chore: add initial repo configurations

Signed-off-by: behnazh-w <[email protected]>

Author: behnazh-w

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,54 @@
+---
+name: Bug Report
+about: Report a bug or unexpected behavior.
+title: "[Bug] - [Describe Issue]"
+labels: bug, triage
+assignees: ''
+---
+
+### Description
+Please provide a clear and concise description of the issue you're experiencing. Be as detailed as possible about the problem.
+
+### Steps to Reproduce
+Please list the steps required to reproduce the issue:
+
+1. **Step 1**: [Describe the first step]
+2. **Step 2**: [Describe the second step]
+3. **Step 3**: [Describe the third step]
+4. [Continue adding steps if necessary]
+
+### Expected Behavior
+What were you expecting to happen?
+
+### Actual Behavior
+What actually happened? Please include any error messages, logs, or unexpected behavior you observed.
+
+### Debug Information
+TODO: Adjust this section.
+
+Please run the command again with the `--verbose`  to provide debug information. This will help us diagnose the issue more effectively. You can add this option to the command like this:
+
+TODO
+```shell
+```
+
+Attach the debug output here if possible.
+
+### Environment Information
+To assist with troubleshooting, please provide the following information about your environment:
+
+Operating System: (e.g., Ubuntu 20.04, macOS 11.2)
+
+CPU architecture information (e.g., x86-64 (AMD64))
+
+JDK version
+
+### Screenshots or Logs
+If applicable, please provide screenshots or logs that illustrate the bug.
+
+### Additional Information
+Any other information that might be useful to identify or fix the bug. For example:
+
+Any steps that worked around the issue
+
+Specific configurations or files that may be relevant

.github/ISSUE_TEMPLATE/config.yaml

@@ -0,0 +1,11 @@
+# Copyright (c) 2025 - 2025, Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
+
+blank_issues_enabled: false
+contact_links:
+- name: GitHub Discussions
+  url: https://github.com/oracle/macaron-utilities/discussions
+  about: Please ask and answer questions here.
+- name: Security Reports
+  url: https://github.com/oracle/macaron-utilities/blob/main/SECURITY.md
+  about: Please report security vulnerabilities following the instructions.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,16 @@
+---
+name: Feature Request
+about: Suggest a new feature or enhancement.
+title: "[Feature Request] - [Describe Feature]"
+labels: enhancement, feature
+assignees: ''
+
+---
+
+### Description
+Please provide a clear and concise description of the feature or enhancement you'd like to see in this project. Explain why it would be useful and how it could improve the tool.
+
+### Proposed Feature
+What functionality or feature would you like to add to this project? Please describe it in detail.
+
+### Use Case

.github/codeql/codeql-config.yaml

@@ -0,0 +1,7 @@
+# Copyright (c) 2025 - 2025, Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
+
+name: CodeQL configuration
+# TODO: Complete the following section.
+# paths:
+# - <path-to-source>

.github/dependabot.yaml

@@ -0,0 +1,58 @@
+# Copyright (c) 2025 - 2025, Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
+
+# This configuration file enables Dependabot version updates.
+# https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates
+# https://github.com/dependabot/feedback/issues/551
+
+version: 2
+updates:
+- package-ecosystem: maven
+  directory: /    # Location of pom.xml
+  schedule:
+    interval: weekly
+  commit-message:
+    prefix: chore
+    prefix-development: chore
+    include: scope
+  open-pull-requests-limit: 13
+  target-branch: main
+
+- package-ecosystem: gradle
+  directory: /    # Location of build.gradle or build.gradle.kts
+  schedule:
+    interval: weekly
+  commit-message:
+    prefix: chore
+    prefix-development: chore
+    include: scope
+  open-pull-requests-limit: 13
+  target-branch: main
+
+- package-ecosystem: github-actions
+  directory: /
+  schedule:
+    interval: weekly
+  commit-message:
+    prefix: chore
+    prefix-development: chore
+    include: scope
+  open-pull-requests-limit: 13
+  target-branch: main
+
+# Naming for requirements.txt variants has to include requirements.txt at the end.
+# See https://stackoverflow.com/questions/75899186/how-to-configure-dependabot-to-check-multiple-files
+- package-ecosystem: pip
+  directory: /
+  schedule:
+    interval: weekly
+  commit-message:
+    prefix: chore
+    prefix-development: chore
+    include: scope
+  open-pull-requests-limit: 13
+  target-branch: main
+  ignore:
+  - dependency-name: '*'
+    update-types:
+    - version-update:semver-patch

.github/pull_request_template.md

@@ -1,38 +1,32 @@
-# Description
-
-Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. List any dependencies that are required for this change.
-
-Fixes # (issue)
+## Summary
+<!-- Briefly summarize the purpose and scope of this PR. -->
 
 ## Type of change
-
-Please delete options that are not relevant.
+<!-- Go over following points. check them with an `x` if they do apply. Please delete options that are not relevant. -->
 
 - [ ] Bug fix (non-breaking change which fixes an issue)
 - [ ] New feature (non-breaking change which adds functionality)
 - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
 - [ ] This change requires a documentation update
 
-# How Has This Been Tested?
+## Description of changes
+<!-- Provide a detailed explanation of the changes made in this PR, why they were needed, and how they address the issue(s). -->
 
-Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration
+## Related issues
+<!-- List any related issue(s) this PR addresses, e.g., `Closes #123`, `Fixes #456`. -->
+
+# How Has This Been Tested?
+<!-- Please describe the tests that you ran to verify your changes. -->
 
 - [ ] Test A
 - [ ] Test B
 
-**Test Configuration**:
-* Firmware version:
-* Hardware:
-* Toolchain:
-* SDK:
-
-# Checklist:
-
-- [ ] My code follows the style guidelines of this project
-- [ ] I have performed a self-review of my own code
-- [ ] I have commented my code, particularly in hard-to-understand areas
-- [ ] I have made corresponding changes to the documentation
-- [ ] My changes generate no new warnings
-- [ ] I have added tests that prove my fix is effective or that my feature works
-- [ ] New and existing unit tests pass locally with my changes
-- [ ] Any dependent changes have been merged and published in downstream modules
+## Checklist
+<!-- Go over following points. check them with an `x` if they do apply, (they turn into clickable checkboxes once the PR is submitted, so no need to do everything at once) -->
+
+- [ ] I have reviewed the [contribution guide](../CONTRIBUTING.md).
+- [ ] My PR title and commits follow the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) convention.
+- [ ] My commits include the "Signed-off-by" line.
+- [ ] I have signed my commits following the instructions provided by [GitHub](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits). Note that we run [GitHub's commit verification](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification) tool to check the commit signatures. A green `verified` label should appear next to **all** of your commits on GitHub.
+- [ ] I have updated the relevant documentation, if applicable.
+- [ ] I have tested my changes and verified they work as expected.

.github/workflows/build-and-check.yaml

@@ -0,0 +1,52 @@
+# Copyright (c) 2025 - 2025, Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
+
+# This workflow checks, builds, and tests all artifacts.
+
+name: Build and Check
+on:
+  pull_request:
+    branches:
+    - '*'
+    types:
+    - opened
+    - reopened
+    - synchronize
+    - converted_to_draft
+  push:
+    branches:
+    - main
+    - release
+permissions:
+  contents: read
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    name: Build Artifact Verifier Plugins
+    steps:
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+    # Install Python to run pre-commit hooks for checking and linting GitHub Actions and other files.
+    - name: Set up Python
+      uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
+      with:
+        python-version: '3.13'
+
+    - name: Check the code
+      run: |
+        pip install -r dev-requirements.txt
+        pre-commit install
+        pre-commit run --all-files
+
+    # Install Java.
+    - name: Set up JDK 17
+      uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+      with:
+        java-version: '17'
+        distribution: temurin
+
+    # Build and test the artifacts.
+    - name: Build the artifacts
+      # TODO: Complete the run step.
+      run: echo "TODO"

.github/workflows/codeql-analysis.yaml

@@ -0,0 +1,52 @@
+# Copyright (c) 2025 - 2025, Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
+
+# Run CodeQL over the package. For more configuration options see codeql/codeql-config.yaml
+# and: https://github.com/github/codeql-action
+
+name: CodeQL
+on:
+  push:
+    branches:
+    - main
+    - release
+  pull_request:
+    branches:
+    - main
+    - release
+  schedule:
+  - cron: 20 15 * * 3
+permissions:
+  contents: read
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    strategy:
+      fail-fast: false
+      matrix:
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://git.io/codeql-language-support
+        # We enable JavaScript language to analyze JavaScript expressions in GitHub Actions.
+        language: [Java, javascript]
+    steps:
+
+    - name: Checkout repository
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@4e828ff8d448a8a6e532957b1811f387a63867e8 # v3.29.4
+      with:
+        languages: ${{ matrix.language }}
+        config-file: .github/codeql/codeql-config.yaml
+
+    # Uncomment the following section when repository is public. Advanced security, which is required
+    # by CodeQL is not available for private repositories.
+    # - name: Perform CodeQL Analysis
+    #   uses: github/codeql-action/analyze@4e828ff8d448a8a6e532957b1811f387a63867e8 # v3.29.4

.github/workflows/pr-conventional-commits.yaml

@@ -0,0 +1,55 @@
+# Copyright (c) 2025 - 2025, Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
+
+# This workflow lints the PR's title and commits. It uses the commitizen
+# package (https://github.com/commitizen-tools/commitizen) and its `cz`
+# tool to check the title of the PR and all commit messages of the branch
+# which triggers this Action.
+
+name: Check conventional commits
+on:
+  pull_request:
+    branches:
+    - '*'
+    types:
+    - opened
+    - reopened
+    - edited
+    - synchronize
+permissions:
+  contents: read
+
+jobs:
+  conventional-commits:
+    runs-on: ubuntu-latest
+    steps:
+
+    - name: Check out repository
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      with:
+        fetch-depth: 0
+
+    - name: Set up Python
+      uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
+      with:
+        python-version: '3.13'
+
+    # Prepare the environment and install dependencies.
+    - name: Install dependencies
+      run: pip install -r dev-requirements.txt
+
+    # Run Commitizen to check the title of the PR which triggered this workflow, and check
+    # all commit messages of the PR's branch. If any of the checks fails then this job fails.
+    - name: Check PR title
+      run: echo "$PR_TITLE" | cz check
+      env:
+        PR_TITLE: ${{ github.event.pull_request.title }}
+    - name: Check PR commit messages
+      run: |
+        git remote add other "$PR_HEAD_REPO_CLONE_URL"
+        git fetch other
+        cz check --rev-range "origin/$PR_BASE_REF..other/$PR_HEAD_REF"
+      env:
+        PR_BASE_REF: ${{ github.event.pull_request.base.ref }}
+        PR_HEAD_REF: ${{ github.event.pull_request.head.ref }}
+        PR_HEAD_REPO_CLONE_URL: ${{ github.event.pull_request.head.repo.clone_url }}