contentstack · harshithad0703 · Jun 26, 2025 · Jul 3, 2025 · Jul 3, 2025 · Jul 3, 2025
@@ -0,0 +1,8 @@
+# Contentstack Configuration
+# Copy this file to .env and fill in your actual values
+NG_APP_CONTENTSTACK_API_KEY=your_api_key_here
+NG_APP_CONTENTSTACK_DELIVERY_TOKEN=your_delivery_token_here
+NG_APP_CONTENTSTACK_PREVIEW_TOKEN=your_preview_token_here
+NG_APP_CONTENTSTACK_ENVIRONMENT=preview
+NG_APP_CONTENTSTACK_REGION=EU
+NG_APP_CONTENTSTACK_PREVIEW=true
@@ -0,0 +1,12 @@
+* @contentstack/devex-pr-reviewers
+* @contentstack/security-admin
+
+.github/workflows/sca-scan.yml @contentstack/security-admin
+
+**/.snyk @contentstack/security-admin
+
+.github/workflows/policy-scan.yml @contentstack/security-admin
+
+.github/workflows/issues-jira.yml @contentstack/security-admin
+
+.github/workflows/secrets-scan.yml @contentstack/security-admin
@@ -0,0 +1,31 @@
+name: Create Jira Ticket for Github Issue
+
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  issue-jira:
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Login to Jira
+        uses: atlassian/gajira-login@master
+        env:
+          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
+          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
+          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
+
+      - name: Create Jira Issue
+        id: create_jira
+        uses: atlassian/gajira-create@master
+        with:
+          project: ${{ secrets.JIRA_PROJECT }}
+          issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
+          summary: Github | Issue | ${{ github.event.repository.name }} | ${{ github.event.issue.title }}
+          description: |
+            *GitHub Issue:* ${{ github.event.issue.html_url }}
+
+            *Description:*
+            ${{ github.event.issue.body }}
+          fields: "${{ secrets.ISSUES_JIRA_FIELDS }}"
@@ -0,0 +1,46 @@
+name: Checks the security policy and configurations
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security-policy:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for SECURITY.md policy file
+        run: |
+          if ! [[ -f "SECURITY.md" || -f ".github/SECURITY.md" ]]; then exit 1; fi
+  security-license:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for License file
+        run: |
+          expected_license_files=("LICENSE" "LICENSE.txt" "LICENSE.md" "License.txt")
+          license_file_found=false
+          current_year=$(date +"%Y")
+
+          for license_file in "${expected_license_files[@]}"; do
+              if  [ -f "$license_file" ]; then
+                 license_file_found=true
+                 # check the license file for the current year, if not exists, exit with error
+                  if  ! grep -q "$current_year" "$license_file"; then
+                      echo "License file $license_file does not contain the current year."
+                      exit 2
+                  fi
+                  break
+              fi        
+          done
+
+          if [ "$license_file_found" = false ]; then
+              echo "No license file found. Please add a license file to the repository."
+              exit 1
+          fi
@@ -0,0 +1,15 @@
+name: Source Composition Analysis Scan
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security-sca:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/node@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --all-projects --fail-on=all
@@ -0,0 +1,29 @@
+name: Secrets Scan
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security-secrets:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: '2'
+          ref: '${{ github.event.pull_request.head.ref }}'
+      - run: |
+          git reset --soft HEAD~1
+      - name: Install Talisman
+        run: |
+          # Download Talisman
+          wget https://github.com/thoughtworks/talisman/releases/download/v1.37.0/talisman_linux_amd64 -O talisman
+
+          # Checksum verification
+          checksum=$(sha256sum ./talisman | awk '{print $1}')
+          if [ "$checksum" != "8e0ae8bb7b160bf10c4fa1448beb04a32a35e63505b3dddff74a092bccaaa7e4" ]; then exit 1; fi  
+
+          # Make it executable
+          chmod +x talisman
+      - name: Run talisman
+        run: |
+          # Run Talisman with the pre-commit hook
+          ./talisman --githook pre-commit
@@ -0,0 +1,10 @@
+.env
+.env.local
+.env.*.local
+node_modules/
+dist/
+.angular/
+.vscode/
+*.log
+
+src/environments/
@@ -0,0 +1,12 @@
+fileignoreconfig:
+  - filename: .github/workflows/secrets-scan.yml
+    ignore_detectors:
+      - filecontent
+  - filename: package-lock.json
+    ignore_detectors:
+      - filecontent
+  - filename: generate-env.js
+    checksum: 04444a19d0ac887d72b234606010e52e6c315b79e21e01fb78dc3bcb62c7f5e9
+  - filename: src/vite-env.d.ts
+    checksum: 768fe1afcd0be82f8d594d60700dc7e6eab02ea3f43e1f2a32bce9cc5439449c
+version: "1.0"
@@ -0,0 +1 @@
+* @contentstack/security-admin
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Contentstack
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
@@ -1 +1,115 @@
-# kickstart-angular
+> Note that this project is not an official Contentstack maintained repo yet. This is a work in progress and will be updated over time. When it is finished enough it will move to the official Contentstack Github home.
+
+# Contentstack Kickstart: Angular 18
+
+This is a kickstart example to connect Angular to Contentstack.
+This example covers the following items:
+
+- SDK initialization
+- Live preview and Visual building setup
+
+More details about this codebase can be found on the [Contentstack docs](https://www.contentstack.com/docs/developers).
+
+[![Join us on Discord](https://img.shields.io/badge/Join%20Our%20Discord-7289da.svg?style=flat&logo=discord&logoColor=%23fff)](https://community.contentstack.com)
+
+## How to get started
+
+Before you can run this code, you will need a Contentstack "Stack" to connect to.
+Follow the following steps to seed a Stack that this codebase understands.
+
+> If you installed this Kickstart via the Contentstack Markertplace or the new account onboarding, you can skip this step.
+
+### Install the CLI
+
+```bash
+npm install -g @contentstack/cli
+```
+
+#### Using the CLI for the first time?
+
+It might ask you to set your default region.
+You can get all regions and their codes [here](https://www.contentstack.com/docs/developers/cli/configure-regions-in-the-cli) or run `csdx config:get:region`.
+
+> Beware, Free Contentstack developer accounts are bound to the EU region. We still use the CDN the API is lightning fast.
+
+Set your region like so:
+
+```bash
+csdx config:set:region EU
+```
+
+### Log in via the CLI
+
+```bash
+csdx auth:login
+```
+
+### Get your organization UID
+
+In your Contentstack Organization dashboard find `Org admin` and copy your Organization ID (Example: `blt481c598b0d8352d9`).
+
+### Create a new stack
+
+Make sure to replace `<YOUR_ORG_ID>` with your actual Organization ID and run the below.
+
+```bash
+csdx cm:stacks:seed --repo "contentstack/kickstart-stack-seed" --org "<YOUR_ORG_ID>" -n "Kickstart Stack"
+```
+
+### Create a new delivery token.
+
+Go to Settings > Tokens and create a delivery token. Select the `preview` scope and turn on `Create preview token`
+
+> In the case of Angular 18, check the settings in the environment and make sure the url is: `http://localhost:4200/` instead of `http://localhost:3000/`
+
+### Configure your environment variables
+
+This project uses environment variables to keep API keys secure and out of version control.
+
+1. Copy the `.env.example` file to `.env`:
+
+   ```bash
+   cp .env.example .env
+   ```
+
+2. Fill out the `.env` file with your actual values:
+   ```env
+   NG_APP_CONTENTSTACK_API_KEY=<YOUR_API_KEY>
+   NG_APP_CONTENTSTACK_DELIVERY_TOKEN=<YOUR_DELIVERY_TOKEN>
+   NG_APP_CONTENTSTACK_PREVIEW_TOKEN=<YOUR_PREVIEW_TOKEN>
+   NG_APP_CONTENTSTACK_ENVIRONMENT=preview
+   NG_APP_CONTENTSTACK_REGION=EU
+   NG_APP_CONTENTSTACK_PREVIEW=true
+   ```
+
+The environment files (`src/environments/environment.ts` and `src/environments/environment.production.ts`) are automatically generated from your `.env` file when you run `npm start` or `npm run build`.
+
+> **Important:** Never commit the `.env` file to your repository. It's already included in `.gitignore` to prevent accidental commits of your API keys.
+
+### Turn on Live Preview
+
+Go to Settings > Live Preview. Click enable and select the `Preview` environment in the drop down. Hit save.
+
+### Install the dependencies
+
+```bash
+npm install
+```
+
+### Run your app
+
+```bash
+npm run start
+```
+
+### See your page visually
+
+### In the browser
+
+Go to `http://localhost:4200/`.
+
+#### In the CMS
+
+Go to Entries and select the only entry in the list.
+In the sidebar, click on the live preview icon.
+Or, click on visual experience in the sidebar.
@@ -0,0 +1,27 @@
+## Security
+
+Contentstack takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations.
+
+If you believe you have found a security vulnerability in any Contentstack-owned repository, please report it to us as described below.
+
+## Reporting Security Issues
+
+**Please do not report security vulnerabilities through public GitHub issues.**
+
+Send email to [security@contentstack.com](mailto:security@contentstack.com).
+
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message.
+
+Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
+
+- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+- Full paths of source file(s) related to the manifestation of the issue
+- The location of the affected source code (tag/branch/commit or direct URL)
+- Any special configuration required to reproduce the issue
+- Step-by-step instructions to reproduce the issue
+- Proof-of-concept or exploit code (if possible)
+- Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+[https://www.contentstack.com/trust/](https://www.contentstack.com/trust/)