MokoConsulting/MokoCassiopeia
1
1
Fork 0
Code Issues 2 Pull Requests Actions Packages Releases 1 Activity

Enforce MokoStandards compliance with security workflows and documentation #44

Merged
Copilot merged 6 commits from copilot/enforce-mokostandards-requirements into main 2026-01-09 03:29:53 +00:00
Conversation 4 Commits 6 Files Changed 5 +188
2 changed files with 188 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 75a5185d6d - Show all commits

65
.github/dependabot.yml vendored Normal file
View File

@@ -0,0 +1,65 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
#
# This file is part of a Moko Consulting project.
#
# SPDX-License-Identifier: GPL-3.0-or-later
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
#
# FILE INFORMATION
# DEFGROUP: GitHub.Dependabot
# INGROUP: Moko-Cassiopeia.Security
# REPO: https://github.com/mokoconsulting-tech/moko-cassiopeia
# PATH: /.github/dependabot.yml
# VERSION: 01.00.00
# BRIEF: Dependabot configuration for automated dependency updates and security patches
# NOTE: Monitors GitHub Actions and Composer for vulnerabilities
version: 2
updates:
# Monitor GitHub Actions for security updates
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "monthly"
open-pull-requests-limit: 10
labels:
- "dependencies"
- "security"
- "automated"
commit-message:
prefix: "chore(deps)"
include: "scope"
# Monitor Composer dependencies for security updates
- package-ecosystem: "composer"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 10
labels:
- "dependencies"
- "security"
- "automated"
- "php"
commit-message:
prefix: "chore(deps)"
include: "scope"
# Group all patch updates together
groups:
php-patches:
patterns:
- "*"
copilot-pull-request-reviewer[bot] commented 2026-01-09 03:34:05 +00:00 (Migrated from github.com)
Review
Copy Link

The wildcard pattern '' on line 63 will match all Composer dependencies for grouping patch updates. This is very broad and may result in very large grouped PRs with many unrelated changes. Consider being more selective by specifying specific package patterns or limiting to certain namespaces (e.g., 'joomla/', 'symfony/*') to keep PRs focused and reviewable.

    # Group patch updates for selected Composer package namespaces
    groups:
      php-patches:
        patterns:
          - "joomla/*"
          - "symfony/*"
          - "phpunit/*"
The wildcard pattern '*' on line 63 will match all Composer dependencies for grouping patch updates. This is very broad and may result in very large grouped PRs with many unrelated changes. Consider being more selective by specifying specific package patterns or limiting to certain namespaces (e.g., 'joomla/*', 'symfony/*') to keep PRs focused and reviewable. ```suggestion # Group patch updates for selected Composer package namespaces groups: php-patches: patterns: - "joomla/*" - "symfony/*" - "phpunit/*" ```
update-types:
- "patch"

123
docs/README.md Normal file
View File

@@ -0,0 +1,123 @@
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
This file is part of a Moko Consulting project.
SPDX-License-Identifier: GPL-3.0-or-later
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see https://www.gnu.org/licenses/ .
# FILE INFORMATION
DEFGROUP: Joomla.Template.Site
INGROUP: Moko-Cassiopeia.Documentation
REPO: https://github.com/mokoconsulting-tech/moko-cassiopeia
FILE: docs/README.md
VERSION: 03.05.00
BRIEF: Documentation index for Moko-Cassiopeia template
PATH: /docs/README.md
-->
# Moko-Cassiopeia Documentation
This directory contains comprehensive documentation for the Moko-Cassiopeia Joomla template.
## Documentation Overview
### Developer Documentation
* **[Quick Start Guide](QUICK_START.md)** - Get up and running in 5 minutes
* Development environment setup
* Essential commands and workflows
* First-time contributor guide
* **[Workflow Guide](WORKFLOW_GUIDE.md)** - Complete workflow reference
* Git branching strategy
* Development workflow
* Release process
* Pull request guidelines
* **[Joomla Development Guide](JOOMLA_DEVELOPMENT.md)** - Joomla-specific development
* Testing with Codeception
* PHP quality checks (PHPStan, PHPCS)
* Joomla extension packaging
* Multi-version testing
### User Documentation
For end-user documentation, installation instructions, and feature guides, see the main [README.md](../README.md) in the repository root.
## Project Structure
```
moko-cassiopeia/
├── docs/ # Documentation (you are here)
│ ├── README.md # This file - documentation index
│ ├── QUICK_START.md # Quick start guide for developers
│ ├── WORKFLOW_GUIDE.md # Development workflow guide
│ └── JOOMLA_DEVELOPMENT.md # Joomla-specific development guide
├── src/ # Template source code
│ ├── templates/ # Joomla template files
│ └── media/ # Assets (CSS, JS, images)
├── scripts/ # Build and automation scripts
├── tests/ # Automated tests
└── .github/ # GitHub configuration and workflows
```
## Contributing
Before contributing, please read:
1. **[CONTRIBUTING.md](../CONTRIBUTING.md)** - Contribution guidelines and standards
2. **[CODE_OF_CONDUCT.md](../CODE_OF_CONDUCT.md)** - Community standards and expectations
3. **[SECURITY.md](../SECURITY.md)** - Security policy and reporting procedures
## Standards Compliance
This project adheres to [MokoStandards](https://github.com/mokoconsulting-tech/MokoStandards) for:
* Coding standards and formatting
* Documentation requirements
* Git workflow and branching
* CI/CD pipeline configuration
* Security scanning and dependency management
## Additional Resources
* **Repository**: [https://github.com/mokoconsulting-tech/moko-cassiopeia](https://github.com/mokoconsulting-tech/moko-cassiopeia)
* **Issue Tracker**: [GitHub Issues](https://github.com/mokoconsulting-tech/moko-cassiopeia/issues)
* **Changelog**: [CHANGELOG.md](../CHANGELOG.md)
* **License**: [GPL-3.0-or-later](../LICENSE)
## Support
* **Email**: hello@mokoconsulting.tech
* **Website**: https://mokoconsulting.tech/support/joomla-cms/moko-cassiopeia-roadmap
---
## Metadata
* Document: docs/README.md
* Repository: [https://github.com/mokoconsulting-tech/moko-cassiopeia](https://github.com/mokoconsulting-tech/moko-cassiopeia)
* Path: /docs/README.md
* Owner: Moko Consulting
* Version: 01.00.00
* Status: Active
* Effective Date: 2026-01-09
## Revision History
| Date | Change Summary | Author |
| ---------- | ----------------------------------------------------- | --------------- |
| 2026-01-09 | Initial documentation index created for MokoStandards compliance. | GitHub Copilot |