
+
+### 📚 Documentation
+
+- SECURITY.md with links - ([4ebd8cb](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/commit/4ebd8cb78c76e3f6ffff1bbbfd19c79ad5a1385d))
+
+
+

{oe_python_template-0.5.4 → oe_python_template-0.5.6}/SECURITY.md

@@ -20,23 +20,23 @@ OE Python Template employs several automated tools to continuously monitor and i
 
 ### 1. Dependency Vulnerability Scanning
 
-- **Renovate Bot**: Automatically creates pull requests to update dependencies when new versions are available, with a focus on security patches.
-- **GitHub Dependabot**: Monitors dependencies for known vulnerabilities and automatically creates pull requests to update them when security issues are found.
-- **pip-audit**: Regularly scans Python dependencies for known vulnerabilities using data from the Python Advisory Database.
+- **GitHub Dependabot**: Monitors dependencies for known vulnerabilities and automatically creates pull requests to update them when security issues are found. [Dependendabot alerts](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/security/dependabot) published.
+- **Renovate Bot**: Automatically creates pull requests to update dependencies when new versions are available, with a focus on security patches. [Dependency Dashboard](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/issues) published.
+- **pip-audit**: Regularly scans Python dependencies for known vulnerabilities using data from the Python Advisory Database. ```vulnerabilities.json``` published [per release](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/releases).
 
 ### 2. Dependency Compliance
 
-- **pip-licenses**: Exports the licenses of all dependencies to ensure compliance with licensing requirements and avoid using components with problematic licenses.
-- **cyclonedx-py**: Generates a Software Bill of Materials (SBOM) in SPDX format, listing all components and dependencies used in the project.
+- **cyclonedx-py**: Generates a Software Bill of Materials (SBOM) in SPDX format, listing all components and dependencies used in the project. ```sbom.json``` (SPDX format) published [per release](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/releases).
+- **pip-licenses**: Exports the licenses of all dependencies to ensure compliance with licensing requirements and avoid using components with problematic licenses. ```licenses.json``` and ```licenses-inverted.json``` published [per release](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/releases).
 
 ### 3. Static Code Analysis
 
-- **SonarQube**: Performs comprehensive static code analysis to detect code quality issues, security vulnerabilities, and bugs.
-- **GitHub CodeQL**: Analyzes code for common vulnerabilities and coding errors using GitHub's semantic code analysis engine.
+- **GitHub CodeQL**: Analyzes code for common vulnerabilities and coding errors using GitHub's semantic code analysis engine. [Code scanning results](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/security/code-scanning) published.
+- **SonarQube**: Performs comprehensive static code analysis to detect code quality issues, security vulnerabilities, and bugs. [Security hotspots](https://sonarcloud.io/project/security_hotspots?id=helmut-hoffer-von-ankershoffen_oe-python-template) published.
 
 ### 4. Secret Detection
-
-- **Yelp/detect-secrets**: Pre-commit hook and automated scanning to prevent accidental inclusion of secrets or sensitive information in the codebase.
+- **GitHub Secret scanning**: Automatically scans for secrets in the codebase and alerts if any are found. [Secret scanning alerts](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/security/secret-scanning) published.
+- **Yelp/detect-secrets**: Pre-commit hook and automated scanning to prevent accidental inclusion of secrets or sensitive information in commits. [Pre-Commit hook](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/.pre-commit-config.yaml) published.
 
 ## Security Best Practices
 

oe_python_template-0.5.6/VERSION

@@ -0,0 +1 @@
+0.5.6

{oe_python_template-0.5.4 → oe_python_template-0.5.6}/_readme_header.md

@@ -5,6 +5,8 @@
 [![PyPI - Python Version](https://img.shields.io/pypi/pyversions/oe-python-template.svg?logo=python&color=204361&labelColor=1E2933)](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/noxfile.py)
 [![CI](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/actions/workflows/test-and-report.yml/badge.svg)](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/actions/workflows/test-and-report.yml)
 [![Read the Docs](https://img.shields.io/readthedocs/oe-python-template)](https://oe-python-template.readthedocs.io/en/latest/)
+[![CodeQL](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/actions/workflows/codeql.yml/badge.svg)](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/security/code-scanning)
+[![Dependabot](https://img.shields.io/badge/dependabot-active-brightgreen?style=flat-square&logo=dependabot)](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/security/dependabot)
 [![Quality Gate](https://sonarcloud.io/api/project_badges/measure?project=helmut-hoffer-von-ankershoffen_oe-python-template&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=helmut-hoffer-von-ankershoffen_oe-python-template)
 [![Security](https://sonarcloud.io/api/project_badges/measure?project=helmut-hoffer-von-ankershoffen_oe-python-template&metric=security_rating)](https://sonarcloud.io/summary/new_code?id=helmut-hoffer-von-ankershoffen_oe-python-template)
 [![Maintainability](https://sonarcloud.io/api/project_badges/measure?project=helmut-hoffer-von-ankershoffen_oe-python-template&metric=sqale_rating)](https://sonarcloud.io/summary/new_code?id=helmut-hoffer-von-ankershoffen_oe-python-template)

{oe_python_template-0.5.4 → oe_python_template-0.5.6}/_readme_main.md

@@ -104,12 +104,15 @@ This project is designed with operational excellence in mind, using modern Pytho
   - [Simple Python script](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/examples/script.py)
   - [Streamlit web application](https://oe-python-template.streamlit.app/) deployed on [Streamlit Community Cloud](https://streamlit.io/cloud)
   - [Jupyter](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/examples/notebook.ipynb) and [Marimo](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/examples/notebook.py) notebook
-* [Complete reference documenation](https://oe-python-template.readthedocs.io/en/latest/reference.html) on Read the Docs
+* [Complete reference documentation](https://oe-python-template.readthedocs.io/en/latest/reference.html) on Read the Docs
 * [Transparent test coverage](https://app.codecov.io/gh/helmut-hoffer-von-ankershoffen/oe-python-template) including unit and E2E tests (reported on Codecov)
 * Matrix tested with [multiple python versions](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/blob/main/noxfile.py) to ensure compatibility (powered by [Nox](https://nox.thea.codes/en/stable/))
 * Compliant with modern linting and formatting standards (powered by [Ruff](https://github.com/astral-sh/ruff))
-* Up-to-date dependencies (monitored by [Renovate](https://github.com/renovatebot/renovate))
-* [A-grade code quality](https://sonarcloud.io/summary/new_code?id=helmut-hoffer-von-ankershoffen_oe-python-template) in security, maintainability, and reliability with low technical debt and low codesmell (verified by SonarQube)
+* Up-to-date dependencies (monitored by [Renovate](https://github.com/renovatebot/renovate) and [GitHub Dependabot](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/security/dependabot))
+* [A-grade code quality](https://sonarcloud.io/summary/new_code?id=helmut-hoffer-von-ankershoffen_oe-python-template) in security, maintainability, and reliability with low technical debt and codesmell (verified by SonarQube)
+* Additional code security checks using [GitHub CodeQL](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/security/code-scanning)
+* [Security Policy](SECURITY.md)
+* [License](LICENSE) compliant with the Open Source Initiative (OSI)
 * 1-liner for installation and execution of command line interface (CLI) via [uv(x)](https://github.com/astral-sh/uv) or [Docker](https://hub.docker.com/r/helmuthva/oe-python-template/tags)
 * Setup for developing inside a [devcontainer](https://code.visualstudio.com/docs/devcontainers/containers) included (supports VSCode and GitHub Codespaces)
 

{oe_python_template-0.5.4 → oe_python_template-0.5.6}/docs/source/conf.py

@@ -29,7 +29,7 @@ extensions = [
 project = "oe-python-template"
 author = "Helmut Hoffer von Ankershoffen"
 copyright = f" (c) 2025-{datetime.now(UTC).year}, {author}"  # noqa: A001
-version = "0.5.4"
+version = "0.5.6"
 release = version
 github_username = "helmut-hoffer-von-ankershoffen"
 github_repository = "oe-python-template"

{oe_python_template-0.5.4 → oe_python_template-0.5.6}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "oe-python-template"
-version = "0.5.4"
+version = "0.5.6"
 description = "🧠 Copier template to scaffold Python projects compliant with best practices and modern tooling."
 readme = "README.md"
 authors = [
@@ -188,7 +188,7 @@ ignore = [
 [tool.ruff.lint.extend-per-file-ignores]
 "examples/notebook.py" = [
     # we are more relaxed in notebooks, while sill applying hundreds of rules
-    "B018", # notebooks surface variable without print
+    "B018",     # notebooks surface variable without print
 ]
 
 [tool.ruff.format]
@@ -197,7 +197,7 @@ docstring-code-format = true
 [tool.ruff.lint.pydocstyle]
 convention = "google"
 
-[tool.mypy] # https://mypy.readthedocs.io/en/latest/config_file.html
+[tool.mypy]  # https://mypy.readthedocs.io/en/latest/config_file.html
 junit_xml = "mypi_junit.xml"
 plugins = "pydantic.mypy"
 strict = true
@@ -210,7 +210,7 @@ show_error_codes = true
 show_error_context = true
 warn_unreachable = true
 
-[tool.pydantic-mypy] # https://docs.pydantic.dev/latest/integrations/mypy/#configuring-the-plugin
+[tool.pydantic-mypy]  # https://docs.pydantic.dev/latest/integrations/mypy/#configuring-the-plugin
 init_forbid_extra = true
 init_typed = true
 warn_required_dynamic_aliases = true
@@ -242,7 +242,7 @@ source = ["src/"]
 
 
 [tool.bumpversion]
-current_version = "0.5.4"
+current_version = "0.5.6"
 parse = "(?P<major>\\d+)\\.(?P<minor>\\d+)\\.(?P<patch>\\d+)"
 serialize = ["{major}.{minor}.{patch}"]
 search = "{current_version}"

{oe_python_template-0.5.4 → oe_python_template-0.5.6}/sonar-project.properties

@@ -1,6 +1,6 @@
 sonar.projectKey=helmut-hoffer-von-ankershoffen_oe-python-template
 sonar.organization=helmut-hoffer-von-ankershoffen
-sonar.projectVersion=0.5.4
+sonar.projectVersion=0.5.6
 sonar.projectDescription=🧠 Copier template to scaffold Python projects compliant with best practices and modern tooling.
 sonar.links.homepage=https://oe-python-template.readthedocs.io/en/latest/
 sonar.links.scm=https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template

{oe_python_template-0.5.4 → oe_python_template-0.5.6}/template/SECURITY.md.jinja

@@ -20,23 +20,23 @@ We currently provide security updates for the latest minor version.
 
 ### 1. Dependency Vulnerability Scanning
 
-- **Renovate Bot**: Automatically creates pull requests to update dependencies when new versions are available, with a focus on security patches.
-- **GitHub Dependabot**: Monitors dependencies for known vulnerabilities and automatically creates pull requests to update them when security issues are found.
-- **pip-audit**: Regularly scans Python dependencies for known vulnerabilities using data from the Python Advisory Database.
+- **GitHub Dependabot**: Monitors dependencies for known vulnerabilities and automatically creates pull requests to update them when security issues are found. [Dependendabot alerts]({{ github_repository_url_https }}/security/dependabot) published.
+- **Renovate Bot**: Automatically creates pull requests to update dependencies when new versions are available, with a focus on security patches. [Dependency Dashboard]({{ github_repository_url_https }}/issues) published.
+- **pip-audit**: Regularly scans Python dependencies for known vulnerabilities using data from the Python Advisory Database. ```vulnerabilities.json``` published [per release]({{ github_repository_url_https }}/releases).
 
 ### 2. Dependency Compliance
 
-- **pip-licenses**: Exports the licenses of all dependencies to ensure compliance with licensing requirements and avoid using components with problematic licenses.
-- **cyclonedx-py**: Generates a Software Bill of Materials (SBOM) in SPDX format, listing all components and dependencies used in the project.
+- **cyclonedx-py**: Generates a Software Bill of Materials (SBOM) in SPDX format, listing all components and dependencies used in the project. ```sbom.json``` (SPDX format) published [per release]({{ github_repository_url_https }}/releases).
+- **pip-licenses**: Exports the licenses of all dependencies to ensure compliance with licensing requirements and avoid using components with problematic licenses. ```licenses.json``` and ```licenses-inverted.json``` published [per release]({{ github_repository_url_https }}/releases).
 
 ### 3. Static Code Analysis
 
-- **SonarQube**: Performs comprehensive static code analysis to detect code quality issues, security vulnerabilities, and bugs.
-- **GitHub CodeQL**: Analyzes code for common vulnerabilities and coding errors using GitHub's semantic code analysis engine.
+- **GitHub CodeQL**: Analyzes code for common vulnerabilities and coding errors using GitHub's semantic code analysis engine. [Code scanning results]({{ github_repository_url_https }}/security/code-scanning) published.
+- **SonarQube**: Performs comprehensive static code analysis to detect code quality issues, security vulnerabilities, and bugs. [Security hotspots](https://sonarcloud.io/project/security_hotspots?id={{ sonarqube_key }}) published.
 
 ### 4. Secret Detection
-
-- **Yelp/detect-secrets**: Pre-commit hook and automated scanning to prevent accidental inclusion of secrets or sensitive information in the codebase.
+- **GitHub Secret scanning**: Automatically scans for secrets in the codebase and alerts if any are found. [Secret scanning alerts]({{ github_repository_url_https }}/security/secret-scanning) published.
+- **Yelp/detect-secrets**: Pre-commit hook and automated scanning to prevent accidental inclusion of secrets or sensitive information in commits. [Pre-Commit hook]({{ github_repository_url_https }}/blob/main/.pre-commit-config.yaml) published.
 
 ## Security Best Practices
 

{oe_python_template-0.5.4 → oe_python_template-0.5.6}/template/_readme_header.md.jinja

@@ -5,6 +5,8 @@
 [![PyPI - Python Version](https://img.shields.io/pypi/pyversions/{{ pypi_distribution_name }}.svg?logo=python&color=204361&labelColor=1E2933)]({{ github_repository_url_https }}/blob/main/noxfile.py)
 [![CI]({{ github_repository_url_https }}/actions/workflows/test-and-report.yml/badge.svg)]({{ github_repository_url_https }}/actions/workflows/test-and-report.yml)
 [![Read the Docs](https://img.shields.io/readthedocs/{{ readthedocs_project_key }})](https://{{ readthedocs_project_key }}.readthedocs.io/en/latest/)
+[![CodeQL]({{ github_repository_url_https }}/actions/workflows/codeql.yml/badge.svg)]({{ github_repository_url_https }}/security/code-scanning)
+[![Dependabot](https://img.shields.io/badge/dependabot-active-brightgreen?style=flat-square&logo=dependabot)]({{ github_repository_url_https }}/security/dependabot)
 [![Quality Gate](https://sonarcloud.io/api/project_badges/measure?project={{ sonarqube_key }}&metric=alert_status)](https://sonarcloud.io/summary/new_code?id={{ sonarqube_key }})
 [![Security](https://sonarcloud.io/api/project_badges/measure?project={{ sonarqube_key }}&metric=security_rating)](https://sonarcloud.io/summary/new_code?id={{ sonarqube_key }})
 [![Maintainability](https://sonarcloud.io/api/project_badges/measure?project={{ sonarqube_key }}&metric=sqale_rating)](https://sonarcloud.io/summary/new_code?id={{ sonarqube_key }})

{oe_python_template-0.5.4 → oe_python_template-0.5.6}/template/_readme_main.md.jinja

@@ -104,12 +104,15 @@ This project is designed with operational excellence in mind, using modern Pytho
   - [Simple Python script]({{ github_repository_url_https }}/blob/main/examples/script.py)
   - [Streamlit web application](https://{{ streamlit_project_key }}.streamlit.app/) deployed on [Streamlit Community Cloud](https://streamlit.io/cloud)
   - [Jupyter]({{ github_repository_url_https }}/blob/main/examples/notebook.ipynb) and [Marimo]({{ github_repository_url_https }}/blob/main/examples/notebook.py) notebook
-* [Complete reference documenation](https://{{ readthedocs_project_key }}.readthedocs.io/en/latest/reference.html) on Read the Docs
+* [Complete reference documentation](https://{{ readthedocs_project_key }}.readthedocs.io/en/latest/reference.html) on Read the Docs
 * [Transparent test coverage](https://app.codecov.io/gh/{{ github_repository_owner }}/{{ github_repository_name }}) including unit and E2E tests (reported on Codecov)
 * Matrix tested with [multiple python versions]({{ github_repository_url_https}}/blob/main/noxfile.py) to ensure compatibility (powered by [Nox](https://nox.thea.codes/en/stable/))
 * Compliant with modern linting and formatting standards (powered by [Ruff](https://github.com/astral-sh/ruff))
-* Up-to-date dependencies (monitored by [Renovate](https://github.com/renovatebot/renovate))
-* [A-grade code quality](https://sonarcloud.io/summary/new_code?id={{ sonarqube_key}}) in security, maintainability, and reliability with low technical debt and low codesmell (verified by SonarQube)
+* Up-to-date dependencies (monitored by [Renovate](https://github.com/renovatebot/renovate) and [GitHub Dependabot]({{ github_repository_url_https }}/security/dependabot))
+* [A-grade code quality](https://sonarcloud.io/summary/new_code?id={{ sonarqube_key}}) in security, maintainability, and reliability with low technical debt and codesmell (verified by SonarQube)
+* Additional code security checks using [GitHub CodeQL]({{ github_repository_url_https }}/security/code-scanning)
+* [Security Policy](SECURITY.md)
+* [License](LICENSE) compliant with the Open Source Initiative (OSI)
 * 1-liner for installation and execution of command line interface (CLI) via [uv(x)](https://github.com/astral-sh/uv) or [Docker](https://hub.docker.com/r/{{ docker_io_owner }}/{{ docker_io_image_name }}/tags)
 * Setup for developing inside a [devcontainer](https://code.visualstudio.com/docs/devcontainers/containers) included (supports VSCode and GitHub Codespaces)
 

{oe_python_template-0.5.4 → oe_python_template-0.5.6}/template/pyproject.toml.jinja

@@ -113,7 +113,7 @@ dev = [
     "pytest-env>=1.1.5",
     "pytest-regressions>=2.7.0",
     "pytest-xdist[psutil]>=3.6.1",
-    "ruff>=0.9.10",
+    "ruff>=0.10.0",
     "sphinx>=8.2.3",
     "sphinx-autobuild>=2024.10.3",
     "sphinx-copybutton>=0.5.2",

{oe_python_template-0.5.4 → oe_python_template-0.5.6}/uv.lock

@@ -2075,7 +2075,7 @@ wheels = [
 
 [[package]]
 name = "oe-python-template"
-version = "0.5.4"
+version = "0.5.6"
 source = { editable = "." }
 dependencies = [
     { name = "fastapi", extra = ["all", "standard"] },

oe_python_template-0.5.4/RELEASE_NOTES.md

@@ -1,12 +0,0 @@
-## [0.5.4](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/compare/v0.5.2..v0.5.4) - 2025-03-14
-
-### 📚 Documentation
-
-- *(api)* Typo - ([1d94be1](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/commit/1d94be15bf0e8a9d244d516a82f0b58d155eb5dc))
-
-### ⚙️ Miscellaneous Tasks
-
-- *(ruff)* Bump - ([8151ced](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/commit/8151ced22165ea6e682807b227258401245d8382))
-
-
-

oe_python_template-0.5.4/VERSION

@@ -1 +0,0 @@
-0.5.4