init

.eslintrc

@@ -0,0 +1,16 @@
+{
+	"root": true,
+	"parser": "@typescript-eslint/parser",
+	"plugins": ["@typescript-eslint"],
+	"extends": ["eslint:recommended", "plugin:@typescript-eslint/eslint-recommended", "plugin:@typescript-eslint/recommended"],
+	"rules": {
+		"eqeqeq": 2,
+		"quotes": ["error", "double"],
+		"no-mixed-spaces-and-tabs": 0,
+		"no-duplicate-imports": "error"
+	},
+	"env": {
+		"browser": true,
+		"node": true
+	}
+}

.github/codeql-config.yml

@@ -0,0 +1,3 @@
+name: "CodeQL Configuration"
+paths:
+    - src/

.github/dependabot.yml

@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "npm" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "daily"

.github/workflows/codeql.yml

@@ -0,0 +1,85 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+    push:
+        branches: ["main"]
+    pull_request:
+        branches: ["main"]
+        types: [opened, synchronize, reopened]
+    schedule:
+        - cron: "23 10 * * 4"
+
+jobs:
+    analyze:
+        name: Analyze
+        # Runner size impacts CodeQL analysis time. To learn more, please see:
+        #   - https://gh.io/recommended-hardware-resources-for-running-codeql
+        #   - https://gh.io/supported-runners-and-hardware-resources
+        #   - https://gh.io/using-larger-runners
+        # Consider using larger runners for possible analysis time improvements.
+        runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+        timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
+        permissions:
+            # required for all workflows
+            security-events: write
+
+            # only required for workflows in private repositories
+            actions: read
+            contents: read
+
+        strategy:
+            fail-fast: false
+            matrix:
+                language: ["javascript-typescript"]
+                # CodeQL supports [ 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' ]
+                # Use only 'java-kotlin' to analyze code written in Java, Kotlin or both
+                # Use only 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
+                # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+        steps:
+            - name: Checkout repository
+              uses: actions/checkout@v4
+
+            # Initializes the CodeQL tools for scanning.
+            - name: Initialize CodeQL
+              uses: github/codeql-action/init@v3
+              with:
+                  languages: ${{ matrix.language }}
+                  config-file: .github/codeql-config.yml
+                  # If you wish to specify custom queries, you can do so here or in a config file.
+                  # By default, queries listed here will override any specified in a config file.
+                  # Prefix the list here with "+" to use these queries and those in the config file.
+
+                  # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+                  # queries: security-extended,security-and-quality
+
+            # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
+            # If this step fails, then you should remove it and run the build manually (see below)
+            - name: Autobuild
+              uses: github/codeql-action/autobuild@v3
+
+            # ℹ️ Command-line programs to run using the OS shell.
+            # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+            #   If the Autobuild fails above, remove it and uncomment the following three lines.
+            #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+            # - run: |
+            #     echo "Run, Build Application using script"
+            #     ./location_of_script_within_repo/buildscript.sh
+
+            - name: Perform CodeQL Analysis
+              uses: github/codeql-action/analyze@v3
+              with:
+                  category: "/language:${{matrix.language}}"

.github/workflows/eslint.yml

@@ -0,0 +1,51 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# ESLint is a tool for identifying and reporting on patterns
+# found in ECMAScript/JavaScript code.
+# More details at https://github.com/eslint/eslint
+# and https://eslint.org
+
+name: ESLint
+
+on:
+    push:
+        branches: ["main"]
+    pull_request:
+        # The branches below must be a subset of the branches above
+        branches: ["main"]
+        types: [opened, synchronize, reopened]
+    schedule:
+        - cron: "40 15 * * 0"
+
+jobs:
+    eslint:
+        name: Run eslint scanning
+        runs-on: ubuntu-latest
+        permissions:
+            contents: read
+            security-events: write
+            actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+        steps:
+            - name: Checkout code
+              uses: actions/checkout@v3
+
+            - name: Install ESLint
+              run: |
+                  npm install [email protected]
+                  npm install @microsoft/[email protected]
+
+            - name: Run ESLint
+              run: npx eslint src/**/*
+                  --config .eslintrc
+                  --ext .js,.jsx,.ts,.tsx
+                  --format @microsoft/eslint-formatter-sarif
+                  --output-file eslint-results.sarif
+              continue-on-error: true
+
+            - name: Upload analysis results to GitHub
+              uses: github/codeql-action/upload-sarif@v2
+              with:
+                  sarif_file: eslint-results.sarif
+                  wait-for-processing: true

.github/workflows/njsscan.yml

@@ -0,0 +1,43 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# This workflow integrates njsscan with GitHub's Code Scanning feature
+# nodejsscan is a static security code scanner that finds insecure code patterns in your Node.js applications
+
+name: njsscan sarif
+
+on:
+    push:
+        branches: ["main"]
+    pull_request:
+        # The branches below must be a subset of the branches above
+        branches: ["main"]
+        types: [opened, synchronize, reopened]
+    schedule:
+        - cron: "36 1 * * 6"
+
+permissions:
+    contents: read
+
+jobs:
+    njsscan:
+        permissions:
+            contents: read # for actions/checkout to fetch code
+            security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+            actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+        runs-on: ubuntu-latest
+        name: njsscan code scanning
+        steps:
+            - name: Checkout the code
+              uses: actions/checkout@v3
+            - name: nodejsscan scan
+              id: njsscan
+              uses: ajinabraham/njsscan-action@7237412fdd36af517e2745077cedbf9d6900d711
+              with:
+                  args: "src/ --sarif --output results.sarif || true"
+            - name: Upload njsscan report
+              uses: github/codeql-action/upload-sarif@v2
+              with:
+                  sarif_file: results.sarif

.gitignore

@@ -0,0 +1,9 @@
+node_modules/**/*
+dev/dev.config.json
+.DS_Store
+*encrypted
+*decrypted
+dev/**/*
+dev/*
+dev
+dist

.node-version

@@ -0,0 +1 @@
+18

.npmignore

@@ -0,0 +1,10 @@
+node_modules/**/*
+src/test/**/*
+dev/**/*
+docs/**/*
+.github/**/*
+.vscode/**/*
+dev/*
+dev
+bin
+src

.prettierrc

@@ -0,0 +1,14 @@
+{
+	"trailingComma": "none",
+	"tabWidth": 4,
+	"semi": false,
+	"singleQuote": false,
+	"useTabs": true,
+	"jsxSingleQuote": false,
+	"bracketSpacing": true,
+	"bracketSameLine": false,
+	"arrowParens": "avoid",
+	"singleAttributePerLine": true,
+	"printWidth": 140,
+	"endOfLine": "lf"
+}

.vscode/settings.json

@@ -0,0 +1,12 @@
+{
+	"files.eol": "\n",
+	"editor.formatOnPaste": false,
+	"editor.formatOnSave": true,
+	"editor.formatOnType": false,
+	"editor.defaultFormatter": "esbenp.prettier-vscode",
+	"editor.codeActionsOnSave": {
+		"source.fixAll.eslint": "never",
+		"source.fixAll.format": "never"
+	},
+	"typescript.tsdk": "node_modules\\typescript\\lib"
+}