oe-python-template 0.6.23__tar.gz → 0.6.25__tar.gz

{oe_python_template-0.6.23 → oe_python_template-0.6.25}/.copier-answers.yml

@@ -1,4 +1,4 @@
-_commit: v0.6.22-1-g59b0d10
+_commit: v0.6.24-1-g398f37a
 _src_path: .
 author_email: helmuthva@gmail.com
 author_github_username: helmut-hoffer-von-ankershoffen

{oe_python_template-0.6.23 → oe_python_template-0.6.25}/CHANGELOG.md

@@ -1,6 +1,20 @@
 [🧠 OE Python Template](https://oe-python-template.readthedocs.io/en/latest/)
 
-## [0.6.23](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/compare/v0.6.22..0.6.23) - 2025-03-20
+## [0.6.25](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/compare/v0.6.24..0.6.25) - 2025-03-20
+
+### 📚 Documentation
+
+- Polish - ([997cbc9](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/commit/997cbc924b03d488c41e412c7b1b5c3d51d200a4))
+
+
+## [0.6.24](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/compare/v0.6.23..v0.6.24) - 2025-03-20
+
+### 📚 Documentation
+
+- Refactor intro - ([46c9054](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/commit/46c905486d34f319b7c293c3f1fd82773bc1a8b0))
+
+
+## [0.6.23](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/compare/v0.6.22..v0.6.23) - 2025-03-20
 
 ### 📚 Documentation
 

{oe_python_template-0.6.23 → oe_python_template-0.6.25}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: oe-python-template
-Version: 0.6.23
+Version: 0.6.25
 Summary: 🧠 Copier template to scaffold Python projects compliant with best practices and modern tooling.
 Project-URL: Homepage, https://oe-python-template.readthedocs.io/en/latest/
 Project-URL: Documentation, https://oe-python-template.readthedocs.io/en/latest/
@@ -119,7 +119,7 @@ Features:
 - CI/CD pipeline can be run locally with [act](https://github.com/nektos/act)
 - Code quality and security checks with [SonarQube](https://www.sonarsource.com/products/sonarcloud) and [GitHub CodeQL](https://codeql.github.com/)
 - Dependency monitoring with [pip-audit](https://pypi.org/project/pip-audit/), [Renovate](https://github.com/renovatebot/renovate), and [GitHub Dependabot](https://docs.github.com/en/code-security/getting-started/dependabot-quickstart-guide)
-- Licenses of dependencies extracted with [pip-licenses](https://pypi.org/project/pip-licenses/) and published as release artefacts
+- Licenses of dependencies extracted with [pip-licenses](https://pypi.org/project/pip-licenses/) and published as release artifacts in CSV and JSON format for compliance checks
 - Software Bill of Materials (SBOM) generated with [cyclonedx-python](https://github.com/CycloneDX/cyclonedx-python) and published as release artifact
 - Version and release management with [bump-my-version](https://callowayproject.github.io/bump-my-version/)
 - Changelog and release notes generated with [git-cliff](https://git-cliff.org/)

{oe_python_template-0.6.23 → oe_python_template-0.6.25}/README.md

@@ -58,7 +58,7 @@ Features:
 - CI/CD pipeline can be run locally with [act](https://github.com/nektos/act)
 - Code quality and security checks with [SonarQube](https://www.sonarsource.com/products/sonarcloud) and [GitHub CodeQL](https://codeql.github.com/)
 - Dependency monitoring with [pip-audit](https://pypi.org/project/pip-audit/), [Renovate](https://github.com/renovatebot/renovate), and [GitHub Dependabot](https://docs.github.com/en/code-security/getting-started/dependabot-quickstart-guide)
-- Licenses of dependencies extracted with [pip-licenses](https://pypi.org/project/pip-licenses/) and published as release artefacts
+- Licenses of dependencies extracted with [pip-licenses](https://pypi.org/project/pip-licenses/) and published as release artifacts in CSV and JSON format for compliance checks
 - Software Bill of Materials (SBOM) generated with [cyclonedx-python](https://github.com/CycloneDX/cyclonedx-python) and published as release artifact
 - Version and release management with [bump-my-version](https://callowayproject.github.io/bump-my-version/)
 - Changelog and release notes generated with [git-cliff](https://git-cliff.org/)

oe_python_template-0.6.25/RELEASE_NOTES.md

@@ -0,0 +1,8 @@
+## [0.6.25](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/compare/v0.6.24..v0.6.25) - 2025-03-20
+
+### 📚 Documentation
+
+- Polish - ([997cbc9](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/commit/997cbc924b03d488c41e412c7b1b5c3d51d200a4))
+
+
+

oe_python_template-0.6.25/VERSION

@@ -0,0 +1 @@
+0.6.25

{oe_python_template-0.6.23 → oe_python_template-0.6.25}/docs/partials/README_main.md

@@ -16,7 +16,7 @@ Features:
 - CI/CD pipeline can be run locally with [act](https://github.com/nektos/act)
 - Code quality and security checks with [SonarQube](https://www.sonarsource.com/products/sonarcloud) and [GitHub CodeQL](https://codeql.github.com/)
 - Dependency monitoring with [pip-audit](https://pypi.org/project/pip-audit/), [Renovate](https://github.com/renovatebot/renovate), and [GitHub Dependabot](https://docs.github.com/en/code-security/getting-started/dependabot-quickstart-guide)
-- Licenses of dependencies extracted with [pip-licenses](https://pypi.org/project/pip-licenses/) and published as release artefacts
+- Licenses of dependencies extracted with [pip-licenses](https://pypi.org/project/pip-licenses/) and published as release artifacts in CSV and JSON format for compliance checks
 - Software Bill of Materials (SBOM) generated with [cyclonedx-python](https://github.com/CycloneDX/cyclonedx-python) and published as release artifact
 - Version and release management with [bump-my-version](https://callowayproject.github.io/bump-my-version/)
 - Changelog and release notes generated with [git-cliff](https://git-cliff.org/)

{oe_python_template-0.6.23 → oe_python_template-0.6.25}/docs/source/conf.py

@@ -29,7 +29,7 @@ extensions = [
 project = "oe-python-template"
 author = "Helmut Hoffer von Ankershoffen"
 copyright = f" (c) 2025-{datetime.now(UTC).year}, {author}"  # noqa: A001
-version = "0.6.23"
+version = "0.6.25"
 release = version
 github_username = "helmut-hoffer-von-ankershoffen"
 github_repository = "oe-python-template"

{oe_python_template-0.6.23 → oe_python_template-0.6.25}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "oe-python-template"
-version = "0.6.23"
+version = "0.6.25"
 description = "🧠 Copier template to scaffold Python projects compliant with best practices and modern tooling."
 readme = "README.md"
 authors = [
@@ -242,7 +242,7 @@ source = ["src/"]
 
 
 [tool.bumpversion]
-current_version = "0.6.23"
+current_version = "0.6.25"
 parse = "(?P<major>\\d+)\\.(?P<minor>\\d+)\\.(?P<patch>\\d+)"
 serialize = ["{major}.{minor}.{patch}"]
 search = "{current_version}"

{oe_python_template-0.6.23 → oe_python_template-0.6.25}/sonar-project.properties

@@ -1,6 +1,6 @@
 sonar.projectKey=helmut-hoffer-von-ankershoffen_oe-python-template
 sonar.organization=helmut-hoffer-von-ankershoffen
-sonar.projectVersion=0.6.23
+sonar.projectVersion=0.6.25
 sonar.projectDescription=🧠 Copier template to scaffold Python projects compliant with best practices and modern tooling.
 sonar.links.homepage=https://oe-python-template.readthedocs.io/en/latest/
 sonar.links.scm=https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template

{oe_python_template-0.6.23 → oe_python_template-0.6.25}/template/CONTRIBUTING.md.jinja

@@ -55,8 +55,8 @@ examples/                # Example code demonstrating use of the project
 Don't forget to configure your `.env` file with the required environment variables.
 
 Notes:
-* .env.example is provided as a template.
-* .env is excluded from version control, so feel free to add secret values.
+1. .env.example is provided as a template.
+2. .env is excluded from version control, so feel free to add secret values.
 
 ### update dependencies and create virtual environment
 
@@ -117,9 +117,8 @@ uv run nox -s act
 ```
 
 Notes:
-
-- Workflow defined in `.github/workflows/*.yml`
-- test-and-report.yml calls all build steps defined in noxfile.py
+1. Workflow defined in `.github/workflows/*.yml`
+2. test-and-report.yml calls all build steps defined in noxfile.py
 
 ### Docker
 
@@ -147,10 +146,10 @@ uv run nox -s update_from_template
 
 ## Pull Request Guidelines
 
-- Before starting to write code read the [code style guide](CODE_STYLE.md) document for mandatory coding style
-  guidelines.
-- **Pre-Commit Hooks:** We use pre-commit hooks to ensure code quality. Please install the pre-commit hooks by running `uv run pre-commit install`. This ensure all tests, linting etc. pass locally before you can commit.
-- **Squash Commits:** Before submitting a pull request, please squash your commits into a single commit.
-- **Branch Naming:** Use descriptive branch names like `feature/your-feature` or `fix/issue-number`.
-- **Testing:** Ensure new features have appropriate test coverage.
-- **Documentation:** Update documentation to reflect any changes or new features.
+1. Before starting to write code read the [code style guide](CODE_STYLE.md) document for mandatory coding style
+   guidelines.
+2. **Pre-Commit Hooks:** We use pre-commit hooks to ensure code quality. Please install the pre-commit hooks by running `uv run pre-commit install`. This ensure all tests, linting etc. pass locally before you can commit.
+3. **Squash Commits:** Before submitting a pull request, please squash your commits into a single commit.
+4. **Branch Naming:** Use descriptive branch names like `feature/your-feature` or `fix/issue-number`.
+5. **Testing:** Ensure new features have appropriate test coverage.
+6. **Documentation:** Update documentation to reflect any changes or new features.

oe_python_template-0.6.25/template/SECURITY.md.jinja

@@ -0,0 +1,59 @@
+# Security Policy
+
+## Reporting Security Issues
+
+If you discover a security vulnerability in {{ project_name }}, please [report it here]({{ github_repository_url_https }}/security/advisories/new).
+
+We take all security reports seriously. Upon receiving a security report, we will:
+1. Confirm receipt of the vulnerability report
+2. Investigate the issue
+3. Work on a fix
+4. Release a security update
+
+## Supported Versions
+
+We currently provide security updates for the latest minor version.
+
+## Automated Security Analysis
+
+{{ project_name }} employs several automated tools to continuously monitor and improve security:
+
+### 1. Dependency Vulnerability Scanning
+
+a. **GitHub Dependabot**: Monitors dependencies for known vulnerabilities and automatically creates pull requests to update them when security issues are found. [Dependendabot alerts]({{ github_repository_url_https }}/security/dependabot) published.
+b. **Renovate Bot**: Automatically creates pull requests to update dependencies when new versions are available, with a focus on security patches. [Dependency Dashboard]({{ github_repository_url_https }}/issues?q=is%3Aissue%20state%3Aopen%20Dependency%20Dashboard) published.
+c. **pip-audit**: Regularly scans Python dependencies for known vulnerabilities using data from the Python Advisory Database. `vulnerabilities.json` published [per release]({{ github_repository_url_https }}/releases).
+
+### 2. Dependency Compliance
+
+a. **cyclonedx-py**: Generates a Software Bill of Materials (SBOM) in SPDX format, listing all components and dependencies used in the project. `sbom.json` (SPDX format) published [per release]({{ github_repository_url_https }}/releases).
+b. **pip-licenses**: Exports the licenses of all dependencies to ensure compliance with licensing requirements and avoid using components with problematic licenses. `licenses.csv`, `licenses.json` and `licenses_grouped.json` published [per release]({{ github_repository_url_https }}/releases).
+
+### 3. Static Code Analysis
+
+a. **GitHub CodeQL**: Analyzes code for common vulnerabilities and coding errors using GitHub's semantic code analysis engine. [Code scanning results]({{ github_repository_url_https }}/security/code-scanning) published.
+b. **SonarQube**: Performs comprehensive static code analysis to detect code quality issues, security vulnerabilities, and bugs. [Security hotspots](https://sonarcloud.io/project/security_hotspots?id={{ sonarqube_key }}) published.
+
+### 4. Secret Detection
+a. **GitHub Secret scanning**: Automatically scans for secrets in the codebase and alerts if any are found. [Secret scanning alerts]({{ github_repository_url_https }}/security/secret-scanning) published.
+b. **Yelp/detect-secrets**: Pre-commit hook and automated scanning to prevent accidental inclusion of secrets or sensitive information in commits. [Pre-Commit hook]({{ github_repository_url_https }}/blob/main/.pre-commit-config.yaml) published.
+
+## Security Best Practices
+
+We follow these security best practices:
+1. Regular dependency updates
+2. Comprehensive test coverage
+3. Code review process for changes by external contributors
+4. Automated CI/CD pipelines including security checks
+5. Adherence to Python security best practices
+
+We promote security awareness among contributors and users:
+1. We indicate security as a priority in our
+   [code style guide](CODE_STYLE.md), to be followed by human and agentic
+   contributors as mandatory
+2. We publish our security posture in SECURITY.md (this document), encouraring
+   users to report vulnerabilities.
+
+## Security Compliance
+
+For questions about security compliance or for more details about our security practices, please contact {{ author_email }}.

{oe_python_template-0.6.23 → oe_python_template-0.6.25}/template/docs/partials/README_main.md.jinja

@@ -4,38 +4,38 @@ This [Copier](https://copier.readthedocs.io/en/stable/) template enables you to
 Projects generated from this template can be [easily updated](https://copier.readthedocs.io/en/stable/updating/) to benefit from improvements and new features of the template.
 
 Features:
-- Package management with [uv](https://github.com/astral-sh/uv)
-- Code formatting with [Ruff](https://github.com/astral-sh/ruff)
-- Linting with [Ruff](https://github.com/astral-sh/ruff)
-- Static type checking with [mypy](https://mypy.readthedocs.io/en/stable/)
-- Complete set of [pre-commit](https://pre-commit.com/) hooks including [detect-secrets](https://github.com/Yelp/detect-secrets) and [pygrep](https://github.com/pre-commit/pygrep-hooks)
-- Unit and E2E testing with [pytest](https://docs.pytest.org/en/stable/) including parallel test execution
-- Matrix testing in multiple environments with [nox](https://nox.thea.codes/en/stable/)
-- Test coverage reported with [Codecov](https://codecov.io/) and published as release artifact
-- CI/CD pipeline automated with [GitHub Actions](https://github.com/features/actions)
-- CI/CD pipeline can be run locally with [act](https://github.com/nektos/act)
-- Code quality and security checks with [SonarQube](https://www.sonarsource.com/products/sonarcloud) and [GitHub CodeQL](https://codeql.github.com/)
-- Dependency monitoring with [pip-audit](https://pypi.org/project/pip-audit/), [Renovate](https://github.com/renovatebot/renovate), and [GitHub Dependabot](https://docs.github.com/en/code-security/getting-started/dependabot-quickstart-guide)
-- Licenses of dependencies extracted with [pip-licenses](https://pypi.org/project/pip-licenses/) and published as release artefacts
-- Software Bill of Materials (SBOM) generated with [cyclonedx-python](https://github.com/CycloneDX/cyclonedx-python) and published as release artifact
-- Version and release management with [bump-my-version](https://callowayproject.github.io/bump-my-version/)
-- Changelog and release notes generated with [git-cliff](https://git-cliff.org/)
-- Documentation generated with [Sphinx](https://www.sphinx-doc.org/en/master/) including reference documentation and PDF export
-- Documentation published to [Read The Docs](https://readthedocs.org/)
-- Interactive OpenAPI specification with [Swagger](https://swagger.io/)
-- Python package published to [PyPI](https://pypi.org/)
-- Docker images published to [Docker.io](https://hub.docker.com/) and [GitHub Container Registry](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry) with [artifact attestations](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds)
-- One-click development environments with [Dev Containers](https://code.visualstudio.com/docs/devcontainers/containers) and [GitHub Codespaces](https://github.com/features/codespaces)
+1. Package management with [uv](https://github.com/astral-sh/uv)
+2. Code formatting with [Ruff](https://github.com/astral-sh/ruff)
+3. Linting with [Ruff](https://github.com/astral-sh/ruff)
+4. Static type checking with [mypy](https://mypy.readthedocs.io/en/stable/)
+5. Complete set of [pre-commit](https://pre-commit.com/) hooks including [detect-secrets](https://github.com/Yelp/detect-secrets) and [pygrep](https://github.com/pre-commit/pygrep-hooks)
+6. Unit and E2E testing with [pytest](https://docs.pytest.org/en/stable/) including parallel test execution
+7. Matrix testing in multiple environments with [nox](https://nox.thea.codes/en/stable/)
+8. Test coverage reported with [Codecov](https://codecov.io/) and published as release artifact
+9. CI/CD pipeline automated with [GitHub Actions](https://github.com/features/actions)
+10. CI/CD pipeline can be run locally with [act](https://github.com/nektos/act)
+11. Code quality and security checks with [SonarQube](https://www.sonarsource.com/products/sonarcloud) and [GitHub CodeQL](https://codeql.github.com/)
+12. Dependency monitoring with [pip-audit](https://pypi.org/project/pip-audit/), [Renovate](https://github.com/renovatebot/renovate), and [GitHub Dependabot](https://docs.github.com/en/code-security/getting-started/dependabot-quickstart-guide)
+13. Licenses of dependencies extracted with [pip-licenses](https://pypi.org/project/pip-licenses/) and published as release artifacts in CSV and JSON format for compliance checks
+14. Software Bill of Materials (SBOM) generated with [cyclonedx-python](https://github.com/CycloneDX/cyclonedx-python) and published as release artifact
+15. Version and release management with [bump-my-version](https://callowayproject.github.io/bump-my-version/)
+16. Changelog and release notes generated with [git-cliff](https://git-cliff.org/)
+17. Documentation generated with [Sphinx](https://www.sphinx-doc.org/en/master/) including reference documentation and PDF export
+18. Documentation published to [Read The Docs](https://readthedocs.org/)
+19. Interactive OpenAPI specification with [Swagger](https://swagger.io/)
+20. Python package published to [PyPI](https://pypi.org/)
+21. Docker images published to [Docker.io](https://hub.docker.com/) and [GitHub Container Registry](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry) with [artifact attestations](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds)
+22. One-click development environments with [Dev Containers](https://code.visualstudio.com/docs/devcontainers/containers) and [GitHub Codespaces](https://github.com/features/codespaces)
 
 The generated project includes code, documentation and configuration of a fully functioning demo-application and service, which can be used as a starting point for your own project.
-- Service architecture suitable for use as shared library
-- Validation with [pydantic](https://docs.pydantic.dev/)
-- Command-line interface (CLI) with [Typer](https://typer.tiangolo.com/)
-- Versioned Web API with [FastAPI](https://fastapi.tiangolo.com/)
-- [Interactive Jupyter notebook](https://jupyter.org/) and [reactive Marimo notebook](https://marimo.io/)
-- Simple Web UI with [Streamlit](https://streamlit.io/)
-- Configuration to run the CLI and API in a Docker container including setup for [Docker Compose](https://docs.docker.com/get-started/docker-concepts/the-basics/what-is-docker-compose/)
-- Documentation including badges, setup instructions, contribution guide and security policy
+1. Service architecture suitable for use as shared library
+2. Validation with [pydantic](https://docs.pydantic.dev/)
+3. Command-line interface (CLI) with [Typer](https://typer.tiangolo.com/)
+4. Versioned Web API with [FastAPI](https://fastapi.tiangolo.com/)
+5. [Interactive Jupyter notebook](https://jupyter.org/) and [reactive Marimo notebook](https://marimo.io/)
+6. Simple Web UI with [Streamlit](https://streamlit.io/)
+7. Configuration to run the CLI and API in a Docker container including setup for [Docker Compose](https://docs.docker.com/get-started/docker-concepts/the-basics/what-is-docker-compose/)
+8. Documentation including badges, setup instructions, contribution guide and security policy
 
 Explore [here](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template-example) for what's generated out of the box.
 
@@ -84,9 +84,9 @@ external services such as CloudCov, SonarQube Cloud, Read The Docs, Docker.io, a
 ./n bump
 ```
 Notes:
-* You can remove this section post having successfully generated your project.
-* The following sections refer to the dummy application and service provided by this template.
-  Use them as inspiration and adapt them to your own project.
+1. You can remove this section post having successfully generated your project.
+2. The following sections refer to the dummy application and service provided by this template.
+   Use them as inspiration and adapt them to your own project.
 
 ## Overview
 
@@ -112,9 +112,9 @@ uvx {{ pypi_distribution_name}} serve --port=4711 # serves web API on port 4711
 ```
 
 Notes:
-* The API is versioned, mounted at `/api/v1` resp. `/api/v2`
-* While serving the web API go to [http://127.0.0.1:8000/api/v1/hello-world](http://127.0.0.1:8000/api/v1/hello-world) to see the respons of the `hello-world` operation.
-* Interactive documentation is provided at [http://127.0.0.1:8000/api/docs](http://127.0.0.1:8000/api/docs)
+1. The API is versioned, mounted at `/api/v1` resp. `/api/v2`
+2. While serving the web API go to [http://127.0.0.1:8000/api/v1/hello-world](http://127.0.0.1:8000/api/v1/hello-world) to see the respons of the `hello-world` operation.
+3. Interactive documentation is provided at [http://127.0.0.1:8000/api/docs](http://127.0.0.1:8000/api/docs)
 
 
 The CLI provides extensive help:
@@ -132,21 +132,21 @@ uvx {{ pypi_distribution_name}} serve --help
 
 This project is designed with operational excellence in mind, using modern Python tooling and practices. It includes:
 
-* Various examples demonstrating usage:
-  - [Simple Python script]({{ github_repository_url_https }}/blob/main/examples/script.py)
-  - [Streamlit web application](https://{{ streamlit_project_key }}.streamlit.app/) deployed on [Streamlit Community Cloud](https://streamlit.io/cloud)
-  - [Jupyter]({{ github_repository_url_https }}/blob/main/examples/notebook.ipynb) and [Marimo]({{ github_repository_url_https }}/blob/main/examples/notebook.py) notebook
-* [Complete reference documentation](https://{{ readthedocs_project_key }}.readthedocs.io/en/latest/reference.html) on Read the Docs
-* [Transparent test coverage](https://app.codecov.io/gh/{{ github_repository_owner }}/{{ github_repository_name }}) including unit and E2E tests (reported on Codecov)
-* Matrix tested with [multiple python versions]({{ github_repository_url_https}}/blob/main/noxfile.py) to ensure compatibility (powered by [Nox](https://nox.thea.codes/en/stable/))
-* Compliant with modern linting and formatting standards (powered by [Ruff](https://github.com/astral-sh/ruff))
-* Up-to-date dependencies (monitored by [Renovate](https://github.com/renovatebot/renovate) and [Dependabot]({{ github_repository_url_https }}/security/dependabot))
-* [A-grade code quality](https://sonarcloud.io/summary/new_code?id={{ sonarqube_key}}) in security, maintainability, and reliability with low technical debt and codesmell (verified by SonarQube)
-* Additional code security checks using [CodeQL]({{ github_repository_url_https }}/security/code-scanning)
-* [Security Policy](SECURITY.md)
-* [License](LICENSE) compliant with the Open Source Initiative (OSI)
-* 1-liner for installation and execution of command line interface (CLI) via [uv(x)](https://github.com/astral-sh/uv) or [Docker](https://hub.docker.com/r/{{ docker_io_owner }}/{{ docker_io_image_name }}/tags)
-* Setup for developing inside a [devcontainer](https://code.visualstudio.com/docs/devcontainers/containers) included (supports VSCode and GitHub Codespaces)
+1. Various examples demonstrating usage:
+  a. [Simple Python script]({{ github_repository_url_https }}/blob/main/examples/script.py)
+  b. [Streamlit web application](https://{{ streamlit_project_key }}.streamlit.app/) deployed on [Streamlit Community Cloud](https://streamlit.io/cloud)
+  c. [Jupyter]({{ github_repository_url_https }}/blob/main/examples/notebook.ipynb) and [Marimo]({{ github_repository_url_https }}/blob/main/examples/notebook.py) notebook
+2. [Complete reference documentation](https://{{ readthedocs_project_key }}.readthedocs.io/en/latest/reference.html) on Read the Docs
+3. [Transparent test coverage](https://app.codecov.io/gh/{{ github_repository_owner }}/{{ github_repository_name }}) including unit and E2E tests (reported on Codecov)
+4. Matrix tested with [multiple python versions]({{ github_repository_url_https}}/blob/main/noxfile.py) to ensure compatibility (powered by [Nox](https://nox.thea.codes/en/stable/))
+5. Compliant with modern linting and formatting standards (powered by [Ruff](https://github.com/astral-sh/ruff))
+6. Up-to-date dependencies (monitored by [Renovate](https://github.com/renovatebot/renovate) and [Dependabot]({{ github_repository_url_https }}/security/dependabot))
+7. [A-grade code quality](https://sonarcloud.io/summary/new_code?id={{ sonarqube_key}}) in security, maintainability, and reliability with low technical debt and codesmell (verified by SonarQube)
+8. Additional code security checks using [CodeQL]({{ github_repository_url_https }}/security/code-scanning)
+9. [Security Policy](SECURITY.md)
+10. [License](LICENSE) compliant with the Open Source Initiative (OSI)
+11. 1-liner for installation and execution of command line interface (CLI) via [uv(x)](https://github.com/astral-sh/uv) or [Docker](https://hub.docker.com/r/{{ docker_io_owner }}/{{ docker_io_image_name }}/tags)
+12. Setup for developing inside a [devcontainer](https://code.visualstudio.com/docs/devcontainers/containers) included (supports VSCode and GitHub Codespaces)
 
 
 ## Usage Examples

{oe_python_template-0.6.23 → oe_python_template-0.6.25}/uv.lock

@@ -2075,7 +2075,7 @@ wheels = [
 
 [[package]]
 name = "oe-python-template"
-version = "0.6.23"
+version = "0.6.25"
 source = { editable = "." }
 dependencies = [
     { name = "fastapi", extra = ["all", "standard"] },

oe_python_template-0.6.23/RELEASE_NOTES.md

@@ -1,8 +0,0 @@
-## [0.6.23](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/compare/v0.6.22..v0.6.23) - 2025-03-20
-
-### 📚 Documentation
-
-- Refactor intro - ([7e30bd3](https://github.com/helmut-hoffer-von-ankershoffen/oe-python-template/commit/7e30bd30a516c52c729615fa516e0b493cdf0213))
-
-
-

oe_python_template-0.6.23/VERSION

@@ -1 +0,0 @@
-0.6.23

oe_python_template-0.6.23/template/SECURITY.md.jinja

@@ -1,60 +0,0 @@
-# Security Policy
-
-## Reporting Security Issues
-
-If you discover a security vulnerability in {{ project_name }}, please [report it here]({{ github_repository_url_https }}/security/advisories/new).
-
-We take all security reports seriously. Upon receiving a security report, we will:
-1. Confirm receipt of the vulnerability report
-2. Investigate the issue
-3. Work on a fix
-4. Release a security update
-
-## Supported Versions
-
-We currently provide security updates for the latest minor version.
-
-## Automated Security Analysis
-
-{{ project_name }} employs several automated tools to continuously monitor and improve security:
-
-### 1. Dependency Vulnerability Scanning
-
-- **GitHub Dependabot**: Monitors dependencies for known vulnerabilities and automatically creates pull requests to update them when security issues are found. [Dependendabot alerts]({{ github_repository_url_https }}/security/dependabot) published.
-- **Renovate Bot**: Automatically creates pull requests to update dependencies when new versions are available, with a focus on security patches. [Dependency Dashboard]({{ github_repository_url_https }}/issues?q=is%3Aissue%20state%3Aopen%20Dependency%20Dashboard) published.
-- **pip-audit**: Regularly scans Python dependencies for known vulnerabilities using data from the Python Advisory Database. `vulnerabilities.json` published [per release]({{ github_repository_url_https }}/releases).
-
-### 2. Dependency Compliance
-
-- **cyclonedx-py**: Generates a Software Bill of Materials (SBOM) in SPDX format, listing all components and dependencies used in the project. `sbom.json` (SPDX format) published [per release]({{ github_repository_url_https }}/releases).
-- **pip-licenses**: Exports the licenses of all dependencies to ensure compliance with licensing requirements and avoid using components with problematic licenses. `licenses.csv`, `licenses.json` and `licenses_grouped.json` published [per release]({{ github_repository_url_https }}/releases).
-
-### 3. Static Code Analysis
-
-- **GitHub CodeQL**: Analyzes code for common vulnerabilities and coding errors using GitHub's semantic code analysis engine. [Code scanning results]({{ github_repository_url_https }}/security/code-scanning) published.
-- **SonarQube**: Performs comprehensive static code analysis to detect code quality issues, security vulnerabilities, and bugs. [Security hotspots](https://sonarcloud.io/project/security_hotspots?id={{ sonarqube_key }}) published.
-
-### 4. Secret Detection
-- **GitHub Secret scanning**: Automatically scans for secrets in the codebase and alerts if any are found. [Secret scanning alerts]({{ github_repository_url_https }}/security/secret-scanning) published.
-- **Yelp/detect-secrets**: Pre-commit hook and automated scanning to prevent accidental inclusion of secrets or sensitive information in commits. [Pre-Commit hook]({{ github_repository_url_https }}/blob/main/.pre-commit-config.yaml) published.
-
-## Security Best Practices
-
-We follow these security best practices:
-- Regular dependency updates
-- Comprehensive test coverage
-- Code review process for changes by external contributors
-- Automated CI/CD pipelines including security checks
-- Adherence to Python security best practices
-
-We promote security awareness among contributors and users
-
-- We indicate security as a priority in our
-  [code style guide](CODE_STYLE.md), to be followed by human and agentic
-  contributors as mandatory
-- We publish our security posture in SECURITY.md (this document), encouraring
-  users to report vulnerabilities.
-
-## Security Compliance
-
-For questions about security compliance or for more details about our security practices, please contact {{ author_email }}.