update template and dependencies

Author: seebi

.copier-answers.yml

@@ -1,12 +1,12 @@
 # Changes here will be overwritten by Copier
-_commit: v7.3.0-24-g169e035
+_commit: v8.3.1
 _src_path: gh:eccenca/cmem-plugin-template
 author_mail: cmempy-developer@eccenca.com
 author_name: eccenca GmbH
-github_page: ''
+github_page: https://github.com/eccenca/cmem-plugin-logpoint
 project_description: Retrieve data from a Logpoint Security information and event
     management (SIEM) system.
 project_slug: logpoint
 project_type: plugin
-pypi: false
+pypi: true
 

.github/workflows/check.yml

@@ -22,6 +22,13 @@ jobs:
       - name: Check out repository
         uses: actions/checkout@v5
 
+      - name: Cache Trivy DB
+        id: cache-trivydb
+        uses: actions/cache@v4
+        with:
+          path: .trivycache
+          key: ${{ runner.os }}-trivydb
+
       - name: Install Task
         uses: arduino/setup-task@v2
 
@@ -61,9 +68,13 @@ jobs:
         run: |
           task check:deptry
 
-      - name: safety
+      - name: trivy
+        env:
+          TRIVY_NO_PROGRESS: "true"
+          TRIVY_CACHE_DIR: ".trivycache/"
+          TRIVY_DISABLE_VEX_NOTICE: "true"
         run: |
-          task check:safety
+          task check:trivy
 
       - name: Publish Test Report in Action
         uses: mikepenz/action-junit-report@v4

.gitlab-ci.yml

@@ -60,17 +60,24 @@ deptry:
   script:
     - task check:deptry
 
-safety:
+trivy:
   stage: test
+  variables:
+    TRIVY_NO_PROGRESS: "true"
+    TRIVY_CACHE_DIR: ".trivycache/"
+    TRIVY_DISABLE_VEX_NOTICE: "true"
   script:
-    - task check:safety
+    - task check:trivy
+  cache:
+    paths:
+      - .trivycache/
 
 build:
   stage: build
   needs:
     - mypy
     - pytest
-    - safety
+    - trivy
     - deptry
   script:
     - task build

.idea/cmem-plugin-logpoint.iml

@@ -1,4 +1,7 @@
 ---
+default_language_version:
+  python: python3.13
+
 repos:
   - repo: local
     hooks:
@@ -36,3 +39,9 @@ repos:
         stages: [post-checkout, post-merge]
         always_run: true
 
+      - id: trivy
+        name: check:trivy
+        description: run trivy to scan for vulnerabilities
+        entry: task check:trivy
+        language: python
+        pass_filenames: false

.pre-commit-config.yaml

@@ -0,0 +1,4 @@
+# .trivyignore
+
+# ignore 51358 safety - dev dependency only
+CVE-2022-39280

.trivyignore

@@ -5,9 +5,17 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](https://semver.org/)
 
-## [Unreleased]
+## [0.6.0] 2026-02-23
+
+### Changed
+
+- move to github
+- update template
+
+### Fixed
+
+- insecure dependencies
 
-TODO: add at least one Added, Changed, Deprecated, Removed, Fixed or Security section
 
 ## [0.5.1] 2025-11-07
 

CHANGELOG.md

@@ -9,7 +9,7 @@ This is a plugin for [eccenca](https://eccenca.com) [Corporate Memory](https://d
 ```
 cmemc admin workspace python install cmem-plugin-logpoint
 ```
-  
+[![workflow](https://github.com/eccenca/cmem-plugin-logpoint/actions/workflows/check.yml/badge.svg)](https://github.com/eccenca/cmem-plugin-logpoint/actions) [![pypi version](https://img.shields.io/pypi/v/cmem-plugin-logpoint)](https://pypi.org/project/cmem-plugin-logpoint) [![license](https://img.shields.io/pypi/l/cmem-plugin-logpoint)](https://pypi.org/project/cmem-plugin-logpoint)
 [![poetry][poetry-shield]][poetry-link] [![ruff][ruff-shield]][ruff-link] [![mypy][mypy-shield]][mypy-link] [![copier][copier-shield]][copier] 
 
 [cmem-link]: https://documentation.eccenca.com

README-public.md

@@ -2,7 +2,7 @@
 
 Retrieve data from a Logpoint Security information and event management (SIEM) system.
 
-[![eccenca Corporate Memory][cmem-shield]][cmem-link]  
+[![eccenca Corporate Memory][cmem-shield]][cmem-link][![workflow](https://github.com/eccenca/cmem-plugin-logpoint/actions/workflows/check.yml/badge.svg)](https://github.com/eccenca/cmem-plugin-logpoint/actions) [![pypi version](https://img.shields.io/pypi/v/cmem-plugin-logpoint)](https://pypi.org/project/cmem-plugin-logpoint) [![license](https://img.shields.io/pypi/l/cmem-plugin-logpoint)](https://pypi.org/project/cmem-plugin-logpoint)
 [![poetry][poetry-shield]][poetry-link] [![ruff][ruff-shield]][ruff-link] [![mypy][mypy-shield]][mypy-link] [![copier][copier-shield]][copier] 
 
 ## Development

README.md

@@ -51,7 +51,7 @@ tasks:
       Check poetry versioning plugin. Currently not under Windows
     run: once
     preconditions:
-      - sh: '[ -d .git ]'
+      - sh: git -C . rev-parse
         msg: >
           Your newly created project directory needs to be initialized
           as a git repository.
@@ -112,7 +112,7 @@ tasks:
       - task: check:ruff
       - task: check:mypy
       - task: check:deptry
-      - task: check:safety
+      - task: check:trivy
 
   check:pytest:
     desc: Run unit and integration tests
@@ -154,12 +154,16 @@ tasks:
     vars:
       JUNIT_FILE: ./{{.DIST_DIR}}/junit-mypy.xml
 
-  check:safety:
-    desc: Complain about vulnerabilities in dependencies
+  check:trivy:
+    desc: Scan for vulnerabilities using Trivy
     <<: *preparation
     cmds:
-      # ignore 51358 safety - dev dependency only
-      - poetry run safety check -i 51358
+      - >
+        poetry run trivy fs
+        --include-dev-deps
+        --scanners vuln
+        --exit-code 1
+        .
 
   check:deptry:
     desc: Complain about unused or missing dependencies