Skip to content
/ .github Public

This repository centralizes the shared workflows, templates, and security references used across all repositories within Synchronized-TV.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Synchronized-TV/.github

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
.github
.github
 
 
.gitignore
.gitignore
 
 
CODEOWNERS
CODEOWNERS
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
PULL_REQUEST_TEMPLATE.md
PULL_REQUEST_TEMPLATE.md
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 

Repository files navigation

Synchronized -- Shared Workflows, Templates & Security

This repository centralizes the shared workflows, templates, and security references used across all repositories within Synchronized-TV.

Objectives

  • Standardize Pull Requests, Issues, and CI/CD workflows
  • Integrate essential GitHub security controls into the development process
  • Simplify onboarding, maintenance, and release automation

Contents

Type Description
Workflows Reusable CI/CD pipelines
Templates Pull Request and Issue templates
Security Policy Guidelines for reporting and managing vulnerabilities
Contributing Guide Organization-wide contribution rules and conventions

Reusable Workflows

For security and reproducibility, always reference reusable workflows using a commit SHA, not a branch (@main) or tag (@v1).

bump-version-pr.yml

Creates a Pull Request that bumps the version (patch, minor, or major) without publishing.

npm-release.yml

On merge to main, tags the release and publishes the package to npm.

Example usage

Workflow usage examples are maintained internally (private repository).

Contributing

Organization-wide contribution guidelines are defined in CONTRIBUTING.md.

All repositories follow the same rules for:

  • Branch naming (feat/, fix/, chore/, release/, etc.)
  • Commit conventions (using Conventional Commits)
  • Pull request reviews and security policies

Note: See the contributing guide for naming rules, PR best practices, and security standards.

Automated Security (Organization Level)

The following protections apply to all repositories within Synchronized-TV:

  • Branch protection rules on main (and optionally release/*)
  • CodeQL static analysis on Pull Requests
  • Dependabot for dependency monitoring
  • Secret Scanning & Push Protection to prevent credential leaks
  • Dependency Review visible in PRs before merge

Compliance & Operations

Synchronized's engineering practices are aligned with the Trusted Partner Network (TPN) / MPA Content Security Best Practices at a principles level.

Operational procedures and audit evidence are maintained in a private repository.

Reference Files

File Purpose
Security Policy How to report and handle vulnerabilities
Contributing Guide Organization-wide contribution standards
Pull Request Template Standard PR format for all repositories
Issue Templates Default issue templates (bug, feature, etc.)
Reusable Workflows Shared release and publish workflows
CODEOWNERS (fallback) Default ownership and review rules

About this Repository

This .github repository acts as the shared governance and automation hub for all projects under the Synchronized-TV organization.
It ensures every repository benefits from the same CI/CD, security, and contribution standards.

About

This repository centralizes the shared workflows, templates, and security references used across all repositories within Synchronized-TV.

Topics

docs

Resources

Readme

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published