I built a security-oriented scaffolding tool because I noticed that copier's and cookiecutter's templates have no audit mechanism, when i was a victim of the litellm's vulnerability. omurtag currently relies on deps.dev but making an offline mode is on the roadmap.
You can find it on Github, my website and [PyPi] (https://pypi.org/project/omurtag/)
Community templates projects are available on the CLI's website and are updated via pull requests. Anyone can create a template (as long as it ends in _omurtag_template) and host it wherever (Github, Gitlab and Codeberg tested).
Templates support:
- optional metadata file to indicate stack and description
- post create scripts that can be executed if user wants
- interactive replacement of tags <project>
The auditing can be ran in any project (non-omurtag too) and supports:
- Go
- Rust/Cargo
- JS/TS
- Python
- Ruby
- Java/Maven (Gradle not supported yet)
- NuGet: TBD
P.S. I have used vhs for visualization. Disclaimer: AI have been used for writing test cases.