Initialize the repo ✨ (#1)

.github/CODEOWNERS

@@ -0,0 +1 @@
+* @fossas/analysis

.github/pull_request_template.md

@@ -0,0 +1,40 @@
+# Overview
+
+_Provide an overview of this change. Describe the intent of this change, and how it implements that intent._
+
+_Example: This PR accomplishes X by doing Y._
+
+## Acceptance criteria
+
+_If this PR is successful, what impact does it have on the user experience?_
+
+_Example: When users do X, Y should now happen._
+
+## Testing plan
+
+_How did you validate that this PR works? What literal steps did you take when manually checking that your code works?_
+
+_Example:_
+
+1. _Set up test case X._
+2. _Run command Y. Make sure Z happens._
+
+_This section should list concrete steps that a reviewer can sanity check and repeat on their own machine (and provide any needed test cases)._
+
+## Risks
+
+_Highlight any areas that you're unsure of, want feedback on, or want reviewers to pay particular attention to._
+
+_Example: I'm not sure I did X correctly, can reviewers please double-check that for me?_
+
+## References
+
+_Add links to any referenced GitHub issues, Zendesk tickets, Jira tickets, Slack threads, etc._
+
+_Example:_
+
+- _[ANE-123](https://fossa.atlassian.net/browse/ANE-123): Implement X._
+
+## Checklist
+
+- [ ] I added tests for this PR's change (or explained in the PR description why tests don't make sense).

.github/workflows/dependency-scan.yml

@@ -0,0 +1,24 @@
+name: FOSSA
+on: push
+
+jobs:
+  analyze:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Install fossa-cli from github
+        run: |
+          curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
+
+      - name: Run FOSSA dependency scan
+        env:
+          FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
+        run: |
+          fossa analyze --only-target cargo .
+
+      - name: Gate PR on license compliance
+        env:
+          FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
+        run: |
+          fossa test

.github/workflows/static-analysis.yml

@@ -0,0 +1,59 @@
+name: static analysis
+on: push
+
+# Run checkers independently, so you see errors from each.
+jobs:
+  # Linting
+  clippy:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: actions-rs/toolchain@v1
+      with:
+        profile: minimal
+        toolchain: stable
+        components: clippy
+    - uses: Swatinem/rust-cache@v2
+    - uses: actions-rs/clippy-check@v1
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}
+        args: --all-targets --all-features -- -D warnings
+
+  # Security
+  audit:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: actions-rs/toolchain@v1
+      with:
+        profile: minimal
+        toolchain: stable
+    - uses: Swatinem/rust-cache@v2
+    - uses: actions-rs/audit-check@v1
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}
+
+  # Formatting
+  rustfmt:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: actions-rs/toolchain@v1
+      with:
+        profile: minimal
+        toolchain: stable
+        components: rustfmt
+    - run: cargo fmt
+    - run: git diff --exit-code
+
+  # Ensure every crate can actually build
+  build-all:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: actions-rs/toolchain@v1
+      with:
+        profile: minimal
+        toolchain: stable
+    - uses: Swatinem/rust-cache@v2
+    - run: cargo build

.github/workflows/tests.yml

@@ -0,0 +1,16 @@
+name: test
+on: push
+
+jobs:
+  all:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3
+    - uses: actions-rs/toolchain@v1
+      with:
+        profile: minimal
+        toolchain: stable
+    - uses: Swatinem/rust-cache@v2
+    - uses: taiki-e/install-action@nextest
+    - run: cargo nextest run

.gitignore

@@ -1,10 +1,11 @@
-# Generated by Cargo
-# will have compiled files and executables
-/target/
-
 # Remove Cargo.lock from gitignore if creating an executable, leave it for libraries
 # More information here https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html
-Cargo.lock
+# Cargo.lock
 
 # These are backup files generated by rustfmt
 **/*.rs.bk
+
+
+# Added by cargo
+
+/target