Feature/assignment

.github/pull_request_template.md

@@ -0,0 +1,33 @@
+## ✍️ Description
+<!-- What does this PR do? Why is it needed? Provide context and a brief summary of the change. -->
+-
+
+## 🔗 Related Issues / Tickets
+<!-- Link issues; use keywords to auto-close. -->
+Fixes #
+Closes #
+Relates to #
+
+## 🧭 Type of Change
+<!-- Select all that apply. -->
+- [ ] ✨ Feature
+- [ ] 🐛 Bug fix
+- [ ] ♻️ Refactor
+- [ ] 🧹 Chore
+- [ ] 📚 Docs
+- [ ] ⚡ Performance
+- [ ] ✅ Tests
+- [ ] 🤖 CI/CD
+- [ ] 🔐 Security
+- [ ] 🧨 Breaking change (adds non-backward-compatible behavior)
+
+## 🧪 How Has This Been Tested?
+<!-- Describe your test plan so reviewers can reproduce. Include env, steps, and expected results. -->
+**Environment:** OS / Browser / Runtime / DB
+**Steps to test:**
+1.
+2.
+3.
+**Expected result:**
+**Screenshots / Recordings (if UI):**
+-

.github/workflows/pre-commit.yml

@@ -0,0 +1,35 @@
+# .github/workflows/pre-commit.yml
+name: pre-commit
+on:
+  push:
+    branches: ["**"]
+  pull_request:
+    branches: ["**"]
+
+jobs:
+  run:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+          cache: "pip"
+
+      # (Optional) speeds up subsequent runs
+      - name: Cache pre-commit envs
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/pre-commit
+          key: ${{ runner.os }}-pre-commit-${{ hashFiles('.pre-commit-config.yaml') }}
+
+      - name: Install pre-commit
+        run: pip install pre-commit detect-secrets
+
+      - name: Run pre-commit
+        run: pre-commit run --all-files --show-diff-on-failure

.gitignore

@@ -0,0 +1,34 @@
+# Python virtual environments
+.venv/
+venv/
+env/
+
+# Environment variables
+.env
+.env.*
+
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.pyc
+*.pyd
+*.pyo
+
+# Editor directories and files
+.vscode/
+.idea/
+*.swp
+*~
+
+# Test and coverage files
+.pytest_cache/
+.coverage
+htmlcov/
+
+# Logs and databases
+*.log
+*.sqlite3
+*.db
+
+# OS-specific files
+.DS_Store
+Thumbs.db

.pre-commit-config.yaml

@@ -0,0 +1,38 @@
+# .pre-commit-config.yaml
+repos:
+  # Hygiene
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.6.0
+    hooks:
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: check-yaml
+      - id: check-merge-conflict
+      - id: check-added-large-files
+      - id: pretty-format-json
+        args: ["--autofix", "--no-sort-keys", "--indent", "2"]
+        exclude: '\.ipynb$'
+
+  # Secret scanning (requires a committed baseline)
+  - repo: https://github.com/Yelp/detect-secrets
+    rev: v1.5.0
+    hooks:
+      - id: detect-secrets
+        args:
+          - --baseline
+          - .secrets.baseline
+        exclude: '(node_modules/|\.venv/|\.git/)'
+
+  # Python lint/format
+  - repo: https://github.com/astral-sh/ruff-pre-commit
+    rev: v0.6.9
+    hooks:
+      - id: ruff
+      - id: ruff-format
+
+  # Python security
+  - repo: https://github.com/PyCQA/bandit
+    rev: 1.7.9
+    hooks:
+      - id: bandit
+        args: ["-q", "-ll", "-x", "tests"]

.secrets.baseline

@@ -0,0 +1,137 @@
+{
+  "version": "1.5.0",
+  "plugins_used": [
+    {
+      "name": "ArtifactoryDetector"
+    },
+    {
+      "name": "AWSKeyDetector"
+    },
+    {
+      "name": "AzureStorageKeyDetector"
+    },
+    {
+      "name": "Base64HighEntropyString",
+      "limit": 4.5
+    },
+    {
+      "name": "BasicAuthDetector"
+    },
+    {
+      "name": "CloudantDetector"
+    },
+    {
+      "name": "DiscordBotTokenDetector"
+    },
+    {
+      "name": "GitHubTokenDetector"
+    },
+    {
+      "name": "GitLabTokenDetector"
+    },
+    {
+      "name": "HexHighEntropyString",
+      "limit": 3.0
+    },
+    {
+      "name": "IbmCloudIamDetector"
+    },
+    {
+      "name": "IbmCosHmacDetector"
+    },
+    {
+      "name": "IPPublicDetector"
+    },
+    {
+      "name": "JwtTokenDetector"
+    },
+    {
+      "name": "KeywordDetector",
+      "keyword_exclude": ""
+    },
+    {
+      "name": "MailchimpDetector"
+    },
+    {
+      "name": "NpmDetector"
+    },
+    {
+      "name": "OpenAIDetector"
+    },
+    {
+      "name": "PrivateKeyDetector"
+    },
+    {
+      "name": "PypiTokenDetector"
+    },
+    {
+      "name": "SendGridDetector"
+    },
+    {
+      "name": "SlackDetector"
+    },
+    {
+      "name": "SoftlayerDetector"
+    },
+    {
+      "name": "SquareOAuthDetector"
+    },
+    {
+      "name": "StripeDetector"
+    },
+    {
+      "name": "TelegramBotTokenDetector"
+    },
+    {
+      "name": "TwilioKeyDetector"
+    }
+  ],
+  "filters_used": [
+    {
+      "path": "detect_secrets.filters.allowlist.is_line_allowlisted"
+    },
+    {
+      "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies",
+      "min_level": 2
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_indirect_reference"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_likely_id_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_lock_file"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_potential_uuid"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_prefixed_with_dollar_sign"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_sequential_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_swagger_file"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_templated_secret"
+    }
+  ],
+  "results": {
+    "starter-code-simple/README.md": [
+      {
+        "type": "Secret Keyword",
+        "filename": "starter-code-simple/README.md",
+        "hashed_secret": "cbfdac6008f9cab4083784cbd1874f76618d2a97",
+        "is_verified": false,
+        "line_number": 44
+      }
+    ]
+  },
+  "generated_at": "2025-09-26T03:08:06Z"
+}

README.md

@@ -1,16 +1,16 @@
 # Professional Git Workflows — Student Guide
 
 ## Overview
-**Format:** In-class breakout exercises + after-class individual assignment  
-**Language:** Python  
+**Format:** In-class breakout exercises + after-class individual assignment
+**Language:** Python
 **Skills:** Professional Git workflows, code reviews, merge conflicts, security
 
 ---
 
 ## Learning Objectives
 By completing this assignment, you will:
 - Design custom Git workflows that fit team needs
-- Write professional pull requests and provide constructive code reviews  
+- Write professional pull requests and provide constructive code reviews
 - Resolve merge conflicts systematically and safely
 - Implement security best practices and catch common vulnerabilities
 - Set up automated quality gates with branch protection and hooks
@@ -29,7 +29,7 @@ By completing this assignment, you will:
 ### After Class (Your Assignment)
 - Take the provided starter code in `starter-code-simple/` and create your own repository from it.
 - You can either:
-  1) Fork/clone this repository and push to a new repo you own, or  
+  1) Fork/clone this repository and push to a new repo you own, or
   2) If you received a GitHub Classroom link, accept it to create your student repo, then copy the starter code into that repo and complete all steps there.
 - Then complete all professionalization steps below using your own repository.
 
@@ -43,7 +43,7 @@ Transform the provided basic Python API into a professionally configured reposit
 #### Starter Code
 You'll receive a basic Flask API with intentional security issues:
 - User authentication system
-- Basic CRUD operations  
+- Basic CRUD operations
 - Configuration management
 - Simple database integration
 
@@ -103,7 +103,7 @@ You'll review code with multiple security issues including:
 **🔴 SECURITY: [Issue Type]**
 **Line X:** [Specific problem description]
 **Impact:** [What could go wrong]
-**Suggestion:** 
+**Suggestion:**
 ```python
 # Instead of this vulnerable code:
 old_code_example()
@@ -256,4 +256,4 @@ Submit via your repository:
    ```
 4. Create a working branch. Implement changes via pull requests with reviews (ask a peer to review).
 5. Add security scanning, pre-commit hooks, CI, and docs. Configure branch protection on `main`.
-6. Complete the three breakout exercises as practice; then finalize your repository and written components.
+6. Complete the three breakout exercises as practice; then finalize your repository and written components.